Static Analysis Tools Address ISO 26262 Safety and SAE J3061 Security
LDRA Tool Suite brings a combination of static analysis and traceability to developers for creating bug-free, reliable software. This is the basis of any safety- or security-related software. Its latest offering targets automotive applications where ISO 26262 safety and SAE J3061 security standards must be met.
LDRA was showing off a number of new features at this year’s Embedded World conference in Nuremberg, Germany. The AUTOSAR (AUTomotive Open System ARchitecture) standard is an open architecture for automotive electronic control units (ECUs). LDRA’s AUTOSAR C++14 Coding Standard support extends the suite’s support for C++14 in high-end microcontrollers that are being used in complex automotive applications. AUTOSAR applications are also being used in infotainment system connectivity and advanced driver assistance systems (ADAS).
LDRA’s Tool Suite interface addresses safety and security by helping developer deliver quality code using static analysis that is then presented to the developer.
The LDRA AUTOSAR coding standard support can automate code reviews for compliance with the AUTOSAR standard. It can help to quickly identify and repair potential coding flaws and vulnerabilities, thereby saving time and money in the production of high-assurance software applications.
“Today’s automotive developers depend on the capabilities of high-end 32- and 64-bit microcontrollers and the latest advances in the C++ language to meet consumers’ and car manufacturers’ demands for innovative functionality and increased safety,” said Ian Hennell, operations director, LDRA. “With our long-term membership on MISRA committees, including chairmanship of the MISRA C++ committee, LDRA has the experience and knowledge required to address the new and evolving AUTOSAR standard.”
The latest version of LDRA’s tools also supports SAE International’s Surface Vehicle Recommended Practice J3061. This targets applications such as ADAS, autonomous vehicles, infotainment, steering and braking, adaptive cruise control, and lane departure warning systems where security—as well as safety—is critical. This complements the ISO 26262 safety standards that LDRA’s tool suite addresses as well.
“With the many complex electronic systems in every new automobile—often mixed and matched from different tiered suppliers—carmakers have an increasingly difficult challenge securing vehicles from myriad cyberattack vectors,” said Steve Hoffenberg, industry analyst and director, VDC Research. “Vehicle electronics now must be designed from the ground up with cybersecurity as a core principle, including the ability to develop and test software in a rigorous manner for safety and security. The framework laid out by SAE J3061 is a significant step in helping automotive developers along that path.”
LDRA’s static analysis tools provide verification of the architectural design using control flow and data flow analysis for ASIL A through ASIL D certification. It supports coding guidelines such as MISRA, CERT, and Common Weakness Enumeration (CWE). It also helps with code reviews and unit testing.