In our webinars, we cover the latest developments in MISRA C/C++ and BARR-C coding standards, static analysis tools, tool qualification, and compliance to industrial functional safety standards. Each webinar will last around 45-50 minutes plus 10-15 minutes for questions, and all are completely free.
You can register to coming webinars by simply clicking on "Register" and filling a short registration form. Scrolling down this page you can browse through past webinars: click on "View recording" to watch them again on our YouTube channel!
| Date, Time & Action | Title & Abstract |
|---|---|
Wednesday, September 13th, 2023 11:00-11:40 CEST (UTC+2)
Friday, October 27th, 2023 11:00-11:40 CEST (UTC+2)
Friday, November 17th, 2023 11:00-11:40 CET (UTC+1)
Tuesday, December 12th, 2023 11:00-11:40 CET (UTC+1) | ECLAIR Presentation A monthly introduction to ECLAIR Software Verification Platform held by BUGSENG experts (40 minutes + Q&A). After a quick overview, in September we will focus on the use of ECLAIR from its GUI and we will have a look at what report formats can be obtained with the tool. This is particularly useful to optimize the evaluation process or even to get you up to speed on the latest features. This presentation is highly interactive and therefore attendance is limited. |
Thursday, June 8th, 2023 10:30-11:15 CEST (UTC+2) | CerTran & SuperTest: continuous C/C++ compiler qualification Functional safety standards such as ISO 26262 for the automotive industry put many requirements on the development process of a safety-critical application. Not only should you perform static analysis on the application code itself, but you should also analyze the tools you use during application development. Most importantly, you need to create confidence in the correct operation of the compiler by qualifying it. At first, this may seem like a substantial project on its own. This webinar will demonstrate how most of the effort can be automated by integrating it into your application's continuous integration process, making compiler qualification a breeze. In a joint project with Solid Sands, BUGSENG created the CerTran extension to its ECLAIR Software Verification Platform®, a CI-ready solution for automated validation of translation toolchains. CerTran automates the configuration of Solid Sands' SuperTest Compiler Test and Validation Suite by scanning the application build process and creating the exact test configuration files needed to cover all the use cases of the translation toolchain. Not only does this save a lot of time, but it also avoids configuration errors that can quickly happen when scanning the build process manually. "When developing safety-critical applications in C or C++, there are two key factors to consider – do the compiler and library do what they are supposed to, and does the application source code comply with the programming guidelines like MISRA? For the first, Solid Sands has SuperTest, and for the second, BUGSENG has ECLAIR. With ECLAIR's CerTran integration, these two can now work together seamlessly. It makes safety-critical development much more efficient." – Solid Sands’ CTO Marcel Beemster. Take-home: This webinar will teach you how the integration of CerTran and SuperTest automates the analysis of the compiler’s use case and the compiler validation, as part of your qualification project. |
Tuesday, November 22nd, 2022 11:00-12:00 CET (UTC+1) |
Effective Static Analysis Shift Left for the Development of Safe and Secure Embedded Systems The idea of "shift-left testing", that is, integrating the quality assurance and development parts of a software project is 20 years old. Nonetheless, its widespread adoption is a more recent, and by now explosive trend thanks to the increased availability and sophistication of modern continuous integration system. In this talk, we will present the key factors to be taken into account when embracing static application safety/security testing in an organization, with a particular emphasis on the development and maintenance of critical embedded systems. Speaker: Roberto Bagnara, Ph.D., co-founder of BUGSENG, software verification expert and evangelist, professor of Computer Science at the University of Parma, member of ISO/IEC JTC1/SC22/WG14 (C Standardization Working Group) and of the MISRA C Working Group.
|
Wednesday, September 28th, 2022 11:00-12:00 CEST (UTC+2) | A Rationale-Based Classification of MISRA C Guidelines MISRA C is the most authoritative language subset for the C programming language that is a de facto standard in several industry sectors where safety and security are of paramount importance. While MISRA C is currently encoded in 175 guidelines (coding rules and directives), it does not coincide with them: proper adoption of MISRA C requires embracing its preventive approach (as opposed to the “bug finding” approach) and a documented development process where justifiable noncompliances are authorized and recorded as deviations. MISRA C guidelines are classified along several axes in the official MISRA documents. In this webinar, we add to these an orthogonal classification that associates guidelines with their main rationale. The advantages of this new classification are illustrated for different kinds of projects, including those not (yet) having MISRA compliance among their objectives. Speaker: Roberto Bagnara, Ph.D., co-founder of BUGSENG, software verification expert and evangelist, professor of Computer Science at the University of Parma, member of ISO/IEC JTC1/SC22/WG14 (C Standardization Working Group) and of the MISRA C Working Group.
