BUGSENG Webinars

In our webinars, we cover the latest developments in MISRA C/C++ and BARR-C coding standards, static analysis tools, tool qualification, and compliance to industrial functional safety standards. Each webinar will last around 45-50 minutes plus 10-15 minutes for questions, and all are completely free.

You can register to coming webinars by simply clicking on "Register" and filling a short registration form. Scrolling down this page you can browse through past webinars: click on "View recording" to watch them again on our YouTube channel!

 

Date, Time & ActionTitle & Abstract
 

Tuesday, September 29th, 2020

14:00-15:00 CEST (UTC+2)

22:00-23:00 CEST (UTC+2)

Register

MISRA C: The Power of C Without the Pitfalls

You understand the A-B-C's of C programming language and you know both its power and its problems. But you want better reliability, better safety, and better reusability. And also lower cost with faster development. In other words, you want the best of both worlds, you want a Ferrari and a Tesla, all combined. Is it possible? This webinar will have BUGSENG and AFuzion teach you how to apply MISRA C to improve your software reliability, reusability, development time, and cost. And this webinar is brought to you from the land of "Ferrari" (BUGSENG in Italy) and "Tesla" (AFuzion in the USA) so you'll have the winning combination and a balanced perspective.

For a little change of scenery, our CTO Roberto Bagnara will be hosted by Vance Hilderman, CEO at AFuzion Incorporated, one of the world's largest aviation & safety-critical services companies.

 
 

Tuesday, September 22nd, 2020

11:00-12:00 CEST (UTC+2)

Register

Understanding Implementation-Defined Behavior in C and C++

The belief that C text has meaning in itself is very common, even among seasoned C practitioners. In fact, the semantics of the C programming language is not fully defined. The more than a hundred implementation-defined behaviors underpins the fact that no meaning can be assigned to source code unless full details about the build process and the toolchain employed are available. In this webinar we will see, also by means of practical experiments, how the same C program text can exhibit thousands of different behaviors depending on the toolchain used to translate it to machine code and on the way the toolchain is used. We will also discuss the consequences this fact has for the correctness of static analysis.

 
 

Thursday, September 17th, 2020

11:00-12:00 CEST (UTC+2)

Register

Language Subsetting and Compiler Qualification in the Development of Software for Safety-Critical Systems

Development of critical system's software in compliance with functional safety standards (such as DO-178C and ISO 26262) is challenging. The development of such software in C can save time and money provided two crucial aspects are properly taken into account: language subsetting and compiler qualification. Proper language subsetting (for instance, by strict adherence to MISRA C:2012 plus further restrictions, e.g., in the use of floating-point numbers) is crucial to avoid non-determinism, recursion, dynamic memory allocation and other unsafe language features. Proper compiler qualification is crucial to build confidence on the fact that program properties at the source code level are preserved at the compiled object code level. In this webinar we will discuss how these aspects fit into the main functional safety standards. We will then highlight the synergy between language subsetting and compiler qualification in achieving the objectives of such standards.

For this very special webinar we are glad to host Marcel Beemster, a 25+ years professional of compiler technology with a PhD in Computer Science from the University of Amsterdam. Marcel is co-founder and CTO of Solid Sands B.V.

 
 

Thursday, September 3rd, 2020

11:00-12:00 CEST (UTC+2)

Register

MISRA Compliance and Legacy/Third-Party Code

It is well known that greatest benefit of the adoption of the MISRA coding standards is when they are adopted at the very beginning of the project. In fact, imposing the MISRA guidelines upon an existing code base with a proven track record may be counterproductive if not done properly. On the other hand there are frequently stringent economic reasons that suggest adopting code that has already been developed (maybe by a third party) into a project that is seeking MISRA compliance. In this webinar, we will go through the provisions of the MISRA Compliance:2020 document ("Achieving compliance with MISRA Coding Guidelines") that specifically address adopted code, that is, legacy code, third-party libraries, device drivers, middleware, automatically-generated code, standard library code. We will then present effective strategies to achieve MISRA compliance for projects where the amount of adopted code is substantial.

 
 

Thursday, July 30th, 2020

11:00-12:00 CEST (UTC+2)

View recording

The Essential Type Model of MISRA C:2012

The "essential type model" is one of the major developments of MISRA C:2012 over previous versions of MISRA C. The model supports a type system that is stronger than ISO C native type system. This allows stronger type-checking via dedicated MISRA C guidelines that control the use of implicit and explicit type conversions, promote portable coding practices, and addresses some of the type conversion anomalies of ISO C. In this webinar, we will present the essential type model and we will review some of the guidelines of MISRA C:2012 that are based on the model. The companion webinar "Implicit Conversions in C: The Hidden Enemy" is recommended in order to fully appreciate the value of the essential type model and of the associated guidelines.

 
 

Thursday, July 16th, 2020

11:00-12:00 CEST (UTC+2)

View Recording

Implicit Conversions in C: The Hidden Enemy

Implicit conversions are dangerous: they are not directly apparent in the source code and the rules that govern them are quite intricate; moreover, when the conversion takes place, it may result in the loss of value, sign or precision. Moreover, whether or not the conversion takes place, and the consequences of the conversion, crucially depend on the language dialect (i.e., on the compiler and on the options used for compilation). In this webinar, we will cover integer promotions, usual arithmetic conversions, decays and pointer conversions. The companion webinar "The Essential Type Model of MISRA C:2012" will show you that sticking to MISRA C (and C++) is much, much easier than trying to remember the complex rules that govern implicit conversions.

 
 

Thursday, July 2nd, 2020

11:00-12:00 CEST (UTC+2)

View recording

MISRA Coding Standards and the Art of Deviation

"He will conquer who has learnt the artifice of deviation. Such is the art of maneuvering."  (Sun Tzu, The Art of War, Chapter VII, Par. 22)

Deviation is an integral part of MISRA compliance. Apart from "mandatory" guidelines, the point of a guideline is never "You should not do that." The point is: "This is dangerous, you can do it if: (1) it is needed; (2) it is safe; (3) you can quickly convince your peers that it is both needed and safe." In this webinar, we try to convey the basics of what we may call "the art of deviation": sometimes complying is easier than deviating; sometimes deviation really is the best option. Understanding the tradeoffs involved in this choice is one of the keys for successful adoption of MISRA C/C++.

 
 

Tuesday, June 23rd, 2020

11:00-12:00 CEST (UTC+2)

View recording

MISRA Compliance:2020 for Project Managers

The MISRA Compliance:2020 document ("Achieving compliance with MISRA Coding Guidelines") defines what must be covered within the software development process when making a claim of MISRA compliance. In this webinar, we will cover the process requirements, the classification of the MISRA guidelines, the possibility of re-categorizing guidelines, the GEPs (Guideline Enforcement Plans), the role of deviations, deviation records and deviation permits, and the formulation of a defensible MISRA compliance argument. A companion webinar ("MISRA Coding Standards and the Art of Deviation") will go deeper into the topic of deviation. Another companion webinar ("MISRA Compliance and Legacy/Third-Party Code") will tackle the very important subject of how to deal with adopted code.

 
 

Wednesday, June 17th, 2020

14:30-15:30 CEST (UTC+2)

View recording

Looking back at the Toyota SUA Case and the Redefinition of Product Liability for Embedded Software

In October 2013, an Oklahoma jury found Toyota Motor Corp. liable for a crash in 2007 that left one woman dead and another seriously injured when a Camry suddenly accelerated. The jury awarded 3 million USD in compensatory damages to the victims. The jury also decided that Toyota acted with "reckless disregard" for the rights of others, paving the way for a second phase of the trial on punitive damages. Before the jury could decide on damages, Toyota settled this case together with many other outstanding sudden-acceleration cases. The likely reason for the quick settlement was the expert testimony of Michael Barr — an embedded software systems' expert — who had been asked by the jury to examine the source code of Toyota's engine-control system. He found many extremely serious problems, both with the system's design and with the software, all of them indicating inadequate engineering practice. This event marked a turning point in the definition of product liability for embedded software, in particular in the automotive sector, with potential consequences across the entire supply chain. In this presentation, we briefly reconstruct the case, summarizing the software analysis findings that were decisive in the Oklahoma jury determinations, and show how these facts indicate a major change in the industry. Finally, we highlight what embedded software makers should do today in order not to expose themselves to these kinds of risks.

 
 

Tuesday, May 19th, 2020

11:00-12:00 CEST (UTC+2)

View recording

MISRA C Compliance: Watch It Done Live

After the "theoretical" webinar "MISRA C and its Key Role for the Compliance to Industrial Safety Standards", we will look in depth at the practical side of MISRA C compliance. We will take a small, non-compliant (but sound) software project and we will go through all the steps involved in making it compliant and formulating a sound MISRA C compliance claim. In less than one hour. Wow. It's gotta be fun!.

 
 

Thursday, May 14th, 2020

11:00-12:00 CEST (UTC+2)

View recording

MISRA C++: A Subset of C++ for the Development of High-Integrity Systems

C++ is increasingly used for the development of safety and mission-critical systems. This is partly pushed by market demand concerning new machine learning methodologies and applications, such as advanced driver assistance systems. While C++ improves upon C by providing linguistic support for features that allow programmers to write safer code, it also presents numerous traps and pitfalls that can easily result in defective, unreadable, unmaintainable and difficult to test software.

This webinar has been prepared by Roberto and Chris Tapp, Chair of the MISRA C++ Working Group. We will start by explaining the non-definite behaviors of C++ and their origin. We will then introduce MISRA C++, its history and evolution and discuss how it is part of a software development process that addresses the requirements of functional safety standards. Finally we will cover the planned evolution of MISRA C++, including its ongoing merge with AUTOSAR C++:14.

 
 

Thursday, May 7th, 2020

11:00-12:00 CEST (UTC+2)

View recording

Floating-Point Computation Traps & Pitfalls: Part 2

The use of floating-point computations for the implementation of critical systems is perceived as increasingly acceptable. Even in modern avionics, one of the most critical domains for software, floating-point numbers are now used, more often than not, instead of fixed-point arithmetic. However, designing and testing floating-point algorithms is significantly more difficult than designing and testing integer algorithms. In this second webinar on the subject, we will present algorithms where things may go wrong because the peculiarities of floating-point numbers were not taken into account in the design. For each such algorithm, we will illustrate how to improve the situation. The "Floating-Point Computation Traps & Pitfalls: Part 1" webinar is a prerequisite for this follow-up webinar.

