Integrating WCET Analysis into CI/CD for Automotive and Embedded Software

Hook: Stop Surprising Timing Regressions — Make WCET Part of Your CI/CD

If you ship embedded or automotive software, you already know the pain: a timing regression slips through review, causes intermittent failures on a target ECU, and suddenly a field update or certification milestone is delayed. The good news for 2026: you can detect and fail on WCET regressions the same way you catch unit-test failures — as part of automated CI/CD. This tutorial shows how to run WCET (worst-case execution time) analysis in your pipeline, fail builds on regressions, and produce traceable, certification-ready reports.

Why timing analysis in CI/CD matters right now (2026 context)

Software-defined vehicles and advanced driver assistance systems (ADAS) have driven a major rise in timing-safety requirements. In late 2025 and early 2026 we saw consolidation in the toolchain space — for example, Vector Informatik's acquisition of StatInf's RocqStat technology — signaling that vendors are pushing to unify static timing analysis with software verification. Regulators and OEMs expect continuous evidence that timing budgets are respected as software changes rapidly.

Embedding timing checks into CI addresses three common pain points:

• Early detection — catch execution-time regressions before integration or HIL phases.
• Traceable evidence — generate artifacts that map WCET numbers to requirement IDs, source lines, and build metadata for audits and certification.
• Repeatability — automate deterministic runs of static or hybrid WCET analyses to ensure reproducible results across builds.

What you'll get from this tutorial

• Practical CI pipeline patterns (GitHub Actions, GitLab CI, Jenkins) to run WCET tools.
• Examples to compare WCET output against a baseline and fail builds on regressions.
• Strategies to create traceable, auditable reports suitable for ISO 26262 / DO-178 style artifact packages.
• Best practices for hybrid/static analysis, reproducibility, and handling nondeterminism.

Prerequisites and terminology

• Build artifact: cross-compiled ELF (or binary) that maps to your ECU image.
• WCET tool: a static or hybrid tool (e.g., rocqstat-style engine, VectorCAST integration, or AbsInt aiT). This tutorial uses generic CLI examples applicable to modern tools.
• Platform model: CPU pipeline/cache model required by static WCET analyzers. See guidance on tuning models when you optimize embedded platforms for predictable behaviour.
• Baseline: stored WCET values from a known-good release for regression comparison.
• Traceability data: mapping from tests or functions to requirement IDs (e.g., RQ-1234).

High-level pipeline design

Insert a WCET analysis stage after compilation and before deployment. The stage should:

1. Run the WCET tool against the build artifact.
2. Emit machine-readable results (JSON) plus human-readable reports (HTML/PDF).
3. Compare key metrics to a baseline and apply project-defined thresholds.
4. Fail the job when requirements are violated or regressions exceed tolerances.
5. Store artifacts and link the report to the code change and requirements for auditability.

Step 1 — Prepare a deterministic environment

Timing analysis is sensitive to compiler flags, linking order, and CPU models. Lock these down in CI:

• Use a container image or build VM that pins the toolchain and tool versions (GCC, LLVM, WCET tool). Record the image digest.
• Store the platform CPU/cache model and tool settings in version control (platform.json, tool-config.yaml).
• Capture SBOM and build metadata (compiler flags, linker map, git commit, CI build ID) and include them in any report.

Example: Dockerfile snippet to lock environment

FROM ubuntu:22.04@sha256:... 
RUN apt-get update && apt-get install -y build-essential gcc-arm-none-eabi 
# Install WCET tool (license-based) and helper scripts
COPY tool-config.yaml /opt/wcet/tool-config.yaml

Step 2 — Run WCET analysis in CI

Use your WCET tool's CLI to analyze the compiled image. The goal is to produce a JSON result that lists functions, call paths, and WCET estimates.

Example CLI (generic)

# analyze.sh
set -e
WCET_TOOL=/opt/wcet/bin/wcet-cli
BUILD_ELF=build/target.elf
PLATFORM=platform/platform.json
OUT_DIR=reports/wcet
mkdir -p $OUT_DIR
$WCET_TOOL analyze \
  --input $BUILD_ELF \
  --platform $PLATFORM \
  --config /opt/wcet/tool-config.yaml \
  --json $OUT_DIR/wcet.json \
  --html $OUT_DIR/wcet.html

Real tools will supply more flags (linker map, compiler builtins, entry points). If you use VectorCAST+RocqStat in the future, the flow will be similar — run analysis from the CLI or API, then collect structured output.

Step 3 — Make results machine-readable and traceable

A CI-friendly result should contain:

• Function-level WCET in microseconds or cycles.
• Call-paths or basic-block IDs that produce the WCET bound.
• Source-file and line mapping.
• Requirement IDs linked to functions/tests.
• Build metadata (git sha, artifact checksum, tool version, platform model digest).

Example JSON schema (simplified)

{
  "build": {"git_sha":"abcd1234","artifact":"target.elf","tool_version":"wcet-2.1.0"},
  "results": [
    {"function":"comm_send","wcet_us":1200,"req_id":"RQ-1234","source":"comm.c:342"},
    {"function":"sensor_poll","wcet_us":4000,"req_id":"RQ-1111","source":"sensor.c:88"}
  ]
}

Step 4 — Compare against baseline and define gating rules

Store a baseline for WCET numbers (per-version JSON file, database, or artifact store). Use a comparison script that applies your policy, for example:

• Hard fail if any function's WCET exceeds its requirement limit.
• Soft fail if WCET increases by more than X% (e.g., 5%) compared to baseline; create a warning or require owner sign-off.
• Record regressions for triage and link to the commit and PR.

Python comparison script (example)

#!/usr/bin/env python3
import json,sys
new = json.load(open('reports/wcet/wcet.json'))
base = json.load(open('baselines/wcet-baseline.json'))
base_map = {r['function']:r for r in base['results']}
errors = 0
for r in new['results']:
    f = r['function']
    wcet_new = r['wcet_us']
    if f in base_map:
        wcet_old = base_map[f]['wcet_us']
        if wcet_new > base_map[f].get('limit_us', 10**9):
            print(f'ERROR: {f} exceeds hard limit ({wcet_new}us > {base_map[f].get("limit_us")})')
            errors += 1
        elif wcet_new > wcet_old * 1.05:
            print(f'FAIL: {f} increased by {(wcet_new/wcet_old-1)*100:.2f}%')
            errors += 1
    else:
        print(f'NEW: {f} no baseline — require review')
if errors:
    sys.exit(2)
print('WCET check passed')

Step 5 — Fail builds cleanly and provide triage data

When the comparison script exits non-zero, CI should mark the job failed and attach the following artifacts to the run:

• Full WCET JSON results
• HTML/PDF human readable report with source links
• Call-path excerpts that explain the worst-case path
• Commit/PR URL and failing function names

Provide guidance in the CI output on how to reproduce locally (container image, exact CLI command, and map files). That reduces triage time significantly.

Step 6 — Make reports certification-ready

For ISO 26262 or other safety certifications, auditors expect traceability, reproducibility, and signed artifacts. Build reports should include:

• Traceability matrix: map requirement IDs to functions and tests.
• Repro steps: container digest, tool versions, and exact commands.
• Signed artifacts: code-signed report PDFs or artifact checksums stored in an immutable artifact repository (e.g., Nexus/Artifactory with retention policies).
• Change log: list of commits and PRs included in the build that may affect timing.

Example: Add requirement tags to unit tests

// sensor_test.c
TEST(sensor_poll, nominal) {
  // metadata: req_id=RQ-1111
  ASSERT_EQ(poll(), OK);
}

When the WCET tool reports "sensor_poll" as a contributor to the WCET, your report can link to RQ-1111 and the test evidence that validates behavior.

Sample CI snippets

GitHub Actions

name: CI
on: [push, pull_request]
jobs:
  build-and-wcet:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Build
        run: make all
      - name: Run WCET
        run: ./analyze.sh
      - name: Compare WCET
        run: ./compare_wcet.py

GitLab CI (with artifacts)

stages:
  - build
  - wcet

build:
  stage: build
  script: make all
  artifacts:
    paths:
      - build/target.elf

wcet:
  stage: wcet
  script:
    - ./analyze.sh
    - ./compare_wcet.py
  artifacts:
    paths:
      - reports/wcet/**
  when: on_success

Handling nondeterminism and measurement-based approaches

Static WCET gives safe upper bounds but sometimes is conservative. Measurement-based WCET (MBWCET) methods require careful harnessing:

• Use deterministic test stubs or CPU-affinity to reduce jitter.
• Disable preemptive background tasks or run on a controlled test rig (HIL/cycle-accurate simulator) in CI when possible.
• Combine static analysis for bounds with measurement to tighten evidence (hybrid analysis). Store both artifacts and show how measurement supports or contradicts static bounds.