|
Tuesday, September 29th, 2021 11:00-12:00 CEST (UTC+2) | A Guided Tour of the New Features in ECLAIR ECLAIR is packed with exciting new features such as the automation of filing tickets on issue-tracking systems. New report formats and selection facilities have been included, along with full support for Jenkins pipelines and a brand new plugin for Visual Studio. In this webinar we will guide you through some of these new helpful tools to maximize your use of ECLAIR. A final Q&A session will allow you to interact with our team, asking questions and tips. This is especially useful to current users, to freshen up their knowledge of the tool, as well as to future users to get a good overview. |
Tuesday, September 14th, 2021 11:00-12:00 CEST (UTC+2) | The Application Hazard Scanner: Safety in Spite of Compiler Defects Development of critical system's software in compliance with functional safety standards (such as DO-178C and ISO 26262) is challenging. The development of such software in C/C++ can save huge amounts of time and money provided two crucial aspects are properly taken into account: compiler qualification and language subsetting. The goal of compiler qualification is to unveil defects that affect the compiler with your specific configuration and your set of options. Our experience shows that compiler qualification will discover defects in your compiler, no matter the number of certificates it sports. This does not mean compiler vendors are careless: language specifications and compilers are just very complex. Your next step is to make sure that your application is free of the code patterns that we now know to result in compiler errors. Unless your application code is small (say, less than 5,000 lines), this can be a huge effort, in which you must include future maintenance as well. This is why BUGSENG has created the "Application Hazard Scanner". The Application Hazard Scanner is configured to specifically detect the defects found in the compiler for your specific use case. It is built with the renowned ECLAIR static analysis platform and so, it can additionally be configured to perform language subsetting analysis, e.g., for MISRA. It can be configured to be part of your continuous integration platform so that your application remains robust under future maintenance and development. Although the Application Hazard Scanner must be purposely configured for your specific set of compiler defects, the cooperation between Solids Sands and BUGSENG makes it a cost effective choice. For this very special joint webinar our speakers will be:
|
Tuesday, November 17th, 2020 11:00-12:00 CET (UTC+1) | Verifying the Hierarchical Structure and Freedom from Interference of Software Components In the development of high-integrity software, all interactions between components must satisfy design constraints. Hierarchical levels must not be bypassed: if the design prescribes that software layer A cannot interact directly with layer C without the intermediation of layer B, this is something that must be verified. If components with different criticalities have to coexist on the same ECU, huge savings are possible if we can prove that lower-criticality components cannot interfere with higher-criticality ones. In this webinar, we will introduce these concepts and show how ECLAIR greatly simplifies the detection of all interactions between software components and the flagging of those that are unwanted. The webinar will focus on the requirements of ISO 26262, but the same basic concepts are directly applicable to other functional safety standards. |
Tuesday, October 27th, 2020 11:00-12:00 CET (UTC+1) | MISRA Deviation Permits: Giant Time and Money Savers MISRA deviation permits contain most of the information required to formulate a deviation record. Their purpose is to significantly simplify the deviation process: for situations that are very frequent in the development of embedded systems (generated code or other forms of adopted code, access to hardware and so on) they are giant time savers. In addition, they can be agreed upon by the acquirer and supplier at the outset of a project. This allows streamlining the negotiation and, most importantly, avoids time losses during development and surprises, or even expensive litigations, at the end of the project. In this webinar we will go through all aspects of MISRA deviation permits: what they are, where do they come from, how to use them, how to develop new ones. |
Wednesday, October 14th, 2020 11:00-12:00 CEST (UTC+2) | A Practical Demonstration of CI with ECLAIR, Git and Jenkins We will demonstrate the use of ECLAIR in a Continuous Integration (CI) setting. In doing so, we will have the occasion to showcase the brand new ECLAIR integration with Jenkins: as far as we know, this has no equals on the market. The CI workflow will be presented from the point of view of different stakeholders: managers, QA people, and developers. |
Tuesday, September 29th, 2020 14:00-15:00 CEST (UTC+2) 22:00-23:00 CEST (UTC+2) | MISRA C: The Power of C Without the Pitfalls You understand the A-B-C's of C programming language and you know both its power and its problems. But you want better reliability, better safety, and better reusability. And also lower cost with faster development. In other words, you want the best of both worlds, you want a Ferrari and a Tesla, all combined. Is it possible? This webinar will have BUGSENG and AFuzion teach you how to apply MISRA C to improve your software reliability, reusability, development time, and cost. And this webinar is brought to you from the land of "Ferrari" (BUGSENG in Italy) and "Tesla" (AFuzion in the USA) so you'll have the winning combination and a balanced perspective. For a little change of scenery, our CTO Roberto Bagnara will be hosted by Vance Hilderman, CEO at AFuzion Incorporated, one of the world's largest aviation & safety-critical services companies. |
