The number of computational devices using embedded software is rapidly increasing and the embedded software's functional capabilities are becoming increasingly complex each year. These are predictable trends for industries such as aerospace and defense, which depend upon highly complex products that require systems engineering techniques to create. We also see consumer products as increasingly relying upon embedded software—such as automobiles, cell phones, PDAs, HDTVs, etc.
Embedded software often substitutes for functions previously realized in hardware such as custom ICs or the more economical, but slower gate arrays; for example, digital fly-by-wire flight control systems have superseded mechanical control systems in aircraft. Software also increasingly enables new functions, such as intelligent cruise control, driver assistance, and collision avoidance systems in high-end automobiles. Indeed, the average car now contains roughly seventy computer chips and 500,000 lines of code—more software than it took to get Apollo 11 to the Moon and back. In the upper-end automobiles, in which embedded software delivers many innovative and unique features, there can be far more code.
However, the great number of source lines of code (SLOC) itself is not a fundamental problem. The main difficulty stems from the ever-more complex interactions across software components and subsystems. All too often, coding errors only emerge after use. Worse still, even good code is increasingly the target of cyber attacks. The software testing process must be integrated within the software creation process—including the creation of systems of systems in a spiral development. This follows because in theory, whenever software becomes complex enough to be capable of self-reference it can no longer be formally proven valid.
Cyber threats are growing in number and sophistication. In theory, it is not possible, in the general case, to produce fault-free software. Attackers have shown the ability to find and exploit residual faults and use them to formulate cyber attacks. Most software systems in use today run substantially similar software. As a result, successful cyber attacks can bring down a large number of installations running similar software. As we share more and more software (e.g., through the cloud), the situation can only get worse. There is a need for a better method for protecting a software system against cyber attacks.