Qualification of Libraries Using Static Analysis and Requirements Based Testing

Safety Critical Software has to be written with great care. There must be guidelines, tools and processes in place to ensure that the software is safe to use. But what about any third party libraries such as those that are packaged with the compiler toolchain? There are many good reasons to want to use a library. Not only does it save development effort, but a library may actually have a higher quality than what you can create yourself within the constraints of a project. The question is, can you use those libraries safely as well?

Functional Safety standards such as ISO 26262, IEC 61508 and DO-178C/ED-12C facilitate the use of libraries but they do require that the user of the library takes responsibility for its safe use.

In this webinar we will discuss tools and techniques that can be used to achieve this.

As a special case, we will take a look at the design and implementation of a test suite for the C standard library. To use the C library safely, you need evidence that its implementation complies with its requirements. It is defined in the C language standard, but that is not written in the form of clear cut requirements.

To construct the test suite, we have first made the requirements from the specification explicit. We will show examples of how we have done this, the creation of test specifications and tests from the requirements, the support of all C versions from C90 up to C18, structural code coverage, and what the documents look like that show the traceable path between specification and test.