Static Source Code Analysis

The product is the firmware of a universal production programmer by Hitex called SPEED FLASH, used for end-of-line programming of microcontrollers and sensors. SPEED FLASH contains two XMC 4700 family microcontrollers from Infineon on which the firmware in question runs. The firmware is written in the C programming language, only a very small part is in assembler. In total, the firmware comprises of approx. 15.000 Lines-of-Code (LOC). The firmware is compiled using the MDK-ARM Version 5 development kit from ARM/Keil.

Although not being safety-critical in its strictest sense, the production programmer is intended to run around the clock (24/7), programming multiple microcontrollers or sensors in parallel. In consequence it is of high value that the programmer works permanently and reliable. Otherwise, production will stop unexpectedly, resulting in financial loss.

During Static Source Code Analysis, rule violations and potential runtime errors (RTE) are identified in the source code. Static Source Code Analysis mainly searches for violations of the MISRA-C:2012 rules and typical runtime errors such as NULL pointer dereferences, division by zero, and out-of-bounds accesses. This helps prevent undefined or unspecified behavior, improves code readability, and avoids misunderstandings about the effects of certain C constructs. Overall, the MISRA rules aim to protect the programmer from the dangers of the C programming language.

It is crucial to avoid runtime errors as they typically lead to firmware crashes, contradicting the goal of 24/7 availability. By avoiding runtime errors in the code, the risk of firmware crashes can be minimized.

Static Source Code Analysis is an essential tool for reducing errors in firmware. It is particularly useful for complex logic, and the ability to include multiple files in the analysis is invaluable. If you are interested in Static Code Analysis, please contact us.