WCET and CI: Integrating RocqStat Timing Analysis into Embedded Build Pipelines

Hook: Stop guessing at timing—make WCET part of every build

If you work on automotive or safety-critical embedded software, you know the pain: timing regressions that slip past unit tests, last-minute WCET runs that delay releases, and toolchain gaps that make timing analysis a separate, manual step. In 2026, Vector's acquisition of RocqStat changes this dynamic. It makes it realistic—and practical—to run worst-case execution time (WCET) analysis automatically as part of every CI build.

Why this matters in 2026: the context driving change

Software-defined vehicles, advanced driver assistance systems (ADAS) and more complex ECUs have pushed timing safety from a niche quality check to a continuous verification requirement. Regulators and standards bodies (ISO 26262 for functional safety, ISO 21434 for cybersecurity) and engineering teams demand reproducible evidence that code meets timing budgets.

Vector’s 2026 acquisition of RocqStat integrates proven static timing analysis into an established verification toolchain (VectorCAST). The result: tighter coupling of unit test, integration test, and timing verification workflows. For teams, that means WCET estimates can be generated, tracked, and gated in CI—rather than performed ad hoc at release time.

What changed: Vector + RocqStat short summary

• Unified toolchain: RocqStat’s timing analysis capabilities are being folded into VectorCAST to unify testing and timing verification.
• Continuity of expertise: StatInf’s team joined Vector, helping preserve domain knowledge and accelerate integration.
• Practical outcome: A path to run WCET as a reproducible step in CI pipelines—essential for software-defined and safety-critical systems.

High-level pipeline: How WCET fits into CI

Below is the inverted-pyramid view: the simplest, most important steps first. Then we'll unpack each stage with practical commands and configuration examples.

1. Build artifact with reproducible toolchain (compiler, linker map).
2. Produce timing inputs (map file, binary, configuration).
3. Run RocqStat static timing analysis.
4. Publish results (SARIF/JUnit/HTML) and store provenance.
5. Gate the build (pass/fail) based on thresholds or regressions.
6. Record trend metrics for dashboards and traceability.

Why static WCET in CI?

Static timing analysis like RocqStat provides conservative, tool-supported bounds without hardware runs. When integrated into CI it becomes part of continuous verification—catching regressions early, enforcing timing contracts, and providing artifact-level evidence for safety cases.

Practical, actionable pipeline examples

These examples assume you have access to RocqStat (as a CLI or container from Vector), a reproducible cross-compiler (e.g., gcc-arm-none-eabi), and a CI system (GitHub Actions, GitLab CI, Jenkins). Adapt commands for your exact toolchain version.

1) Containerized approach (recommended)

Packaging the compiler, debugger symbols and RocqStat in a container ensures reproducible analysis across CI workers and local dev machines.

# Dockerfile (conceptual)
FROM ubuntu:22.04
# Install toolchain (pin versions)
RUN apt-get update && apt-get install -y gcc-arm-none-eabi=1:10.3-1
# Copy RocqStat CLI into image (licensed binary or package)
COPY rocqstat /usr/local/bin/rocqstat
ENV PATH="/usr/local/bin:$PATH"

Build and push this image to your registry; use it in CI job containers. Pinning toolchain and RocqStat versions is crucial to reproducible WCETs.

2) Minimal CI job: GitLab CI example

stages:
  - build
  - wcet

build:
  stage: build
  image: registry.example.com/toolchain:2026-01-01
  script:
    - make all # produces ELF and map files: build/app.elf build/app.map
  artifacts:
    paths:
      - build/app.elf
      - build/app.map

wcet:
  stage: wcet
  image: registry.example.com/rocqstat:1.0
  dependencies:
    - build
  script:
    - rocqstat analyze --binary build/app.elf --map build/app.map --config rocq-config.yaml --out reports/wcet.json
    - rocqstat report --input reports/wcet.json --format html --out reports/wcet.html
  artifacts:
    paths:
      - reports/wcet.json
      - reports/wcet.html
  rules:
    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH

Key points:

• Keep analysis on main branches and release tags to limit compute cost.
• Store reports as build artifacts for traceability.

3) GitHub Actions example (gating with threshold)

name: CI
on: [push, pull_request]

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Build
        run: make all
      - name: Upload artifacts
        uses: actions/upload-artifact@v4
        with:
          name: build-artifacts
          path: build/

  wcet:
    needs: build
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Download build
        uses: actions/download-artifact@v4
        with:
          name: build-artifacts
      - name: Run RocqStat
        run: |
          docker run --rm -v ${{ github.workspace }}/build:/work -v ${{ github.workspace }}/rocq-config.yaml:/work/rocq-config.yaml registry.example.com/rocqstat:1.0 \
            rocqstat analyze --binary /work/app.elf --map /work/app.map --config /work/rocq-config.yaml --out /work/wcet.json
      - name: Fail on threshold
        run: |
          MAX=1200 # microseconds
          WCET=$(jq '.global_wcet' build/wcet.json)
          if [ "$WCET" -gt "$MAX" ]; then
            echo "WCET $WCET > $MAX\n"; exit 1
          fi

Use a small script to gate on absolute thresholds or delta-based regressions. A safer approach is to warn first and enforce after a freeze period to avoid CI disruption.

Integrating with VectorCAST and toolchain continuity

VectorCAST already handles unit and integration tests, code coverage, and traceability. With RocqStat integrated, you can:

• Trigger WCET runs as part of VectorCAST test plans, keeping test and timing contexts identical.
• Use the same build artifacts (binary + map) for both functional verification and timing analysis—reducing mismatch risks.
• Include WCET outputs in a unified verification report for audits and safety cases.

Practical tip: centralize artifact generation in a single build job and reuse the artifact across VectorCAST and RocqStat analysis jobs to avoid nondeterministic differences introduced by multiple builds.

Best practices for robust, meaningful WCET in CI

1. Pin toolchain and RocqStat versions: WCET can change across compiler versions; include exact versions in the CI image and the report metadata.
2. Record provenance: store the ELF, map, compiler flags, and RocqStat config alongside the report so results are reproducible and auditable.
3. Use thresholds and regression checks: prefer delta thresholds (e.g., max increase per PR) to avoid blocking on noise.
4. Run full WCET on main branches and quick delta checks on feature branches to balance cost and speed.
5. Combine static and measurement evidence: static WCET is conservative; complement it with measurement-based testing (profiling on target or QEMU) for a full verification picture.
6. Document assumptions: state cache assumptions, interrupt models, and abstraction of hardware effects used in the analysis config.

Dealing with multicore and modern hardware

Modern automotive ECUs use multicore processors with complex caches and interconnects. Purely static WCET analysis faces challenges here. Use a layered approach:

• Apply RocqStat for single-core timing bounds on critical tasks where applicable.
• Use separate analyses or measurement strategies for multicore interference (IP-block level modeling or hardware-in-the-loop for interference effects).
• Track and document conservative assumptions in the safety case; work with hardware teams to refine models over time.

Advanced strategies enabled by continuous WCET

Integrating WCET into CI unlocks higher-leverage workflows beyond pass/fail gating:

• Trend analysis: store WCET metrics per commit to detect creeping timing regressions early.
• Automated traceability: link WCET results to test cases, requirements, and risk artifacts in the VectorCAST repository for safety audits.
• Auto-prioritization: surface hotspots in diffs—files/functions that caused the largest WCET increases—to guide code reviews.
• Hybrid verification: combine static WCET outputs with measurement harnesses to reduce conservatism while retaining evidence for safety cases.

Example: Add WCET trend dashboard

Store WCET numeric outputs in a time-series DB (Prometheus, InfluxDB) or simple CSVs ingested into Grafana. Plot global WCET and per-function hotspots to visualize regressions and set alerting.

Common pitfalls and how to avoid them

• Different builds for test and analysis: Ensure the same compiler flags, link order and post-link scripts are used. Build once, reuse artifacts.
• Noise as failures: Implement staged enforcement—start with warnings on PRs, then fail on main branch if regressions persist.
• Ignoring configuration drift: Keep analysis configuration under version control and peer-reviewed as part of the codebase.
• Assuming static bounds are precise: Treat WCET as conservative guarantees; if the gap is large, invest in model refinement or measurements.

Case study (conceptual): Bringing WCET into a release pipeline

Team A maintains an AUTOSAR-based ECU. They follow these steps to integrate RocqStat into CI:

1. Containerize their compiler and RocqStat image, pinning versions.
2. Modify the CI to produce a single build artifact and publish it to the CI artifact store.
3. Add a RocqStat analysis job that runs nightly and on release branches.
4. Store reports and parse numeric global WCET into their metrics DB.
5. Set a regression policy: PRs that increase global WCET by >2% trigger a review label and an automatic performance ticket.
6. For a release candidate, the release gate includes a final RocqStat run and attaches the WCET report to the safety case in VectorCAST.

Outcome: previously late-stage timing fixes dropped by 70% and teams caught three regressions in the first month that would have otherwise reached system integration.

Future predictions and trends (2026 and beyond)

Vector’s acquisition signals a trend towards integrated verification platforms that combine functional tests, static analysis (MISRA, static analyzers), and timing analysis in a single toolchain. Expect:

• Greater automation around safety cases—WCET evidence will be a first-class artifact linked to requirements.
• Improved integration between timing analysis and unit/integration tests enabling more accurate path constraints.
• More hybrid approaches combining RocqStat-style static analysis with trace-based techniques on virtual ECUs for reduced pessimism.
• Cloud-native verification: scalable, on-demand WCET runs for large-scale fleets and multiple variants.

Checklist: Getting started this week

1. Identify the safety-critical tasks and set initial WCET thresholds.
2. Containerize your compiler and RocqStat; pin versions.
3. Change CI to produce and reuse one build artifact for tests and analysis.
4. Run RocqStat on the main branch and collect the first set of reports.
5. Set a conservative gating policy (warnings, then fails on main) and track trends.

Closing thoughts: a new normal for embedded verification

Vector integrating RocqStat into VectorCAST turns a manual, late-stage activity into a continuous verification capability. For engineering teams this means fewer last-minute surprises, stronger traceability for safety cases, and the ability to ship with confidence. The technical work—containerization, artifact provenance, threshold policies—is straightforward and yields outsized benefits in reliability and developer velocity.

"Timing safety is becoming a critical dimension of software verification" — a central tenet behind Vector's move to incorporate RocqStat into its verification ecosystem.

Call to action

Ready to stop reacting to timing issues and start preventing them? Start by containerizing your build and adding one automated RocqStat run to your CI. If you use VectorCAST, plan a pilot to run integrated WCET analysis on a release branch this quarter. Share your results with your team and iterate—continuous timing verification will pay dividends across safety, performance, and release cadence.

Need a template or a hands-on walkthrough to add RocqStat to your CI (GitHub Actions, GitLab, Jenkins)? Reach out to our engineering team on codewithme.online for a step-by-step workshop and a ready-to-run CI template that matches your toolchain.

Related Reading

• How Music Creators Can Pitch to New Festival Players in Santa Monica
• Warren Buffett’s Timeless Rules Applied to Gold: Should Value Investors Buy Gold in 2026?
• Centralized Brand Safety: Building an Account-Level Exclusion Workflow for Agencies
• Community Healing After Hate: Lessons from the Guardian's Hope Appeal for Caregivers
• When Big Franchises Reboot: What the Filoni 'Star Wars' Slate Tells Us About Music Rights and Theme Reuse