中断驱动型嵌入式软件自动测试方案的实现

自动化测试作为一种重要的软件测试技术，如果将其引入嵌入式软件的测试流程，将会对软件的质量、成本和周期带来显著的效果。首先分析了基于模块化设计的嵌入式软件的特点和测试需求，随后提出了一套面向中断驱动型高可靠嵌入式应用的自动化测试解决方案，最后总结了自动化测试的优点及其适用范围。     

基于启发式的静态中断数据竞争检测方法

提出一种面向中断驱动型嵌入式软件的启发式静态数据竞争检测方法,并开发了原型工具H-RaceChecker.给定软件的源代码或目标程序,H-RaceChecker能够自动推断中断优先级状态、中断使能状态和内存访问状态等信息,在此基础上识别出每个程序点处可能的数据竞争,进而通过启发式精化策略对原始分析结果进行危险程度排序,提高人工确认结果的效率.实验验证了该方法的有效性.     

Stack size analysis for interrupt-driven programs

We study the problem of determining stack boundedness and the exact maximum stack size for three classes of interrupt-driven programs. Interrupt-driven programs are used in many real-time applications that require responsive interrupt handling. In order to ensure responsiveness, programmers often enable interrupt processing in the body of lower-priority interrupt handlers. In such programs a programming error can allow interrupt handlers to be interrupted in a cyclic fashion to lead to an unbounded stack, causing the system to crash. For a restricted class of interrupt-driven programs, we show that there is a polynomial-time procedure to check stack boundedness, while determining the exact maximum stack size is PSPACE-complete. For a larger class of programs, the two problems are both PSPACE-complete, and for the largest class of programs we consider, the two problems are PSPACE-hard and can be solved in exponential time. While the complexities are high, our algorithms are exponential only in the number of handlers, and polynomial in the size of the program.     

容错最早时限优先调度

最早时限优先调度（EDF）是最优的动态可抢占先级实时调度算法,具有灵活、简单和高效的特点,但并没有考虑实时系统的容错要求。本文提出一种容错EDF算法,实现在规定时间段内的单个错误容错。本文详细分析了该算法的容错机制,证明了该算法的正确性,并给出了算法的可调度条件。     

Methods for interfacing analysis software to optimization software

Three methods are presented for interfacing analysis software to optimization software to create design software. These methods are referred to as the “conventional interface”, the “pro-gramming-free interface”, and the “generalized interface”. The latter two methods introduce new ideas which are attractive from the user's standpoint. The programming-free interface simplifies the interface process by eliminating the necessity for tlie user to modify the analysis source code. The generalized interface allows one to create a general-purpose design package from a general-purpose analysis package. Support for the methods has been implemented in a software package named OPTDES.BYU. Use of the methods with this package is illustrated with a simple example.     

Scenario-based analysis of software architecture

Despite advances in clarifying high level design needs, analyzing a system's ability to meet desired quality criteria is still difficult. The authors propose using scenarios to make analysis more straightforward. In their case study report, they analyze lessons learned with this approach. They developed the Software Architecture Analysis Method, an approach that uses scenarios to gain information about a system's ability to meet desired quality attributes. Scenarios are brief narratives of expected or anticipated system uses from both user and developer views and they provide a look at how the system satisfies quality attributes in various use contexts     

软件安全性的静态分析

提出了基于整数区间和控制依赖图,通过静态分析来检测C语言源代码中安全漏洞的新方法.该方法在引入整数区间概念及其运算规则的基础上,把C语言中的数组、指针和整型表达式都抽象成整数区间,从而把相关安全性判断转换成整数区间之间的关系判断.最后讨论了该方法的具体算法.     

单调时限调度算法的可调度分析

单调时限调度通过定义Di≤Ti放宽了单调比率调度对被调度任务集的限制,使之更加近似于工程实际,但现有的单调时限调度的可调度分析的充分条件十分复杂。文章提出并证明了基于最小处理器利用率上限的单调时限调度的充分可调度条件,大大简化了单调时限调度的调度分析。     

Scheduling Messages with Earliest Deadline Techniques

Thispaper discusses the applicability of earliest deadline schedulingtechniques to local area networks. The focus is on controllerarea networks (the only standard that allows direct implementation)although a comparison is tried with other possible implementationson different network topologies (and contention resolution methods).Message scheduling follows the well-known EDF algorithm. Thepaper discusses the limitations and the problems in the implementationof the algorithm on standard controller area network protocols.Then, it presents a short study on the comparative effectivenessof other contention resolution methods modeled on the standardsToken-ring and Carrier Sense Multiple Access-Collision DetectionCSMA-CD (all implementing the earliest deadline scheduling policy.)Finally, the paper shows how to compute an optimal packet sizewith respect to the guaranteeability of the real-time properties,exploiting the trade-off between preemptability and efficiency.     

Deadline scheduling in the Linux kernel

During the last decade, there has been a considerable interest in using Linux in real‐time systems, especially for industrial control. The simple and elegant design of Linux guarantees reliability and very good performance, while its open‐source license allows to modify and change the source code according to the user needs. However, Linux has been designed to be a general‐purpose operating system. Therefore, it presents some issues like unpredictable latencies and limited support for real‐time scheduling. In this paper, we present our experience in the design and implementation of the real‐time scheduler that has been recently included in the Linux kernel. The scheduler is based on the Resource Reservation paradigm, which allows to enforce temporal isolation between the running tasks. We describe the genesis of the project, the challenges we have encountered, the implementation details and the API offered to the programmers. Then, we show the experimental results measured on a real hardware. Copyright © 2015 John Wiley & Sons, Ltd.     

