Automatic Bug Detection in Microcontroller Software by Static Program Analysis

Microcontroller software typically consists of a few hundred lines of code only, but it is rather different from standard application code. The software is highly hardware and platform specific, and bugs are often a consequence of neglecting subtle specifications of the microcontroller architecture. Currently, there are hardly any tools for analyzing such software automatically. In this paper, we outline specifics of microcontroller software that explain why those programs are different to standard C/C++ code. We develop a static program analysis for a specific microcontroller, in our case the ATmega16, to spot code deficiencies, and integrate it into our generic static analyzer Goanna. Finally, we illustrate the results by a case study of an automotive application. The case study highlights that – even without formal proof – the proposed static techniques can be valuable in pinpointing software bugs that are otherwise hard to find.