model-based design for safety-critical and mission-critical … · 3 ® ® requirements process for...
TRANSCRIPT
![Page 1: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/1.jpg)
©20
08 T
he M
athW
orks
, Inc
.
® ®
Model-Based Design for Safety-Critical and Mission-Critical Applications
Bill PotterTechnical MarketingApril 17, 2008
![Page 2: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/2.jpg)
2
® ®
Safety-Critical Model-Based Design Workflow
Requirements
Model
Source Code
Object Code
Validate
Simulink®
&Stateflow®
Trace:RMI Verify:
SystemTestSLDV Property Proving
Model Coverage
Conformance:Model Advisor
Real-Time Workshop®
Embedded Coder™Conformance:PolySpace™ Products
Embedded IDE
Verify:SLDV Test Generation
Embedded IDE Link XXX
Verify:SystemTest™
Embedded IDE Link™ XXX
Trace:Model/Code Trace Report
![Page 3: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/3.jpg)
3
® ®
Requirements Process for Model-Based Design
Functional, operational, and safety requirementsExist one level above the modelModels trace to requirements
Requirements validation - complete and correctSimulation is a validation technique Traceability can identify incomplete requirementsModel coverage can identify incomplete requirements
Requirements based test casesTest cases trace to requirements
Requirements
Validate
![Page 4: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/4.jpg)
4
® ®
Simulation example – controller and plant
![Page 5: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/5.jpg)
5
® ®
Requirements trace example – view from DOORS® to Simulink
![Page 6: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/6.jpg)
6
® ®
Requirements trace example – view from Simulink to DOORS
![Page 7: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/7.jpg)
7
® ®
Requirements based test trace example – view from Simulink Signal Builder block to DOORS
![Page 8: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/8.jpg)
8
® ®
Model coverage report example
![Page 9: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/9.jpg)
9
® ®
Requirements Process take-aways
Early requirements validationEliminates rework typically seen at integration on projects with poor requirements
Early test case developmentValidated requirements are complete and verifiable which results in well defined test cases
Requirements management and traceabilityRequirements management interfaces provide traceability for design and test cases
Requirements
Validate
![Page 10: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/10.jpg)
10
® ®
Design Process for Model-Based Design
Model-Based DesignCreate the design - Simulink and Stateflow®
Modular design for teams - Model ReferenceModel architecture/regression analysis - Model Dependency ViewerDocumented design - Simulink Report GeneratorRequirements traceability using Simulink Verification and Validation™Design conforms to standards using Model Advisor
Requirements
Model
Simulink&
StateflowTrace:RMI
Conformance:Model Advisor
![Page 11: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/11.jpg)
11
® ®
Example detailed design including model reference and subsystems
Subsystem Reference Model
Top Model
![Page 12: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/12.jpg)
12
® ®
Model dependency viewer
![Page 13: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/13.jpg)
13
® ®
Example Model Advisor report
![Page 14: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/14.jpg)
14
® ®
Design Verification for Model-Based Design
Requirements based test casesAutomated testing using SystemTest™ and Simulink Verification and ValidationTraceability using Simulink Verification and Validation
Robustness testing and analysisBuilt in Simulink run-time diagnosticsFormal proofs using Simulink Design Verifier™
Coverage AnalysisVerify structural coverage of modelVerify data coverage of model
Requirements
Model
Simulink&
Stateflow
Verify:SystemTest
SLDV Property ProvingModel Coverage
![Page 15: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/15.jpg)
15
® ®
SystemTest for requirements based testing
![Page 16: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/16.jpg)
16
® ®
SystemTest – example reportData Plotting and expected
results comparisons
Summary of results
![Page 17: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/17.jpg)
17
® ®
Signal Builder and Assertion Blocks
![Page 18: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/18.jpg)
18
® ®
Model coverage report example – signal ranges
![Page 19: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/19.jpg)
19
® ®
Simulink Design Verifier – Coverage Test
Generated Test Cases
Model Test Report
![Page 20: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/20.jpg)
20
® ®
Simulink Design Verifier – Objective Test
Generated Test Cases
Model with Constraints and Objectives Test Report
![Page 21: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/21.jpg)
21
® ®
Simulink Design Verifier – Property Proving
Property to be proven
ReportModel with Assumption and Objective