Tuesday, September 22nd, 2020 11:00-12:00 CEST (UTC+2) | Understanding Implementation-Defined Behavior in C and C++ The belief that C text has meaning in itself is very common, even among seasoned C practitioners. In fact, the semantics of the C programming language is not fully defined. The more than a hundred implementation-defined behaviors underpins the fact that no meaning can be assigned to source code unless full details about the build process and the toolchain employed are available. In this webinar we will see, also by means of practical experiments, how the same C program text can exhibit thousands of different behaviors depending on the toolchain used to translate it to machine code and on the way the toolchain is used. We will also discuss the consequences this fact has for the correctness of static analysis. |
Thursday, September 17th, 2020 11:00-12:00 CEST (UTC+2) | Language Subsetting and Compiler Qualification in the Development of Software for Safety-Critical Systems Development of critical system's software in compliance with functional safety standards (such as DO-178C and ISO 26262) is challenging. The development of such software in C can save time and money provided two crucial aspects are properly taken into account: language subsetting and compiler qualification. Proper language subsetting (for instance, by strict adherence to MISRA C:2012 plus further restrictions, e.g., in the use of floating-point numbers) is crucial to avoid non-determinism, recursion, dynamic memory allocation and other unsafe language features. Proper compiler qualification is crucial to build confidence on the fact that program properties at the source code level are preserved at the compiled object code level. In this webinar we will discuss how these aspects fit into the main functional safety standards. We will then highlight the synergy between language subsetting and compiler qualification in achieving the objectives of such standards. For this very special webinar we are glad to host Marcel Beemster, a 25+ years professional of compiler technology with a PhD in Computer Science from the University of Amsterdam. Marcel is co-founder and CTO of Solid Sands B.V. |
Thursday, September 3rd, 2020 11:00-12:00 CEST (UTC+2) | MISRA Compliance and Legacy/Third-Party Code It is well known that greatest benefit of the adoption of the MISRA coding standards is when they are adopted at the very beginning of the project. In fact, imposing the MISRA guidelines upon an existing code base with a proven track record may be counterproductive if not done properly. On the other hand there are frequently stringent economic reasons that suggest adopting code that has already been developed (maybe by a third party) into a project that is seeking MISRA compliance. In this webinar, we will go through the provisions of the MISRA Compliance:2020 document ("Achieving compliance with MISRA Coding Guidelines") that specifically address adopted code, that is, legacy code, third-party libraries, device drivers, middleware, automatically-generated code, standard library code. We will then present effective strategies to achieve MISRA compliance for projects where the amount of adopted code is substantial. |
Thursday, July 30th, 2020 11:00-12:00 CEST (UTC+2) | The Essential Type Model of MISRA C:2012 The "essential type model" is one of the major developments of MISRA C:2012 over previous versions of MISRA C. The model supports a type system that is stronger than ISO C native type system. This allows stronger type-checking via dedicated MISRA C guidelines that control the use of implicit and explicit type conversions, promote portable coding practices, and addresses some of the type conversion anomalies of ISO C. In this webinar, we will present the essential type model and we will review some of the guidelines of MISRA C:2012 that are based on the model. The companion webinar "Implicit Conversions in C: The Hidden Enemy" is recommended in order to fully appreciate the value of the essential type model and of the associated guidelines. |
Thursday, July 16th, 2020 11:00-12:00 CEST (UTC+2) | Implicit Conversions in C: The Hidden Enemy Implicit conversions are dangerous: they are not directly apparent in the source code and the rules that govern them are quite intricate; moreover, when the conversion takes place, it may result in the loss of value, sign or precision. Moreover, whether or not the conversion takes place, and the consequences of the conversion, crucially depend on the language dialect (i.e., on the compiler and on the options used for compilation). In this webinar, we will cover integer promotions, usual arithmetic conversions, decays and pointer conversions. The companion webinar "The Essential Type Model of MISRA C:2012" will show you that sticking to MISRA C (and C++) is much, much easier than trying to remember the complex rules that govern implicit conversions. |
