Leveraging Model-Based Design to Meet High-Integrity Software Certification Objectives Prashant Mathapati Application Engineering Group

Similar documents
Automating Code Reviews with Simulink Code Inspector

Best practices for developing DO-178 compliant software using Model-Based Design

Verification and Validation According to ISO 26262: A Workflow to Facilitate the Development of High-Integrity Software

Qualifying Software Tools According to ISO 26262

Die wichtigsten Use Cases für MISRA, HIS, SQO, IEC, ISO und Co. - Warum Polyspace DIE Embedded Code-Verifikationslösung ist.

Software Production. Industrialized integration and validation of TargetLink models for series production

Introduction of ISO/DIS (ISO 26262) Parts of ISO ASIL Levels Part 6 : Product Development Software Level

Reduce Medical Device Compliance Costs with Best Practices.

Efficient and Faster PLC Software Development Process for Automotive industry. Demetrio Cortese IVECO Embedded Software Design

Best Practices for Verification, Validation, and Test in Model- Based Design

SAFE SOFTWARE FOR SPACE APPLICATIONS: BUILDING ON THE DO-178 EXPERIENCE. Cheryl A. Dorsey Digital Flight / Solutions cadorsey@df-solutions.

Schnell und effizient durch Automatische Codegenerierung

Development of AUTOSAR Software Components within Model-Based Design

Certification Authorities Software Team (CAST) Position Paper CAST-9

IBM Rational Rhapsody

ISO Exemplary Tool Classification of Model-Based Design Tools

Software in safety critical systems

Model Based System Engineering (MBSE) For Accelerating Software Development Cycle

F-22 Raptor. Agenda. 1. Motivation

ENEA: THE PROVEN LEADER IN SAFETY CRITICAL AVIONICS SYSTEMS

Converting Models from Floating Point to Fixed Point for Production Code Generation

Parameters for Efficient Software Certification

Subject Software Aspects of Certification

SCADE SUITE SOFTWARE VERIFICATION PLAN FOR DO-178B LEVEL A & B

TITLE: Control of Software

Wiederverwendung von Testfällen bei der modellbasierten SW-Entwicklung

Meeting DO-178B Software Verification Guidelines with Coverity Integrity Center

Developing software for Autonomous Vehicle Applications; a Look Into the Software Development Process

asuresign Aero (NATEP Grant MA005)

Creating Competitive Advantage: The role for ALM in the PLM world

How to Upgrade SPICE-Compliant Processes for Functional Safety

AC REUSABLE SOFTWARE COMPONENTS

Requirements-driven Verification Methodology for Standards Compliance

Rapid Modular Software Integration (RMSI)

Certification of a Scade 6 compiler

MODEL-BASED DEVELOPMENT OF AUTOMOTIVE EMBEDDED SOFTWARE IN COMPLIANCE WITH ISO 26262: CHALLENGES & EFFECTIVE SOLUTIONS 8 JUNE - 9 JUNE 2015

Certification Authorities Software Team (CAST) Position Paper CAST-13

IBM Rational Rhapsody

TÜ V Rheinland Industrie Service

Why Adopt Model-Based Design for Embedded Control Software Development?

Simulink Modeling Guidelines for High-Integrity Systems

Overview of Existing Safeguarding Techniques for Automatically Generated Code

DO-254 Requirements Traceability

Software Review Job Aid - Supplement #1

Certification Authorities Software Team (CAST) Position Paper CAST-15

Software Development Principles Applied to Graphical Model Development

Anwendung von Polyspace im Software Entwicklungsprozess nach IEC München, , Dr.-Ing. Jörg Barrho

Safety Issues in Automotive Software

Tool Qualification Kit for NI TestStand Test Management Software

WIND RIVER RTCA DO-178 SOFTWARE CERTIFICATION SERVICES

Certification Authorities Software Team (CAST) Position Paper CAST-26

ISO Functional Safety Draft International Standard for Road Vehicles: Background, Status, and Overview

