Verification and Validation of High-Integrity Systems

Similar documents
Automatización de Métodos y Procesos para Mejorar la Calidad del Diseño

Automating Best Practices to Improve Design Quality

Automating Best Practices to Improve Design Quality

Verification and Validation of Models for Embedded Software Development Prashant Hegde MathWorks India Pvt. Ltd.

WHITE PAPER. 10 Reasons to Use Static Analysis for Embedded Software Development

Using Model-Based Design in conformance with safety standards

Verification and Test with Model-Based Design

Model-Based Design for High Integrity Software Development Mike Anthony Senior Application Engineer The MathWorks, Inc.

From Design to Production

Implementation and Verification Daniel MARTINS Application Engineer MathWorks

Leveraging Formal Methods Based Software Verification to Prove Code Quality & Achieve MISRA compliance

Standardkonforme Absicherung mit Model-Based Design

Model-Based Design for Safety Critical Automotive Applications

Intro to Proving Absence of Errors in C/C++ Code

정형기법을활용한 AUTOSAR SWC 의구현확인및정적분석

Testing, Validating, and Verifying with Model-Based Design Phil Rottier

A Model-Based Reference Workflow for the Development of Safety-Related Software

Model-Based Design for Safety-Critical and Mission-Critical Applications Bill Potter Technical Marketing April 17, 2008

Addressing Future Challenges in the Development of Safe and Secure Software Components The MathWorks, Inc. 1

Simulink 모델과 C/C++ 코드에대한매스웍스의정형검증툴소개 The MathWorks, Inc. 1

Guidelines for deployment of MathWorks R2010a toolset within a DO-178B-compliant process

Increasing Design Confidence Model and Code Verification

Generating Industry Standards Production C Code Using Embedded Coder

Increasing Embedded Software Confidence Model and Code Verification. Daniel Martins Application Engineer MathWorks

Jay Abraham 1 MathWorks, Natick, MA, 01760

Developing AUTOSAR Compliant Embedded Software Senior Application Engineer Sang-Ho Yoon

Verification, Validation and Test in Model Based Design Manohar Reddy

Leveraging Formal Methods for Verifying Models and Embedded Code Prashant Mathapati Application Engineering Group

Production Code Generation and Verification for Industry Standards Sang-Ho Yoon Senior Application Engineer

Verification, Validation, and Test with Model-Based Design

Static Analysis in C/C++ code with Polyspace

Simulink 를이용한 효율적인레거시코드 검증방안

Utilisation des Méthodes Formelles Sur le code et sur les modèles

Workflow for Control System Design and Implementation

By V-cubed Solutions, Inc. Page1. All rights reserved by V-cubed Solutions, Inc.

DRYING CONTROL LOGIC DEVELOPMENT USING MODEL BASED DESIGN

What s New with the MATLAB and Simulink Product Families. Marta Wilczkowiak & Coorous Mohtadi Application Engineering Group

Architecture-driven development of Climate Control Software LMS Imagine.Lab Embedded Software Designer Siemens DF PL

Coding Standards in FACE Conformance. John Thomas, Chris Edwards, and Shan Bhattacharya

IBM Rational Rhapsody. IBM Rational Rhapsody Kit for ISO 26262, IEC 61508, IEC and EN Overview. Version 1.9

Formal Verification of Models and Code Prashant Mathapati Application Engineer Polyspace & Model Verification

Coding Standards in FACE Conformance. John Thomas, Chris Edwards, and Shan Bhattacharya

Considerations in automotive embedded development Global Automotive Director Kiyo Uemura

Don t Be the Developer Whose Rocket Crashes on Lift off LDRA Ltd

IDE for medical device software development. Hyun-Do Lee, Field Application Engineer

2015 The MathWorks, Inc. 1

Ein Modell - viele Zielsysteme

Final Presentation AUTOCOGEQ GMV, 2017 Property of GMV All rights reserved UNCLASSIFIED INFORMATION

Reducing Design Errors in Complex State Machines using Model-Based Design

Simulink Verification and Validation

Automotive Functional Safety

Better than Hand Generating Highly Optimized Code using Simulink and Embedded Coder

Cybersecurity Challenges for Connected and Automated Vehicles. Robert W. Heller, Ph.D. Program Director R&D, Southwest Research Institute

IMPROVING ADAS VALIDATION WITH MBT

ISO compliant verification of functional requirements in the model-based software development process

ISO Compliant Automatic Requirements-Based Testing for TargetLink

Certified Automotive Software Tester Sample Exam Paper Syllabus Version 2.0

StackAnalyzer Proving the Absence of Stack Overflows

Test and Evaluation of Autonomous Systems in a Model Based Engineering Context

Best Practices Process & Technology. Sachin Dhiman, Senior Technical Consultant, LDRA

Testing and Validation of Simulink Models with Reactis

Deriving safety requirements according to ISO for complex systems: How to avoid getting lost?

GAIO. Solution. Corporate Profile / Product Catalog. Contact Information

SCADE. SCADE Suite Tailored for Critical Applications EMBEDDED SOFTWARE

What s New in MATLAB and Simulink Prashant Rao Technical Manager MathWorks India

Team-Based Collaboration in Simulink Chris Fillyaw Application Engineer Detroit, MI

automatisiertensoftwaretests

Addressing Fixed Point Design Challenges

AVS: A Test Suite for Automatically Generated Code

IBM Rational Rhapsody

Automatic Code Generation Technology Adoption Lessons Learned from Commercial Vehicle Case Studies

Simulink for AUTOSAR: Best Practices

SOFTWARE QUALITY OBJECTIVES FOR SOURCE CODE

MathWorks Products and Prices North America January 2018

Deploying MATLAB Applications in Excel, Java, and.net Environments

System Requirements & Platform Availability by Product for R2016b

Report. Certificate Z

Simulink to Embedded Hardware Paul Peeling MathWorks

Serial EEPROM for Automotive New Advanced series

Testing Framework with Simulink Test

Hardening Attack Vectors to cars by Fuzzing

Designing and Prototyping Digital Systems on SoC FPGA The MathWorks, Inc. 1

Formal Verification of Flight Control Applications along a Model- Based Development Process A Case Study

MathWorks Products and Prices International September 2016

Software Verification and Validation (VIMMD052) Introduction. Istvan Majzik Budapest University of Technology and Economics

Model-Based Design: Design with Simulation in Simulink

What s New in Simulink in R2015b and R2016a

Hardware and Software Co-Design for Motor Control Applications

ARM processors driving automotive innovation

Enabling Safe, Secure, Smarter Cars from Silicon to Software. Jeff Hutton Synopsys Automotive Business Development

Examining future priorities for cyber security management

Simulator in the-loop Environment for Autocode Verification

Formal Verification for safety critical requirements From Unit-Test to HIL

Introducing Simulink Release 2012b for Control System Development Mark Walker MathWorks

Communication Patterns in Safety Critical Systems for ADAS & Autonomous Vehicles Thorsten Wilmer Tech AD Berlin, 5. March 2018

Ensuring quality for ADAS applications with a model-based approach

SOFTWARE QUALITY. MADE IN GERMANY.

다중센서기반자율시스템의모델설계및개발 이제훈차장 The MathWorks, Inc. 2

Fault-Injection testing and code coverage measurement using Virtual Prototypes on the context of the ISO standard

T78 - Improve Safety and Compliance Using The Connected Enterprise

Transcription:

Verification and Validation of High-Integrity Systems Chethan CU, MathWorks Vaishnavi HR, MathWorks 2015 The MathWorks, Inc. 1

Growing Complexity of Embedded Systems Emergency Braking Body Control Module Voice Recognition Power Window Battery Management Stability Control Automatic Parking Instrument Panel Adaptive Cruise Control Smart Junction Box Airbag 16 M Electric Power Steering Infotainment DC/DC Converter Propulsion Motor Control Engine Management Navigation Transmission Control Vehicle-to- Infrastructure Power Liftgate 2-3M 6 M Forward Camera Adaptive Front Lighting Power Seat Back-up Camera Long-Range Radar All-Wheel Drive 2000 2015 Lines of Code Active Damping 4-Wheel Steer Smart Junction Box Stability Control Siemens, Ford Motor Company Case Study, Siemens PLM Software, 2014 Tire Pressure Monitor Ultrasonic Sensor McKendrick, J. Cars become datacenters on wheels, carmakers become software companies, ZDJNet, 2013 HVAC Control Vehicle-to-Vehicle E-Call Keyless Entry Short-Range Radar 2

Model-Based Design, Verification and Validation Simulink Models Verified code ready for target deployment Requirements Executable Specification Model used for production code generation C/C++ Generated code Target Simulink Models Requirement based Model Standards Compliant Model Design Error free and Functionally correct Model Code Generation ready Model 3

Key Takeaways System Requirements Verified & Validated System Author, manage requirements in Simulink Early verification to find defects sooner Automate manual verification tasks High Level Design Detailed Design Unit Testing Integration Testing Workflow that conforms to safety standards Coding Static Source code verification 4

Why do 71% of Embedded Projects Fail? Poor Requirements Management Sources: Christopher Lindquist, Fixing the Requirements Mess, CIO Magazine, Nov 2005 5

Challenge with Traditional Development Process Requirements Specification C/C++ Hand code 6

Simulink Models for Specification Requirements Executable Specification C/C++ Hand code 7

Complete Model Based Design Code Generation Requirements Executable Specification Simulink Models Model used for production code generation C/C++ Generated code 8

Model Based Design Verification Workflow Component and system testing Requirements Executable Specification Review and static analysis Simulink Models Equivalence testing Model used for production code generation Equivalence checking C/C++ Generated code 9

Challenges with Requirements Where are requirements implemented? Is design and requirements consistent? How are they tested? Requirements Executable Specification Simulink Models Model used for production code generation C/C++ Generated code 10

Gap Between Requirements and Design Requirements Executable Specification Simulink Models Model used for production code generation C/C++ Generated code 11

Simulink Requirements Author Track Manage 12

Requirements Editor 13

Requirements Editor 14

Import Requirements from External Sources Microsoft Word Import Simulink Requirements Editor IBM Rational DOORS 15

Requirements Perspective 16

Requirements Perspective 17

Link Requirements, Designs and Tests REQ 3.1 ENABLING CRUISE CONTROL Cruise control is enabled when.. 18

Link Requirements, Designs and Tests Derives REQ 3.1 ENABLING CRUISE CONTROL Cruise control is enabled when.. ENABLE SWITCH DETECTION If the Enable switch is pressed 19

Link Requirements, Designs and Tests Derives REQ 3.1 ENABLING CRUISE CONTROL Cruise control is enabled when.. ENABLE SWITCH DETECTION If the Enable switch is pressed Implemented By 20

Link Requirements, Designs and Tests Derives REQ 3.1 ENABLING CRUISE CONTROL Cruise control is enabled when.. ENABLE SWITCH DETECTION If the Enable switch is pressed Implemented By Verified By Test Case x 21

Track Implementation and Verification Implementation Status Implemented Justified Missing Verification Status Passed Failed No Result Missing 22

Respond to Change Original Requirement If the switch is pressed and the counter reaches 50 then it shall be recognized as a long press of the switch. Implements Updated Requirement If the switch is pressed and the counter reaches 75 then it shall be recognized as a long press of the switch. 23

Verify Design to Guidelines and Standards Is the design built right? Is it too complex? Is it ready for code generation? Simulink Models Requirements Requirement based Model Standards Compliant Model Design Error free and Functionally correct Model Code Generation ready Model C/C++ 24

Automate verification with static analysis Check for: Readability and Semantics Performance and Efficiency Clones Model Advisor Analysis And more Simulink Models Requirements Requirement based Model Standards Compliant Model Design Error free and Functionally correct Model Code Generation ready Model C/C++ 25

Generate reports for reviews and documentation Model Advisor Analysis Model Advisor Reports Simulink Models Requirements Requirement based Model Standards Compliant Model Design Error free and Functionally correct Model Code Generation ready Model C/C++ 26

Navigate to Problematic Blocks Simulink Models Requirements Requirement based Model Standards Compliant Model Design Error free and Functionally correct Model Code Generation ready Model C/C++ 27

