According to statistics, outofbounds array access is one of the most common and easily missed bugs in aerospace embedded software. At present, program analysis methods for automatically detecting outofbounds array access mostly base on abstract interpretation theory, symbolic execution, model checking and etc. The performances of these methods in false positives, false negatives, and extensibility and so on mainly rely on the characteristics of the software and defects. Therefore, we firstly analyze 94 real world outofbounds array access errors in recent 3 years, which are from aerospace embedded software left to the thirdparty testing part. We carefully examine the bug pattern and manifestation of these bugs, and extract 10 characteristics about the outofbounds array access errors in aerospace embedded software, as well as some important implications. According to these characteristics and implications, we explore the improvement of detection methods for outofbounds array access with respect to interruptdriven programs.

The software defect prediction model characterized by instability and low recall rate is difficult to apply in the industry field. To solve the problem of the software defect prediction model with stable and efficient performance evaluation indicators in the engineering practice, a software defect prediction method Automated knowledge graphs genetic algorithm stacking (AutoKGGAS) is proposed based on the automated knowledge graphs assisted machine learning, which obtains the software defect prediction model data for the research on knowledge graph construction technologies (such as knowledge modeling, knowledge acquisition, knowledge fusion, knowledge storage and knowledge calculation), take the highquality software defect prediction model recommended by the knowledge graphs as the hot startup input of automatic search. According to different software defect prediction evaluation indicators, different optimal stacking model structures are optimized. On the other hand, the empirical research uses NASA open source dataset experimental object and six performance evaluation indicators. The experimental results show that the AutoKGGAS automated software defect prediction model is superior to the traditional classic software defect prediction model recommended by the knowledge graphs in different evaluation indicators of different datasets. The automated software defect prediction model provides a prototype for the aerospace software defect prediction to assist the code review test, which is of great significance in engineering practices.

With the development and application of software definition X, functions of embedded systems are implemented with software definitions, which leads to large increase in scale and complexity of embedded software. Software security has become a key concern of embedded systems and products in operation and maintenance phases. In this paper, the vulnerable behavior and structure are analyzed with existing technology or tool to detect software program vulnerable bug, and some vulnerabilities characteristics and insecurity behavior attributes of software embedded in equipment system are created. Through verifying logic propositions among software attribute specifications, software requirements of security reinforcement are gathered. The vulnerability reinforcement code generation technology based on the security template of attribute specification is proposed to generate reinforcement codes automatically, which can be used for fixing potential security bugs in software code and guarantee the protection of embedded software.

With the rapid development of Chinese aerospace industry, the role and status of software in spacecraft become more and more prominent. Aerospace software gradually becomes one of the keys to the success of aerospace missions. Aerospace model software generally has the characteristics of high realtime performance, high reliability requirements, complex operating environment, complex spacecraft structure, and limited resources. This bring huge challenges to the description, design, analysis and implementation of aerospace model software. We hope to develop a hybrid description language which is called hybrid spacecraft requirement description language (HSPARDL) for software modeling features of aerospace models based on the embedded cycle control system language, which is called spacecraft requirement description language (SPARDL). It can uniformly describe the physical process of its operation and the control behavior of the software, as well as between them. At the same time, it provides a strict formal semantic model to ensure the correctness and reliability of embedded software design, and ultimately provides a solid theoretical foundation and method support for the design and implementation of aerospace model software.

In recent years, with the rapid development of aerospace technology, the functions of aerospace software are becoming more and more complex and the scale is getting lager while the requirements for software trustworthiness are getting further. Once aerospace software is untrustworthy, the loss it brings is often incalculable. We propose an approach for software trustworthiness measurement for aerospace, starting from the trustworthy evidence of source code in combination with the characteristics of aerospace. We design a trustworthy evidence standard for C Language which distinguishes key evidence from the evidence and includes positive evidence and negative evidence. Then, we propose an approach of aerospace software trustworthiness measurement oriented to trustworthy evidence of source code and a software trustworthy classification model. Finally, we use the approach to measure the trustworthiness of NASA’s open source code Core Flight Executive, and the result proves the effectiveness and practicality of our approach.

 

The comments are very helpful for understanding the source code and play an important role in software maintenance and evolution. Existing works show that the lack of source code comments is one common practice in realworld projects. Current studies on automatic source code comments generation have two limitations. Firstly, they only use much simple lexical information; secondly, they do not use the lexical and syntactic information well. In this work, we propose a neural network fusion model for source code comments generation based on the encoderdecoder framework. Our model can embed the lexical information better, represent the syntax information based on abstract syntax tree, and then produce a fusion encoder to learn both the lexical and syntactic information for source code comments generation. The experiments on the public benchmark indicate that our fusion model outperforms the previous models by the metrics such as BLEU4 and METEOR.

With the increasing scale of software application, once the software system fails, property loss or casualties can hardly be avoided. Therefore, it is particularly important to evaluate the trustworthiness of the software. In safetycritical areas such as aerospace, security, as one of the key attributes of trustworthiness, affects the trustworthiness evaluation of the entire software system. Especially when an attack or defect occurs, the trustworthiness of the component will decrease, which will affect the trustworthiness of its security associated components. Moreover, it will affect the trustworthiness of the whole system. Follow the idea, the formulas are designed to measure the impact of the change of the trustworthiness of a component on the other components. Furthermore, we propose the componentdependence measurementtrustworthiness model (CDMTM) of the entire software system. Finally, taking a certain “aerospace power management equipment” as an example, we prove the rationality and effectiveness of the CDMTM established in this paper.

Considering the current spacecraft control software development, the purpose of modelbased driven research is to solve the problems of accurate description of requirements, adequate verification of design and reliability of software products. Aiming at the problems of complex interfaces and complicated operations in the code gluing process, a model architecture is proposed based on development method, which builds a model driven development framework for spacecraft control software. It simplifies the code gluing process by embedding legacy code or new code into driven development framework by model encapsulation. At the same time, in order to improve the reuse efficiency of mature algorithms and the reliability of software products, a general model library is built in the field of spacecraft control. The research of this method lays a solid foundation for the transformation of software development to model driven mode.

Spacecraft needs to meet the requirements of multitask, multiworking mode and largescale maneuvering during space flight. Its control system has a lot of external interference and uncertain internal parameters under largescale maneuvering conditions. At the same time, the adaptive process of the aircraft is affected by limited resources, and manual intervention is difficult. The existing mature dynamic adaptive methods are not necessarily suitable for spacecraft autonomous control software, so the current dynamic adaptive adjustment methods of autonomous control system software cannot meet the higher requirements. Therefore, an adaptive framework based on the twolayer perceptionanalysisdecisionexecution (MAPE) control loop is proposed, which uses rule/strategybased decisionmaking methods and reinforcement learningbased decisionmaking methods to make decisions on local and global changes. In addition, a datadriven feedback method is used to periodically adjust and optimize the policy information in the rule library to ensure that the aircraft can dynamically complete adaptive adjustments and ensure the reliable execution of tasks when performing tasks in complex space environments.

For the research and development of complex software system, research and development teams in different regions need to use different tools to work together, which also brings about the problem of data integration. Design of software collaborative development data interface based on the open services of lifecycle collaboration (OSLC) specification is helpful for improving the efficiency of software collaborative development. A data integration interface is designed and implemented for the first time according to the factory mode and OSLC specification. It abstracts data integration of different tool into a unified public interface, so as to realize the data integration of different tools via a unified data interface and specification, which is beneficial to the optimization of the whole software architecture. Taking the integration of Bugzilla and Jenkins as an example, a data integration system based on factory pattern and OSLC specification is realized in SunwiseAEM platform. The system realizes the data integration among different tools and provides a general and extensible data integration mode.

 

Most key functions of complex systems are implemented by software. As a result, software has critical effect on dependability and quality of those systems. But software development and management of current complex systems mainly follow general systems engineering approach which does not consider complex systems’ characteristics like openness, emergence, selforganization, and so on. This limitation increases the risk of dependability and quality. To ensure dependability and quality of software in complex systems, the major characteristics of complex systems are taken into consideration, and some technologies and theories of systems science are adopted to improve the existing software development and management approaches, especially the software analysis and design approach. In addition to systems science, agile method, knowledge engineering and other related technologies are introduced to establish a software life cycle model which covers both technical processes and technical management processes and reflects the multidimensional views including software development、verification and maintenance.

Software faults have become one of the main causes of the failure of aerospace systems. Bugs in source code are still one of the most prominent kinds of problems in aerospace embedded software, such as array out of bounds, arithmetic overflow, divided by zero, data race, etc. Static analysis, which can infer runtime properties of a program at compile time through analyzing its source code, is an important technique to improve safety and reliability of aerospace embedded software. The code features and common kinds of program errors in aerospace embedded software are reviewed in this paper. After that, the static analysis techniques that are fit for analyzing aerospace embedded software are presented, including abstract interpretation, symbolic execution, data race detecting, etc. Then, some recent advance on applying static analysis techniques to aerospace embedded software in China are reviewed. Finally, some future directions on this topic are discussed.