Safety-Critical Systems: Processes, Standards and Certification

MathWorks Products and Prices North America Academic March 2013

ARINC 653. An Avionics Standard for Safe, Partitioned Systems

Quality Assurance of Models for Autocoding

The Comprehensive and Fully Compliant Certification Solution. Certification Services

Intelligent development tools Design methods and tools Functional safety

Model-Based Development of Safety-Critical Software: Safe and Effi cient

CERTIFICATION MEMORANDUM

DO-178B compliance: turn an overhead expense into a competitive advantage

Continuous Integration Build-Test-Delivery (CI-BTD) Framework in compliance with ISO26262

A Case Study of Application Development and Production Code Generation for a Telematics ECU with Full Unified Diagnostics Services

Making model-based development a reality: The development of NEC Electronics' automotive system development environment in conjunction with MATLAB

Critical Systems and Software Solutions

Impact of Safety Standards to Processes and Methodologies. Dr. Herbert Eichfeld

Abstract Interpretation-based Static Analysis Tools:

Satisfying ASIL Requirements with Parasoft C++test Achieving Functional Safety in the Automotive Industry

Testing the Internet of Things

ISO Introduction

Quality in Aviation Software. Chris Hartgroves C.Eng. CQP Design Assurance SELEX Galileo

SCADE Suite in Space Applications

SCADE TRAINING PROGRAM 2015

RTCA DO-178B/EUROCAE ED-12B

3 August Software Safety and Security Best Practices A Case Study From Aerospace

Integrating MATLAB into your C/C++ Product Development Workflow Andy Thé Product Marketing Image Processing Applications

The Impact of RTCA DO-178C on Software Development

Software Development with Real- Time Workshop Embedded Coder Nigel Holliday Thales Missile Electronics. Missile Electronics

Improving Embedded Software Test Effectiveness in Automotive Applications

Dr. Brian Murray March 4, 2011

Instrumentation-Based Verification for Medical-Device Software

Vetting Smart Instruments for the Nuclear Industry

ISOLATING UNTRUSTED SOFTWARE ON SECURE SYSTEMS HYPERVISOR CASE STUDY

Vehicle Electronics. Services and Solutions to Manage the Complexity

Compositional Variant Management and its Application in Embedded Software Development

TESSY Automated dynamic module/unit and. CTE Classification Tree Editor. integration testing of embedded applications. for test case specifications

Safety and security related features in AUTOSAR

Introduction to a Requirements Engineering Framework for Aeronautics

When COTS is not SOUP Commercial Off-the-Shelf Software in Medical Systems. Chris Hobbs, Senior Developer, Safe Systems

SOFTWARE DEVELOPMENT STANDARD FOR SPACECRAFT

ISO Tool Chain Analysis Reduces Tool Qualification Costs

Effective Application of Software Safety Techniques for Automotive Embedded Control Systems SAE TECHNICAL PAPER SERIES

Intland s Medical Template

Caterpillar Automatic Code Generation

Lecture 3 - Model-based Control Engineering

AVIATION SPECIALIST. Inspects aviation schools for conformance with state laws, rules, and regulations.

for Source Code MathWorks Automotive Conference June 23 rd 2010 A project with Renault, PSA, Valeo, Delphi, MathWorks Presenters: Thierry Cambois -

Agile Model-Based Systems Engineering (ambse)

I can make just such ones if I had tools, and I could make tools if I had tools. -Eli Whitney

ANSYS SCADE Model-Based Development Solutions for AUTOMOTIVE. Critical Systems & Software Development Solutions

Transcription:

Leveraging Model-Based Design to Meet High-Integrity Software Certification Objectives Prashant Mathapati Application Engineering Group 2013 The MathWorks, Inc. 1

High-Integrity Applications Software-based systems that are designed and maintained so that they have a high probability of carrying out their intended function Definition: cf. Buncefield Investigation Glossary http://www.buncefieldinvestigation.gov.uk/glossary.htm 2

Picture:. J. Schäuffele, T. Zurawka: Automotive Software Engineering. Vieweg, 2003 Development Processes for High-Integrity Applications System Development Partitioning Integration ECU Hardware Development ECU Software Develoment ECU... Electronic Control Unit 3

Development Processes for High-Integrity Applications High integrity applications development follows standards and guidelines Standards and Guidelines have objectives for development process activities Impose additional constraints on development Require creation of additional artifacts Require more thorough verification, validation and testing activities Standards and Guidelines require evidence that the objectives were met to certify: compliance demonstration 4

Development Process for High-Integrity Applications: Compliance Demonstration System certification involves a compliance demonstration: applicant must provide evidence that the objectives of the standard were met Compliance demonstration System certification Partitioning Integration SW safety req. spec Validation testing SW architecture SW system design Module design Integration testing (components, subsystems) Integration testing (modules) Module testing Compliance demonstration Coding Compliance demonstration is a lengthy and labour-intensive process 5

Standards Landscape Generic Standards IEC 61508* (= EN 61508) Automotive Standards / Guidelines ISO 26262 MISRA-C MAAB Guidelines Aerospace Standards DO-178C DO-254 6

ISO 26262 Road Vehicles - Functional Safety Emerging functional safety standard for passenger cars Facilitates modern software engineering paradigms, e.g. Model-Based Design Early Verification and Validation Code generation Automotive Safety Integrity Levels (ASIL A D) for systems/software Tool Confidence Levels (TCL 1 3) for tools 7

ISO 26262 Structure ISO 26262-1 ISO 26262-2 ISO 26262-3 ISO 26262-4 ISO 26262-5 ISO 26262-6 ISO 26262-7 ISO 26262-8 ISO 26262-9 ISO 26262-10 Vocabulary Management of functional safety Concept phase Product development: system level Product development: hardware level Product development: software level Production and operation Supporting processes ASIL-oriented and safety-oriented analyses Guideline Definitions Model-Based Design Early verification and validation Code generation Tool classification and qualification 8

ISO 26262 and Model-Based Design Model-Based Design, early verification & validation, and code generation are integral parts of ISO 26262 (Examples from part 1) 9

ISO 26262 and Model-Based Design Model-Based Design is one of the software development paradigms directly addressed in ISO 26262 Sections concerned with Model-Based Design 10

ISO26262 Reference Workflow for Verification and Validation and Code Generation Model Verification Code Verification 11

ISO26262 Example Tool Chain for Verification and Validation and Code Generation Model Advisor (SLVnV), Property proving (SLDV) Traceability report (Embedded Coder), Traceability matrix generation (IEC Cert Kit), Bullseye code coverage integration (Embedded Coder) Simulink, Model coverage (SLVnV), Requirements Management Interface (SLVnV) PIL testing / CGV (Embedded Coder), Test generation (SLDV) PolySpace for code verification Simulink, Stateflow, Simulink Fixed Point Embedded Coder 12

Coverage of ISO 262626 6 and -8 Requirements www.mathworks.com/automotive/standards/iso-26262.html (> Free technical kit) 13

TÜV Certification of MathWorks Products TÜV SÜD certified: Embedded Coder for use in development processes which need to comply with IEC 61508, or ISO 26262 Polyspace products for use in development processes which need to comply with IEC 61508, ISO 26262, or EN 50128 Simulink PLC Coder for use in development processes which need to comply with IEC 61508, or IEC 61511 Note: Real-Time Workshop Embedded Coder, Polyspace products for C/C++, and Simulink PLC Coder were not developed using certified processes 14

Standards Landscape Generic Standards IEC 61508* (= EN 61508) Automotive Standards / Guidelines ISO 26262 MISRA-C MAAB Guidelines Aerospace Standards DO-178C DO-254 15

RTCA/DO-178 Software Considerations in Airborne Systems and Equipment Certification Purpose - Provides guidelines for the production of airborne software that performs its intended function and avoids unintended function Guidance includes Software life cycle objectives Development and verification activity descriptions Descriptions of evidence needed to indicate the objectives were satisfied http://www.rtca.org/ 16

DO-178 History Version RTCA Publication* FAA Acceptance** DO-178 1982 1982 DO-178A 1985 1986 DO-178B 1992 1993 DO-178C Dec. 2011 TBD AC 20-115B http://rgl.faa.gov/ *Published in Europe by EUROCAE as ED-12 **Accepted by EASA in Europe as AMC 20-115B 17

Issues 18

DO-178C What s New Clarifies that ARP4754A should be used for Systems Engineering Notes additional supplement documents should be used for specific techniques 19

DO-178C Supplements DO-178C supplements: DO-330 for Tool Qualification DO-331 for Model-Based Design DO-332 for Object Oriented Techniques DO-333 for Formal Methods 20

DO Qualification Kit C Code C Code HDL Code Key Development and Verification Tools for DO DO-178 DO-254 Simulink Code Inspector Polyspace HDL Verifier Embedded Coder HDL Coder Simulink Design Verifier Simulink Verification and Validation Simulink Report Generator Simulink, Stateflow & Libraries 21

DO-178C Supplements DO-178C supplements: DO-330 for Tool Qualification DO-331 for Model-Based Design DO-332 for Object Oriented Techniques DO-333 for Formal Methods 22

DO-331 Model-Based Development and Verification Supplement to DO-178C and DO-278A Specification model Design model 23

DO-331- Analysis Definitions Introduces new modeling activities Simulation Model Coverage 24

DO-331 MathWorks Product Support Products impacted by DO-331: DO Qualification Kit (for DO-178) Qualification kits for verification tools Simulink family of products, incl: Design: Simulink, Stateflow Model Verification: Simulink V&V, Simulink Design Verifier, Simulink Code Inspector, Simulink Report Generator Code Generation: Embedded Coder Polyspace code verifiers Polyspace Client C/C++ Polyspace Server C/C++ 25

DO-178C Supplements DO-178C supplements: DO-330 for Tool Qualification DO-331 for Model-Based Design DO-332 for Object Oriented Techniques DO-333 for Formal Methods 26

DO-333 MathWorks Product Support Products impacted by DO-333 include: DO Qualification Kit (for DO-178C) Qualification kits for MathWorks verification tools Simulink Design Verifier Verifies designs using formal methods Detect errors including dead logic, integer overflow, division by zero, and violations of design properties and assertions Polyspace code verifiers Prove absence of run-time errors in source code using formal methods (abstract interpretation) Proves absence of overflow, divide-by-zero, out-ofbounds array access, and certain other run-time errors in source code using static code analysis Supports code generated automatically or manually written 27

Model-Based Design Workflow With Qualified Tools Validate Requirements Requirements Trace: System Design Description Trace: Model/Code Trace Report Simulink Code Inspector Trace: One Time Trace for Level A Simulink & Stateflow Embedded Coder Compiler/IDE Models Requirements Source Code Object Code Conformance: Model Advisor Conformance: Polyspace Verify: Simulink Code Inspector Verify: Test Cases & Review Model Coverage Verify: SLDV Test Cases Model Coverage Testing with Embedded IDE Link PolySpace Code Coverage Tool Verify: Testing with Embedded IDE Link Code Coverage Tool Legend Manual steps are normal font Tools or features are shown in italics Qualified tools are in bold/color 28

National Aerospace Laboratories Proves Benefits of Model-Based Design for DO-178B Flight Software Development Challenge Accelerate the development of DO-178B Level A certified flight software Solution Complete a stall warning system pilot project using Simulink and Embedded Coder, quantify improvements in development efficiency, and adopt Model-Based Design for future DO-178 projects Results Code analysis and design time cut in half Integrated workflow established Consistent, high-quality code generated SARAS, CSIR-NAL s multirole light transport aircraft. "Simulink and Model-Based Design reduced the effort needed to upgrade functionality, code analysis time, and design time for the safetycritical embedded system. The compatibility of Simulink with the DO-178 process gave us confidence to use Model-Based Design for our upcoming DO-178 projects. Manju Nanda, CSIR-National Aerospace aboratories 29

Find more Info on: DO Qualification Kit http://www.mathworks.in/products/do-178/ IEC Certification Kit http://www.mathworks.in/products/iec-61508/ Success Stories http://www.mathworks.in/company/user_stories/industry.html 30

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information