skip to main content
10.1145/1023833.1023857acmconferencesArticle/Chapter ViewAbstractPublication PagesesweekConference Proceedingsconference-collections
Article

Static program analysis of embedded executable assembly code

Published: 22 September 2004 Publication History

Abstract

We consider the problem of automatically checking if coding standards have been followed in the development of embedded applications. The problem arises from practical considerations because DSP chip manufacturers (in our case Texas Instruments) want various third party software developers to adhere to a certain coding standard to facilitate system integration during application development. Checking for compliance with coding standards, in general, is undecidable. Moreover, only machine code of the system components is available since for proprietary reasons vendors of various components do not want to share their source code. In this paper, we describe an approach based on static analysis of embedded assembly code to check for compliance with such coding standards. This static analysis rests on an abstract interpretation framework. We illustrate our approach by showing how we statically analyze the presence of hard-coded pointer variables in embedded assembly code. Hard coded pointer variables are those that are assigned a fixed memory address by the programmer instead of being assigned a value via proper operations in the source language (e.g., malloc/calloc/realloc and & operator in C). Our analyzer takes object code as input, disassembles it, builds the flow-graph, and statically analyzes the flow-graph for the presence of dereferenced pointers that are hard coded. The analyzer is currently being extended to check for compliance with other rules adopted by TI as part of its coding standards.

