Conferences and supporting programme
How Far Can You Trust Your Compiler?
Verification and validation practices championed by functional safety, security and coding standards (including IEC 61508, ISO 26262, IEC 62304, MISRA C, CWE') place considerable emphasis on showing how much of an application under test has been exercised. Experience has shown us that if code has been shown to perform correctly, then the probability of failure in the field is considerably lower. And yet almost without exception, the focus of this laudable endeavour is on the high level source code ? whether that is written in C, C++, or whatever. Such an approach places a great deal of faith in the ability of the compiler to create object code that faithfully reproduces what the developers intended. That matters a great deal because it is inevitable that the control and data flow of the object code will not be an exact mirror of the source code from which it was derived. And consequently, proving that all source code paths can be exercised reliably does not prove the same thing of the object code. Only DO-178C, used in the aerospace industry, questions that stance ? and yet its consequences can be devastating in ANY critical application. This presentation will argue that object code verification is best practice for any system for which there are dire consequences associated with failure. It will outline the approach taken in the aerospace industry. And it will discuss how an integrated tool suite can make the adoption of such principles as pain-free as possible.
--- Date: 26.02.2019 Time: 16:30 - 17:00 Location: Conference Counter NCC Ost