Static code analysis of programmable logic controller programs
Sprache der Bezeichnung:
Static code analysis techniques analyze programs by examining the source code without actually executing them. In common, it is used to increase the quality of software by finding bad code smells and potential defects in early development stages. Today, they are widely spread and intensively used in general purpose programming and tools are numerous for established programming languages like C/C++, Java, C# and others. However, in the domain of programmable logic controller (PLC) programming static code analysis tools are generally not available yet.
In this project we therefore develop methods and tools for static code analysis of PLC programs. The tool allows parsing the source code files of PLC software and builds an internal representation of the programs in form of an abstract syntax tree (AST) augmented with type information. Based on the AST, the tool executes a set of user-definable rules to check for violations, which are written to an XML output file. Issues which can be detected in this way range from naming conventions, program complexity issues, bad code smells, incompatible configuration settings, problematic task interleaving and race conditions, possible performance problems, and violations of dynamic statement dependencies.
Currently the tool works for the KemroIEC which is a proprietary dialect of the IEC 61131 standard from Keba AG and is used by Engel Austria for analyzing their automation software solutions for their injection molding machines.
The project is a joint project with Software Competence Center Hagenberg and is conducted within the competence centres programme COMET of the Austrian Research Promotion Agency (FFG).