Thursday, July 2nd, 2020 11:00-12:00 CEST (UTC+2) | MISRA Coding Standards and the Art of Deviation "He will conquer who has learnt the artifice of deviation. Such is the art of maneuvering." (Sun Tzu, The Art of War, Chapter VII, Par. 22) Deviation is an integral part of MISRA compliance. Apart from "mandatory" guidelines, the point of a guideline is never "You should not do that." The point is: "This is dangerous, you can do it if: (1) it is needed; (2) it is safe; (3) you can quickly convince your peers that it is both needed and safe." In this webinar, we try to convey the basics of what we may call "the art of deviation": sometimes complying is easier than deviating; sometimes deviation really is the best option. Understanding the tradeoffs involved in this choice is one of the keys for successful adoption of MISRA C/C++. |
Tuesday, June 23rd, 2020 11:00-12:00 CEST (UTC+2) | MISRA Compliance:2020 for Project Managers The MISRA Compliance:2020 document ("Achieving compliance with MISRA Coding Guidelines") defines what must be covered within the software development process when making a claim of MISRA compliance. In this webinar, we will cover the process requirements, the classification of the MISRA guidelines, the possibility of re-categorizing guidelines, the GEPs (Guideline Enforcement Plans), the role of deviations, deviation records and deviation permits, and the formulation of a defensible MISRA compliance argument. A companion webinar ("MISRA Coding Standards and the Art of Deviation") will go deeper into the topic of deviation. Another companion webinar ("MISRA Compliance and Legacy/Third-Party Code") will tackle the very important subject of how to deal with adopted code. |
Wednesday, June 17th, 2020 14:30-15:30 CEST (UTC+2) | Looking back at the Toyota SUA Case and the Redefinition of Product Liability for Embedded Software In October 2013, an Oklahoma jury found Toyota Motor Corp. liable for a crash in 2007 that left one woman dead and another seriously injured when a Camry suddenly accelerated. The jury awarded 3 million USD in compensatory damages to the victims. The jury also decided that Toyota acted with "reckless disregard" for the rights of others, paving the way for a second phase of the trial on punitive damages. Before the jury could decide on damages, Toyota settled this case together with many other outstanding sudden-acceleration cases. The likely reason for the quick settlement was the expert testimony of Michael Barr — an embedded software systems' expert — who had been asked by the jury to examine the source code of Toyota's engine-control system. He found many extremely serious problems, both with the system's design and with the software, all of them indicating inadequate engineering practice. This event marked a turning point in the definition of product liability for embedded software, in particular in the automotive sector, with potential consequences across the entire supply chain. In this presentation, we briefly reconstruct the case, summarizing the software analysis findings that were decisive in the Oklahoma jury determinations, and show how these facts indicate a major change in the industry. Finally, we highlight what embedded software makers should do today in order not to expose themselves to these kinds of risks. |
Tuesday, May 19th, 2020 11:00-12:00 CEST (UTC+2) | MISRA C Compliance: Watch It Done Live After the "theoretical" webinar "MISRA C and its Key Role for the Compliance to Industrial Safety Standards", we will look in depth at the practical side of MISRA C compliance. We will take a small, non-compliant (but sound) software project and we will go through all the steps involved in making it compliant and formulating a sound MISRA C compliance claim. In less than one hour. Wow! It's gotta be fun! |
Thursday, May 14th, 2020 11:00-12:00 CEST (UTC+2) | MISRA C++: A Subset of C++ for the Development of High-Integrity Systems C++ is increasingly used for the development of safety and mission-critical systems. This is partly pushed by market demand concerning new machine learning methodologies and applications, such as advanced driver assistance systems. While C++ improves upon C by providing linguistic support for features that allow programmers to write safer code, it also presents numerous traps and pitfalls that can easily result in defective, unreadable, unmaintainable and difficult to test software. This webinar has been prepared by Roberto and Chris Tapp, Chair of the MISRA C++ Working Group. We will start by explaining the non-definite behaviors of C++ and their origin. We will then introduce MISRA C++, its history and evolution and discuss how it is part of a software development process that addresses the requirements of functional safety standards. Finally we will cover the planned evolution of MISRA C++, including its ongoing merge with AUTOSAR C++:14. |
Thursday, May 7th, 2020 11:00-12:00 CEST (UTC+2) | Floating-Point Computation Traps & Pitfalls: Part 2 The use of floating-point computations for the implementation of critical systems is perceived as increasingly acceptable. Even in modern avionics, one of the most critical domains for software, floating-point numbers are now used, more often than not, instead of fixed-point arithmetic. However, designing and testing floating-point algorithms is significantly more difficult than designing and testing integer algorithms. In this second webinar on the subject, we will present algorithms where things may go wrong because the peculiarities of floating-point numbers were not taken into account in the design. For each such algorithm, we will illustrate how to improve the situation. The "Floating-Point Computation Traps & Pitfalls: Part 1" webinar is a prerequisite for this follow-up webinar. |
