With the increasing sophistication of automotive ECUs with advanced features, the complexity of models and software is increasing exponentially. The requirements of the software quality, reliability, and safety have placed higher demands on the automotive industry. Model-based development, shortened to MBD, is the best approach in achieving high-quality embedded software development in the automotive industry. Starting with the basics of MBD, followed by its importance and basic principles, this article will help you understand how to implement MBD methods to achieve high-quality modeling and ultimately improve the development of your safety-critical software.
High-Quality Modeling Made Easy! - Get to Know MBD
What is Model-Based Development (MBD)?
MBD is an established practice within automotive software development. Properly implemented MBD methods can increase development efficiency significantly, reduce development costs, improve code quality, and facilitate the developement of safety-critical software.
As shown in Figure 1, the model is considered fundamental to the entire MBD development process.
MBD follows:
-
Abstraction Representation: Abstract representation in the form of models simplifies complex software systems, making them easier to understand and manage.
-
Common Language: Using models as common language for communication in facilitating collaboration.
-
Single Source: Models serve as a consistent single source of truth. They reflect any update or change to the software to prevent misconceptions and inconsistencies among shareholders.
-
Traceability: MBD promotes bi-directional traceability throughout the development process to ensure that all aspects of the software align with the requirements.
-
Iterative Development: MBD supports iterative development. Developers create and refine models over multiple iterations, enabling continuous improvement and adaptation to changing requirements.
-
Reusablility: Models and tests can be reused within the same project or across projects, saving time and effort. Reusable models promote consistency and reduce redundancy.
-
Frontloading Quality Assuarance: Models are used for verification and validation from early development stages on. The frontloading of quality assurance reduces errors early and ensures software quality.
-
Tool Support: MBD is supported by specialized tools that facilitate the creation, adaptation, and analysis of models. These tools are essential for effective implementation.
-
Automation: MBD encourages the automatic generation of code and other artifacts from models. Automation improves efficiency and reduces the likelihood of manual errors.
These principles are essential for taking full advantage of MBD. The following sections will discuss how MBD principles ensure high-quality modeling.
High-Quality Modeling - MBD Is the Key!
The implementation of MBD is the key to achieving high-quality modeling, and an efficient MBD process also relies on quality assurance. So, what defines a "high-quality" model?
First of all, a high-quality model should ensure a unique and consistent look and feel, with good readability and maintainability, and also support modularity and testability. Meanwhile, the high-quality model should adhere to best practices in its style, avoid error-prone model patterns, and can improve the code generated from the model.
Additionally, frontloading the quality assurance is indispensable for continuous improvement of the overall software quality. In the V-model of the software development, the design quality of models is as vital as the functional quality. In real life scenarios, if developers discover the errors or problems in the model during the last stages of software development, it would waste a significant amount of time and effort in tracing back to the root causes of the errors and correcting them in the model.
As one of the fundamental principles of MBD, the frontloaded quality assurance can kickstart the model verification, identification and correction of the related errors, and continuously improve the model quality.
Therefore, frontloading the quality assurance is indispensible for achieving high-quality modeling. In practice, developers can achieve this effectively by implementing iterative testing in software architectural design and unit design phrases with the support of static testing tools.
MBD Best Practices in Compliance with ISO 26262 Standards
In safety-critical software development, ensuring the compliance of models is another key focus. The functional safety standard ISO 26262 recommends the application of MBD methods in safety-critical software development, and requires that the model design should exhibit: consistency, comprehensibility, suitability, correctness, simplicity, robustness, and verifiability. To achieve the mentioned good qualities of model, in ISO 26262: 2016 Part 6: Product Development at the Software Level, detailed requirements are outlined for model architecture. The standard also mandates the adherence to modeling guidelines.
For model architectural design, ISO 26262 states "strongly recommend" under ASIL level A to D for low complexity and the restricted size and compliexity of software components:
The goal of restricting model complexity is to simplify the model structure, reduce complexity, and make models easier for developers to understand, thereby reducing the probability of errors, and improving the model maintainability. Restricting the size of software components can help improve the structural representation of the model. By outputting parts of the model in the library, the model structure becomes more flexible. Developers can then quickly position and focus on the model parts that need to be tested, without having to repeatedly test irrelevant or cloned model parts. The testability of models is also improved. To summarize, the quality of the model structure is an important aspect of model quality. Developers can analyze the model metrics to gain deeper understandings of the quality of the model structure, make modifications, and ultimately achive high-quality modeling.
The ISO 26262 standards also requires models to follow modeling guidelines. Derived from best practices, the modeling guidelines can improve robustness, readability, consistency, and avoid errors.
Practical Applications for MBD Tools
As previously mentioned, to achieve high-quality modeling in compliance with ISO 26262, developers should test and control the model complexity by analyzing series of model metrics, and ensure the implementation of modeling guidelines.
In such MBD process, the use of professional tools can effectively promote the efficiency of model implementaion. Take MES Model Examiner (MXAM) as an example, as shown in Figure 4:
The MXAM report page applies different colors to distinguish the analysis results of the model metrics, which are intuitive and clear. As the result marked in yellow in the Figure 4 indicates, the "Controller" element in this model received a "Warning" result in "Complexity." In MXAM, users only need to click on it and select "Open Subsystem," MXAM can directly guide users to the following problematic subsystems and perform the operations. MXAM also supports the implementation of simple and convenient methods for model optimization, for example the "Auto Layout" function for model refactoring to effectively improve the model with just one click. "Auto Layout" is a function of MES Model & Refactor (MoRe) which is included in MXAM - The Functional Safety Solution.
Modeling guidelines are crucial to an efficient MBD process. MXAM supports modeling guidelines from MAB, MISRA, dSPACE, MES, etc. and MXAM also supports customized guidelines based on user needs. By running the analyses after configuration, the user can then effectlessly check the results and perform repairs and annotations. As shown in Figure 5:
As the results of this modeling guidelines analysis indicate, this subsystem of the model has failed the following guideline checks and needs to be fixed. With a single click on the link, MXAM's interactive report takes the user directly to the model parts that need to be checked. For repair options, MXAM supports both guided manual repairs and automatic repairs.
It can be seen that MXAM can efficiently analyze and verify the models using model metrics and modeling guidelines, with the support of fast repairs, which ensures the quality of modeling in MBD that meets industry standards.
In summary, MBD is the best method to develop high-quality embedded software in the automotive industry. Properly implemented MBD methods can improve code quality, reduce development costs, and effectively accelerate the development of safety-critical software. Frontloading quality assurance is essential to achieve high-quality modeling, and ensuring that the model complies to industry standards such as ISO 26262 is also important. Model metrics can effectively control model complexity, and the application of modeling guidelines can significantly improve model robustness, readability, consistency, and avoid errors. In the MBD process, developers can perform the checks of model metrics and modeling guidelines in their model and perform the repairs under the support of professional modeling tools, which can save a lot of time and improve the development efficiency at the same time.
Learn More from our Experts
Want to know more about this topic? Click here to view the recording and PDF of: High-Quality Modeling Made Easy! And get to know more about MBD from our experts!
In this webinar we discussed the challenges of model-based development, the best practices for overcoming these challenges effectively and quickly, and how the right tools can help you model like a pro!