Choose Between Component-Based and Integration Analysis of AUTOSAR Code with Polyspace
Polyspace supports two approaches for verifying AUTOSAR code: component-based analysis and integration analysis.
Definitions
In a nutshell, a component-based analysis requires the design specifications of AUTOSAR software components and extracts all required information from these specifications, while an integration analysis does not require these specifications.
In the component-based analysis approach, you provide your AUTOSAR design specifications in ARXML format. The analysis reads these specifications, creates a separate C code module for each software component, and then checks each module for run-time errors and mismatch with design specifications.
For an overview of this approach, see Benefits of Polyspace for AUTOSAR. For information on how to set up a component-based analysis, see Run Polyspace on AUTOSAR Code.
In the integration analysis approach, you do not provide the design specifications but simply run Bug Finder or Code Prover on a single project with all relevant source code. To make the analysis AUTOSAR-aware, use the value
autosarfor the analysis optionLibraries used (-library).
Similarities and Differences
Both the component-based and the integration analysis adhere to the AUTOSAR standard. In addition, the component-based analysis also uses the design specifications of your AUTOSAR project.
Similarities
In both forms of analysis, functions from the AUTOSAR Runtime Environment or RTE layer are replaced with precise stubs. These stubs allow:
Faster and more precise analysis, since the analysis does not attempt to check the implementation of the RTE functions. Instead, the analysis emulates the RTE functions based on the AUTOSAR standard. (Checking the function implementations is not necessary for verifying function usage and might result in precision loss.)
Run-time checks on function arguments that look for violations of the AUTOSAR standard.
For instance, according to the standard definition of an input argument, if the argument is a pointer, the pointer must point to an initialized buffer. Polyspace can check whether the argument in a given call points to a possibly noninitialized buffer.
Both the checks
Non-compliance with AUTOSAR specification(integration analysis) andInvalid use of AUTOSAR runtime environment function(component-based analysis) look for violations of the AUTOSAR standard.
Differences
In addition to using precise stubs for the RTE layer, the component-based analysis also uses information from the design specifications that you provide. As a result, the component-based analysis has these additional features not found in the integration analysis:
Automatic splitting of code into modules based on software component specifications.
Automatic identification of AUTOSAR runnables in each module (entry points) and run-time checks on these runnables. See also
Invalid result of AUTOSAR runnable implementation.Additional checks on RTE function arguments to determine if they violate data constraints from the design specifications. These checks can be more precise than the run-time checks based on the AUTOSAR standard since they use the narrower data constraints on specific data types from the design specifications. See also
Invalid use of AUTOSAR runtime environment function.
Choosing Between Component-Based and Integration Analysis
If you simply want to perform an analysis that is aware of specifications from the AUTOSAR standard but do not want to compare the code with your design specifications, you can perform the integration analysis. Otherwise, perform the component-based analysis to keep your software component implementations in sync with your design specifications.
The component-based analysis can provide richer results than the integration analysis, but requires a more elaborate setup:
The component-based analysis runs in three phases: ARXML parsing, code extraction, and finally static code verification. Errors in each phase can propagate to further downstream issues. To work around the errors, you might require detailed knowledge of your AUTOSAR project. For instance, you might have to exclude artifacts such as leftover template files from code generators.
Only Code Prover supports a component-based analysis.
The integration analysis works only with the code provided and is simpler to set up. You have to run only a regular analysis with one additional option enabled to make the analysis AUTOSAR-aware.
Both Bug Finder and Code Prover support an integration analysis with the same checks. Bug Finder is less exhaustive than Code Prover and might show fewer results for these checks.
Related Topics
You can also select a web site from the following list
Americas
- América Latina (Español)
- Canada (English)
- United States (English)
Europe
- Belgium (English)
- Denmark (English)
- Deutschland (Deutsch)
- España (Español)
- Finland (English)
- France (Français)
- Ireland (English)
- Italia (Italiano)
- Luxembourg (English)
- Netherlands (English)
- Norway (English)
- Österreich (Deutsch)
- Portugal (English)
- Sweden (English)
- Switzerland
- United Kingdom (English)
Asia Pacific
- Australia (English)
- India (English)
- New Zealand (English)
- 中国
- 日本Japanese (日本語)
- 한국Korean (한국어)