Advanced Inspection and Review for Safer, Faster, Better, Cheaper Software

摘要

One of the most challenging tasks in softwaresafety is mapping hazardous behavior ontosource code behavior. The main difficulty inrefining actual source code hazards tends to bethe “semantic gap” that exists between code andthe abstract system level requirements. This isalways present in software safety where therequirements begin as abstract safetyrequirements (e.g. “The system will not killpeople.”) and must be refined into statementsabout the code (e.g. “… the value of X willremain less than 100.”). This paper reports on anew methodology based on a Flow CodeLanguage Grammar (FCLG) and XML variantsthat can enable tools with the capacity to helpcross the “semantic gap.” These methods andtools provide a common abstraction of sourcecode that visualizes logical structure and links itwith a related requirements, standards, etc.Tools derived using these methods showsignificant enhancement in the efficacy of codeinspections via common code visualization,review, requirements trace and inspection. Suchtools are undergoing pilot evaluation withinNASA’s Marshall Space Flight Center’sAvionics Lab.