Guidance Provided to Address Issues or Automatically Correct Simulink Models Requirements Requirement based Model Standards Compliant Model Design Error free and Functionally correct Model Code Generation ready Model C/C++ 28

Built in checks for industry standards and guidelines DO-178/DO-331 ISO 26262 IEC 61508 IEC 62304 MISRA C:2012 CERT C, CWE, ISO/IEC TS 17961 MAAB (MathWorks Automotive Advisory Board) JMAAB (Japan MATLAB Automotive Advisory Board) EN 50128 Simulink Models Requirements Requirement based Model Standards Compliant Model Design Error free and Functionally correct Model Code Generation ready Model C/C++ 29

Configure and customize analysis Simulink Models Requirements Requirement based Model Standards Compliant Model Design Error free and Functionally correct Model Code Generation ready Model C/C++ 30

Checks for standards and guidelines are often performed late Rework Static Analysis Requirements Executable Specification Simulink Models Model used for production code generation C/C++ Generated code 31

Shift Verification Earlier With Edit-Time Checking Highlight violations as you edit Fix issues earlier Edit-Time Static Checking Analysis Avoid rework Requirements Executable Specification Simulink Models Model used for production code generation C/C++ Generated code 32

Find Compliance Issues as you Edit with Edit-Time Checking 33

Assess Quality with Metrics Dashboard Consolidated view of metrics Size Compliance Complexity Identify where problem areas may be 34

Grid Visualization for Metrics Visualize Standards Check Compliance Find Issues Identify patterns See hot spots Legend: Red: Fail Orange: Warning Green: Pass Gray: Not run 35

Detect Design Errors with Formal Methods Find run-time design errors: Integer overflow Dead Logic Division by zero Array out-of-bounds Range violations Generate counter example to reproduce error Simulink Models Requirements Requirement based Model Standards Compliant Model Design Error free and Functionally correct Model Code Generation ready Model C/C++ 36

Prove That Design Meets Requirements Prove design properties using formal requirement models Model functional and safety requirements Generates counter example for analysis and debugging Simulink Models Requirements Requirement based Model Standards Compliant Model Design Error free and Functionally correct Model Code Generation ready Model C/C++ 37

Functional Testing Does the design meet requirements? Is it functioning correctly? Is it completely tested? Simulink Models Requirements Requirement based Model Standards Compliant Model Design Error free and Functionally correct Model Code Generation ready Model C/C++ 38

Systematic Functional Testing Test Case Inputs Assessments MAT file (input) MAT file (baseline) Signal Builder Test Harness MATLAB Unit Test Test Sequence and more! Test Assessment and more! Excel file (input) Main Model Excel file (baseline) 39

Manage Testing and Test Results 40

Coverage Analysis to Measure Testing Simulink Stateflow Generated Code Identify testing gaps Missing requirements Unintended Functionality Dead Logic Coverage Reports 41

Test Case Generation for Functional Testing Test Objective Specify functional test objectives Define custom objectives that signals must satisfy in test cases Test Condition Specify functional test conditions Define constraints on signal values to constrain test generator Test Objective 42

Model-Based Design, Verification and Validation Simulink Models Requirement based Model Standards Compliant Model Design Error free and Functionally correct Model Code Generation ready Model Simulink Models Verified code ready for target deployment Requirements Executable Specification Model used for production code generation C/C++ Generated code Target 43

Equivalence Testing Is the code functionally equivalent to model? Is all the code tested? Requirements Executable Specification Simulink Models Model used for production code generation C/C++ Generated code 44

Equivalence Testing Software in the Loop (SIL) Show functional equivalence, model to code Execute on desktop / laptop computer Processor in the Loop (PIL) Numerical equivalence, model to target code Execute on target board Benefits Re-use tests developed for model to test code Collect code coverage Generate artefacts for IEC 61508, ISO 26262, EN 50128, and DO-178 certification Early verification and defect detection Requirements Executable Specification Simulink Models Model used for production code generation C/C++ SIL Desktop Computer Generated code PIL Target Board 45

Static Code Analysis Is interface between generated and other code fully tested? Is integrated code free of run-time errors? Is the code compliant to MISRA? Requirements Executable Specification Simulink Models Model used for production code generation Other code C/C++ C/C++ Generated code The Generated Code is integrated with Other Code (Handwritten) 46