References

[1]
Samuel Z. Guyer, Calvin Lin. Client-Driven Pointer Analysis. Static Analysis Symposium. 2003. Springer LNCS 2694. pp. 214--236.]]
[2]
S. Adams, T. Ball, et al. Speeding Up Dataflow Analysis Using Flow-Insensitive Pointer Analysis. SAS 2002. pp. 230--246.]]
[3]
Donglin Liang, Mary Jean Harrold. Efficient Computation of Parameterized Pointer Information for Interprocedural Analyses. SAS 2001. Springer LNCS 2126. pp. 279--29.]]
[4]
D. Brylow, N. Damgaard, J. Palsberg, Static Checking of Interrupt-driven Software. International Conference on Software Engineering. 2001.]]
[5]
W. Amme, P. Braun, E. Zehendner, F. Thomasset. Data Dependence Analysis of Assembly Code. Proc. PACT 1998.]]
[6]
M. Fernandez and R. Espasa. Speculative alias analysis for executable code. Proc. PACT 2002.]]
[7]
J. Bergeron, M. Debbabi, M.M. Erhioui, B. Ktari. Static Analysis of Binary Code to Isolate Malicious Behaviors. IEEE 8th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, 1999. Palo Alto, California]]
[8]
Saumya Debray, Robert Muth, Matthew Weippert Alias analysis of executable code. POPL'98.]]
[9]
Texas Instruments Code Composer Studio Getting Started Guide, Literature No: SPRU509C.]]
[10]
Texas Instruments TMS320C6000 Code Composer Studio Tutorial, Literature No: SPRU301C.]]
[11]
TI TMS320 DSP Algorithm Standard Rules and Guidelines, Literature No: SPRU352D.]]
[12]
TI TMS320C6000 CPU and Instruction Set Reference Guide, Literature No: SPRU189F.]]
[13]
Alfred V.Aho, Ravi Sethi and Jeffrey D.Ullman Compilers: Principles, Techniques, and Tools. Addison-Wesley, 1988.]]
[14]
P. Cousot, R. Cousot. Abstract Interpretation: A Unified Lattice Model for Static Analysis of Programs by Construction of Approximation of Fixpoints. Fourth Annual ACM Symp. on Principles of Programming Languages. 1977. pp. 238--252.]]
[15]
S. Abramsky and C. Hankin Abstract Interpretation of Declarative Languages, Ellis Horwood, 1987.]]
[16]
R. Cohn, D. Goodwin, P. G. Lowney, and N. Rubin, Spike: An Optimizer for Alpha/NT Executables, Proc. USENIX Windows NT Workshop, Aug. 1997.]]
[17]
D. W. Goodwin. Interprocedural Dataflow Analysis in an Executable Optimizer. Proc. PLDI '97. pp 122--133.]]
[18]
E. Ruf, Context-Insensitive Alias Analysis Reconsidered. Proc. SIGPLAN '95 Conference on Programming Language Design and Implementation. June 1995, pp. 13--22.]]
[19]
A. Srivastava and D. W. Wall, Link-time Optimization of Address Calculation on a 64-bit Architecture. Proc. PLDI 1994. pp. 49--60.]]
[20]
Gerard J. Holzmann. Static Source Code Checking for User-defined Properties. Conference on Integrated Design and Process Technology, IDPT-2002.]]
[21]
W. E. Weihl, Interprocedural data flow analysis in the presence of pointers, procedure variables, and label variables. Proc. ACM POPL. 83--94.]]
[22]
D. R. Chase, M. Wegman, and F. K. Zadeck, Analysis of Pointers and Structures. PLDI '90. June 1990, pp. 296--310.]]
[23]
Bill Gates. The Future of Programming in a World of Web Services (keynote address). 17th Annual ACM Conference on Object-Oriented Programming, Systems, Languages and Application Seattle, Washington Friday, November 8, 2002]]
[24]
K. D. Cooper and K. Kennedy, Fast Interprocedural Alias Analysis. 16th ACM POPL. Jan. 1989, pp. 49--59.]]
[25]
S. Horwitz, P. Pfeiffer, and T. Reps, Dependence Analysis for Pointer Variables. Proc. PLDI '89. pp. 28--40.]]
[26]
E. Ruf, Context-Insensitive Alias Analysis Reconsidered, Proc. PLDI '95. June 1995, pp. 13--22.]]
[27]
W. E. Weihl. Interprocedural data flow analysis in the presence of pointers, procedure variables, and label variables. Proc. ACM POPL. Jan. 1980. pp. 83--94.]]
[28]
R. P. Wilson and M. S. Lam. Efficient Context-Sensitive Pointer Analysis for C Programs. Proc. PLDI '95. pp. 1--12.]]
[29]
Mihai Christodorescu and Somesh Jha. Static Analysis of Executables to Detect Malicious Patterns. 12th USENIX Security Symposium, August 2003.]]
[30]
J. Bergeron, M. Debbabi, J. Desharnais, M. M. Erhioui, Y. Lavoie and N. Tawbi. Static Detection of Malicious Code in Executable Programs. Symposium on Requirements Engineering for Information Security (SREIS'01).]]
[31]
J. Bergeron, M. Debbabi, M. M. Erhioui and B. Ktari. Static Analysis of Binary Code to Isolate Malicious Behaviors. In Proceedings of the IEEE 4th International Workshops on Enterprise Security (WETICE'99).]]
[32]
B.V. Chess. Improving computer security using extending static checking. IEEE Symposium on Security and Privacy, 2002.]]
[33]
David A. Wagner. Static analysis and computer security: New techniques for Software Assurance. University of California at Berkley Phd Dissertation. Dec. 2000.]]
[34]
Hao Chen, Jonathan S. Shapiro. Exploring Static Checking for Software Assurance. SRL Technical Report SRL-2003-06.]]
[35]
Improving software quality by static program analysis Horst Licheter and Gerhard Riedinger Proc. of SPI 97 software process improvement, Barcelona, 1997]]
[36]
Demand-Driven Pointer Analysis Nevin Heintze, Oiivier Tardieu Conference on Programming Language Design and Implementation 2001]]
[37]
Points-to Analysis in Almost Linear Time (1996) Bjarne Steensgaard Symposium on Principles of Programming Languages]]
[38]
M. R. Garey and D. S. Johnson. Computers and Intractability. W. H. Freeman and Company. New York. 1979.]]
[39]
George C. Necula Scott McPeak Westley Weimer CCured Type-Safe Retrofitting of Legacy Code POPL '02, Jan. 16-18, 2002 Portland, OR USA]]

