Metrics Evaluation using Static Analysis for Automotive Software Specified by KGAS and Automotive SPICE

April 22, 2020 Bill Graham

spice

The Automotive SPICE (Software Process Improvement and Capability dEtermination) is a software development process standard that outlines the maturity model for software development, management and business processes. SPICE defines how to assess the capabilities of a software organization’s level of maturity. An organization seeking compliance to SPICE needs to follow the guidelines outlined in the PAM (process assessment model) – the document discussed here is Automotive SPICE® Process Reference Model Process Assessment Model Version 3.0.

In a previous post I covered the use of static analysis and concluded at the time that: Automotive SPICE PAM makes a strong case for using static analysis to support software unit verification by supporting static verification and coding standard compliance. Static analysis also plays an important role in the development safety critical software complying with functional safety standards such as ISO 26262 (a complementary standard to Automotive SPICE.)

Group Basic Software Requirements (KGAS)

Volkswagen introduced its KGAS (translates to Group Basic Software Requirements in English) as an extension or expansion to Automotive Spice. These are process requirements which fill in details or holes that VW needed as part of the Software Quality Improvement Leader (SQIL) initiative. Many of these requirements improve the checks between requirement, architecture, implementation, and test. Of interest here is the metrics dashboard defined by KGAS that suits our capabilities.

GrammaTech has implemented KGAS metrics on behalf of a customer implementing automotive software in compliance with Automotive SPICE and VW’s KGAS. The following table expands upon the metrics supported by GrammaTech CodeSonar:

CodeSonar KGAS Coverage Trimmed

Note that MISRA rules are part of the KGAS requirements and as such is strong recommendation for using advanced static analysis tools to support not just metrics measurements but coding standard compliance. There is more to advanced static analysis tools like CodeSonar than “static verification” or coding standard compliance (although still important processes and capabilities) which can enhance SQIL initiatives.

Benefits of Static Analysis Tools

Advanced static analysis tools such as GrammaTech CodeSonar provide tangible productivity improvements to software teams seeking static verification while also satisfying stringent software safety certification criteria (.e.g. ISO 26262). Using a qualified tool as part of the software development process from early stages of development can have significant benefits. Although I expand upon this in the previous post on Automotive SPICE, here a quick summary of the benefits.

Advanced static analysis tools such as enforcing coding standards for safety, security, and style. In addition, these tools reduce the number of defects early in the lifecycle (and throughout development) while also reducing manual effort in proving software robustness and behavior. An important capability is accelerating certification evidence. Documenting the results of software unit acceptance is critical to proving compliance to certification standards. Static analysis tools have rich reporting features to help support certification requirements.

Tool Qualification

Since the application of Automotive SPICE and KGAS is usually in safety critical software, it’s important to use tools certified to the same standards as your software organization is. Recognizing this need, GrammaTech CodeSonar is independently certified for ISO 26262, IEC 61508, and EN 50128. This means that developers can use CodeSonar with confidence that the results produced are acceptable to approval bodies during certification. It is just too risky to use unqualified tools, which will only result in further testing, documentation, and certification costs.

Summary

KGAS expands upon the requirements in Automotive SPICE and includes the definition of software metrics needed in VWs SQIL initiative. Both SPICE and KGAS makes a strong case for using static analysis to support metrics collection and MISRA rule compliance. Advanced static analysis tools such as CodeSonar can certainly support the required metric collection but also adds value in areas such as defect and security vulnerability detection and remediation, third-party code evaluation and accelerating certification evidence.

Interested in learning more? Read our guide "Accelerating Automotive Software Safety with MISRA and Static Analysis"

Previous Article
Webinar Recording - Combining SAST, Lean, Shift Left, DevSecOps
Webinar Recording - Combining SAST, Lean, Shift Left, DevSecOps

  Wondering what you can do to maximize the efficiency of you...

Next Article
Software Trustworthiness Best Practices for IIoT
Software Trustworthiness Best Practices for IIoT

The Industrial Internet Consortium (IIC) recently released their white paper “Software Trustwort...