Static Code Analysis with Polyspace Code metrics and standards Comment density, cyclomatic complexity, MISRA and Cybersecurity standards Support for DO-178, ISO 26262,. Bug finding and Code proving Detect bugs and security vulnerabilities Prove absence of runtime errors Check data and control flow of software Results from Polyspace Code Prover 47

Code Proving with Polyspace 48

Qualify tools with IEC Certification Kit and DO Qualification Kit Qualify code generation and verification products Includes documentation, test cases and procedures KOSTAL Asia R&D Center Receives ISO 26262 ASIL D Certification for Automotive Software Developed with Model-Based Design BAE Systems Delivers DO-178B Level A Flight Software on Schedule with Model-Based Design 49

Summary 1. Author and manage requirements within Simulink 2. Find defects earlier 3. Automate manual verification tasks 4. Reference workflow that conforms to safety standards 5. Static Code verification using Polyspace 50

MathWorks V&V Product Capabilities Requirements Standards Compliance Testing Formal Verification Coverage Analysis Static Code Analysis SIL, PIL Simulink Requirements* (New in R2017b) Simulink Check* (New in R2017b) Simulink Test Simulink Design Verifier Simulink Coverage* (New in R2017b) Polyspace Bug Finder, Polyspace Code Prover Simulink Test * Customers with Simulink V&V licenses will automatically receive these new products 51

KOSTAL Asia R&D Center Receives ISO 26262 ASIL D Certification for Automotive Software Developed with Model-Based Design Challenge Develop automotive electronic steering column lock software and certify it to the highest-level functional safety standard Solution Use Model-Based Design to design, implement, and verify the application software via back-to-back PIL testing required for ISO 26262 ASIL D certification Results Development and certification time cut by 30% 80% of errors identified in modeling phase PIL test framework for ISO 26262 established Using Model-Based Design to design, implement, and verify our software for the highest functional safety standard enabled our team to save costs, increase efficiency, and ensure software quality. Without Model-Based Design, more engineers would be needed to complete the project in the same time frame. Cheng Hui, KOSTAL Kostal s electronic steering column lock module. 52

Miele Proves Absence of Run-Time Errors in Control Software Across Its Entire Product Line Challenge Maintain a reputation for producing quality appliances and other products by minimizing defects in the control software Solution Integrate Polyspace Code Prover and Polyspace Bug Finder into the development process to prove the absence of run-time errors in the software and enforce standard coding rules Results Hundreds of source files analyzed daily Developer focus on core functionality enabled Reusable, trusted components proven free of run-time errors The Miele Center Gütersloh in Germany. We have embedded static code analysis with Polyspace products deeply into our quality assurance processes. It is much better to find run-time errors as development begins than to find them at the end of development or worse, after the product is delivered. - Stefan Trampe, Miele 53

Learn More Visit MathWorks Verification, Validation and Test Solution Page: mathworks.com/solutions/verification-validation.html 54

Training Services Exploit the full potential of MathWorks products Flexible delivery options: Public training available in several cities Onsite training with standard or customized courses Web-based training with live, interactive instructor-led courses More than 48 course offerings: Introductory and intermediate training on MATLAB, Simulink, Stateflow, code generation, and Polyspace products Specialized courses in control design, signal processing, parallel computing, code generation, communications, financial analysis, and other areas www.mathworks.in/training 55

Verification and Validation of Simulink Models This one-day course describes techniques for testing Simulink model behavior against system requirements. Topics include: Identifying the role of verification and validation in Model-Based Design Creating test cases for Simulink models Analyzing simulation results to verify model behavior Automating testing activities and managing results Formally verifying model behavior Automatically generating artifacts to communicate results 56

Polyspace for C/C++ Code Verification This two-day course discusses the use of Polyspace Bug Finder and Polyspace Code Prover to prove code correctness, improve software quality metrics, and ensure product integrity. Topics include: Creating a verification project Reviewing and understanding verification results Emulating target execution environments Handling missing functions and data Managing unproven code (color-coded in orange by Polyspace products) Applying MISRA C rules Reporting 57

Thank You! 58

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback