Safety-critical software with the highest safety level (Level A) in avionics systems is required to show modified condition decision coverage (MC/DC) criteria. Unlike weaker coverage criteria, MC/DC is sensitive to the complexity of decision, because every condition in each decision has to show its independent effect of the decisions outcome.
The COEMS MC/DC tool implements a novel, non-intrusive approach to MC/DC coverage measurement using modern processor-based tracing facilities. Our approach does not require recompilation or instrumentation of the software under test. Instead, we use the Intel Processor Trace (IntelPT) facility present on modern Intel CPUs.
Our tooling consists of the following parts: a frontend that detects so-called decision (boolean expressions) that are used in conditionals in C source code, a mapping from conditional jumps in the object code back to those decisions, and an analysis that computes satisfaction of the MC/DC coverage relation on those decisions from an execution trace. This analysis takes as input a stream of instruction addresses decoded from IntelPT-data recorded while running the software under test.
The COEMS MC/DC tool is available for academic evaluation purposes only.
To run the COEMS MC/DC tool you have to install the following requirements first:
- tkinter (sudo apt-get install python3-tk)
- Pygment for Python (sudo apt-get install python3-pygments)
- elftools (sudo apt-get install python3-pyelftools)
- clang version 5.0.0
On Debian-like systems you can install the dependencies using
sudo apt-get install python3 python3-tk python3-pygments python3-pyelftools clang-5.0
IntelPT requires an Intel Broadwell (5th generation) CPU or later.
To enable IntelPT run (see Andi Kleen’s Cheat sheet for Intel Processor Trace with Linux perf and gdb for more information):
echo kernel.kptr_restrict=0' >> /etc/sysctl.conf sysctl -p
You will be asked to enter your password to execute sudo when executing IntelPT.
You can start the COEMS MC/DC tool with
The ZIP archive contains an example program together with the COEMS MC/DC tool. The ZIP archive already contains the compiled binary and the recorded trace for the example code. Load the trace file
trace.txt with the button Choose Trace File and click Evaluate MC/DC to measure MC/DC using this trace.
To compile the example code on your own run
make in the example folder. Then load the generated binary
a.out with the button Choose Binary and click Trace Binary with IntelPT. Now a trace file was written and you can proceed with the button Evaluate MC/DC as described above.
In case of any questions regarding the COEMS MC/DC tool please do not hesitate to contact the Institute for Software Engineering and Programming Languages at the University of Lübeck through firstname.lastname@example.org.