Analysis of Safety-Critical & Mission-Critical Systems Using ASIS An Interface to the Ada 95...

Analysis of Safety-Critical &

Mission-Critical Systems

Using ASISAn Interface to the Ada 95 Compilation Environment

Mr. Currie ColketChair, ACM/SIGAda/ASIS Working Group (ASISWG)

Chair, ISO/IEC JTC1/SC22 WG9 ASIS Rapporteur Group (ASISRG)Phone: (703) 883-7381; Email: [email protected], [email protected]

Dr. Bill ThomasVice Chair, ASISWG for Publicity/Meetings

Phone: (703) 883-6159; Email: [email protected]

4 May 1999STC’99

Electronic Copy on ASIS Home Page => http://www.acm.org/sigada/WG/asiswg

4 May 1999 ASIS 2

Overview

• Why Code Analysis for Safety/Mission-Critical Systems• What is ASIS?

- Syntactic & Semantic Queries- Examples of Tools Built on ASIS

• ASIS Architecture• Template for ASIS Analysis• Examples of Safety/Mission-Critical Analysis of Code• ASIS is now ISO Standard• Summary

An Interface to the Ada 95 Compilation Environment

4 May 1999 ASIS 3

Why Code Analysis for Mission-Critical Systems

•Safety and security verification•Quality assessment metrics•Test-case generation and coverage analysis•Coding style and standards compliance

•Timing and sizing estimation•Dependency trees and impact analysis

•Data flow analysis and usage metrics•Invocation (call) trees and cross-reference•Usage counts of language constructs•Code browsing and navigation•Documentation generation•Reverse engineering and re-engineering•Language translation and code restructuring

Addressing these concerns results in higher quality systems

Safety/Quality

Concerns

Perform

ance

Concerns

Engineering

Concerns

4 May 1999 ASIS 4

Why Code Analysis for Safety-Critical Systems

Four Approaches required by standards to support theverification of software:• Traceability• Reviews• Analysis• Testing

• International Generic Safety Application Standard: [IEC-61508] - (Part 3 concerns software)• Sector specific guidance and standards:

• Airborne civil avionics [DO-178B]• Nuclear power plants [IEC 880]• Medical Systems [IEC 601-4]• Pharmaceutical [GAMP]

• National/regional guidance and standards• UK Defence [DS 00-55]• European rail [EN 50128]• European security [ITSEC]• US Nuclear [NRC]• UK Automotive [MISRA]• US medical [FDA]• US Space [NASA]

• Guidance for the use of the Ada Programming Language in High Integrity Systems [Draft ISO/IEC TR 15942]

4 May 1999 ASIS 5

Analysis for Verification of Software

Analysis methods, required in different combinations by various standards:

• Control Flow

• Data Flow

• Information Flow

• Formal Code Verification

• Range Checking

• Symbolic Execution

• Stack Usage

• Timing Analysis

• Other Memory Usage

• Object Code Analysis

ASIS directly supports these analysis methods

ASIS can indirectly support some of remaining analysis methods

4 May 1999 ASIS 6

What is ASIS?

Ada Source Code Compile

Ada Environment

ASIS Interface

CASE Tool or Application

standard interface

proprietary interface

Link

Provides Syntactic and Semantic Information from

Ada Environment using a standard interface

APPLICAT ION

SYSTEM

4 May 1999 ASIS 7

Syntactic Information

Object

Latitude 0.0A B :=:

List of Identifiers Subtype Indication Initial Expression

Object Declaration

Ada syntax is summarized in Ada 95 RM, Annex P as variant of Backus-Naur Form

For example:object_declaration ::== defining_identifier_list : [aliased] [constant] subtype_indication [:= expression]; | ...

For the Ada object declaration => A,B: Latitude := 0.0;

Syntactic Element Tree Representation =>

ASIS can extract desired syntactic information for every syntactic categoryOf the 367 ASIS Queries, most support syntactic tree analysis

4 May 1999 ASIS 8

Semantic Information

These mechanisms allow ASIS to traverse the syntactic tree like Hypertext allows one to traverse a document

Type

Latitude

+90.0

Range

DefiningIdentifier

Static Simple Expressions

-90.0

Full Type Declaration

Real RangeSpecification

Type DefinitionReal Type DefinitionFloating Point Definition

Ada semantics are provided viamechanisms such as Corresponding_:

Corresponding_Type_Declaration, Corresponding_Name_Definition, Corresponding_Called_Function, Corresponding_Called_Entity,Corresponding_Type, Corresponding_Body, Corresponding_Entry, etc.

