DOI QR코드

DOI QR Code

무기체계 소프트웨어 신뢰성 시험 개선점 도출을 위한 소프트웨어 정적/동적 검증 분석 사례연구

Analytical Study on Software Static/Dynamic Verification Methods for Deriving Enhancement of the Software Reliability Test of Weapon System

  • 박지현 (이화여자대학교 컴퓨터공학과) ;
  • 최병주 (이화여자대학교 컴퓨터공학과)
  • 투고 : 2019.02.01
  • 심사 : 2019.05.31
  • 발행 : 2019.07.31

초록

무기체계 소프트웨어 개발 시 수행하는 신뢰성 시험은 크게 정적 검증과 동적 검증으로 구분된다. 정적 검증에서는 소프트웨어 코드를 수행시키지 않고 코딩 규칙 점검, 취약점 점검, 소스 코드 메트릭 점검을 수행하고, 동적 검증에서는 요구 사항을 기반으로 실제 소프트웨어를 실행시켜 기능을 검증하고 코드 실행률을 측정한다. 이러한 정적/동적 검증의 목적은 소프트웨어에 존재하는 결함을 발견하기 위한 것이다. 그러나 현재의 무기체계 소프트웨어 신뢰성 시험만으로는 여전히 탐지할 수 없는 결함들이 존재한다. 본 논문에서는 소프트웨어에서 발생할 수 있는 결함에 대해 무기체계 신뢰성 시험의 정적 검증과 동적 검증으로 탐지를 할 수 있는지를 사례실험을 통하여 분석 한다. 그 결과로 현재의 정적 검증과 동적 코드 커버리지 측정에서 더 나아가 무기체계 신뢰성 시험, 특히 동적 시험의 개선방안으로 연결하고자 한다.

The reliability test performed when developing the weapon system software is classified into static test and dynamic test. In static test, checking the coding rules, vulnerabilities and source code metric are performed without executing the software. In dynamic test, its functions are verified by executing the actual software based on requirements and the code coverage is measured. The purpose of this static/dynamic test is to find out defects that exist in the software. However, there still exist defects that can't be detected only by the current reliability test on the weapon system software. In this paper, whether defects that may occur in the software can be detected by static test and dynamic test of the current reliability test on the weapon system is analyzed through experiments. As a result, we provide guidance on improving the reliability test of weapon system software, especially the dynamic test.

키워드

JBCRJM_2019_v8n7_265_f0001.png 이미지

Fig. 1. Example of MISRA Rule Avoidance

JBCRJM_2019_v8n7_265_f0002.png 이미지

Fig. 2. Defect Detection Ratio of Coding Rule

JBCRJM_2019_v8n7_265_f0003.png 이미지

Fig. 3. Defect Detection Ratio of CWE Check

JBCRJM_2019_v8n7_265_f0004.png 이미지

Fig. 6. Example of an Atomicity Violation due to using Variable

JBCRJM_2019_v8n7_265_f0005.png 이미지

Fig. 7. Defect Detection Ratio of Runtime Error Static Analysis Tools

JBCRJM_2019_v8n7_265_f0006.png 이미지

Fig. 5. Example of a Message Deadlock

Table 1. Dynamic Software Defects

JBCRJM_2019_v8n7_265_t0001.png 이미지

Table 2. Static Analysis Target

JBCRJM_2019_v8n7_265_t0003.png 이미지

Table 3. Target Applications

JBCRJM_2019_v8n7_265_t0004.png 이미지

Table 4. Dynamic and Static Tools

JBCRJM_2019_v8n7_265_t0005.png 이미지

Fig. 4. Defect Detection Ratio of Dynamic Defect Detection Tools

JBCRJM_2019_v8n7_265_t0006.png 이미지

참고문헌

  1. J. Kim, S. Jeong, I. Hwang, H. Cho, D. Kim, and Y. J. Jang, "M&S Verification, Validation and Accreditation Research Direction Considering the Characteristics of Defense M&S," Journal of Korean Institute of Industrial Engineers, Vol.39, No.6, pp.486-497, 2013. https://doi.org/10.7232/JKIIE.2013.39.6.486
  2. Kyeongyoun Kwon, Joonseok Joo, Taesik Kim, Jinwoo Oh, and Jihyun Baek, "A Study on Quality Assurance of Embedded Software Source Codes for Weapon Systems by Improving the Reliability Test Process," Journal of KIISE, Vol.42, No.7, pp.860-867, 2015. https://doi.org/10.5626/JOK.2015.42.7.860
  3. Weapon System Software Development and Management Manual, "Defense Acquisition Program Administration Manual No.2017-8," 2017.
  4. Jihyun Park and Byoungju Choi, "Analysis on Dynamic Software Defects for Increasing Weapon System Reliability," Journal of KIPS Tr. Software and Data Eng., Vol.7, No.7, pp. 249-258, 2018.
  5. Motor Industry Software Reliability Association. MISRA C 2012: Guidelines for the Use of the C Language in Critical Systems: March 2013. Motor Industry Research Association, 2013.
  6. S. N. Cant, D. R. Jeffery, and B. Henderson-Sellers, "A Conceptual Model of Cognitive Complexity of Elements of the Programming Process," Information and Software Technology, Vol.37, No.7, pp.351-362, 1995. https://doi.org/10.1016/0950-5849(95)91491-H
  7. Jooyoung Seo, Byoungju Choi, and Suengwan Yang, "A Profiling Merhod by PCB Hooking and its Application for Memory Fault Detection in Embedded System Operational Test," Journal of Information and Software Technology, Vol. 53, No.1, pp.106-117, Jan. 2011. https://doi.org/10.1016/j.infsof.2010.09.003
  8. Jooyoung Seo, Byoungju Choi, and Sihyun Lee, "Software Generated Device Exception for more Intensive Devicerelated Software Testing: An Industrial Field Study," Journal of Systems and Software, Vol.86, No.12, pp. 3193-3212, Dec. 2013. https://doi.org/10.1016/j.jss.2013.07.058
  9. F. Wu, J. Nanavati, M. Harman, Y. Jia, and J. Krinke, "Memory Mutation Testing," Information and Software Technology, Vol.81, pp.97-111, 2017. https://doi.org/10.1016/j.infsof.2016.03.002
  10. Hossain Shahriar and Mohammad Zulkernine, "Mutationbased Testing of Buffer Overflow Vulnerabilities, Computer Software and Applications," (COMSAC'08) 32nd Annual IEEE International, pp.979-984. 2008.
  11. Markus Kusano and Chao Wang, "CCmutator: A Mutation Generator for Concurrency Constructs in Multithreaded C/C++ Applications," in Proceeding of the 28th IEEE/ACM International Conference on Automated Software Engineering, pp.722-725, 2013.
  12. Alper Sen, "Mutation Operators for Concurrent SystemC Designs," in Microprocessor Test and Verification (MTV), 10th International Workshop on, pp.27-31, Dec. 2009.
  13. Sunwoo Kim, John A. Clark, and John A. Mcdermid, "Class Mutation: Mutation Testing for Object-oriented Programs," In Proc. Net. ObjectDays. Erfurt, Germany: Net. Objects, pp.9-12, 2000.