Model-Based Development of Embedded Software in Compliance with ISO 26262

Challenges and Effective Solutions - 2 days or 4 half-days

Date/Time Location
Sep 17–20, 2024/
8:30 a.m. - 1 p.m. CEST
Nov 19–22, 2024/
8:30 a.m. - 1 p.m. EST
Online, in cooperation with dSPACE

This training class describes how to develop and safeguard safety-critical embedded software in serial projects with Simulink in compliance with ISO 26262 (part 6). Beginning with a general overview of the ISO standard, we proceed by focusing on the ISO 26262 requirements that are specifically relevant to model-based development.

We address the impact the standard has had on model-based development with Simulink, as well as the requirements for model and software architecture in safety critical software. We also look at modeling guidelines and testing before wrapping up the class by assessing ISO 26262 readiness of controller functions. Theoretical knowledge is broadened using numerous practical examples and hands-on exercises. We will practice implementing ISO requirements in Simulink with tools provided by Model Engineering Solutions (MES) for the training class.

Target Audience

This training class is designed for developers, testers, project managers, and quality managers, whose focus is model-based development of safety-critical embedded software using MATLAB/Simulink.


  • Developing safety-critical software in compliance with ISO 26262
  • All content updated for ISO 26262:2018
  • Impact of ISO 26262 on development of embedded software with Simulink
  • Model architectures for safety-critical software
  • Safeguarding ISO 26262-compliant models with modeling guidelines and complexity metrics
  • ISO 26262-compliant testing for model-based SW development
  • Tool qualification
  • Prioritization of ISO 26262 requirements for process adaptation
  • Free provision of tools from MES for practical implementation in Simulink (can also be used for a limited time after the training class).

★★★★★ Jared Key, Hella Aglaia Mobile Vision

"This training provides an insightful and comprehensive walk-through of model-based design in compliance with ISO 26262, and how to best use model-based design to improve your project.”

★★★★★ Philipp Bujotzek, Functional Developer, Webasto

"This training class delivered a comprehensive overview of the ISO 26262 standard through the concise and accessible information provided by the trainers.”


SAE Certificate of Competency

A fee-based SAE Certificate of Competency can be obtained in this class by passing the evaluation test.

Please contact for more information.


Available in English and German


Icon On Site Training

Open-enrollment Trainings
at one of our locations

Icon Online Training

Virtual Classroom Trainings
wherever you are

Icon Inhouse Training

In-house Trainings
online or in-house


Extended Option: For company-specific training classes, we offer an optional third training day for more detailed hands-on sessions and additional model testing exercises.

Learning Objectives

By the end of this course, you will have:

  • An understanding of the characteristics and benefits of model-based development
  • Know-how to apply model-based methods to develop safety-related systems in compliance with ISO 26262
  • An understanding of the model-based development process as outlined by ISO 26262
  • The ability to assess elements of effective software architecture according to ISO 26262
  • An understanding of how to implement software architecture in models
  • The skills to analyze and evaluate model structures
  • An understanding of how to ensure model quality with effective modeling guidelines
  • Ability to recall the approach to tool qualification that aligns with ISO 26262
  • Knowledge of how to apply methods to ensure model quality with model testing
  • An understanding of the priorities for process adaptation towards ISO 26262 compliance

Cost, Terms & Conditions


Our Trainers


1st half-day

Overview: Model-based software development with Simulink

  • Foundations of model-based development
  • Overview of development
  • ISO 26262 and development cycle
    • ISO 26262
    • Development cycle and functional safety process
  • Functional safety
    • Hands-on: Hazard examples
    • Hazard analysis and risk assessment
    • ASIL determination
    • Fault types
    • ASIL allocation, ASIL decomposition
    • ISO 26262 work products
  • Overview on quality assurance activities
    • Model and code verification
    • Combination of quality assurance measures
    • Continuous test process
  • Benefits of Model-based development

Implementing software architectures in models

  • Basics of software architecture
  • Expected properties of an ISO 26262-compliant software architecture
  • Software architecture in models
  • Principles for layered models
  • Interface handling in models
  • Simulink design patterns for safety-critical software

2nd half-day

Analysis and evaluation of model architecture

  • Model structure analysis
  • Introduction to complexity metrics
  • Calculating model complexity
  • Measures to reduce model complexity
  • Identification of ineffective interfaces and model clones
  • Hands-on: Model structure
    • Learn the workflow in MXAM
    • Analyze model complexity (using MXAM on your models)
    • Get used to complexity values and look at most complex subsystems
    • Analyze ineffective interfaces in your models
    • Look at cloned subsystems in your models
    • Discuss different ways to refactor complexity and clones
  • Hands-on: Model refactoring
    • Simplify refactoring of models
    • Usage of Autolayout to improve model layout

Quality monitoring of development projects

  • Main challenges and typical use cases
  • Quality assessment workflow
  • Calculation of quality
  • Live exercise: Quality monitoring project

3rd half-day

Ensuring model quality with modeling guidelines

  • Overview of modeling guidelines
  • General modeling guidelines for MISRA- and ISO 26262-compliant modeling
  • Specific guidelines on improving code generator application
  • Automatic checking of modeling guidelines
  • Hands-on
    • Analyze models for guideline compliance (using MXAM on your models)
    • Understand and discuss findings regarding layout, understandability, …
    • Look at Stateflow modeling and the findings in your models
    • Guidelines for consistent models: color, naming, configuration, …
    • Repair models supported by MXAM in a safe and guided way
    • Reuse analysis results for documentation and later review

Tool qualification in compliance with ISO 26262

  • Foundations of tool qualification
  • Determination of the tool confidence level
  • Qualification methods
  • Live exercise: Presentation and discussion of a tool qualification kit

4th half-day

Ensuring model quality with model testing

  • ISO 26262 requirements in the testing process
  • Test goals on different testing levels
  • Regression testing and back-to-back testing, MiL – SiL – PiL
  • Model and code coverage
  • Automatic test evaluation with test assessment
  • Live exercise: Model testing project
    • Introduction to a test project
    • Understanding test case definition and the corresponding signal curves
    • MiL and SiL test case execution
    • Textual requirements and the corresponding formal requirements
    • Test evaluation by generated test assessments
    • Mil-SiL back-to-back test for test evaluation
    • Model coverage of Simulink and Stateflow units
    • Batch testing for automated test re-execution

Overview and priorities for process adaptation in compliance
with ISO 26262

  • Prioritizing ISO 26262 requirements for model-based development
  • Assessing effort and benefits of ISO 26262 requirements
  • Available methods and tools for process tailoring

Qualification assessment (SAE Certificate of Competency optional)