Object

Latitude 0.0A B :=:

List of Identifiers Subtype Indication Initial Expression

Object Declaration

Digits

8

Static Expression

Corresponding_Name_Declaration

A := A + B;

Corresponding_ Name_Declaration

Corresponding_Expression_Type

4 May 1999 ASIS 9

Operations on Elements

Element

Enclosing Element

Element. A common abstraction used by ASIS to denote the syntax components (both explicit and implicit) of ASIS compilation units.

Enclosing Compilation UnitRelated

Elements

Kind

Component Elements

Text SpanText Image

ASIS Element Queries

4 May 1999 ASIS 10

Examples of Tools Built on ASIS

Ada EnvironmentCode Restructuring ToolsCode Browsing and Navigation ToolsCoding Style and Standards Compliance ToolsCross Reference ToolsData Flow Analysis ToolsDependency Tree Analysis ToolsDesign ToolsDocument Generation ToolsInvocation (Call) Tree Analysis ToolsLanguage-sensitive Editing and Prettyprinting ToolsLanguage Translation ToolsQuality Assessment ToolsReverse Engineering ToolsRe-Engineering ToolsSafety & Security Compliance ToolsStatic Correctness VerifiersTasking Analysis ToolsTest-case Generation & Coverage Analysis ToolsUsage, Quality, & Complexity Metrics Tools

ASIS Interface

Tools portable to Ada

environments supporting

ASIS Interface

4 May 1999 ASIS 11

ASIS Lets Client Tools "Snap On" to Compilation Systems

etc.

Implementation Layer

ASIS

Ada Program Library

Lockheed-Martin Tools


ASIS

Ada Program Library

Boeing, MITRE Tools


ASIS

Ada Program Library

Magnavox, MARK V Tools


ASIS

Ada Program Library

Little Tree, SofTools Tools


ASIS

Ada Environment

CCI GmbH, Sema Group Tools


ASIS

Client Tools

Rational Ada Environment


ASIS

Client Tools

GNAT Ada Environment


ASIS

Client Tools

DDC-I Ada Environment


ASIS

Client Tools

Aonix Ada Environment

etc.

4 May 1999 ASIS 12

ASIS Usage

Compiler Implementers:

ACT Aonix Concurrent DDC-I Green Hills Intermetrics OC Systems Rational (very soon)

Tool Vendors:

Aonix CCI GmbH DRC GRC Little Tree Consulting Mark V ORA Corp Rational Simulog SofTools Swiss Federal Institute of Tech

End Users:

Air Force Boeing FAA IBM Lockheed-Martin Logicon Loral Magnavox MITRE Navy Sema Group Unisys WPL Labs + HRG

* Usage not known, but voted approval for ASIS CD Final on ISO/IEC JTC1/SC22 Ballot

Countries:

Australia Belgium * Canada China Czech Republic * Denmark Egypt * Finland * France Germany Ireland * Japan Netherlands * Norway * Russian Federation Sweden Switzerland Ukraine * United Kingdom United States

Ada95

Ada95

Ada95

Ada95

Ada95

Ada95

Ada95

4 May 1999 ASIS 13

ASIS Abstractions - Package ASIS

Ada Semantic Interface Specification (ASIS)

Package Asis provides:

Common types: ASIS_Integer, ASIS_Natural, ASIS_Positive, List_Index, Context, Element, Element_List, Element Subtypes,

Element Kinds (collection of enumeration types), Compilation_Units, Compilation_Unit_List, Unit Kinds (collection of enumeration types), Traverse_Control, and

Program_Text (subtype of Wide_String)

Queries via 20 visible child packages

Ada Exceptions for errors with Status & Diagnostic information

Asis and child packages encapsulate vendor dependenciesDesigned to be portable for all implementations

4 May 1999 ASIS 14

ASIS Context

Ada

Environment

AdaCompiler

Ada Compilation Units

ASIS Context

Ada Compilation Units

Associate (…)ASISQueries

ASIS Tool orApplication

Context can be all compilation units in the active partition,a subset, or any set to which analysis is desired

4 May 1999 ASIS 15

ASIS

Clauses

Declarations

Definitions

Expressions

StatementsText

Tool or Application using ASIS

Implementation

Permissions

Ada_Environments

Containers

Errors

Ids

Exceptions

Data_Decomposition (optional)

