Safe software is the key to safe mobility. In my article I highlight the integral role played by safety standards such as ISO 26262 in the model-based development of safety critical software.
What Makes Safety Systems Safe?
Safe software is the key to safe mobility. Discover how model-based development in combination with safety standards such as ISO26262 enables the development of safety-critical software for passenger road vehicles. Read on to learn how ISO 26262-6 outlines a systematic and methodical approach to develop safe software and how complementing tools, such as the MES Model Examiner® (MXAM), ensure safety compliance and improve the quality and maintainability of automotive software.
Embedded Systems Are Essential for Today’s Safety Technology
Embedded systems are specialized computer systems, which perform a specific tasks within a larger device. Designed to be small and efficient, yet extremely reliable controllers, they are capable of performing tasks that would otherwise require complex and costly solutions. Embedded controllers are used in a wide range of industries, including aerospace, energy, transport, security systems, consumer electronics, and medical diagnostic devices.
One of the most significant applications of embedded controls is in the automotive industry, as a result of the necessity for high-performing, safe, reliable, energy-efficient, and cost-efficient systems. They are critical in ensuring the safety and security of multiple systems in modern cars, which control everything from engine management to safety features, including anti-lock braking systems (ABS), electronic stability control (ESC), and advanced driver assistance systems (ADAS).
Ensuring the Safety and Reliability of Automotive Applications
It is imperative that applications in the automotive industry are reliable and safe. Therefore, safety standards such as ISO 26262 have been developed to ensure that automotive embedded systems meet specific safety requirements. ISO 26262 is a functional safety standard, which provides recommendations for the development of safety-critical systems in passenger road vehicles. It specifies safety-relevant requirements for the entire system development lifecycle. The ISO 26262 standard also reserves a chapter dedicated to safety-critical software development, namely part 6.
Model-Based Development of Safety-Critical Software
Model-based software development (MBD) is a widely used approach for developing embedded software in the automotive industry. In fact, the ISO 26262 standard explicitly lists the model-based approach as a recommended technique for safety-critical software development. MBD involves creating a model that represents the system's specification and behaviour, and then generating software code directly from the model. MBD comes with several benefits, among which are improved productivity, quality, and maintainability. It also enables early testing and validation of the software, reducing the risk of errors and ensuring compliance with safety standards.
Safety-Critical Software Development According to ISO 26262-6
ISO 26262-6 provides a reference phase model for developing safety-critical automotive software, guaranteeing that safety requirements for embedded software in passenger cars are systematically and methodically considered. This model consists of several activities as part of the design phases located on the left side of the V-model and the test phases located on the right side of the V-model.
Activities in the design phases include the Specification of Software Safety Requirements, Software Architectural Design, and Software Unit Design and Implementation.
The software safety requirements are refined and defined from the system requirements and allocated to software components and units, with the design and specification of the software architecture. Finally, the software units are designed and implemented according to the allocated requirements.
Design phase activities ensure that the correct software requirements are implemented.
Activities in the test phases focus on the Verification of Software Units, Software Integration, and Testing of the Embedded Software, and include specific requirements for software validation, verification, and testing.
Test phase activities ensure that the software requirements are correctly implemented.
Application of ISO26262-6 Using Automated Production Code Generation
Code generator vendors have developed specific reference workflows to facilitate the ISO-compliant use of auto-code generation in MBD. These are certified to implement the requirements for verification and validation activities from the ISO reference phase model.
The reference workflows are supported by a range of complementing tools, each tailored to focus on specific tasks and ensuring that the recommendations and requirements for safety-critical software development are always met.
The MES Model Examiner® (MXAM), for example, focuses on the application of suitable modeling guidelines and best practices for the design and implementation of software models. MXAM also assesses specific model metrics to verify compliance with ISO 26262 recommendations for the software model’s architectural design. In order to fully benefit from the MBD approach, e.g. by frontloading the quality assurance, MXAM’s thorough static model testing routines improve the testability of software models and facilitate the generation of standard- and safety-compliant code.
If you want to know more about the integration of MXAM into the ISO 26262-compliant reference workflows within the TargetLink Ecosystem and the MATLAB Simulink platform have a look at our videos to come.
This article was originally published on LinkedIn.