![Page 22: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/22.jpg)
22
® ®
Design Process take-awaysModular reusable implementations
Platform independent designScalable to large teams
Consistent and compliant implementationsCommon design language Automated verification of standards compliance
Efficient verification processDevelop verification procedures in parallel with designCoverage analysis early in the processAutomated testing and analysis Requirements
Model
Simulink&
StateflowTrace:RMI
Verify:SystemTest
SLDV Property ProvingModel Coverage
Conformance:Model Advisor
![Page 23: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/23.jpg)
23
® ®
Coding Process for Model-Based Design
Automatic code generationReal-Time Workshop Embedded Coder
TraceabilityHTML Code Traceability Report
Source code verificationComplies with standards using PolySpace MISRA-C®
checkerAccurate, consistent and robust using PolySpace™verifier Model
Source Code
Real-Time WorkshopEmbedded coder Conformance:
PolySpace Products
Trace:Model/Code Trace Report
![Page 24: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/24.jpg)
24
® ®
dependent models rebuilt
model changed and rebuilt
Incrementally Generate CodeIncremental code generation is supported via Model ReferenceWhen a model is changed, only models depending on it are subject to regeneration of their code
Reduces application build times and ensure stability of a project’s codeDegree of dependency checking is configurable
![Page 25: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/25.jpg)
25
® ®
Add Links to Requirements
Requirements appear in the code
![Page 26: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/26.jpg)
26
® ®
Code to Model Trace Report
![Page 27: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/27.jpg)
27
® ®
Simulink Integration with PolySpace ProductsSimulink Integration with PolySpace ProductsInput1Input1
EntriesEntriesvarying from varying from --500 to 500500 to 500
K1 and K2K1 and K2ConstantsConstantsCan be tuned Can be tuned from from --297 to 297 to 303303
Lookup tablesLookup tablesMaps, surfaces,Maps, surfaces,algorithms, algorithms, extrapolationsextrapolationsAdjusted, tunedAdjusted, tuned
Math operationsMath operationsDivide, add, Divide, add, min/max, min/max, product, product, substractsubstract,,sumsum……
![Page 28: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/28.jpg)
28
® ®
See results in the modelSee results in the modelChange the modelChange the modelGenerate the production codeGenerate the production codeRun PolySpace softwareRun PolySpace software
PolySpace detected an error herePolySpace detected an error here(after having analyzed the generated code)(after having analyzed the generated code)
![Page 29: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/29.jpg)
29
® ®
Coding Process takeaways
Reusable and platform independent source codeTraceabilityMISRA-C complianceStatic verification and analysis
Model
Source Code
Real-Time WorkshopEmbedded coder Conformance:
PolySpace Products
Trace:Model/Code Trace Report
![Page 30: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/30.jpg)
30
® ®
Integration Process for Model-Based Design
Executable object code generationANSI® or ISO® C or C++ compatible compilerRun-time libraries provided
Executable object code verificationTest generation using Simulink Design VerifierCapability to build interface for Processor-In-the-Loop (PIL) testingAnalyze code coverage during PILAnalyze execution time during PILAnalyze stack PIL
Requirements
Model
Source Code
Object Code
Embedded IDE
Verify:SLDV Test Generation
Embedded IDE Link XXX
Verify:SystemTest
Embedded IDE Link XXX
![Page 31: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/31.jpg)
31
® ®
Processor-in-the-Loop (PIL) Verification- Execute Generated Code on Target Hardware
Embedded Target
Simulink
Plant ModelAlgorithm
(Software Component)
Cod
e G
ener
atio
n
Execution
• on host and target• non-real-time
Communication via one of
• data link e.g. serial, CAN, TCP/IP• debugger integration with MATLAB
![Page 32: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/32.jpg)
32
® ®
Integration Process Takeaways
Integration with multiple development environmentsTest cases and harnesses generated automaticallyEfficient processor in-the-loop test capability
Requirements
Model
Source Code
Object Code
Embedded IDE
Verify:SLDV Test Generation
Embedded IDE Link XXX
Verify:SystemTest
Embedded IDE Link XXX
![Page 33: Model-Based Design for Safety-Critical and Mission-Critical … · 3 ® ® Requirements Process for Model-Based Design Functional, operational, and safety requirements Exist one level](https://reader033.vdocument.in/reader033/viewer/2022042911/5f43e203bb8cc140e40a8160/html5/thumbnails/33.jpg)
33
® ®
Wrap-up
Tools to support the entire safety critical development processParticipation on SC-205/WG-71 committee for DO-178CSafety-Critical/DO-178B guideline document
Available to licensed customers with Real-Time Workshop Embedded CoderContact Bill Potter ([email protected]) or Tom Erkkinen ([email protected])