Research on monitoring method during the construction of safety-critical software

任务安全关键软件构造时在线监控方法研究

School of Software, Northwestern Polytechnical University, Xi′an 710072, China

Received: 5 July 2024

Abstract

The C language is widely used in aerospace and other critical areas due to its flexibility and high efficiency. However, C programs have safety risks, such as unrestricted pointer operations and lack of boundary checks for arrays and strings, which can easily lead to potential runtime faults. To address these issues, an online monitoring method for building safety-critical C programs that efficiently detects potential errors by monitoring and analysing the code in the program generation is proposed. To solve the problems of real-time compilation and verification of the online edited C program segments, a hybrid monitoring method and a technique for generating compliable versions of the segment programs are proposed. Then 43 types of error conditions are induced for 5 types of runtime errors in safety-critical software, and a rule library for error detection of online edited C program segments is constructed based on the abstract syntax trees. Finally, a syntax structure matching algorithm is proposed to implement the error monitoring of online edited C program segments. 50 commonly used C program segments from safety-critical software were selected for verification, resulting in a total of 41 matches and 146 potential runtime errors. The results show that the present monitoring method can effectively identify the potential errors and thus improve the safety and reliability of the software.

摘要

C语言因其灵活性和高效率在航空航天等多个任务关键领域得到广泛应用。然而, C语言程序存在安全风险, 如指针操作不严格限定、数组和字符串缺乏边界检查等, 容易引发潜在的运行时故障, 造成不可挽回的损失。针对此类问题, 提出一种任务安全关键软件C程序构造时的在线监控方法, 在构造C程序时对代码进行实时监控和静态分析, 高效检测潜在故障。针对在线编辑的C程序片段的实时编译及测试问题, 提出了一种混合式监控方法的片段程序可编译版本自动生成技术。针对任务安全关键软件5类运行时故障的产生条件归纳出43种故障类型, 基于抽象语法树建立在线编辑的C程序片段故障的规则库。提出了基于语法结构匹配算法, 实现在线编辑的C程序片段故障监控。实验选择50个安全关键软件常用的C程序代码进行验证, 共计匹配到41种、146个潜在运行时故障, 结果表明, 文中监控方法能够有效识别潜在故障, 提高软件安全性和可信性。