Portable_Transfer

Portable_Unconstrained_Record_Type

Portable_Array_Type_1



Portable_Constrained_Subtype

Elements

Iterator

Compilation_Units

Relations

Times

ASIS Package Architecture

4 May 1999 ASIS 16

ASIS Abstractions - Ada_Environments


ASIS.Ada_Environments

Associate

Dissociate

Has_Associations

Open

Close

Is_Equal

Exists

Is_Open

Name

Default_Name

Parameters

Default_Parameter

Environment Model:

Associates name and parameters Open, Query, and Close Provides analysis free of vendor details and assumptions

Is_Identical

ASIS Context identifies an Ada Environment asdefined by ISO/IEC 8652:1995 [Ada 95] whichallows implementations to define methods to enterCompilation Units into the environment

..

.

4 May 1999 ASIS 17

ASIS Abstractions - Compilation Units


ASIS.Compilation_Units

Unit_Origin

Corresponding_Body

Corresponding_Children

Is_Equal

Attribute_Values

Has_Attribute

Exists

Can_Be_Main_Program

Subunits

“Times”

“Relations”

Compilation_Units

Unit_Kind

...

Provides external “Black Box” view

Attributes:

Relationships:

Compilation Unit ModelFetch by nameQuery of attributes & relationshipsGateway to internal view using Elements

Date compiled, Text File, Compilation Options,Optimizations, Can Be a Main Program

Ancestors, Descendants, Supporters, Dependents, Family, Needed_Units

4 May 1999 ASIS 18

ASIS Abstractions - Elements


Asis.Elements...

Asis.Clauses...

Asis.Declarations...

Asis.Definitions...

Asis.Expressions...

Asis.Statements...

Asis.Exceptions...

Asis.Iterator..

...

Provides internal “White Box” view

Logical handle to Ada elements:

Element ModelElement kindsSyntactical queries to classify and decompose syntactic elementsSemantic queries Elements know their enclosing Compilation Unit & Context

Declarations, Statements, Expressions, Type Definitions, With Clauses ...

Element. A common abstraction used by ASIS to denote the syntax components (both explicit and implicit) of ASIS compilation units.

4 May 1999 ASIS 19

ASIS Abstractions - Implementation


ASIS.Implementation

Is_Initialized

Is_Finalized

Status

Set_Status

Diagnosis

“Permissions”

...

Initialize

Finalize

Using ASIS:

Asis.Implementation.Initialize; -- To setup environment...-- Determine ASIS implementation permissions

P := Asis.Implementation.Permissions.Is_Line_Number_Supported;...Asis.Ada_Environments.Associate (...); -- To name Ada contextAsis.Ada_Environments.Open (...); -- To gain (library) access... -- Use various ASIS interfaces... Asis.Ada_Environments.Close (...); -- To close (library) access Asis.Ada_Environments.Disassociate (...); -- To release context

Asis.Implementation.Finalize; -- To release all resources

4 May 1999 ASIS 20

Analysis Characteristics of

Mission-Critical SystemsTypical Analysis Characteristics:– Large-Scale Software Systems

– Analyses performed throughout the product lifecycle

– Often unique, application or domain analyses

– Inconsistent/Incomplete Documentation

– Wide variety of compilation platforms

– Development and analysis platforms often are different

We need the ability to develop, enhance and maintain custom software analysis applications

We need the ability to develop, enhance and maintain custom software analysis applications

We cannot depend on commercial products to support these requirements

We cannot depend on commercial products to support these requirements

ASIS provides strong support for the development of such new analyses

4 May 1999 ASIS 21

Sample Asis-based Application for Code Analysis

Examples of Code Analysis: 1. Identification of Declarations for Information Flow Analysis 2. Call Tree for Control Flow Analysis 3. Restrictions Checker for Formal Code Verification - Reports the violation and the line number of violation

But first an application template for ASIS-based Analysis - Useful for most ASIS-based Analysis - Examines all compilation units in an Ada Environment

4 May 1999 ASIS 22

with Asis;with Asis.Implementation;with Asis.Ada_Environments; -- other ASIS packages, as requiredwith Asis.Compilation_Units;

with Check_Compilation_Unit;

procedure My_Application is

My_Context : Asis.Context; begin Asis.Implementation.Initialize; Asis.Ada_Environments.Associate (My_Context, ""); Asis.Ada_Environments.Open (My_Context);

<< ASIS Application Processing >>

Asis.Ada_Environments.Close (My_Context); Asis.Ada_Environments.Dissociate (My_Context); Asis.Implementation.Finalize;end My_Application;

ASIS Application Template (1 of 5)

4 May 1999 ASIS 23

ASIS Application Template (2 of 5)

<< ASIS Application Processing >>declare Unit_List : constant Asis.Compilation_Unit_List := Asis.Compilation_Units.Compilation_Units (My_Context);

begin

for I in Unit_List'Range loop case Asis.Compilation_Units.Unit_Origin (Unit_List (I)) is when Asis.An_Application_Unit =>

Check_Compilation_Unit.Perform_ASIS_Analysis (Unit_List (I));

when others => null; end case; end loop;

end;

4 May 1999 ASIS 24

ASIS Application Template (3 of 5) Package Check_Compilation_Unit

with Asis;package Check_Compilation_Unit is

procedure Perform_ASIS_Analysis (CU : in Asis.Compilation_Unit);

end Check_Compilation_Unit;

4 May 1999 ASIS 25

ASIS Application Template (4 of 5) Package Body

with Asis; with Asis.Elements; with Asis.Iterator; with <other ASIS packages>with Ada.Wide_Text_Io; use Ada.Wide_Text_Io; package body Check_Compilation_Unit is

procedure Process_Element (An_Element : in Asis.Element; Control : in out Asis.Traverse_Control; Dummy : in out boolean); procedure No_Op (An_Element : in Asis.Element; Control : in out Asis.Traverse_Control; Dummy : in out boolean);

procedure Analyze_Unit is new Asis.Iterator.Traverse_Element (boolean, Process_Element, No_Op);

Procedure Perform_ASIS_Analysis (CU : Asis.Compilation_Unit) is Control : Asis.Traverse_Control := Asis.Continue; Dummy : boolean; begin Put_Line ("Processing Unit:" & Asis.Unit_Kinds’Wide_Image (Asis.Compilation_Units.Unit_Kind(CU)) & ": " & (Asis.Compilation_Units.Unit_Full_Name(CU))); Analyze_Unit (Asis.Elements.Unit_Declaration (CU), Control, Dummy); New_Line; end Perform_ASIS_Analysis; end Check_Compilation_Unit;

See Next Page

Body of No_Op is null

4 May 1999 ASIS 26

ASIS Application Template (5 of 5) Process_Element

procedure Process_Element (An_Element : in Asis.Element; Control : in out Asis.Traverse_Control; Dummy : in out boolean) is

<procedure declarations>

begin

-- Perform_Information_Flow_Analysis_ Identify_Declarations (An_Element); -- Example 1 ... -- Perform Control_Flow_Analysis_ Generate_Call_Tree (An_Element); -- Example 2 ... -- Perform Formal_Code_Verification_Restrictions_Checks_ Check_Library_Level_Task(An_Element); -- Example 3 ... -- Perform Metrics Analysis ...

end Process_Element;Note: this approach is valuable if a report is to beproduced for each analysis. In the simple example provided, the printed output would be interleaved.

4 May 1999 ASIS 27

Example 1 : Identify Declarations for Information Flow Analysis - 1

procedure Identify_Declarations (An_Element : in Asis.Element) is

package Kind_Io is new Ada.Wide_Text_Io.Enumeration_Io (Asis.Declaration_Kinds); Decl_Kind : Asis.Declaration_Kinds := Asis.Elements.Declaration_Kind (An_Element);

begin

case Decl_Kind is when Asis.Not_A_Declaration => null; when others => declare Name_List : Asis.Defining_Name_List := Asis.Declarations.Names (An_Element); begin for I in Name_List'Range loop Put (Asis.Declarations.Defining_Name_Image (Name_List (I))); Put (" (is kind) "); Kind_Io.Put (Decl_Kind); New_Line; end loop; end; end case;

end Identify_Declarations;

For =>

package Asis_Test is

type T is ( A, B, C);

S : integer := T'BASE'SIZE ;

end Asis_Test ;

Result =>

Processing Unit: Asis_TestAsis_Test (is kind) A_PACKAGE_DECLARATIONT (is kind) AN_ORDINARY_TYPE_DECLARATIONA (is kind) AN_ENUMERATION_LITERAL_SPECIFICATIONB (is kind) AN_ENUMERATION_LITERAL_SPECIFICATIONC (is kind) AN_ENUMERATION_LITERAL_SPECIFICATIONS (is kind) A_VARIABLE_DECLARATION