Tuesday, May 5th, 2020 11:00-12:00 CEST (UTC+2) | Floating-Point Computation Traps & Pitfalls: Part 1 The use of floating-point computations for the implementation of critical systems is perceived as increasingly acceptable. Even in modern avionics, one of the most critical domains for software, floating-point numbers are now used, more often than not, instead of fixed-point arithmetic. However, designing and testing floating-point algorithms is significantly more difficult than designing and testing integer algorithms. Acceptance of floating-point computations in the design of critical systems was facilitated by the widespread adoption of significant portions of the IEEE 754 standard for binary floating-point arithmetic: nonetheless, many highly-complex traps and pitfalls remain. In this first webinar on the subject, we will present examples showing how things can go spectacularly wrong with floating-point numbers. We will then introduce the IEEE 754 binary floating-point formats, including NaNs, signed zeroes, infinities and subnormals, along with the reasons they are there. We will illustrate the IEEE 754 rounding modes, with an emphasis on round-to-nearest tails-to-even, and the properties that floating-expressions do and do not possess. After a review of the phenomena that are most often undesirable (NaN generation, overflows, underflows, absorption, cancellation, ...), we will conclude the webinar with a teaser for the second webinar in the series, where we will illustrate how some of the illustrated problems can be solved or mitigated. |
Tuesday, April 28th, 2020 11:00-12:00 CEST (UTC+2) | The Qualification of Software Tools in Compliance with ISO 26262 Modern software development processes are strongly based on the use of tools, whether or not the developed software has safety or security requirements. ISO 26262, like several other functional safety standards, requires tool users to provide proper justification for the use of a tool in the development of safety-related systems. Such justification must be based on the confidence that the tool works according to its specification for the project-specific use cases and operational environments. In this webinar, we will introduce the tool qualification process as defined by ISO 26262. This includes planning tool usage, evaluation of the required confidence level, and the identification and execution of qualification methods, documentation and review activities. Roberto will focus on the qualification of compilers and verification tools by validation and, in the case of verification tools, he will illustrate the most important (and, often, misunderstood) requirements qualification imposes on the development of the tools and of the associated qualification kits. |
Thursday, April 23rd, 2020 11:00-12:00 CEST (UTC+2) | Technology Preview: Using ECLAIR with IDEs and Extensible Editors After years of struggling about the proper way of interfacing ECLAIR with IDEs, we are confident we have come up with the right technology. The result is so good that we believe this adds up to the set of features that are unique to ECLAIR. In this webinar, we will showcase the use of ECLAIR with Eclipse-based IDEs (a solution that is extensible to many other IDEs) and the use of ECLAIR with Emacs (a solution that will be ported to other extensible editors as well). |
Thursday, April 16th, 2020 11:00-12:00 CEST (UTC+2) | MISRA C and its Key Role for the Compliance to Industrial Safety Standards Embedded software is playing a steadily increasing role in all industrial sectors. And, in some sectors, software is responsible for functionality that impacts the overall system safety and security. As a result, more companies and projects are required to comply to industry safety standards (such as CENELEC EN 50128, IEC 61508, IEC 62304, ISO 26262, RTCA DO-178C) In this webinar, the focus is on one of the key aspects of such standards: the possibility to program in subsets of standardized languages such as C or C++. Roberto will start with an introduction to the traps and pitfalls of the C programming language and move on to discuss MISRA C, the most authoritative subset of C for the development of high-integrity systems. |
Wednesday, March 25th, 2020 11:00-12:00 CET (UTC +1) | A Guided Tour of the New Features in ECLAIR 3.7 ECLAIR 3.7 comes with some exciting new features. These include extensive support for BARR-C:2018, the possibility of working with software metrics from the GUI and new facilities for filtering and prioritizing reports. In this webinar, Roberto will demonstrate these and other features of ECLAIR 3.7, live, on a real software project. |
Tuesday, March 17th, 2020 11:00-12:00 CET (UTC +1) | BARR-C:2018 and MISRA C:2012: Synergy Between the Two Most Widely Used C Coding Standards This is your opportunity to listen to Roberto's Embedded World talk, which is based on a new paper by Roberto, Michael Barr of BARR Group, and BUGSENG's Patricia Hill. In this webinar, Roberto explains why the choice between MISRA C:2012 and BARR-C:2018 is not such a hard decision after all. He will introduce BARR-C:2018, describe its relationship with MISRA C:2012, and discuss the parallel and serial adoption of the two coding standards. He will also explain why the two coding standards are complementary in two quite different ways. |