软件需求分析的研究

通过物资管理系统的需求分析，说明了软件需求分析的重要性，详细阐述了软件需求分析的任务、过程、原则和方法。     

Domain analysis for software reuse

A theory of domain knowledge is proposed that consists of ‘grounded domains' that model a set of cooperating objects that achieve a purpose. Grounded domains have spatial presence in the real world and contain agents that act on objects within a context of structures. More complex meta-domains use grounded domains as their subject matter and describe education, management, etc. The third component of the theory, generic tasks, describes problem solving activity such as diagnosis, searching, planning and scheduling. Generic tasks describe the behavioural components in both grounded and meta-domains. The reusable library of generic models is applied to the design of interactive systems by reusing the models as templates, and to reuse design knowledge in the form of associated design rationale. A process for recognising generic models is described with recognition heuristics structured in a walkthrough type of analysis for identifying key abstractions in new applications. The design process is illustrated with an information retrieval case study developed as a decision support system for emergency management, reusing information searching services. The discussion reviews the prospects for reusable patterns in interactive systems design, and similar approaches in software and knowledge engineering.     

Risk analysis in software design

Risk analysis is, at best, a good general-purpose yardstick by which we can judge our security design's effectiveness. Because roughly 50 percent of security problems are the result of design flaws, performing a risk analysis at the design level is an important part of a solid software security program. Taking the trouble to apply risk-analysis methods at the design level for any application often yields valuable, business-relevant results. The risk analysis process is continuous and applies to many different levels, at once identifying system-level vulnerabilities, assigning probability arid impact, arid determining reasonable mitigation strategies. The paper looks at how, by considering the resulting ranked risks, business stakeholders can determine how to manage particular risks and what the most cost-effective controls might be.     

Cost-effective analysis of in-place software processes

Process studies and improvement efforts typically call for new instrumentation on the process in order to collect the data they have deemed necessary. This can be intrusive and expensive, and resistance to the extra workload often foils the study before it begins. The result is neither interesting new knowledge nor an improved process. In many organizations, however, extensive historical process and product data already exist. Can these existing data be used to empirically explore what process factors might be affecting the outcome of the process? If they can, organizations would have a cost-effective method for quantitatively, if not causally, understanding their process and its relationship to the product. We present a case study that analyzes an in-place industrial process and takes advantage of existing data sources. In doing this, we also illustrate and propose a methodology for such exploratory empirical studies. The case study makes use of several readily-available repositories of process data in the industrial organization. Our results show that readily available data can be used to correlate both simple aggregate metrics and complex process metrics with defects in the product. Through the case study, we give evidence supporting the claim that exploratory empirical studies can provide significant results and benefits while being cost-effective in their demands on the organization     

有感于“力学分析软件化”

本次专家视点栏目特邀同济大学博士生导师张若京教授介绍“力学分析软件化 .张若京教授目前担任同济大学航空航天与力学学院应用力学研究所名誉所长，兼任教育部力学教学指导委员会委员、中国力学学会理事、上海力学学会副理事长、《力学季刊》副主编以及《力学与实践》、《固体力学学报》和国外期刊Computers，Materials ＆ Continua等的编委，目前从事工程力学领域的研究，包括结构的静动力学分析、连续介质与电场的相互作用、流固耦合问题的计算方法等.[编者按]     

软件可靠性估计的不确定性分析

在软件开发早期阶段,为分析组件的可靠性和组件间的转移概率的不确定时软件可靠性估计的影响,在基于体系结构的可靠性模型基础上,采用贝叶斯方法对参数的不确定性进行分析.将组件间的转移概率视为随机变量,分析中选用Dirichlet分布的概率密度函数作为先验密度函数,通过MonteCarlo模拟得到系统可靠性的后验估计.实验结果表明,该方法可在早期阶段发现不确定性因素对于系统可靠性的影响,为一些重要的资源分配提供依据.     

An institutional analysis of software teams

Modern software is constructed by teams of software developers. The central question that this paper addresses is what policies should be enacted for structuring software teams to enhance cooperative as opposed to self-serving behavior? The contribution of this paper is in viewing software teams as being subject to a set of well-understood collective action problems: there are individual incentives to receive the joint rewards for a team-developed software project without contributing a fair share to its development. In this paper, an institutional analysis perspective is used in presenting a set of theoretical principles and an analytical framework recently developed in game theory, political economy, experimental economics, and natural resource governance for the understanding and resolution of these collective action problems. The principles and analysis framework are applied to an empirical case study of software teamwork within an academic setting. This case study shows, first, how to apply the analytic framework on an actual collective action situation. Second, it demonstrates how the theoretical understandings can be used as a basis to account for outcomes within this setting. And third, it provides an example of a particular institutional arrangement that elicits high levels of cooperation and low levels of free riding within a real-world setting. Understanding the importance of institutions for shaping individual and social behavior within software development teams makes these institutions more amenable to intentional human design.     

软件项目的可拓分析

将物元的可拓性应用于管理软件项目,根据物元模型理论,分析客户的要求和软件开发方综合实力,建立软件项目的总目标物元和条件物元,利用物元的可拓性,从多角度分析,得到各软件模块的分目标物元和各项目小组的期望条件物元.继而使各模块的目标及其实现途径条理化,化不相容问题为相容,使软件项目管理形式化,帮助管理者理清思路,制定合理的项目软件开发计划.该方法为解决软件企业普遍存在的项目目标过高而自身开发能力不足的矛盾提供了一种新思路.