Addressing the Need to Qualify C/C++ Compilers & Libraries for Use in a Safety-Critical Context

July 29, 2021

Blog

The systems used in modern automotive, rail, industrial control, medical, and aerospace applications are, of course, incredibly complex and intricate. Given their safety-critical nature, ongoing reliable operation needs to be assured and the risk of prospective failures mitigated. It is therefore mandatory that these systems fully comply with established functional safety standards: ISO 26262, IEC 61508, or EN 50128, depending on the industry sector involved.

This presents a serious challenge for application developers. They do not have to just verify the integrity of the code they have written themselves. In addition to that, they need to take into account any standard libraries they have incorporated into their systems, which will have been acquired to speed up the development process (by making use of pre-existing code).

It should be noted that normally these libraries would have been developed for widespread implementation across a multitude of different applications – not for specific use cases or in accordance with the defined functional safety standard that relates to the target application.

With this in mind, it is paramount that application engineers can gain visibility of the potential impact any libraries employed within their systems might have on their ability to meet the relevant functional safety requirements (in line with a given automotive ASIL class, for instance). They have to make certain that these libraries, just like their own code, are completely valid for the use case. Furthermore, this must be verified under both normal and abnormal operating conditions. 

If a component found within a library sourced from a third-party software supplier has defects that emerge when applied to a particular use case scenario, then the outcome could be disastrous – with human lives potentially being put in danger. Comprehensive qualification testing in relation to the actual use case will therefore need to be undertaken. This has to encompass the libraries, plus the accompanying compilers used to translate the code into a binary form. The test results must provide coverage for the code that has been written by the application engineers themselves, as well as what has been derived from the standard libraries they have integrated.      

Additional know-how

During the Embedded Safety & Security Summit (ESSS), Soild Sands CTO, Marcel Beemster, gave a keynote on this subject. He explained the importance of being able to qualify the C/C++ libraries and compilers relating to safety-critical system implementations.

In addition to this subject, last week we shared our brand new whitepaper, SuperGuard: Qualifying the C Standard Library for use in safety-critical applications.

---

Marcel Beemster is a professional of compiler technology with a PhD in Computer Science from the University of Amsterdam. From 1999 he was senior software engineer at ACE to manage a wide range of compiler development projects. Since early 2013, his focus shifted to the support, maintenance and development of the SuperTest compiler test and validation suite for C and C++. Marcel co-founded Solid Sands in 2014 in order to put his full attention to compiler validation and its application in safety-critical application development. He loves the C programming language, right from the first day he picked up K&R’s book, because it provides a direct connection with the machine at high performance.