Search Results

In modern vehicles the architecture of electronics is growing more and more complex because both the number of electronic functions – e.g. implemented as software modules – as well as the level of networking between electronic control units (ECUs) is steadily increasing. This complexity leads to greater propagation of failure symptoms, and diagnosing the causes of failure becomes a new challenge. Diagnostics aims at detecting failures such as defect sensors or faulty communication messages. It is subdivided into diagnosis algorithms on an ECU and algorithms running offboard, e.g. on a diagnostic tester. These algorithms have to complement each other in the best possible way. While in the past the diagnosis algorithm was developed late in the development process, nowadays there are efforts to start the development of such algorithms earlier – at least in parallel to developing a new feature itself. This would allow developers to verify the diagnosis algorithms in early design stages.

Model-based software development and automatic production code generation have become increasingly established in recent years. The aerospace industry and other industries, such as automotive, have widely adopted and successfully deployed these methods in many different series production programs worldwide. This brought various benefits, such as a reduction in development times and improved quality due to more precise specifications, and early verification and validation by means of simulation. Model-based development is a general purpose development approach which can be applied to a wide variety of applications. Safety-critical systems, like found in aerospace applications to a large extent, but also found increasingly more often in other industries, like automotive or medical devices, pose special additional requirements to this process. This paper describes how model-based design and automatic production code generation can be applied to the development of safety-critical software.

The Controls and Software Engineering Team at BorgWarner Drivetrain Systems has successfully employed model-based software development for the past several years. Their drivetrain system control software, developed using MATLAB/Simulink/Stateflow, and autocoded using TargetLink, is on the road in many passenger vehicle applications. Using these tools, BorgWarner has realized the widely recognized benefits of model-based design; such as increased speed to market, improved quality, and reduced complexity. Validating algorithms early through simulation and rapid prototyping, then translating them to production software through automatic code generation has proven very successful for BorgWarner. When starting with model-based design, the BorgWarner team focused on developing the core application control algorithms in the modeling environment. Lower-level software such as I/O drivers, the task scheduler, and communication logic was still hand-coded.

Model-based development is the established way of developing embedded control algorithms, especially for safety-critical applications. The aim is to improve development efficiency and safety by developing the software at a high abstraction level (the model) and by generating the implementation (the C code) automatically from the model. Although model-based development focuses on the models themselves, downstream artifacts such as source code or executable object code have to be considered in the verification stage. Safety standards such as ISO 26262 require upper bounds to be determined for the required storage space or the execution time of real-time tasks, and the absence of run-time errors to be demonstrated. Static analysis tools are available which work at the code level and can prove the absence of such errors. However, the connection to the model level has to be explicitly established.

Model-based software development and automatic code generation have become increasingly established in recent years. The automotive industry has widely adopted and successfully deployed these methods in many different series production programs worldwide. This brought various benefits, such as a reduction in development times, improved quality due to more precise specifications, and early verification and validation by means of simulation. At the same time, more and more safety-related and safety-critical systems have been - and will be -introduced into modern vehicles. Common examples are active front steering, adaptive cruise-control, and integrated chassis control. This leads to the question, if and how model-based design and automatic production code generation can be applied to the development of safety-critical systems.