certkitiec_ecoder_cdt

IEC Certification Kit

Embedded Coder™ Conformance Demonstration Template

R2015b

How to Contact MathWorks

Latest news: www.mathworks.com

Sales and services: www.mathworks.com/sales_and_services

User community: www.mathworks.com/matlabcentral

Technical support: www.mathworks.com/support/contact_us

Phone: 508-647-7000

The MathWorks, Inc.

3 Apple Hill Drive

Natick, MA 01760-2098

IEC Certification Kit: Embedded Coder™ Conformance Demonstration Template

© COPYRIGHT 2009–2015 by The MathWorks, Inc.

The software described in this document is furnished under a license agreement. The software may be used or copied only under

the terms of the license agreement. No part of this manual may be photocopied or reproduced in any form without prior written consent from The MathWorks, Inc.

FEDERAL ACQUISITION: This provision applies to all acquisitions of the Program and Documentation by, for, or through the

federal government of the United States. By accepting delivery of the Program or Documentation, the government hereby agrees that this software or documentation qualifies as commercial computer software or commercial computer software documentation

as such terms are used or defined in FAR 12.212, DFARS Part 227.72, and DFARS 252.227-7014. Accordingly, the terms and

conditions of this Agreement and only those rights specified in this Agreement, shall pertain to and govern the use, modification, reproduction, release, performance, display, and disclosure of the Program and Documentation by the federal government (or

other entity acquiring for or through the federal government)and shall supersede any conflicting contractual terms or conditions.

If this License fails to meet the government’s needs or is inconsistent in any respect with federal procurement law, the government agrees to return the Program and Documentation, unused, to The MathWorks, Inc.

Trademarks

MATLAB and Simulink are registered trademarks of The MathWorks, Inc. See www.mathworks.com/trademarks for a

list of additional trademarks. Other product or brand names may be trademarks or registered trademarks of their respective

holders.

Patents

MathWorks products are protected by one or more U.S. patents. Please see www.mathworks.com/patents for more

information.

http://www.mathworks.com/

http://www.mathworks.com/sales_and_services

http://www.mathworks.com/matlabcentral/

http://www.mathworks.com/support/contact_us/

http://www.mathworks.com/trademarks

http://www.mathworks.com/patents

Revision History

September 2009 New for Version 1.1 (Applies to Releases 2009a, 2009b)

March 2010 Revised for Version 1.2 (Applies to Release 2010a) April 2010 Revised for Version 1.3 (Applies to Release 2009bSP1)

September 2010 Revised for Version 1.3 (Applies to Release 2010b)

March 2011 Revised for Version 1.4 (Applies to Release 2010bSP1) April 2011 Revised for Version 1.4 (Applies to Release 2011a);

renamed to Embedded Coder™ Conformance Demonstration Template

September 2011 Revised for Version 2.0 (Applies to Release 2011b) March 2012 Revised for Version 2.1 (Applies to Release 2012a)

September 2012 Revised for Version 3.0 (Applies to Release 2012b)

March 2013 Revised for Version 3.1 (Applies to Release 2013a) September 2013 Revised for Version 3.2 (Applies to Release 2013b)

March 2014 Revised for Version 3.3 (Applies to Release 2014a)

October 2014 Revised for Version 3.4 (Applies to Release 2014b) March 2015 Revised for Version 3.5 (Applies to Release 2015a)

September 2015 Revised for IEC Certification Kit Version 3.6 (Applies to Release 2015b)

v

Contents

1 Introduction ...................................................................................................................................... 1-1 Conformance Demonstration Template Overview .................................................................. 1-2 Application Identification ........................................................................................................ 1-3

2 Design Verification .......................................................................................................................... 2-1 3 Code Verification ............................................................................................................................. 3-1 4 Additional Considerations ................................................................................................................ 4-1

1 Introduction

1-2

Conformance Demonstration Template Overview This Conformance Demonstration Template can be used to demonstrate conformance with the

parts of ISO 26262-6/8, IEC 61508-3, or EN 50128 covered in the document

Embedded Coder™ Reference Workflow

To access the reference workflow document, on the MATLAB® command line, type

certkitiec to open the Artifacts Explorer. The reference workflow document is in Embedded

Coder.

For each technique or measure:

In the third column, state to what degree you applied the technique or measure for the

application under consideration by using one of the phrases: Used, Used to a limited degree,

or Not used.

In the fourth column, state how you used the technique or measure in the application under

consideration. If the reference workflow includes alternative means for compliance, indicate

what variant you used. In addition, enter a reference to the document (for example, test

report or review documentation).

