安全关键系统的栈空间分析研究

由于存储空间异常引起的系统故障,系统开发或维护人员很难从失效特征直接判断到根原因。另外,存储空间异常通常会引起整个系统崩溃,对于安全关键系统,如航空电子系统,系统的失效往往会引起坠机或人员伤亡,因此,对安全关键系统的空间分析显得尤为重要。由于系统栈空间的分析涉及系统动态运行状态,在程序的任意点都有可能被中断服务程序或实时操作系统的其它任务中断。此外系统的栈分析需要基于目标码等特性,再次增加了对于系统栈空间分析的难度。本文从栈空间分析的必要性出发,提出一种综合中断抢占图的栈分析理论和方法,并就安全关键系统如何保证栈空间使用的确定性进行论述。最后,就安全关键软件系统FCOS的栈空间分析过程进行详细的阐述。

Study on Stack Analysis of Safety Critical System

It is very difficult to find the root cause of a system failure caused by memory exception, partly because the system fail- ure symptoms are quite far from the real errors. In addition, a memory error often causes the whole system crash, such as avionics system, which would cause the crash of the aircraft or human casualty. Therefore as for safety critical system, the memory analy- sis is crucial. On the other side, compared with other memory space, stack itself is dynamic; meanwhile the dynamic scheduling and the object-code-based analysis enlarge the difficulty of stack analysis as well. Starting with the necessary of stack analysis, this paper proposes a stack analysis combining with interrupt preemption graph. Based on this theory, some suggestions are given for the safety critical system to guarantee the determination of the worst case stack depth. And then, as a real case, this paper conducts the stack analysis for a safety critical system FCOS. The process and result are mentioned also.