Dashboards and long-term metrics

Track WCET trends over time with a simple metrics push from CI:

• Export per-function WCET to Prometheus/Grafana (or your metrics system) as time series keyed by function + git SHA.
• Alert when a trending function crosses a configurable slope or absolute threshold.
• Use annotations for releases so auditors can see the history of timing for safety-critical requirements.

Common pitfalls and how to avoid them

• Unpinned toolchain: Different compiler optimizations produce different code shapes. Pin compilers and record tool versions. Prefer a reproducible build captured in your developer environment and CI images.
• No baseline maintenance: Baseline should be updated only via approved releases. Avoid auto-replacing baseline on each run.
• Insufficient traceability: Attach requirement IDs at code/test level so reports are meaningful to auditors.
• Overly strict thresholds: For large code churn, use staged policy (warn first, then block after review).

2026 Trends and what to watch

Two trends shape the near-term approach to CI-integrated WCET:

1. Toolchain consolidation and tighter verification integration — acquisitions and integrations (e.g., RocqStat into VectorCAST) indicate vendors aim to provide unified flows where timing and functional verification share artifacts and traceability.
2. Shift-left timing analysis — teams increasingly run lightweight WCET checks early (per-PR) and heavier full analysis nightly or per-release to balance speed vs. assurance.

Case study: a representative flow (realistic, anonymized)

An automotive Tier-1 embedded team adopted a two-tier approach in 2025: per-PR quick WCET smoke tests (function-level static checks on changed files) and nightly full-system WCET analysis. Quick checks ran in under 5 minutes using cached platform models and targeted functions. Nightly runs performed full static analysis with richer models and produced the auditable PDF bundle. This approach reduced latency: 80% of timing regressions were caught before integration tests, and triage time dropped by 60% because failures included direct call-path excerpts and requirement links.

Checklist: Getting production-ready

• Create a containerized build + analysis environment and publish the image digest.
• Store platform models and tool configs in version control and reference them in run artifacts.
• Capture build metadata and sign final reports for auditability.
• Implement a baseline store and a policy for updating baselines (release-driven).
• Add requirement IDs to source or test metadata to enable traceability in reports.
• Automate thresholds and triage instructions in CI output; don't require manual parsing.

Actionable takeaway — 30-minute implementation plan

1. Pin a container image with your cross-compiler and WCET tool. Commit Dockerfile.
2. Add a CI job that runs the WCET tool with --json output and stores it as an artifact.
3. Write a small comparison script (like the Python example) and wire it to fail CI on regressions.
4. Publish the artifact (HTML + JSON) and add a link to the PR template asking reviewers to check timing failures.

"Shift-left timing analysis isn't optional anymore — in 2026, it's a practical requirement for any software-defined ECU delivery pipeline." — Embedded verification lead (anecdotal summary)

Further reading and resources

• Vector/industry announcements (late 2025/early 2026) on toolchain consolidation and timing verification.
• Guides on sandboxing, isolation and auditability that help shape reproducible analysis environments.
• Documentation for your selected WCET tool (static, MBWCET, or hybrid) and its CLI/API for automation.

Final thoughts and next steps

Integrating WCET analysis into CI/CD transforms timing from a late-surprise risk into a tracked, auditable metric. By running deterministic analyses, storing reproducible artifacts, and gating on regressions, teams accelerate delivery while preserving the evidence auditors and OEMs require. With vendor consolidation happening in 2025–2026 (e.g., Vector's moves), expect more unified tooling that simplifies these integrations — but the CI patterns shown here will remain applicable across products.

Call to action

Ready to add WCET gates to your CI pipeline? Start with our 30-minute plan above. If you want a turnkey integration or a review of your pipeline for ISO 26262 traceability, contact our integration team for a tailored assessment and demo of a CI/WCET reference pipeline.

Related Reading

• Software Verification for Real-Time Systems: Vector acquisition context
• Building a Desktop LLM Agent Safely: sandboxing & auditability
• Edge Observability for metrics and dashboards
• Ephemeral workspaces and reproducible build environments
• Sustainable Fillers & Packaging: What Hot-Water Bottles Teach Us About Natural Materials
• Refurb or Bulk-Buy? Matching Monitor Deals (like the Samsung Odyssey G5) to POS Use Cases
• Legal, Labeling, and Safety Steps to Turn Homemade Pet Treats into a Business
• Small Parking Business? How to Choose an Affordable CRM That Actually Helps
• From Grey Gardens to Gothic Pop: 8 Albums That Channel Haunted Cinema Like Mitski