 
 

Tuesday, May 5th, 2020

11:00-12:00 CEST (UTC+2)

View recording

Floating-Point Computation Traps & Pitfalls: Part 1

The use of floating-point computations for the implementation of critical systems is perceived as increasingly acceptable. Even in modern avionics, one of the most critical domains for software, floating-point numbers are now used, more often than not, instead of fixed-point arithmetic. However, designing and testing floating-point algorithms is significantly more difficult than designing and testing integer algorithms. Acceptance of floating-point computations in the design of critical systems was facilitated by the widespread adoption of significant portions of the IEEE 754 standard for binary floating-point arithmetic: nonetheless, many highly-complex traps and pitfalls remain. In this first webinar on the subject, we will present examples showing how things can go spectacularly wrong with floating-point numbers. We will then introduce the IEEE 754 binary floating-point formats, including NaNs, signed zeroes, infinities and subnormals, along with the reasons they are there. We will illustrate the IEEE 754 rounding modes, with an emphasis on round-to-nearest tails-to-even, and the properties that floating-expressions do and do not possess. After a review of the phenomena that are most often undesirable (NaN generation, overflows, underflows, absorption, cancellation, ...), we will conclude the webinar with a teaser for the second webinar in the series, where we will illustrate how some of the illustrated problems can be solved or mitigated.

 
 

Tuesday, April 28th, 2020

11:00-12:00 CEST (UTC+2)

View recording

The Qualification of Software Tools in Compliance with ISO 26262

Modern software development processes are strongly based on the use of tools, whether or not the developed software has safety or security requirements. ISO 26262, like several other functional safety standards, requires tool users to provide proper justification for the use of a tool in the development of safety-related systems. Such justification must be based on the confidence that the tool works according to its specification for the project-specific use cases and operational environments.

In this webinar, we will introduce the tool qualification process as defined by ISO 26262. This includes planning tool usage, evaluation of the required confidence level, and the identification and execution of qualification methods, documentation and review activities. Roberto will focus on the qualification of compilers and verification tools by validation and, in the case of verification tools, he will illustrate the most important (and, often, misunderstood) requirements qualification imposes on the development of the tools and of the associated qualification kits.

 
 

Thursday, April 23rd, 2020

11:00-12:00 CEST (UTC+2)

View recording

Technology Preview: Using ECLAIR with IDEs and Extensible Editors

After years of struggling about the proper way of interfacing ECLAIR with IDEs, we are confident we have come up with the right technology. The result is so good that we believe this adds up to the set of features that are unique to ECLAIR. In this webinar, we will showcase the use of ECLAIR with Eclipse-based IDEs (a solution that is extensible to many other IDEs) and the use of ECLAIR with Emacs (a solution that will be ported to other extensible editors as well).

 
 

Thursday, April 16th, 2020

11:00-12:00 CEST (UTC+2)

View recording

MISRA C and its Key Role for the Compliance to Industrial Safety Standards

Embedded software is playing a steadily increasing role in all industrial sectors. And, in some sectors, software is responsible for functionality that impacts the overall system safety and security. As a result, more companies and projects are required to comply to industry safety standards (such as CENELEC EN 50128, IEC 61508, IEC 62304, ISO 26262, RTCA DO-178C)

In this webinar, the focus is on one of the key aspects of such standards: the possibility to program in subsets of standardized languages such as C or C++. Roberto will start with an introduction to the traps and pitfalls of the C programming language and move on to discuss MISRA C, the most authoritative subset of C for the development of high-integrity systems.

 
 

Wednesday, March 25th, 2020

11:00-12:00 CET (UTC +1)

View recording

A Guided Tour of the New Features in ECLAIR 3.7

ECLAIR 3.7 comes with some exciting new features. These include extensive support for BARR-C:2018, the possibility of working with software metrics from the GUI and new facilities for filtering and prioritizing reports. In this webinar, Roberto will demonstrate these and other features of ECLAIR 3.7, live, on a real software project.

 
 

Tuesday, March 17th, 2020

11:00-12:00 CET (UTC +1)

View recording

BARR-C:2018 and MISRA C:2012: Synergy Between the Two Most Widely Used C Coding Standards

This is your opportunity to listen to Roberto's Embedded World talk, which is based on a new paper by Roberto, Michael Barr of BARR Group, and BUGSENG's Patricia Hill. In this webinar, Roberto explains why the choice between MISRA C:2012 and BARR-C:2018 is not such a hard decision after all. He will introduce BARR-C:2018, describe its relationship with MISRA C:2012, and discuss the parallel and serial adoption of the two coding standards. He will also explain why the two coding standards are complementary in two quite different ways.

 
We are a passionate team of experts. Do not hesitate to let us have your feedback:
You may be surprised to discover just how much your suggestions matter to us.