This work will show how Imagix 4D improves the processof exploring and understanding unfamiliar source code. An introductioninto why and where such a process is required will be followed by adescription of the methods Imagix 4D introduces to support such sourcecode analysis.
(4 pages, pdf, 213 KB)       ©2019   Jan-David Baltzer   (Verifysoft Technology GmbH)       Download

Fuzzing is a technique for Testing, and is very effective for finding security vulnerabilities in software. It was used in several applications like Unix systems, GUI applications under Windows and Apple MacOS. ... it is often used to improve the programming of everything, because it can reach parts of code, in some cases, that other testing tools never reach, this concept of testing is still used nowadays and his creator is still doing research over this. Fuzzing is a method that inserts unexpected data into input.
In this paper some approaches are discussed and also some applications and some tools are showed.
(8 pages, pdf, 136 KB)       © 2009   Daniel Basáez   (Hochschule Offenburg)       Download

Software for embedded systems is often used in safety-critical systems. In this area malfunctions could lead to accidents or damages of high magnitude and even to loss of lives. Therefore, security standards such as the DO178-C (aviation), the ISO 26262 (automotive) or the EN 50128 (railway) demands harsh proff of code coverage. In dependency to the ciritcality, a suitable level of code coverage has to be applied.
(2 pages, pdf, 3.2 MB)       © 2013   Prof. Dr. Daniel Fischer   (Univeristy of Applied Sciences Offenburg)       Download

Particularly in safety-critical software development, industry standards prescribe precise requirements for code coverage, so that products cannot be certified here without proof of sufficient test coverage. But also in other development projects, companies increasingly attach great importance to software quality and measure code coverage. Various code coverage analyzers are available on the market for measuring code coverage. They differ significantly in terms of handling and quality. For this reason, we show ten basic criteria for selecting a code coverage tool.
(5 pages, pdf, 354 KB)       © 2021   Verifysoft Technology GmbH       Download

Even on embedded devices, software has to be tested sufficiently before the product can be launched on the market. However, such a monitoring in the testing progress, required by many safety standards, is not quite trivial at this point. Often, target resources are limited and memory and processor could easily reach their boundaries. But with some creativity it is even possible to capture and proof Code Coverage in the embedded area.
(6 pages, pdf)       © 2018   Verifysoft Technology GmbH       Download

In addition to the international standard IEC 62304 – medical device software – software life cycle processes, a new Medical Device Regulation (MDR) valid since May 2021 came into force in the European Union. It is not the first time that quality assurance for medical device software has come into focus. IEC 62304, MDR and other standards stipulate that manufacturer must ensure quality assurance throughout the entire life cycle of a product. In the case of current systems, this is generally hardly problematic. The situation is quite different when new functions are to be added to older devices: who in the company still knows the code or where to find the - hopefully existing - documentation?
Although the IEC 62304 and MDR only affect the medical sector, the issue is nonetheless known in other industries as well.
(4 pages, pdf, 460 KB)       © 2022   Verifysoft Technology GmbH       Download

For a long time already, embedded software is used for critical applications where safety is highly important. As nowadays, embedded devices are often clients which are connected with other devices on the Internet of Things (IoT), security aspects need to be considered as well. This means that the quality of embedded devices is extremely important - both from a security point of view and from a functional safety point of view.
For safe and reliable embedded devices, testing is an indispensable part of quality assurance. It is not without reason that the standards for safety-critical software development set precise requirements for test methods and test coverage. As a rule, the more critical the application, the higher are the requirement concerning the code coverage.
(5 pages, pdf, 330 KB)       © 2022   Verifysoft Technology GmbH       Download

Measuring code coverage is increasingly important for embedded systems but requires some experience. This is because there are a few hurdles to overcome, especially with small targets. However, with the right approaches and suitable tools, measuring test coverage is possible without excessive effort. Nine practical tips help you get started.
(6 pages, pdf, 360 KB)       © 2022   Verifysoft Technology GmbH       Download

Increased recall campaigns, delayed deliveries, difficulties in delivering the promised functions on time: software quality is not evident. The development of good software is only possible through consistent action, adherence to standards and the use of mature test and quality assurance tools. Bad software leads to monetary losses and deterioration of the corporate image. Embedded software is even more critical, as it is mostly used in safety-critical applications. Here, software errors can endanger human lives and must therefore be avoided at all costs.
To ensure quality, both static code analysis procedures and the testing of executable software during dynamic analysis (including unit tests) are necessary. As each of the two approaches uncovers only a part of the existing defects, both complementary methods are necessary.
(7 pages, pdf, 431 KB)       © 2021   Verifysoft Technology GmbH       Download

The use of the cache has a considerable impact on the overall system performance, even with small targets. This efficiency plays an important role, in particular in regard to real-time applications. Possibilities for optimisation should already be found in a very early phase of the software development lifecycle. The sooner the bottleneck is recognised, the easier and cheaper it can then also be removed. A procedure is suited for this task, which actually should be established in every development team: Static code analysis. With its use, it is possible to root out problems involving the cache usage and to remove them.
(6 pages, pdf)       © 2019   Verifysoft Technology GmbH       Download

Development cycles in the embedded world have not changed fundamentally for many years now. Even though the principles of agility, test-driven development and extreme programming have been adapted to embedded development in the last ten years, the advantages of unit testing and mocking are widely ignored. The problem mainly arises from the misconception among developers that code written for embedded platforms without an operating system is hard to test because of the missing interaction possibilities with the system, and that space constraints make the use of frameworks impossible. Most developers focus on system testing instead. This paper shows how the CMock1 mocking framework can be used in conjunction with the Unity2 unit test framework to implement White-Box-Tests for embedded system software written in the C programming language.
9 pages, pdf, 176 KB)       © 2009   Simon Raffeiner (Hochschule Offenburg)       Download

This paper gives an overview on the most important classic algorithms for pairwise testing. All algorithms use combinatorial strategies to find a test set, which covers pairwise combinations of system parameters (for example system settings or inputs from the user). The idea of pairwise testing is already 20 years old but for the last five years its popularity has been rising extremely. The reason is that testers have to face more complex software projects with the same time target.
(6 pages, pdf, 289 KB)       © 2008   Andreas Rothmann   (Hochschule Offenburg)       Download