certkitiec_ecoder_cdt
DESCRIPTION
certkitiec_ecoder_cdtTRANSCRIPT
IEC Certification Kit
Embedded Coder™ Conformance Demonstration Template
R2015b
How to Contact MathWorks
Latest news: www.mathworks.com
Sales and services: www.mathworks.com/sales_and_services
User community: www.mathworks.com/matlabcentral
Technical support: www.mathworks.com/support/contact_us
Phone: 508-647-7000
The MathWorks, Inc.
3 Apple Hill Drive
Natick, MA 01760-2098
IEC Certification Kit: Embedded Coder™ Conformance Demonstration Template
© COPYRIGHT 2009–2015 by The MathWorks, Inc.
The software described in this document is furnished under a license agreement. The software may be used or copied only under
the terms of the license agreement. No part of this manual may be photocopied or reproduced in any form without prior written consent from The MathWorks, Inc.
FEDERAL ACQUISITION: This provision applies to all acquisitions of the Program and Documentation by, for, or through the
federal government of the United States. By accepting delivery of the Program or Documentation, the government hereby agrees that this software or documentation qualifies as commercial computer software or commercial computer software documentation
as such terms are used or defined in FAR 12.212, DFARS Part 227.72, and DFARS 252.227-7014. Accordingly, the terms and
conditions of this Agreement and only those rights specified in this Agreement, shall pertain to and govern the use, modification, reproduction, release, performance, display, and disclosure of the Program and Documentation by the federal government (or
other entity acquiring for or through the federal government)and shall supersede any conflicting contractual terms or conditions.
If this License fails to meet the government’s needs or is inconsistent in any respect with federal procurement law, the government agrees to return the Program and Documentation, unused, to The MathWorks, Inc.
Trademarks
MATLAB and Simulink are registered trademarks of The MathWorks, Inc. See www.mathworks.com/trademarks for a
list of additional trademarks. Other product or brand names may be trademarks or registered trademarks of their respective
holders.
Patents
MathWorks products are protected by one or more U.S. patents. Please see www.mathworks.com/patents for more
information.
Revision History
September 2009 New for Version 1.1 (Applies to Releases 2009a, 2009b)
March 2010 Revised for Version 1.2 (Applies to Release 2010a) April 2010 Revised for Version 1.3 (Applies to Release 2009bSP1)
September 2010 Revised for Version 1.3 (Applies to Release 2010b)
March 2011 Revised for Version 1.4 (Applies to Release 2010bSP1) April 2011 Revised for Version 1.4 (Applies to Release 2011a);
renamed to Embedded Coder™ Conformance Demonstration Template
September 2011 Revised for Version 2.0 (Applies to Release 2011b) March 2012 Revised for Version 2.1 (Applies to Release 2012a)
September 2012 Revised for Version 3.0 (Applies to Release 2012b)
March 2013 Revised for Version 3.1 (Applies to Release 2013a) September 2013 Revised for Version 3.2 (Applies to Release 2013b)
March 2014 Revised for Version 3.3 (Applies to Release 2014a)
October 2014 Revised for Version 3.4 (Applies to Release 2014b) March 2015 Revised for Version 3.5 (Applies to Release 2015a)
September 2015 Revised for IEC Certification Kit Version 3.6 (Applies to Release 2015b)
v
Contents
1 Introduction ...................................................................................................................................... 1-1 Conformance Demonstration Template Overview .................................................................. 1-2 Application Identification ........................................................................................................ 1-3
2 Design Verification .......................................................................................................................... 2-1 3 Code Verification ............................................................................................................................. 3-1 4 Additional Considerations ................................................................................................................ 4-1
vi
1 Introduction
1-2
Conformance Demonstration Template Overview This Conformance Demonstration Template can be used to demonstrate conformance with the
parts of ISO 26262-6/8, IEC 61508-3, or EN 50128 covered in the document
Embedded Coder™ Reference Workflow
To access the reference workflow document, on the MATLAB® command line, type
certkitiec to open the Artifacts Explorer. The reference workflow document is in Embedded
Coder.
For each technique or measure:
In the third column, state to what degree you applied the technique or measure for the
application under consideration by using one of the phrases: Used, Used to a limited degree,
or Not used.
In the fourth column, state how you used the technique or measure in the application under
consideration. If the reference workflow includes alternative means for compliance, indicate
what variant you used. In addition, enter a reference to the document (for example, test
report or review documentation).
