关键词: 航天嵌入式软件, 数组越界, 程序分析, 中断驱动型程序

Abstract: According to statistics, outofbounds array access is one of the most common and easily missed bugs in aerospace embedded software. At present, program analysis methods for automatically detecting outofbounds array access mostly base on abstract interpretation theory, symbolic execution, model checking and etc. The performances of these methods in false positives, false negatives, and extensibility and so on mainly rely on the characteristics of the software and defects. Therefore, we firstly analyze 94 real world outofbounds array access errors in recent 3 years, which are from aerospace embedded software left to the thirdparty testing part. We carefully examine the bug pattern and manifestation of these bugs, and extract 10 characteristics about the outofbounds array access errors in aerospace embedded software, as well as some important implications. According to these characteristics and implications, we explore the improvement of detection methods for outofbounds array access with respect to interruptdriven programs.

Key words: aerospace embedded software, outofbounds array access, program analysis,