Increasing Embedded Software Confidence Model and Code Verification. Daniel Martins Application Engineer MathWorks

Similar documents
Increasing Design Confidence Model and Code Verification

Intro to Proving Absence of Errors in C/C++ Code

Leveraging Formal Methods Based Software Verification to Prove Code Quality & Achieve MISRA compliance

From Design to Production

Verification and Test with Model-Based Design

2015 The MathWorks, Inc. 1

Static Analysis in C/C++ code with Polyspace

Automating Best Practices to Improve Design Quality

Leveraging Formal Methods for Verifying Models and Embedded Code Prashant Mathapati Application Engineering Group

Automating Best Practices to Improve Design Quality

Verification and Validation of High-Integrity Systems

Using Model-Based Design in conformance with safety standards

Standardkonforme Absicherung mit Model-Based Design

Developing AUTOSAR Compliant Embedded Software Senior Application Engineer Sang-Ho Yoon

Automatización de Métodos y Procesos para Mejorar la Calidad del Diseño

Simulink 를이용한 효율적인레거시코드 검증방안

Jay Abraham 1 MathWorks, Natick, MA, 01760

Implementation and Verification Daniel MARTINS Application Engineer MathWorks

Model-Based Design for High Integrity Software Development Mike Anthony Senior Application Engineer The MathWorks, Inc.

Simulink 모델과 C/C++ 코드에대한매스웍스의정형검증툴소개 The MathWorks, Inc. 1

Model-Based Design for Safety Critical Automotive Applications

Verification and Validation of Models for Embedded Software Development Prashant Hegde MathWorks India Pvt. Ltd.

Formal Verification and Automatic Testing for Model-based Development in compliance with ISO 26262

A Model-Based Reference Workflow for the Development of Safety-Related Software

Production Code Generation and Verification for Industry Standards Sang-Ho Yoon Senior Application Engineer

WHITE PAPER. 10 Reasons to Use Static Analysis for Embedded Software Development

Don t Be the Developer Whose Rocket Crashes on Lift off LDRA Ltd

정형기법을활용한 AUTOSAR SWC 의구현확인및정적분석

Formal Verification of Models and Code Prashant Mathapati Application Engineer Polyspace & Model Verification

Verification, Validation, and Test with Model-Based Design

Verification, Validation and Test in Model Based Design Manohar Reddy

Simulink for AUTOSAR: Best Practices

IBM Rational Rhapsody. IBM Rational Rhapsody Kit for ISO 26262, IEC 61508, IEC and EN Overview. Version 1.9

Generating Industry Standards Production C Code Using Embedded Coder

Model-Based Design for Safety-Critical and Mission-Critical Applications Bill Potter Technical Marketing April 17, 2008

Simulation-based Test Management and Automation Sang-Ho Yoon Senior Application Engineer

Testing, Validating, and Verifying with Model-Based Design Phil Rottier

Model-Based Design: Design with Simulation in Simulink

Ein Modell - viele Zielsysteme

automatisiertensoftwaretests

GAIO. Solution. Corporate Profile / Product Catalog. Contact Information

StackAnalyzer Proving the Absence of Stack Overflows

Workflow for Control System Design and Implementation

Fault-Injection testing and code coverage measurement using Virtual Prototypes on the context of the ISO standard

Structural Coverage Analysis for Safety-Critical Code - Who Cares? 2015 LDRA Ltd 1

AVS: A Test Suite for Automatically Generated Code

Automatic Code Generation Technology Adoption Lessons Learned from Commercial Vehicle Case Studies

MATLAB/Simulink in der Mechatronik So einfach geht s!

Utilisation des Méthodes Formelles Sur le code et sur les modèles

Safety and Reliability of Software-Controlled Systems Part 14: Fault mitigation

Development of an autonomous driving ECU platform for streamlining the development of autonomous driving vehicle applications

Concurrency. State Models and Java Programs. Jeff Magee and Jeff Kramer. Concurrency: introduction 1. Magee/Kramer

DRYING CONTROL LOGIC DEVELOPMENT USING MODEL BASED DESIGN

By V-cubed Solutions, Inc. Page1. All rights reserved by V-cubed Solutions, Inc.

Best Practices Process & Technology. Sachin Dhiman, Senior Technical Consultant, LDRA

SCADE. SCADE Suite Tailored for Critical Applications EMBEDDED SOFTWARE

Static Analysis of Embedded Systems

SOFTWARE QUALITY OBJECTIVES FOR SOURCE CODE

Addressing Future Challenges in the Development of Safe and Secure Software Components The MathWorks, Inc. 1

Program Validation and Testing

What s New with the MATLAB and Simulink Product Families. Marta Wilczkowiak & Coorous Mohtadi Application Engineering Group

Certification Authorities Software Team (CAST) Position Paper CAST-25

Automatic Qualification of Abstract Interpretation-based Static Analysis Tools. Christian Ferdinand, Daniel Kästner AbsInt GmbH 2013

Software Quality. What is Good Software?

ISO Compliant Automatic Requirements-Based Testing for TargetLink

Verifying source code

What functional safety module designers need from IC developers

Entwicklung zuverlässiger Software-Systeme, Stuttgart 30.Juni 2011

Simulink Verification and Validation

People tell me that testing is

Introduction. Welcome Future Sprint Booster Dealer!

Failure Diagnosis and Prognosis for Automotive Systems. Tom Fuhrman General Motors R&D IFIP Workshop June 25-27, 2010

Drive Technology \ Drive Automation \ System Integration \ Services. Manual. Electronic Motor DRC Functional Safety

Certified Automotive Software Tester Sample Exam Paper Syllabus Version 2.0

IDE for medical device software development. Hyun-Do Lee, Field Application Engineer

Development and Deployment of ECU based Control Systems through MBD. Imperative role of Model based design in System Engineering

ISO26262 This Changes Everything!

Better than Hand Generating Highly Optimized Code using Simulink and Embedded Coder

Simulink to Embedded Hardware Paul Peeling MathWorks

Coding Standards in FACE Conformance. John Thomas, Chris Edwards, and Shan Bhattacharya

Error Detection by Code Coverage Analysis without Instrumenting the Code

ISO compliant verification of functional requirements in the model-based software development process

Verification and Validation

T500 DUALTACH. JAQUET T500 DualTach. 2 channel measurement & monitoring instrument 2 CHANNEL TACHOMETER I N C H A R G E O F S P E E D.

Memory Safety for Embedded Devices with nescheck

Addressing Fixed Point Design Challenges

Software Verification and Validation

Manufacturer certification in plant, metal and rolling-stock engineering

Testing, qualification and certification of your products

Coding Standards in FACE Conformance. John Thomas, Chris Edwards, and Shan Bhattacharya

Reducing Design Errors in Complex State Machines using Model-Based Design

Ian Sommerville 2006 Software Engineering, 8th edition. Chapter 22 Slide 1

IEC EN/IEC Safe EN ISO Functional safety solutions for industrial devices Standardized safety modules Protocol software Services

SIMULATION ENVIRONMENT

SysML Modeling Guide for Target System

ISO Functional Safety Management in the Autonomous Car industry and the overview of the required safety lifecycle.

AUTOMATIC FUNCTIONALITY ASSIGNMENT TO AUTOSAR MULTICORE DISTRIBUTED ARCHITECTURES

Objectives. Chapter 19. Verification vs. validation. Topics covered. Static and dynamic verification. The V&V process

Automotive System and Software Engineering with Model Based Design

Driving Into the Future With Modern C++ A Look at Adaptive Autosar and the C++14 Coding Guidelines. Jan Babst CppCon 2017 Sep , Bellevue, WA

Transcription:

Increasing Embedded Software Confidence Model and Code Verification Daniel Martins Application Engineer MathWorks Daniel.martins@mathworks.fr 1

What is the Cost of Software Failure Ariane 5 $7,500,000,000 Rocket & payload lost 2

What is the Cost of Software Failure Therac-25 6 Casualties due to radiation overdose 3

Where do you want to discover and fix errors? Pre sales Post sales Model Vehicle Testing In Service Generated Code 4

Using Model-Based Design It is easier and less expensive to fix design errors early in the process when they happen. Model-Based Design enables: 1. Early testing to increase confidence in your design 2. Delivery of higher quality software throughout the workflow 5

Confidence Gaining Confidence in our Design Adhoc testin g Design error detectio n Modeling Functional standard & structural s tests Effort / Time Model & code equivalen ce checks Code integration analysis 6

Application: Cruise Control Control speed according to setpoint 70 km/h 7

Legacy code Application: Cruise Control System Inputs ECU system ECU Cruise Control Module (MBD) 1 Fuel Rate Control Module 2 Outputs Shift Logic Control Module 8

Legacy code Application: Cruise Control ECU Cruise Control Module (MBD) System Inputs ECU system Fuel Rate Control Module Outputs Shift Logic Control Module 9

Application: Cruise Control Inputs Cruise_onoff Brake Speed Coast set Accel reset Cruise Control Module (MBD) Outputs Engaged Target speed 10

Confidence Gaining Confidence in our Design Ad-hoc testing Effort / Time 11

Ad-hoc Tests New Dashboard blocks facilitate early ad-hoc testing 12

Confidence Gaining Confidence in our Design Ad-hoc testing Design error detection Effort / Time 13

Finding Design Errors: Dead Logic 14

Finding Unintended Behavior Dead logic due to uint8 operation on incdec/holdrate*10 Fix change the order of operation 10*incdec/holdrate Condition can never be false 15

Confidence Gaining Confidence in our Design Ad-hoc testing Design error detection Functional & structural tests Effort / Time 16

Simulation Testing Workflow Requirements Did we meet requirements? Review functional behavior Design Did we completely test our model? Structural coverage report 17

Requirements Based Functional Testing with Coverage Analysis 18

Did We Completely Test our Model? Model Coverage Analysis Potential causes of less than 100% coverage: Missing requirements Over-specified design Design errors Missing tests 19

Confidence Gaining Confidence in our Design Ad-hoc testing Design error detection Functional & structural tests Effort / Time Modeling standards 20

Model Advisor Model Standards Checking 21

Confidence Gaining Confidence in our Design Ad-hoc testing Design error detection Functional & structural tests Effort / Time Modeling standards Model & code equivalence checks 22

Code Generation with Model-to-Code Traceability 23

Equivalence Testing: Model vs SIL or PIL Mode Testing Coverage 100% Model Testing SIL or PIL Mode Testing 24

Code Equivalence Check Results: Model vs Code Code Coverage 25

Confidence Gaining Confidence in our Design Ad-hoc testing Design error detection Functional & structural tests Effort / Time Modeling standards Model & code equivalence checks Code integration analysis 26

Legacy code Code Integration Analysis ECU System Inputs ECU system 1 Cruise Control Module (MBD) Fuel Rate Control Module Outputs Shift Logic Control Module 27

Legacy code Code Integration Analysis Inputs Cruise_onoff Brake Speed Coast set Accel reset EGO Sensor ECU system ECU Cruise Control Module (MBD) 1 Fuel Rate Control Module 2 Outputs Gear Engaged Target speed Fuel Rate MAP Sensor Shift Logic Control Module 28

Legacy code Dead code Finding Dead Code During Integration Inputs Cruise_onoff ECU Cruise Control Module (MBD) 2 Outputs Brake Speed Coast set Accel reset EGO Sensor Inaccurate scaling for speed ECU system Fuel Rate Control Module Gear Engaged Target speed Fuel Rate MAP Sensor Shift Logic Control Module 29

Finding Dead Code with Polyspace Target speed parameter propagated to Cruise_ctrl.c [0 40] Maximum target speed = 90 Dead code 30

Polyspace Code Analysis Source code painted in green, red, gray, orange Green: reliable safe pointer access static void pointer_arithmetic (void) { int array[100]; int *p = array; int i; Red: faulty out of bounds error Gray: dead unreachable code Orange: unproven may be unsafe for some conditions for (i = 0; i < 100; i++) { *p = 0; p++; } variable I (int32): [0.. 99] assignment of I (int32): [1.. 100] if (get_bus_status() > 0) { if (get_oil_pressure() > 0) { *p = 5; } else { i++; } } Purple: violation MISRA-C/C++ or JSF++ code rules Range data tool tip i = get_bus_status(); if (i >= 0) { *(p - i) = 10; } } 31

Conclusion: Model-Based Design Verification Workflow Model Verification Discover design errors at design time Code Verification Gain confidence in the generated code Workflow approved by TÜV SÜD for development of safety-critical software in accordance with ISO 26262 (automotive), IEC 61508 (industrial), EN 50128 (railway), IEC 62304 (medical devices) 32

Key Takeaway It is easier and less expensive to fix design errors early in the process when they happen. Model-Based Design enables: 1. Early testing to increase confidence in your design 2. Delivery of higher quality software throughout the workflow 33

Change the world by Accelerating the pace of discovery, innovation, development, and learning in engineering and science 34

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback