Search Results

Requirements-based functional testing of model-based embedded software is a crucial requirement of the ISO 26262 safety standard for passenger cars [1]. Test assessment of requirements-based test cases is a laborious task and checking test results manually is prone to error. The intent of this paper is as follows: We introduce a method for requirements-based testing, which allows testing and automatic evaluation of single as well as several (grouped) requirements with one test sequence. Within a large-scale industrial project we have already shown that our new approach reduces testing expenditures and susceptibility to errors. Within this paper we shall present a method which facilitates the fulfillment of requirements traceability stipulated by ISO 26262. This method supports automated test case generation from test specifications, which then can be executed and assessed by a test tool automatically.

Huge Simulink controller models often consists of (almost) identical subsystems, very often resulting from copy-and-paste operations and only slight adaptation of the subsystems by the model engineer. Although this “copy-and-paste” approach might help to achieve initial results very fast, in the long-run such subsystem clones can create considerable problems. Like code clones, model clones increase the effort for testing and maintenance. Model clones also tend to influence the code efficiency and code quality in a negative way in case the Simulink model is used as a basis for code generation. JUST SIMPLIFY is an approach for detecting model clones in a Simulink model automatically based on model metrics calculations. This approach has been implemented in our model metrics and complexity measurement tool M-XRAY. JUST SIMPLIFY allows reducing the effort for model refactoring by avoiding time consuming manual search for model clones.

The approach taken in developing embedded software in the automotive field has shifted towards the paradigm of using executable graphical models at all stages of development: from the initial design phase through to implementation (model-based development). Models are designed with common graphical modeling languages, such as Simulink / Stateflow from The MathWorks. New approaches allow for the automatic generation of efficient controller code from the Simulink and Stateflow models directly via code generators, such as TargetLink by dSPACE or the Real-Time Workshop/Embedded Coder by The MathWorks. The usage of a code generator can lead to significant improvements in productivity in the software implementation phase. Furthermore, the level of quality gained by early quality assurance at the model level can also lead to higher quality code. Automotive software is often deployed in safety-critical systems and therefore cannot contain errors.

Model-based development of embedded automotive control software is characterized by the use of executable models throughout the entire development process. Modeling and simulation tools that are frequently used in this context include, for example, Simulink and Stateflow from The MathWorks. Code generators such as TargetLink make it possible to automatically generate efficient C code directly from these models. The quality of the models used for code generation has a direct influence on the quality of the generated C code. This is why it is vital that specific quality criteria be fulfilled when developing safety-relevant systems, for example, conformity with modeling guidelines starting at the model level. MISRA modeling guidelines exist for use with the TargetLink code generator. Conformity with these guidelines ensures a safe language subset and significantly improves the safety of generated code, for example, by avoiding ambiguous semantics.

Embedded software in the car is becoming increasingly complex due to the growing number of software-based controller functions and the increasing complexity of the software itself. Model-based development with Simulink combined with TargetLink for automatic code generation helps significantly to improve the quality of the embedded software. The development of large-scale Simulink models in distributed teams is a challenging task, especially when developing safety-critical software that must fulfill requirements stated in the ISO 26262 [1] safety standard. In practice, many questions on how to avoid the pitfalls of distributed model-based development remain open, such as how to define an appropriate model architecture, handle model complexity, and achieve compliance with ISO 26262. The intent of this paper is threefold. Firstly, we summarize those requirements of ISO 26262 that are relevant for developing complex software in a distributed environment.