Solutions
Standards and norms
- EN 50128: Software for railway control and protection systems
- IEC 61508: Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems
- ISO 26262: Road vehicles - Functional safety
- Common Criteria
- DO 178B, DO 178C: Software Considerations in Airborne Systems and Equipment Certification
Development and integration of static analysis tools into customer processes
- Astrée
- BugFinder
- CodeProver
- Coverity
- CodeSonar
- Fortify
- Frama C
- Klocwork
- DRA
- QAC
Safety Analysis (FHA)
- Identification of safety criteria
- Elaboration of observable safety properties
- System mitigations’ coverage
- Risk analysis ( PHA, FHA, SHA, FMEA, EBIOS)
- Software safety analysis (Functional analysis, software FMEA, code review, static analysis, fault trees).
Formal Verification of Models
- Compliance to safety requirements
- Absence of run-time errors
- Model Checking or Theorem Proving
- Tools :
- Matlab
- Simulink
- Stateflow
- Simulink Design Verifier
- Scade Design Verifier ("Model-Based Design")
- Atelier B
- Test generation tools
Static Analysis of Source Code
- Run-time errors detection
- Dead code and deadlock detection
- Coding rules verification
- PolySpace, Frama C, QAC, Coverity, Klocwork, CodeSonar...
Co-Simulation
- Equivalence between Model and Code
Test Generation
- Automatic test case generation from safety properties
Other references
- CERT-C
- CERT-Java
- CWEs
- OWASP
- MISRA