Automated Checking of MISRA TargetLink and AUTOSAR Guidelines 2009-01-0267
Model-based development of embedded automotive control software is characterized by the use of executable models throughout the entire development process. Modeling and simulation tools that are frequently used in this context include, for example, Simulink and Stateflow from The MathWorks. Code generators such as TargetLink make it possible to automatically generate efficient C code directly from these models. The quality of the models used for code generation has a direct influence on the quality of the generated C code. This is why it is vital that specific quality criteria be fulfilled when developing safety-relevant systems, for example, conformity with modeling guidelines starting at the model level. MISRA modeling guidelines exist for use with the TargetLink code generator. Conformity with these guidelines ensures a safe language subset and significantly improves the safety of generated code, for example, by avoiding ambiguous semantics.
This paper describes the requirements that MISRA TargetLink Guidelines impose on modeling TargetLink models, and the corresponding automated guideline checking provided by a new generation of checking tools.
In-Vehicle Networks and Software, 2009-SP-2231, SAE International Journal of Passenger Cars - Electronic and Electrical Systems-V118-7, SAE International Journal of Passenger Cars - Electronic and Electrical Systems-V118-7EJ