HL Klemove Improves Code Quality for Advanced Driver-Assistance Systems with Polyspace Bug Finder
“Polyspace enabled us to automate static code analysis for ADAS software and integrate it into our CI/CD workflows. From the earliest stages of development through production, Polyspace helps us find and eliminate potentially costly issues that are difficult for developers to discover on their own.”
Challenge
Improve the quality of advanced driver-assistance systems software and meet OEM requirements for secure coding
Solution
Use Polyspace Bug Finder and Polyspace Access to perform static code analysis throughout development, identify defects, and ensure compliance with coding standards
Results
- Source code verification time reduced
- Defects identified earlier in development
- OEM’s coding requirements and standards met
HL Klemove is paving the road for future mobility.
As advanced driver-assistance systems (ADAS) and autonomous driving (AD) systems become increasingly sophisticated, the software that powers them is growing more complex. At the same time, automotive OEMs are asking suppliers to deliver ADAS/AD software on compressed schedules, while increasing their software quality requirements. As a result, suppliers are struggling to keep pace. Relying on manual processes, they often find defects only late in the development lifecycle, or worse, when the system is already in production, requiring a costly recall.
Engineering teams at HL Klemove use Polyspace® static code analysis products to identify run-time errors, security vulnerabilities, and coding standards deviations early in the development of advanced ADAS/AD software. They have integrated Polyspace Bug Finder™ and Polyspace Access™ into their automated continuous integration/continuous delivery (CI/CD) workflows, reducing code verification time, improving software quality, and fostering collaboration across and within teams.
“As the number and complexity of ADAS/AD software projects increased, Polyspace Bug Finder has enabled us to detect issues in early development stages, and as a result, deliver higher quality software,” says Minchae Lee, team lead at HL Klemove. “It has also enabled our teams to comply with the secure coding standards that our OEM customers now require, while Polyspace Access has improved collaboration with web-based access to static analysis results.”
Challenge
In the past, HL Klemove teams relied on a combination of manual code reviews and standalone tools for source code analysis of ADAS/AD software. But the visual inspection, as well as the configuration and maintenance of the tools, was complex and time-consuming. Furthermore, integrating these tools into CI/CD workflows was difficult. Developers had to use them on their workstations, where they consumed resources and made it difficult to perform other development tasks.
As a result, the teams had to postpone static code analysis to the late stages of development, when there was little time left to identify and resolve all the issues that had accumulated. HL Klemove needed a new tool that would address these challenges and enable teams to fulfill new customer requirements for compliance with CERT® C coding standards, which are required to fulfill new UNECE WP.29 regulations.
Solution
HL Klemove used Polyspace products to improve ADAS/AD software quality by identifying defects and coding rules violations throughout development.
HL Klemove engineers worked with MathWorks application engineers to integrate Polyspace tools into their CI toolchain, which includes Atlassian Bamboo® for CI/CD and Bitbucket® for Git™ repository management. They created Bamboo jobs to trigger Polyspace Bug Finder Server™ to automate static code analysis and publish analysis results to Polyspace Access for web-based, collaborative review. To streamline project management, they integrated Polyspace Access with Atlassian JIRA, which enabled ticket creation related to Polyspace findings from within Polyspace Access.
During a typical development project, engineers push code changes to Bitbucket. The updated code is then analyzed by Polyspace Bug Finder Server as part of a scheduled or manually triggered Bamboo job. Once the static code analysis is completed, the user receives a notification via email with a link to the corresponding results in a Polyspace Access web page. From the Polyspace Access web browser interface, managers and engineers collaborate as they review the static analysis results from the code they’ve worked on, code produced by other teams, or code automatically generated from Simulink® models using Embedded Coder®. Polyspace Bug Finder Server findings include run-time errors, concurrency issues, and violations of MISRA™ and CERT C coding standards. Software engineers focus on Polyspace Bug Finder Server results from feature branches, while DevOps engineers focus on results from release branches.
To shorten the feedback loop to the developer, several teams have recently started using Polyspace as You Code IDE plugin to check code quality while coding. They can fix MISRA or CERT C deviations before submitting their code change to Bitbucket.
HL Klemove is currently using Polyspace products on all ADAS/AD development programs, spanning dozens of projects and hundreds of production vehicle models.
Results
- Source code verification time reduced. “With Polyspace Bug Finder, we reduced source code verification time by up to 80 percent,” says Lee. “And, with automated report generation, we’ve reduced the time needed to create comprehensive reports for our OEM customers from one hour to 10 minutes or less.”
- Defects identified earlier in development. “Polyspace enables us to find, diagnose, and address issues in the early stages of development,” says Lee. “This is critical for us, because even a single defect that goes undetected can result in a safety recall, with potential costs in the millions of dollars.”
- OEM’s coding requirements and standards met. “One of our largest customers, an OEM, now requires all suppliers to comply with coding guidelines, including MISRA and CERT C,” says Lee. “Polyspace enabled our teams to meet this requirement and generate reports demonstrating the results of our code verification. We’ve received positive feedback from our customers on our ability to meet their evolving requirements related to software quality.”