1-3

Application Identification

Applicant: <Insert information>

Application: <Insert information>

2 Design Verification

2-2

Checklist 1: Design Verification

Technique / Measure Associated Requirements Used / Used to a limited degree / Not used

Interpretation in this application, Evidence

1 Model review

(See “Reviews and Static

Analyses at the Model

Level” in the Embedded

Coder™ Reference

Workflow)

Inclusion of all model

components

2 Adherence to modeling

standard




Coder Reference

Workflow)

Designation of a modeling

standard

Review the modeling standard

as suitable for use

Restriction to modeling

constructs suited for production

code generation

Evidence for using the

modeling standard

3 Static analysis at the

model level (if

applicable)




Coder Reference

Workflow)

Evidence for using static

analyzers

4 Supporting activities




Coder Reference

Workflow)

Documentation of the results of

reviews and analyses

Corrective action on failure of

reviews and analyses

2-3



5 Module and integration

testing at the model level

(See “Module and

Integration Testing at the

Model Level” in the

Embedded Coder

Reference Workflow)

Inclusion of all model

components

Consideration of intended and

possible unintended functions

Systematic design of test

vectors

Inclusion of test vectors being

derived from the specification

according to established criteria

Consideration of model

integration stages

Consideration of module

interaction


(See “Module and

Integration Testing at the

Model Level” in the

Embedded Coder

Reference Workflow)


module and integration tests,

including test results and

achievement of test objectives

and criteria


module and integration tests

Impact analysis

3 Code Verification

3-2

Checklist 2: Code Verification



7 Back-to-back test vector

generation

(See “Test Vector

Generation” in the

Embedded Coder™

Reference Workflow)

Structural coverage with respect

to applicable model coverage

metrics (SIL 2 and above); see

table “Model Coverage

Analysis”

Creation of additional test

vectors (if applicable)

Assessment of or justification

for uncovered model parts

8 Back-to-Back test

execution

(See “Test Execution”

in the Embedded Coder

Reference Workflow)

Stimulation of the model used

for production code generation

Stimulation of the executable

derived from the generated

code

Test execution in a target-like

environment or analysis of the

differences between testing and

the target environment

Assessment of model parts used

for simulation but not for code

generation

9 Signal comparison

(See “Signal

Comparison” in the

Embedded Coder

Reference Workflow)

Designation of a suitable

comparison algorithm and

acceptance threshold

Comparison of simulation

results and execution results


(See “Back-to-Back

Testing Model Versus

Code” in the Embedded

Coder Reference

Workflow)


back-to-back tests


back-to-back tests

Evidence for using automated

back-to-back testing tools

Evidence for validation of

back-to-back testing tools

3-3



11 Prevention of

unintended functionality

(SIL 2 and above)

(See “Prevention of

Unintended

Functionality” in the

Embedded Coder

Reference Workflow)

Model and code coverage

comparison or traceability

review, see table “Prevention of

Unintended Functionality”

Assessment of or justification

for issues revealed

12

Supporting activities

(See “Prevention of

Unintended

Functionality” in the

Embedded Coder

Reference Workflow)


demonstrating the absence of


Corrective action on failure to

demonstrate the absence of


4 Additional Considerations

4-2

Checklist 3: Additional Considerations



13 Verification and validation

of hand code (if applicable)

(See “Hand Coded Portions

within the Generated Code”

in the Embedded Coder™

Reference Workflow)

Designation of measures to

verify and validate hand code

Consideration of the interfaces

between hand code and

generated code

Traceability to the software

requirements specification


(See “Hand Coded Portions

within the Generated Code”


Reference Workflow)

Documentation of the results

of verifying and validating the

hand code

Corrective action in case of

the detection of errors in the

hand code

15 Verification and validation

of generated AUTOSAR

files (if applicable)

(See “Generated

AUTOSAR Files” in the

Embedded Coder Reference

Workflow)

Designation of measures to

verify and validate generated

AUTOSAR files


(See “Generated

AUTOSAR Files” in the


Workflow)

Documentation of the results

of verifying and validating

generated AUTOSAR files

Corrective action in case of

the detection of errors in the

generated AUTOSAR files

17 Deviation from the

reference workflow

(See “Deviation from the

Reference Workflow” in the


Workflow)

Documentation and

justification for deviations

from the reference workflow

by using a deviation

procedure, if applicable

4-3



18 Integration with the

software safety lifecycle

(See “Integration with the

Software Safety Lifecycle”


Reference Workflow)

Documented software safety

lifecycle, including

application-specific

verification and validation

activities

19 Configuration management

and revision control

(See “Configuration

Management and Revision

Control” in the Embedded

Coder Reference Workflow)

Revision control for artifacts

to be validated or verified

Configuration management for

artifacts to be validated or

verified (SIL 2 and above)

20 Installation integrity and

release compatibility

(See “Installation Integrity

and Release Compatibility”


Reference Workflow)

Validation of modification and

additions to shipping tools (if

applicable)

Compatibility of product

versions for model creation,

code generation, and

translation validation

21 Bug reporting

(See “Bug Reporting” in the


Workflow)

Assessment of bug report

information provided by tool

vendors and compliance with

recommendations and

workarounds (during

development and after

deployment)

Reporting of issues with

MathWorks products

22 Competency of the project

team

(See “Competency of the

Project Team” in the


Workflow)

Evidence for competence of

project team members

4-4



23 Workshare

Considerations

(See “Workshare

Considerations” in the


Workflow)

Documentation of workshare

between OEM and supplier, if

applicable

certkitiec_ecoder_cdt

Documents