Static Analysis for Embedded Systems

by
Nathan Cooprider

Advised by
John Regehr

Developing embedded systems software presents a number of challenges. Static analysis tools help deal with these challenges. I am working with CIL to explore and then extend the static analysis techniques available for embedded systems developers. CIL, developed by UC Berkeley, is "a high-level representation along with a set of tools that permit easy analysis and source-to-source transformation of C programs." While this is a powerful platform, there are some bugs and inefficiencies in the analyses and transformations. From observation and experience, it appears that a few simple and effective transformation will have large positive effects on embedded system code. My target application right now for these tools is TinyOS code.

This work builds off my previous work with John Regehr and Alastair Reid. We used Application and System Specific Heuristics (ASSH) to guide compilers to automatically achieve high level goals. An example goal is "make the program as fast as possible, but do not exceed a certain code size." ASSHes can be built using CIL transformations and analyses and guided through abstract goals. One potential transformation of interest to me is building a conditional constant propagator into the CIL framework. Another is performing useful points-to analyses. A third is providing a concurrency abstraction which leverages CIL. While CIL establishes some scaffolding for these transformations, it is not complete and sometimes it is not even correct. I hope to develop analyses which can be used in ASSHes and on their own.

These analyses will be useful for developers of embedded software in a number of ways. First, they will help the developer reach resource constraints while avoiding manual optimizations. Second, the analyses will find concurrency and memory usage errors. Third, the analyses will be easily incorporated into the development process.