HOME

TheInfoList



Click Here for Items Related To - MALPAS Software Static Analysis Toolset
OR:
MALPAS Software Static Analysis Toolset on:   [Wikipedia]   [Google]   [Amazon]

MALPAS is a software toolset that provides a means of investigating and proving the correctness of software by applying a rigorous form of
static program analysis In computer science, static program analysis (also known as static analysis or static simulation) is the analysis of computer programs performed without executing them, in contrast with dynamic program analysis, which is performed on programs duri ...
. The tool uses directed graphs and regular algebra to represent the program under analysis. Using the automated tools in MALPAS an analyst can describe the structure of a program, classify the use made of data and provide the information relationships between input and output data. It also supports a
formal proof In logic and mathematics, a formal proof or derivation is a finite sequence of sentences (known as well-formed formulas when relating to formal language), each of which is an axiom, an assumption, or follows from the preceding sentences in the s ...
that the code meets its specification. MALPAS has been used to confirm the correctness of
safety critical A safety-critical system or life-critical system is a system whose failure or malfunction may result in one (or more) of the following outcomes: * death or serious injury to people * loss or severe damage to equipment/property * environmental h ...
applications in the nuclear, aerospace and defence industries. It has also been used to provide
compiler correctness In computing, compiler correctness is the branch of computer science that deals with trying to show that a compiler behaves according to its language specification. Techniques include developing the compiler using formal methods and using rigorou ...
in the nuclear industry on Sizewell B. Languages that have been analysed include: Ada, C, PLM and Intel Assembler. MALPAS is well suited to the independent static analysis required by the UK's
Health and Safety Executive The Health and Safety Executive (HSE) is a British public body responsible for the encouragement, regulation and enforcement of workplace health, safety and welfare. It has additionally adopted a research role into occupational risks in Great B ...
guidance for computer based protection systems for nuclear reactors due to its rigour and flexibility in handling many programming languages.


Technical Overview

The MALPAS toolset comprises five specific analysis tools that address various properties of a program. The input to the analysers needs to be written in MALPAS Intermediate Language (IL); this can be hand-written or produced by an automated translation tool from the original source code. Automatic translators exist for common high-level programming languages such as Ada, C and Pascal, as well as assembler languages such as Intel 80*86,
PowerPC PowerPC (with the backronym Performance Optimization With Enhanced RISC – Performance Computing, sometimes abbreviated as PPC) is a reduced instruction set computer (RISC) instruction set architecture (ISA) created by the 1991 Apple Inc., App ...
and
68000 The Motorola 68000 (sometimes shortened to Motorola 68k or m68k and usually pronounced "sixty-eight-thousand") is a 16/32-bit complex instruction set computer (CISC) microprocessor, introduced in 1979 by Motorola Semiconductor Products Sector ...
. The IL text is input into MALPAS via the "IL Reader", which constructs a directed graph and associated semantics for the program under analysis. The graph is reduced using a series of graph reduction techniques. The MALPAS toolset consists of 5 analysers: # Control Flow Analyser. This examines the program structure, identifying key features: Entry/Exit points, Loops, Branches and unreachable code. It provides a summary report drawing attention to undesirable constructs and an indication of the complexity of the program structure. # Data Use Analyser. This separates the variables and parameters used by the program into distinct classes depending upon their use. (i.e. Data that is read before being written, Data that is written without being read or Data that is written twice without an intervening read). The report can identify errors such as uninitialised data and function outputs not written on all paths. # Information Flow Analyser. This identifies the data and branch dependencies for each output variable or parameter. Unwanted or unexpected dependencies can be revealed for all paths through the code. Information is also provided regarding unused variables and redundant statements. # Semantic Analyser (also known as
symbolic execution In computer science, symbolic execution (also symbolic evaluation or symbex) is a means of analyzing a program to determine what inputs cause each part of a program to execute. An interpreter follows the program, assuming symbolic values for i ...
). This reveals the exact functional relationship between all inputs and outputs over all semantically feasible paths through the code. # Compliance Analyser. This compares the mathematical behaviour of the code with its formal IL specification, detailing where one differs from the other. The IL specification is written as
Precondition In computer programming, a precondition is a condition or predicate that must always be true just prior to the execution of some section of code or before an operation in a formal specification. If a precondition is violated, the effect of the ...
s and
Postcondition In computer programming, a postcondition is a condition or predicate that must always be true just after the execution of some section of code or after an operation in a formal specification. Postconditions are sometimes tested using assertions w ...
s, as well as optional code assertions. Compliance analysis can be used to gain a very high level of confidence in the functional correctness of the code in relation to its specification.


History

The original research and initial generations of the toolset were created by the UK's
Royal Signals and Radar Establishment The Royal Signals and Radar Establishment (RSRE) was a scientific research establishment within the Ministry of Defence (MoD) of the United Kingdom. It was located primarily at Malvern in Worcestershire, England. The RSRE motto was ''Ubique ...
(RSRE) in Malvern, England (hence the derivation of the name, MALvern Programming Analysis Suite). It was used extensively in the civil nuclear and weapons field in the 1980s, when it was supported by Rex, Thompson and Partners, who set up the MALPAS User Group, with the first chair being David H Smith (now of Frazer-Nash) and then subsequently by Advantage Technical Consulting (bought by Atkins in 2008). The first large scale static analysis task was on the primary reactor protection system for the Sizewell B power station. This was the UK's first nuclear power station to employ a computer-based protection system as its first line of defence against a catastrophic failure. Further to this, CEZ in the Czech Republic employed MALPAS to increase the confidence in the reactor protection system in the Temelin Nuclear Power Station. In 1995 the UK's
Royal Air Force The Royal Air Force (RAF) is the Air force, air and space force of the United Kingdom, British Overseas Territories and Crown Dependencies. It was formed towards the end of the World War I, First World War on 1 April 1918, on the merger of t ...
commissioned independent analysis of the
Lockheed Martin The Lockheed Martin Corporation is an American Arms industry, defense and aerospace manufacturer with worldwide interests. It was formed by the merger of Lockheed Corporation with Martin Marietta on March 15, 1995. It is headquartered in North ...
C130J's avionics software assessed as safety-critical. MALPAS was used for the analysis of this software, apart from the Mission Computer software, which was written in Spark Ada and verified with the Spark Toolset. MALPAS is currently being used to independently assess the software for the reactor protection system which will monitor the two nuclear reactors at Hinkley Point C.https://www.newcivilengineer.com/latest/atkins-wins-hinkley-point-c-safety-contract-27-04-2020/


References

{{reflist Formal methods tools Software testing tools Theorem proving software systems Model checkers Static program analysis tools