以下文章主题为 “MXAM Qualification: How the Tool Qualification Kit Supports Your Path to Compliance”,目前仅提供英文版本。遵循ISO 26262等功能安全标准对于确保软件的安全性与可靠性至关重要。在此背景下,工具的合规性与资格鉴定发挥着重要作用。该标准定义了明确的步骤,以确保所使用的软件工具能够可靠运行并满足规范要求。其目标是最大限度降低风险,并确保在安全相关的开发项目中保持合规性。本文为您介绍为什么以及何时需要进行工具资格鉴定,以及您的工具是否需要进行此类鉴定。此外,您还将了解资格鉴定流程的具体步骤,从文档编制、工具置信度等级(TCL)到最终的资格确认。我们也为您展示MXAM工具鉴定包如何为您提供支持。
MXAM Qualification: How the Tool Qualification Kit Supports Your Path to Compliance
As automotive safety-critical software continues to grow increasingly complex, ensuring the safety of development tools has become indispensable during the process. Compliance with functional safety standards within the automotive industry, such as ISO 26262, is essential for ensuring software safety and reliability. In this context, the qualification of tools plays an important role.
ISO 26262 provides a comprehensive framework and detailed guidance for standardizing the steps involved in tool qualification. It is strongly recommended that a software tool used in the development of a system, or its software or hardware elements supports the activities and tasks required by ISO 26262. The tool qualification is here to support. This article introduces key concepts of tool qualification and includes how the MXAM qualification kit can support you throughout the entire qualification process.
Why & When Is Tool Qualification Necessary?
Tool qualification refers to the process of evaluating a development tool to safeguard its usage in the development toolchain. If a development tool is successfully qualified as safe through the qualification process, it demonstrates its capability and suitability for use in the development of safety-related software. Especially, tool qualification plays a critical role in reducing the likelihood of system failures caused by tool malfunctions.
Does Your Tool Require Qualification?
In the automotive industry, the functional safety standard ISO 26262 describes the application scenario of the confidence in the use of software tools as: “If the safety lifecycle incorporates the use of a software tool for the development of a system, or its hardware or software elements, …where the relevant outputs of that tool are not examined or verified…”. [ISO 26262:2018-8]
ISO 26262-8 provides a comprehensive framework in conducting methods of tool qualification. Tool qualification considers two critical aspects: the possibility that the software tool may fail to detect or introduce errors, and the probability that malfunctions of the software tool are recognized. In general, the tool qualification process comprises two stages: tool classification, followed by tool qualification. According to ISO 26262-8, after determining the tool confidence level of a software tool, also known as tool classification, we should then qualify whether this tool is eligible to be used in activities or tasks that are customized and required by ISO 26262. [ISO 26262:2018-8]
How to Qualify Your Tools: Key Approaches
To achieve successful tool qualification, the entire process can be broken down into 3 key steps:
1) Planned documentation of the use of the tool
2) Determination of the tool confidence level (TCL)
3) Qualification of the tool
Step 1: Planned Documentation of the Use of the Tool
This mandatory preparatory approach involves planning the tool’s usage in each phase of software development. [ISO 26262:2018-6] The approach is formally referred to as usage planning, which must be thoroughly documented in a tool application guide.
Step 2: Determination of the Tool Confidence Level (TCL)
After completing tool usage planning, the following tool classification process should be conducted to determine if tools need to be qualified. The figure below illustrates the tool confidence level determination process in detail.
Tool Impact (TI): The possibility that a malfunction in the software tool can introduce or fail to detect errors in the safety-related item or element under development. The result is expressed using one out of two tool impact classes (TI1 or TI2).
Tool Error Detection (TD): The confidence in measures to prevent or detect the malfunctions and corresponding erroneous tool output. The result is expressed using one out of three tool error detection classes (TD1, TD2, or TD3).
Only if the tool confidence level is recognized as TCL2 or TCL3, then the subsequent qualification process should be carried out.
Step 3: Qualification of the Tool
According to ISO 26262-8 table 4 and 5, four methods are introduced in conducting tool qualification for tools that have been recognized as TCL2 and TCL3:
(1a) Increased confidence from use
(1b) Evaluation of the tool development process
(1c) Validation of the software tool
(1d) Development in compliance with a safety standard
After the qualification process, reviews need to be conducted if this software tool is classified and verified independently of the safety-related development process. Additionally, subsequent activities of tool qualification should be thoroughly documented in a software tool qualification report, which proves the process has been done for all the tools. For more detailed information on these processes, please refer to the article “Tool Classification and Qualification in Compliance with ISO 26262”.
How the MXAM Qualification Kit Supports You Through the Process
Throughout the process of developing embedded software, implementing adequate modeling tools, along with thorough guidance, enhances efficiency and accuracy, ensuring compliance with industry standards while significantly reducing development costs. MES Model Examiner® (MXAM) is here to support.
MXAM is the leading tool to ensure the comprehensive static analysis of your models. Adding MXAM to your toolchain can significantly improve the modeling process. As stated, the qualification process also needs to be done for MXAM, let’s take a closer look at how the tool qualification kit makes it easy.
As a comprehensive solution for a seamless tool qualification process in compliance with ISO 26262, we offer the MXAM ISO 26262 qualification kit to effectively address your needs. The kit includes:
- Essential documentation and templates for determining tool confidence levels
- Tests for tool validation
- Test reports
The qualification kit significantly reduces your efforts because it provides a ready-to-use list of potential malfunction, prevention, detection measures, and the tool qualification reports. The figure below shows you an excerpt from the software tool criteria evaluation report.
The qualification kit is available for a specific release version of MXAM. Updates of the qualification kit for new release versions of MXAM are available with an optional update service contract or can be purchased separately. Please feel free to contact us for more details about qualification kit content and license models.
Training & Webinar Offers from MES
At MES, we also offer comprehensive learning opportunities to deepen your understanding of tool qualification in compliance with ISO 26262. Explore our training programs and webinars to enhance your expertise!
Training: ISO 26262 Tool Classification and Qualification
Starting with a systematic introduction to the tool classification and qualification requirements of ISO 26262-8, this one-day training class also provides current industry best practices and discusses trends and lessons learned. In the hands-on session, you will familiarize yourself with the structure and content of an exemplary ISO 26262 classification kit for a model-based development tool and gain hands-on experience in customizing a kit to your organization’s specific needs.
Webinar: How to Prevent Tool Errors from Jeopardizing the Safety of Your System
We share insights, best practices, and lessons learned from applying the related ISO 26262 requirements in a real-world engineering setting. We also focus on the question of which costs a project incurs to fulfill the corresponding normative requirements. Don't miss out on this opportunity to enhance your understanding of the tool-related requirements in ISO 26262 and adjacent standards.
相关话题
