Java Code Analysis Framework for Mission Critical Systems

Abstract

Sometimes a single bug can cause loss of millions of dollars as in the case of Ariane or a small glitch in the software can cause loss of life as in the Therac 25 case where 7 people died due to overdose of radiation. Such problems in software proves the importance of correctness of software code and use of quality assurance practices specially for mission critical software where a fault in the software can lead to high financial loss or even loss of life. Since Mission Critical Systems are real time in nature, therefore mostly run time errors in these systems occur due to Concurrency and Logical Errors. A detailed literature review of 51 research papers on Code Analysis indicates the lack of framework for automated code analysis of Java Code regarding Concurrency and Logical errors. Furthermore, the framework proposed and the industrial tools do not check compliance to NASA’s coding standards which is a very important standard guide for MCS. Hence there is a sheer need of developing a Java Code Analysis framework for MCS that checks code adherence to NASA’s Coding Standards related to concurrency and logical errors. Keeping this in view, an open source framework for Java Code Analysis of MCS has been proposed that ensures improved software reliability and early detection and correction of code which is very costly at later stages of SDLC. Our analyzer checks Java code compliance to Coding Standards by automating twelve of NASA’s coding standards related to Concurrency and Logical Errors. Concurrency includes API Misuse, Synchronization, Thread Safety and Waiting related rules. The framework uses a hybrid code analysis technique made up of Syntactic Code Analysis and Flow Analysis, making use of the benefits of both i.e. imposing rules based on a context free grammar (CFG) and assessing control flow of the test code. Our framework not only detects the violation of a rule but also pin points the location of the rule violation and suggests a fix for each of problem. We analyzed twelve open source Standard Java Projects using our framework to check the validity of our framework. Furthermore, we also induced 7 projects with rule violation and our framework successfully detects those violations. Based on our results we have created a dataset of Logical and Concurrency errors in MCS