4 May 1999 ASIS 28

Other Analysis Alternatives

Decl_Kind from example is of type Declaration_Kinds defined in Subclause 3.9.4Queries on Declaration_Kinds are found in Asis.Declarations (Clause 15)

General Element processing queries in Asis.Elements (Clause 13)

Similar syntactic processing can be performed on other Element Kinds defined in 3.9:

Element KindsAsis.Elements (Clause 13)

Defining_Name_KindsAsis.Declarations (Clause 15)

Definition_KindsAsis.Definitions (Clause 16)

Expression_KindsAsis.Expressions (Clause 17)

Statement_KindsAsis.Statements (Clause 18)

Clause_KindsAsis.Clauses (Clause 19)

Declaration_KindsAsis.Declarations (Clause 15)

4 May 1999 ASIS 29

Example 1 : Identify Declarations for Information Flow Analysis - 2

Notes for extending capability for analysis of when objects are read and set:

1. ASIS has capability to hyperlink to original declaration (unwinding through renamings through a number of different packages may be required)

My_Object_Declaration := Asis.Expressions.Corresponding_Name_Declaration (My_Object));

2. ASIS has capability to compare elements to see if they are identical

Asis.Elements.Is_Identical (My_Object_Declaration, Variable_Declaration(I))

3. ASIS has capability for unique, persistent ids, valid until active partition is recompiled (Useful for sharing information between tools)

Unique_Persistent_ID := Asis.Ids.Create_Id (An_Element); 4. ASIS can easily obtain line numbers or textual span of elements

Line_Number := Asis.Text.First_Line_Number (My_Object);Span := Asis.Text.Span (My_Object_Declaration);

For example, span of Decl_Kind’s Object Declaration is logically:

Decl_Kind : Asis.Declaration_Kinds := Asis.Elements.Declaration_Kind (An_Element);

4 May 1999 ASIS 30

Example 2 : Generate_Call_Tree for Control Flow Analysis - 1

procedure Generate_Call_Tree (An_Element : in Asis.Element) is Callee : Asis.Declaration; begin case Asis.Elements.Element_Kind (An_Element) is

when Asis.An_Expression => case Asis.Elements.Expression_Kind (An_Element) is when Asis.A_Function_Call => Callee := Asis.Expressions.Corresponding_Called_Function (An_Element); if not Asis.Elements.Is_Nil (Callee) then Output_Call (An_Element, Callee); -- See Next page end if; when others => null; end case; when Asis.A_Statement => case Asis.Elements.Statement_Kind (An_Element) is when Asis.A_Procedure_Call_Statement | Asis.An_Entry_Call_Statement => Callee := Asis.Statements.Corresponding_Called_Entity (An_Element); if not Asis.Elements.Is_Nil (Callee) then Output_Call (An_Element, Callee); -- See Next page

end if; when others => null; end case; when others => null; end case;end Generate_Call_Tree;

4 May 1999 ASIS 31


procedure Output_Call (Caller : Asis.Element; Callee : Asis.Declaration) is

Calling_Compilation_Unit : Asis.Compilation_Unit; begin -- Output_Call

Calling_Compilation_Unit := Asis.Elements.Enclosing_Compilation_Unit (Caller); if Asis.Compilation_Units.Is_Nil (Calling_Compilation_Unit) then Put ("An_Unknown_Unit"); else Put (Asis.Compilation_Units.Unit_Full_Name (Calling_Compilation_Unit)); end if;

Put (" (calls) "); Put (Asis.Declarations.Defining_Name_Image(Asis.Declarations.Names(Callee) (1))); Put (" at line "); Put (Asis.Text.Line_Number'Wide_Image (Asis.Text.First_Line_Number (Caller))); New_Line;

end Output_Call;P (calls) P1 at line 7

4 May 1999 ASIS 32


package P is procedure P1; procedure P2; procedure P3(X : integer); function F1 return integer; end;

Result =>

Processing Unit: P

Processing Unit: PP (calls) P1 at line 7

Processing Unit: P.F1

Processing Unit: P.P1P.P1 (calls) F1 at line 3P.P1 (calls) P2 at line 5P.P1 (calls) P3 at line 6

