* College Intern, West Virginia Wesleyan, Buckhannon, WV.

Slides:



Advertisements
Similar presentations
TWO STEP EQUATIONS 1. SOLVE FOR X 2. DO THE ADDITION STEP FIRST
Advertisements

1 Verification by Model Checking. 2 Part 1 : Motivation.
© 2005 Microchip Technology Incorporated. All Rights Reserved. Slide 1 NUM 1019 Numerical Methods on the PIC Micro.
2017/3/25 Test Case Upgrade from “Test Case-Training Material v1.4.ppt” of Testing basics Authors: NganVK Version: 1.4 Last Update: Dec-2005.
1 Introduction to Software Engineering Rajkumar Buyya Grid Computing and Distributed Systems Lab Dept. of Computer Science and Software Engineering University.
By D. Fisher Geometric Transformations. Reflection, Rotation, or Translation 1.
Slide 1 FastFacts Feature Presentation September 7, 2010 We are using audio during this session, so please dial in to our conference line… Phone number:
By Rick Clements Software Testing 101 By Rick Clements
Business Transaction Management Software for Application Coordination 1 Business Processes and Coordination.
We need a common denominator to add these fractions.
DCV: A Causality Detection Approach for Large- scale Dynamic Collaboration Environments Jiang-Ming Yang Microsoft Research Asia Ning Gu, Qi-Wei Zhang,
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Title Subtitle.
Multiplying binomials You will have 20 seconds to answer each of the following multiplication problems. If you get hung up, go to the next problem when.
What two numbers will give you a product of 64 and a quotient of 4?
0 - 0.
DIVIDING INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.
MULTIPLYING MONOMIALS TIMES POLYNOMIALS (DISTRIBUTIVE PROPERTY)
ADDING INTEGERS 1. POS. + POS. = POS. 2. NEG. + NEG. = NEG. 3. POS. + NEG. OR NEG. + POS. SUBTRACT TAKE SIGN OF BIGGER ABSOLUTE VALUE.
SUBTRACTING INTEGERS 1. CHANGE THE SUBTRACTION SIGN TO ADDITION
MULT. INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.
Addition Facts
Year 6 mental test 5 second questions
Making the System Operational
SADC Course in Statistics Tests for Variances (Session 11)
Tintu David Joy. Agenda Motivation Better Verification Through Symmetry-basic idea Structural Symmetry and Multiprocessor Systems Mur ϕ verification system.
Using Family Connection Online Resource for Planning & Advising.
Configuration management
Software change management
Chapter 6 Computer Assisted Audit Tools and Techniques
S-Curves & the Zero Bug Bounce:
Test Yaodong Bi.
Automated Testing Ted Driggs (tdriggs). What Verify program behavior without human interaction Programmatically load and run test code on a wide array.
Eiffel: Analysis, Design and Programming Bertrand Meyer (Nadia Polikarpova) Chair of Software Engineering.
1 Designing Hash Tables Sections 5.3, 5.4, Designing a hash table 1.Hash function: establishing a key with an indexed location in a hash table.
Hash Tables.
SE-292: High Performance Computing
§ 7.7 Complex Numbers.
ECATS RCCA CAMP PROCESS ENHANCEMENTS
© S Haughton more than 3?
Checking & Corrective Action
Environmental Management Systems Refresher
Linking Verb? Action Verb or. Question 1 Define the term: action verb.
Squares and Square Root WALK. Solve each problem REVIEW:
Lecture 8: Testing, Verification and Validation
Chapter 11 Software Evolution
Past Tense Probe. Past Tense Probe Past Tense Probe – Practice 1.
This, that, these, those Number your paper from 1-10.
 .
CSci 1130 Intro to Programming in Java
Addition 1’s to 20.
Verification and Validation
25 seconds left…...
Polynomial Functions of Higher Degree
Trigonometric Functions
Test B, 100 Subtraction Facts
Week 1.
Internal Control and Control Risk
SO- You Have a Protocol- What ’ s NEXT? Bob Ensor and Dana York 1.
We will resume in: 25 Minutes.
PSSA Preparation.
Chapter 11: Systems Development and Procurement Copyright © 2013 Pearson Education, Inc. publishing as Prentice Hall Chapter
 2003 Prentice Hall, Inc. All rights reserved. 1 Chapter 13 - Exception Handling Outline 13.1 Introduction 13.2 Exception-Handling Overview 13.3 Other.
14-1 © Prentice Hall, 2004 Chapter 14: OOSAD Implementation and Operation (Adapted) Object-Oriented Systems Analysis and Design Joey F. George, Dinesh.
Copyright © Cengage Learning. All rights reserved.
Introduction to Programming G51PRG University of Nottingham Revision 1
DATA TYPES, VARIABLES, ARITHMETIC. Variables A variable is a “named container” that holds a value. A name for a spot in the computer’s memory This value.
Using Programmer-Written Compiler Extensions to Catch Security Holes Authors: Ken Ashcraft and Dawson Engler Presented by : Hong Chen CS590F 2/7/2007.
Protecting the Public, Astronauts and Pilots, the NASA Workforce, and High-Value Equipment and Property Mission Success Starts With Safety Believe it or.
Presentation transcript:

* College Intern, West Virginia Wesleyan, Buckhannon, WV

Agenda On-Orbit Anomaly ResearchDescription of AnomalyCauses of AnomalyRoot Cause: Operating System FaultProximate Cause: FSW Bounds-Checking DeficiencyIV&V Observations 2

On-Orbit Anomaly Research (OOAR) at NASA IV&V Facility 3 Study anomalies and mishaps associated with NASA space missions Assist with on-going NASA IV&V analysis of heritage software with past faulty history Help improve NASA IV&V processes

Description of Anomaly 4

Sequential Causes of Anomaly 5

Sequential Causes of Anomaly (cont’d) 6

In summary: ANOMALY 64-bit floating-pt. V x too big to convert to a 32-bit integer x component of velocity, V x, became too large cos( ) and x component of position flipped signs fmod (, 2  ) returned incorrect value, off by  Incorrect Implementation of fmod in the (COTS) OS Proximate Cause Root Cause 7

Root Cause: Operating System Fault fmod Overview fmod (a, b) returning remainder of a ÷ b Example: fmod (16, 3) = 1 16 = (3 x 5) + 1 Human implementation: Calculate the remainder r by finding the largest integer n in 16 = (3 x n) + r such that: 0 ≤ r = 16 – (3 x n) < 3 8

Root Cause: Operating System Fault fmod Overview 9

Root Cause: Operating System Fault OS Comparison of Numbers in fmod 10

Root Cause: Operating System Fault OS Comparison of Numbers in fmod 11

Root Cause: Operating System Fault OS Comparison of Numbers in fmod For certain values of slightly larger than odd multiples of 2 , fmod (, 2  ) failed at the last steps: 12

Proximate Cause: FSW Bounds- Checking Deficiency Requirement: Transform (cast) double-precision floating-point 64- bit value into int16 16-bit signed integer FSW implementation: Conversion performed in two steps: 64-bit floating-point to 32-bit signed integer 32-bit signed integer to 16-bit signed integer 64-bit value: Requiring a 35-bit signed integer to properly convert 32-bit signed integer not able to hold values less than Failure to transform into 32-bit signed integer 13

Proximate Cause: FSW Bounds- Checking Deficiency No bounds-checking, of values to be typecast, performed by FSW Anomaly could have been prevented if 64-bit floating-point value checked 14

OOAR Observations 15 To prevent similar anomalies in the future: Apply IV&V to code external to flight software IV&V verification of bounds checking in flight software

OOAR Observations (cont’d) Ex: OS running FSW, an integral element of S/C operation May be the “weak link” if not analyzed along with FSW Issues with FSW may originate in external code, e.g., fmod bug in OS New software interacting with FSW may warrant IV&V analysis Critical space missions may justify analyzing external code Past problems (e.g., a specific OS) may indicate a need for further assessment. 16 Apply IV&V to Code External to Flight Software (FSW)

OOAR Observations (cont’d) Challenges – Full-cycle analysis may not be possible, e.g., OS already developed Comprehensive testing may be only option Testing cannot catch all bugs – Ex.: fmod bug becoming active on the S/C once every two years at two instances a few seconds apart, which may or may not become an issue depending on whether a SW application happens to “consume” the bug at those instances – Bugs may be too subtle to be detected easily (cf. fmod bug) – Limited IV&V resources to do both FSW and external software analysis – May not be cost-effective to analyze external software with long, successful track records 17 Apply IV&V to Code External to FSW (cont’d):

OOAR Observations (cont’d) 18 IV&V Verification of Bounds Checking in FSW Examples of bounds checking: – Array index checking – Checking for division by zero – Screening for taking the square root of a negative number Bounds checking effective as fault protection in the code – Bounds checking of typecasting would have prevented the fmod bug from leading to an anomaly Some compilers may not provide automatic run-time bounds checking. Verification of bounds checking, e.g., array index checking, readily performed by static code analysis tools Relatively easy to manually inspect the code to verify bounds-checking of pre-identified operations, e.g., typecasting, square root, etc.

OOAR Observations (cont’d) Challenges – Some bounds checking requires dynamic code analysis tools Logistics of dynamic code analysis complicated – Correct configuration of code analysis tools may also require significant time investment 19 IV&V Verification of Bounds Checking in FSW (cont’d):

Questions? Thank you for your participation! Contact Info: – Joel Abraham – Joseph Painter – Koorosh Mirfakhraie – Ken Costello – Sam Cilento 20