Cited By

View all
  • (2020)Fast and Energy-Efficient State Checkpointing for Intermittent ComputingACM Transactions on Embedded Computing Systems10.1145/339190319:6(1-27)Online publication date: 29-Sep-2020
  • (2015)Memory Policy Analysis for Semantics Specifications in MaudeRevised Selected Papers of the 25th International Symposium on Logic-Based Program Synthesis and Transformation - Volume 952710.1007/978-3-319-27436-2_18(293-310)Online publication date: 13-Jul-2015
  • (2014)ProspectProceedings of the 9th ACM symposium on Information, computer and communications security10.1145/2590296.2590301(329-340)Online publication date: 4-Jun-2014
  • Show More Cited By

Index Terms

  1. Static program analysis of embedded executable assembly code

        Recommendations

        Comments

        Information & Contributors

        Information

        Published In

        cover image ACM Conferences
        CASES '04: Proceedings of the 2004 international conference on Compilers, architecture, and synthesis for embedded systems
        September 2004
        324 pages
        ISBN:1581138903
        DOI:10.1145/1023833
        Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

        Sponsors

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        Published: 22 September 2004

        Permissions

        Request permissions for this article.

        Check for updates

        Author Tags

        1. abstract interpretation
        2. assembly code
        3. embedded software components
        4. executable code
        5. static analysis

        Qualifiers

        • Article

        Conference

        CASES04

        Acceptance Rates

        Overall Acceptance Rate 52 of 230 submissions, 23%

        Contributors

        Other Metrics

        Bibliometrics & Citations

        Bibliometrics

        Article Metrics

        • Downloads (Last 12 months)9
        • Downloads (Last 6 weeks)0
        Reflects downloads up to 16 Feb 2025

        Other Metrics

        Citations

        Cited By

        View all
        • (2020)Fast and Energy-Efficient State Checkpointing for Intermittent ComputingACM Transactions on Embedded Computing Systems10.1145/339190319:6(1-27)Online publication date: 29-Sep-2020
        • (2015)Memory Policy Analysis for Semantics Specifications in MaudeRevised Selected Papers of the 25th International Symposium on Logic-Based Program Synthesis and Transformation - Volume 952710.1007/978-3-319-27436-2_18(293-310)Online publication date: 13-Jul-2015
        • (2014)ProspectProceedings of the 9th ACM symposium on Information, computer and communications security10.1145/2590296.2590301(329-340)Online publication date: 4-Jun-2014
        • (2011)Equational Reasoning on x86 Assembly CodeProceedings of the 2011 IEEE 11th International Working Conference on Source Code Analysis and Manipulation10.1109/SCAM.2011.15(75-84)Online publication date: 25-Sep-2011
        • (2011)Validation of microcontroller codes: an architecture oriented approachInternational Journal of Intelligent Computing and Cybernetics10.1108/175637811111867434:4(442-464)Online publication date: 22-Nov-2011
        • (2010)An evaluation of free/open source static analysis tools applied to embedded software2010 11th Latin American Test Workshop10.1109/LATW.2010.5550368(1-6)Online publication date: Mar-2010
        • (2008)Some Assembly Required - Program Analysis of Embedded System Code2008 Eighth IEEE International Working Conference on Source Code Analysis and Manipulation10.1109/SCAM.2008.15(15-24)Online publication date: Sep-2008
        • (2004)Framework for safe reuse of software binariesProceedings of the First international conference on Distributed Computing and Internet Technology10.1007/978-3-540-30555-2_33(283-293)Online publication date: 22-Dec-2004

        View Options

        Login options

        View options

        PDF

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader

        Figures

        Tables

        Media

        Share

        Share

        Share this Publication link

        Share on social media