Processing Unit: P.P2P.P2 (calls) P3 at line 4P.P2 (calls) F1 at line 4

Processing Unit: P.P3

package body P is procedure P1 is separate; procedure P2 is separate; procedure P3(X : integer) is separate; function F1 return integer is separate; begin P1;end;

separate (P)procedure P3(X : integer) is begin null;end;

For =>

separate (P)procedure P1 is x : integer := F1;begin P2; P3(x);end;

separate (P)function F1 return integer isbegin return 0;end;

separate (P)procedure P2 isbegin P3(F1);end;

1

1

22

3

3

4

4

5

5

6

6

4 May 1999 ASIS 33

Example 3: Check_Library_Level_Taskfor Formal Code Verification Restrictions Checking

procedure Check_Library_Level_Task (An_Element : Asis.Element) is begin case Asis.Elements.Declaration_Kind (An_Element) is

when Asis.A_Task_Type_Declaration | Asis.A_Protected_Type_Declaration | Asis.A_Single_Task_Declaration | Asis.A_Single_Protected_Declaration =>

If not Asis.Elements.Is_Equal (Asis.Elements.Enclosing_Element(An_Element), Asis.Elements.Unit_Declaration( Asis.Elements.Enclosing_Compilation_Unit(An_Element)))

then Put_Line("Violation of Tasking Guideline:"); Put("-- Non-Library Level Task at Line:"); Put ( Asis.Text.Line_Number’Wide_Image (Asis.Text.First_Line_Number (An_Element))); New_Line; end if; when others => null; end case;

end Check_Library_Level_Task;

Processing Unit: Tasking_Violation_ExampleViolation of Tasking Guideline: -- Non-Library Level Task at Line: 47

4 May 1999 ASIS 34

ASIS Secondary Layers

Ada Environment

ASIS Interface

CASE Tool or Application

Secondary Layers

ProductivityConsistent resultsReliabilityPortability

ScannersNamespace View Reference ViewRegion ViewControl Flow View

• Widget -like layer of abstractions that model commonly used views of Ada program structure

• Each view provided in set of packages with operations for constructing and querying views

• Offer CASE tool builders same kind of benefits enjoyed by X-users:

• ASIS 83 Secondary layers available:

• Work is in progress for ASIS95

4 May 1999 ASIS 35

How to Get ASIS Artifacts

Via the ISO Catalogue =>

http://www.iso.ch/infoe/catinfo.html

ISO/IEC 15291:1999Information technology -- Programming languages -- Ada Semantic Interface Specification (ASIS)

The ASIS Specification:

ASIS tutorials, papers, examples, bibliography:

ASIS Home Page =>

http://www.acm.org/sigada/wg/asiswg

4 May 1999 ASIS 36

ASIS Schedule Dec 93

Mar 94

Jun 94

Jun 94

Nov 94

Mar 95

28 Apr 95

Jun 95

Nov 95

2 Feb 96

Feb 96

Mar 96

Jun 96

Dec 96

1 Mar 97

1 May 97

2 Jun 97

Aug 97

9 Mar 98

31 Jul 98

8 Dec 98

1999

AJPO recommends ASIS V1.1.0 (ASIS83) be used as

interface to Ada 83 Program Library

Design Goals for ASIS95 identified

ASISWG finalizes ASIS 83 as V1.1.1 with test suite

Evaluate design approaches for ASIS 95

Finalize approach for ASIS 95

Skeleton ASIS 95

ASISRG created unanimously by ISO/IEC JTC1/SC22 WG9

Skeleton ASIS 95; new library/environment model

Public Review of ASIS 95 initiated (Version 2.0.E)

ISO/IEC JTC1/SC22 approved NWI

ASIS available for GNAT Ada 95 Compiler

ASISRG vote to submit ASIS 95 as ISO Working Draft

ISO/IEC JTC1 approval of NWI - ASIS assigned ISO number 15291

WG9 ballot on ASIS 95 Working Draft commenced

WG9 ballot on ASIS completed (6 Affirmatives; 1 Abstain; 0 Negatives)

Disposition of Comments delivered to WG9

Disposition of Comments, ASIS to SC22 for Balloting approved

ASIS to SC22 for Registration as ISO CD& CD Final Ballot

ASIS approved by SC22 for CD Registration & CD Final

ASIS to SC22 and in turn JTC1 for FDIS Ballot

ASIS approved by ISO as ISO Standard

ASIS Available as ISO/IEC 15291:1999

4 May 1999 ASIS 37

Final Notes on ASIS

To get involved with ASISWG and/or ASISRG, send email to:

[email protected]

to join [email protected]

[email protected]

to join [email protected]

or call Currie Colket @ +1 (703) 242-4561

or Clyde Roby @ +1 (703) 845-6666

ASIS Home page => http://www.acm.org/sigada/wg/asiswg

• Provides both syntactic and semantic information

• Supports building powerful and highly portable CASE tools

• Supports many safety-critical & mission-critical requirements for code analysis

• Used in approximately 10 countries

• ASIS mature with 4 implementations today

ASIS - Interface for obtaining information from Ada environments

4 May 1999 ASIS 38

Restrictions Check Example: Short Circuit Operators

procedure Check_Short_Circuit( An_Element : in Asis.Element) is Op_Kind : Asis.Operator_Kinds := Asis.Elements.Operator_Kind (An_Element);

begin case Op_Kind is

when Asis.An_And_Operator => Put_Line("Violation of Short Circuit Operator guideline:"); Put("-- Use of AND Operator at line "); Put ( Asis.Text.Line_Number’Wide_Image (Asis.Text.First_Line_Number (An_Element))); New_Line; when Asis.An_Or_Operator => Put_Line("Violation of Short Circuit Operator guideline:"); Put("-- Use of OR Operator at line "); Put ( Asis.Text.Line_Number’Wide_Image (Asis.Text.First_Line_Number (An_Element))); New_Line; when others => null; end case;

end Check_Short_Circuit;

4 May 1999 ASIS 39

Ada Board Resolution About ASIS

The Ada Board recognizes the potential benefits to the DOD Ada community of an ASIS standard and therefore it recommends that the AJPO director support by whatever means possible, the development of an ASIS standard and its submission to ISO/WG9 for publication.

Vote: Passed unanimously

ACM ASIS Working Group established to develop ASIS for Ada 83 and Ada 95 with ISO WG9 ASIS Rapporteur Group for standardization of ASIS for Ada 95

Motion at the Ada Board 10-11 September 1992:

4 May 1999 ASIS 40

ACM’s SIGAda’s ASIS Working Group Charter

The purpose of this working group is to develop and participate in standardizing an implementation independent application programming interface to retrieve information from an Ada environment.

The Ada Semantic Interface Specification (ASIS) is an interface between an Ada environment (as defined by ISO/IEC 8652:1995) and any tool requiring information from it. An Ada environment includes valuable semantic and syntactic information. ASIS is an open and published callable interface which gives CASE tool and application developers access to this information. ASIS has been designed to be independent of underlying Ada environment implementations, thus supporting portability of software engineering tools while relieving tool developers from needing to understand the complexities of an Ada environment's proprietary internal representation.

The working group is currently developing ASIS for Ada 95, and is working towards its adoption as an international standard. The working group successfully developed ASIS for Ada 83, which is now complete and in the public domain.

Membership in the working group is open to any interested party. Members are responsible for their own expenses. Current members include representatives of Ada compiler implementors, CASE tool developers, application developers, and other interested users.

Original February 8, 1993, Updated June 28, 1994, Updated November 7, 1995

4 May 1999 ASIS 41

ASISRG-1

Scope

Standardize the interface between an Ada 95 compilation environment and tools/applications requiring information from this environment.

Purpose and Justification

The Ada Semantic Interface Specification (ASIS) is an interface between an Ada environment as defined by ISO/IEC 8652 and any tool requiring information from this environment. An Ada environment includes valuable semantic and syntactic information. ASIS is an open and published callable interface which gives CASE tool and application developers access to this information. ASIS has been designed to be independent of underlying Ada environment implementations, thus supporting portability of software engineering tools while relieving tool developers from having to understand the complexities of an Ada environment’s proprietary internal representation.

ISO/IEC JTC1/SC22 WG9 voted unanimously to create

ASISRG on 28 April 1995

4 May 1999 ASIS 42

ASISRG-2

Purpose and Justification (Continued)

As an international standard, ASIS will benefit the Information Technology community by facilitating the development of powerful CASE tools portable amongst the various environments provided by Ada vendors. This portability can only be achieved through the standardization of ASIS at the international level. A standardized ASIS will promote the development of powerful tools for the software engineering environment by providing access to important semantic information otherwise available only through proprietary interfaces. Further, ASIS will benefit the Information Technology community as a valuable resource for application development (e.g., decoupling system to system interfaces). The international standardization of ASIS will facilitate the use of this important capability in the development of system software applications.

ISO/IEC JTC1 assigned ASIS project number 15291 in May 1996

Successful Final Draft International Standard Ballot in Dec 1998

4 May 1999 ASIS 43

ASISWG/ASISRG Officers

Chair ASISWG/ASISRG: Vice-chair ASISWG: Recorder ASISWG: Vice-recorder ASISWG: Publicity/Meetings ASISWG:

ASISRG Co-Project Editors:

Currie Colket (MITRE)

Steve Blake (Aonix)

Clyde Roby (IDA) Dan Cooper (Boeing)

Bill Thomas (MITRE)

Steve Blake (Aonix)Clyde Roby (IDA)

4 May 1999 ASIS 44

ASIS Interface - Funding

FY88 & FY89 Funding provided by STARS

Later in FY89, STARS initiated a policy not to fund any standardization efforts and ASIS funding was halted along with all other standardization activities

There has been no STARS, no AJPO, and no DOD funding for ASIS Standardization since FY89

All post FY89 ASIS standardization funding has resulted from industry investment - user community working closely with the compiler implementor community

4 May 1999 ASIS 45

Example of Application Built on ASIS-1

System 1

Log Messages

Log

Analysis Reports

Problem

How do you delog data so an analyst can view data in a meaningful way?

Alternatives

1. Delog routine per message ID.

2. Universal delogger, able to interpret any message ID.

Expensive, inflexible, must be constantly updated

Effective, highly flexible, never needs updating

Byte stream of messages

4 May 1999 ASIS 46


Byte stream of messagesMessage Header identifies Ada Record Type

System 1

Ada Program Library

AS IS

Log Messages

Log

Analysis Program

Analysis Reports

Ada Record Type

With ASIS; universal delogger, able to interpret any type;Time reduced to build type dictionary from 704 hours to 2 hours

interpretation

Before ASIS; delog routine per type

4 May 1999 ASIS 47


Byte stream of messagesMessage Header identifies Ada Record Type

System 1

AS IS

Log Messages

Log

Analysis Program

Analysis Reports

Ada Record Type

ASIS provides ‘size, ‘position, ‘first_bit, ‘last_bitServices index Byte_Stream to primitive types using Unchecked_ConversionServices return values for analysis as variant record discriminated by ASIS Type_Kind

interpretation services

type message_1 is record field_1 : array_type; field_2 : record_type; field_3 : private_enumeration_type; end record; type message_2 (discrim_2: integer) is private;

private subtype range_type is positive range 10 .. 20; type varying_array_type is (integer range <> of float); type message_2 (discrim_2: integer); record field_1 : range_type; field_2 : varying_array_type (1 .. discrim_2); end record;

Header Byte_Stream (Array of Bytes)

4 May 1999 ASIS 48

ASIS Implementation Permissions

Object Request Broker (ORB)

ASIS(this standard)

with bodyProvided byImplementor

Encapsulating

Encapsulating

ASIS Client

as C++Source Code

ASIS Client

as JavaSource Code

ASIS Client

as Ada 95Source Code

ASIS Client

using IDL DII(Permission 4)

ASIS Client

as SmalltalkSource Code

Client Toolwritten in C++

(Permission 2)

Client Toolwritten in Java

(Permission 2)

Client Toolwritten

in Ada 95(Permission 2)

ASIS(this standard)

Client Toolwritten

in Smalltalk(Permission 2)

Client Toolwritten


Client Toolwritten


ASIS Server

as Ada 95Specification

Permissions:1. Traditional approach2. Client/Server approach3. Distributed traditional approach4. ASIS dynamic client approach

4 May 1999 ASIS 49

Creating an ASIS IDL

Reengineer using automated tools

ASIS(this standard)

ASIS in IDL

Compile for Ada 95as Server

+ +

Artifacts for Interface to ORBRegistration of ASIS IDL as Server with ORB

+ +

ASIS CORBAClient

as SmalltalkSpecification

ASIS CORBAClient


ASIS CORBAClient

as C++Specification

ASIS CORBAServer


ASIS CORBAClient

as JavaSpecification

Compile for Ada 95as Client

Compile for Javaas Client

Compile for Smalltalkas Client

Compile for C++as Client

+

Analysis of Safety-Critical & Mission-Critical Systems Using ASIS An Interface to the Ada 95...

Documents

Transcript of Analysis of Safety-Critical & Mission-Critical Systems Using ASIS An Interface to the Ada 95...