1-3
Application Identification
Applicant: <Insert information>
Application: <Insert information>
1-4
2 Design Verification
2-2
Checklist 1: Design Verification
Technique / Measure Associated Requirements Used / Used to a limited degree / Not used
Interpretation in this application, Evidence
1 Model review
(See “Reviews and Static
Analyses at the Model
Level” in the Embedded
Coder™ Reference
Workflow)
Inclusion of all model
components
2 Adherence to modeling
standard
(See “Reviews and Static
Analyses at the Model
Level” in the Embedded
Coder Reference
Workflow)
Designation of a modeling
standard
Review the modeling standard
as suitable for use
Restriction to modeling
constructs suited for production
code generation
Evidence for using the
modeling standard
3 Static analysis at the
model level (if
applicable)
(See “Reviews and Static
Analyses at the Model
Level” in the Embedded
Coder Reference
Workflow)
Evidence for using static
analyzers
4 Supporting activities
(See “Reviews and Static
Analyses at the Model
Level” in the Embedded
Coder Reference
Workflow)
Documentation of the results of
reviews and analyses
Corrective action on failure of
reviews and analyses
2-3
Technique / Measure Associated Requirements Used / Used to a limited degree / Not used
Interpretation in this application, Evidence
5 Module and integration
testing at the model level
(See “Module and
Integration Testing at the
Model Level” in the
Embedded Coder
Reference Workflow)
Inclusion of all model
components
Consideration of intended and
possible unintended functions
Systematic design of test
vectors
Inclusion of test vectors being
derived from the specification
according to established criteria
Consideration of model
integration stages
Consideration of module
interaction
6 Supporting activities
(See “Module and
Integration Testing at the
Model Level” in the
Embedded Coder
Reference Workflow)
Documentation of the results of
module and integration tests,
including test results and
achievement of test objectives
and criteria
Corrective action on failure of
module and integration tests
Impact analysis
2-4
3 Code Verification
3-2
Checklist 2: Code Verification
Technique / Measure Associated Requirements Used / Used to a limited degree / Not used
Interpretation in this application, Evidence
7 Back-to-back test vector
generation
(See “Test Vector
Generation” in the
Embedded Coder™
Reference Workflow)
Structural coverage with respect
to applicable model coverage
metrics (SIL 2 and above); see
table “Model Coverage
Analysis”
Creation of additional test
vectors (if applicable)
Assessment of or justification
for uncovered model parts
8 Back-to-Back test
execution
(See “Test Execution”
in the Embedded Coder
Reference Workflow)
Stimulation of the model used
for production code generation
Stimulation of the executable
derived from the generated
code
Test execution in a target-like
environment or analysis of the
differences between testing and
the target environment
Assessment of model parts used
for simulation but not for code
generation
9 Signal comparison
(See “Signal
Comparison” in the
Embedded Coder
Reference Workflow)
Designation of a suitable
comparison algorithm and
acceptance threshold
Comparison of simulation
results and execution results
10 Supporting activities
(See “Back-to-Back
Testing Model Versus
Code” in the Embedded
Coder Reference
Workflow)
Documentation of the results of
back-to-back tests
Corrective action on failure of
back-to-back tests
Evidence for using automated
back-to-back testing tools
Evidence for validation of
back-to-back testing tools
3-3
Technique / Measure Associated Requirements Used / Used to a limited degree / Not used
Interpretation in this application, Evidence
11 Prevention of
unintended functionality
(SIL 2 and above)
(See “Prevention of
Unintended
Functionality” in the
Embedded Coder
Reference Workflow)
Model and code coverage
comparison or traceability
review, see table “Prevention of
Unintended Functionality”
Assessment of or justification
for issues revealed
12
Supporting activities
(See “Prevention of
Unintended
Functionality” in the
Embedded Coder
Reference Workflow)
Documentation of the results of
demonstrating the absence of
unintended functionality
Corrective action on failure to
demonstrate the absence of
unintended functionality
3-4
4 Additional Considerations
4-2
Checklist 3: Additional Considerations
Technique / Measure Associated Requirements Used / Used to a limited degree / Not used
Interpretation in this application, Evidence
13 Verification and validation
of hand code (if applicable)
(See “Hand Coded Portions
within the Generated Code”
in the Embedded Coder™
Reference Workflow)
Designation of measures to
verify and validate hand code
Consideration of the interfaces
between hand code and
generated code
Traceability to the software
requirements specification
14 Supporting activities
(See “Hand Coded Portions
within the Generated Code”
in the Embedded Coder
Reference Workflow)
Documentation of the results
of verifying and validating the
hand code
Corrective action in case of
the detection of errors in the
hand code
15 Verification and validation
of generated AUTOSAR
files (if applicable)
(See “Generated
AUTOSAR Files” in the
Embedded Coder Reference
Workflow)
Designation of measures to
verify and validate generated
AUTOSAR files
16 Supporting activities
(See “Generated
AUTOSAR Files” in the
Embedded Coder Reference
Workflow)
Documentation of the results
of verifying and validating
generated AUTOSAR files
Corrective action in case of
the detection of errors in the
generated AUTOSAR files
17 Deviation from the
reference workflow
(See “Deviation from the
Reference Workflow” in the
Embedded Coder Reference
Workflow)
Documentation and
justification for deviations
from the reference workflow
by using a deviation
procedure, if applicable
4-3
Technique / Measure Associated Requirements Used / Used to a limited degree / Not used
Interpretation in this application, Evidence
18 Integration with the
software safety lifecycle
(See “Integration with the
Software Safety Lifecycle”
in the Embedded Coder
Reference Workflow)
Documented software safety
lifecycle, including
application-specific
verification and validation
activities
19 Configuration management
and revision control
(See “Configuration
Management and Revision
Control” in the Embedded
Coder Reference Workflow)
Revision control for artifacts
to be validated or verified
Configuration management for
artifacts to be validated or
verified (SIL 2 and above)
20 Installation integrity and
release compatibility
(See “Installation Integrity
and Release Compatibility”
in the Embedded Coder
Reference Workflow)
Validation of modification and
additions to shipping tools (if
applicable)
Compatibility of product
versions for model creation,
code generation, and
translation validation
21 Bug reporting
(See “Bug Reporting” in the
Embedded Coder Reference
Workflow)
Assessment of bug report
information provided by tool
vendors and compliance with
recommendations and
workarounds (during
development and after
deployment)
Reporting of issues with
MathWorks products
22 Competency of the project
team
(See “Competency of the
Project Team” in the
Embedded Coder Reference
Workflow)
Evidence for competence of
project team members
4-4
Technique / Measure Associated Requirements Used / Used to a limited degree / Not used
Interpretation in this application, Evidence
23 Workshare
Considerations
(See “Workshare
Considerations” in the
Embedded Coder Reference
Workflow)
Documentation of workshare
between OEM and supplier, if
applicable