Search Results

Hardware-in-the-loop (HIL) simulation is now a standard component in the vehicle development process as a method for testing electronic control unit (ECU) software. HIL simulation is used for all aspects of development, naturally including safety-relevant functions and systems. This applies to all test tasks (from function testing to release tests, testing a single ECU or an ECU network, and so on) and also to different vehicle domains: The drivetrain, vehicle dynamics, driver assistance systems, interior/comfort systems and infotainment are all tested by HIL simulation. At the same time, modern vehicles feature more and more safety-related systems such as Adaptive Cruise Control, Electronic Stability Program, Power Assisted Steering, and Integrated Chassis Management.

Model-based software development is increasingly being used to develop software for electronic control units (ECUs). When developing safety-related software, compared to non-safety-related software development, additional requirements specified by relevant safety-standards have to be met. Meeting these requirements should also be considered to be best practices for non-safety-related software. This paper introduces a model-based reference workflow for the development of safety-related software conforming to relevant safety-standards such as IEC 61508 and ISO 26262. The reference workflow discusses requirements traceability aspects, software architecture considerations that help to support modular development and ease the verification of model parts and the code generated from those model parts, and the selection and enforcement of modeling and coding guidelines.

In future cars, mechanical and hydraulic components will be replaced by new electronic systems (x-by-wire). A failure of such a system constitutes a safety hazard for the passengers as well as for the environment of the car. Thus electronics and in particular software are taking over more responsibility and safety-critical tasks. To minimize the risk of failure in such systems safety standards are applied for their development. The safety standard IEC 61508 has been established for automotive electronic systems. At the same time, automatic code generation is increasingly being used for automotive software development. This is to cope with today's increasing requirements concerning cost reduction and time needed for ECU development combined with growing complexity. However, automatic code generation is hardly ever used today for the development of safety-critical systems.

Permanently increasing software complexity of today's electronic control units (ECUs) makes testing a central and significant task within embedded software development. While new software functions are still being developed or optimized, other functions already undergo certain tests, mostly on module level but also on system and integration level. Testing must be done as early as possible within the automotive development process. Typically ECU software developers test new function modules by stimulating the code with test data and capturing the modules' output behavior to compare it with reference data. This paper presents a new and systematic way of testing embedded software for automotive electronics, called MTest. MTest combines the classical module test with model-based development. The central element of MTest is the classification-tree method, which has originally been developed by the DaimlerChrysler research department.