User manual THE MATHWORKS DO QUALIFICATION KIT 1 DO-178B

[. . . ] DO Qualification Kit 1 Model-Based Design Workflow for DO-178B How to Contact The MathWorks Web Newsgroup www. mathworks. com/contact_TS. html Technical Support www. mathworks. com comp. soft-sys. matlab suggest@mathworks. com bugs@mathworks. com doc@mathworks. com service@mathworks. com info@mathworks. com Product enhancement suggestions Bug reports Documentation error reports Order status, license renewals, passcodes Sales, pricing, and general information 508-647-7000 (Phone) 508-647-7001 (Fax) The MathWorks, Inc. 3 Apple Hill Drive Natick, MA 01760-2098 For contact information about worldwide offices, see the MathWorks Web site. DO Qualification Kit Model-Based Design Workflow for DO-178B © COPYRIGHT 2010 by The MathWorks, Inc. The software described in this document is furnished under a license agreement. The software may be used or copied only under the terms of the license agreement. [. . . ] The Model Advisor may be used to assist in verifying that requirements links are consistent, and can identify model components that do not trace to requirements. The following capabilities may be qualified as a verification tool using the DO Qualification Kit product: · DO-178B checks in the Simulink Verification and Validation product. 1-17 1 DO-178B Software Life Cycle · System Design Description report in the Simulink Report Generator product. Algorithms Are Accurate If models are defined as high-level software requirements, accuracy of the algorithms may be verified using a combination of model reviews and simulation. The Simulink Report Generator product may be used to generate a System Design Description report that includes a trace report to the higher-level requirements. The SystemTest and Simulink Verification and Validation products may be used to develop test cases from the system requirements and execute those test cases on the model, assisting in verifying the accuracy of the algorithms within the model. The Model Advisor may be used to assist in verifying the proper usage of certain Simulink blocks and data types. The following capabilities may be qualified as a verification tool using the DO Qualification Kit product: · When used for pass and fail determination, the Limit Check element in the SystemTest product. · DO-178B checks in the Simulink Verification and Validation product. · System Design Description report in the Simulink Report Generator product. 1-18 Verification of Design Process Verification of Design Process The following table contains a summary of the verification of design process objectives from DO-178B, including the objective, applicable DO-178B reference sections, and software levels applicable to the objective. The table also describes the available Model-Based Design tools for satisfying the objectives. Table A-4 Verification of Design Process Objective Sections Software Levels A, B, C Available Products for Model-Based Design Simulink Verification and Validation, Simulink Design Verifier, SystemTest, Simulink Report Generator, DO Qualification Kit Simulink Verification and Validation, SystemTest, Simulink Report Generator, DO Qualification Kit Simulink Verification and Validation, Simulink Report Generator, DO Qualification Kit Simulink Verification and Validation, Simulink Design Verifier, SystemTest, Simulink Report Generator, DO Qualification Kit Simulink Verification and Validation, Simulink Report Generator, DO Qualification Kit Simulink Verification and Validation, Simulink Report Generator, DO Qualification Kit 1 Low-level requirements comply with high-level requirements. 6. 3. 2a 2 Low-level requirements are accurate and consistent. Low-level requirements are compatible with the target computer. Low-level requirements are verifiable. 6. 3. 2b A, B, C 3 6. 3. 2c A, B 4 6. 3. 2d A, B 5 Low-level requirements conform to standards. Low-level requirements are traceable to high-level requirements. 6. 3. 2e A, B, C 6 6. 3. 2f A, B, C 1-19 1 DO-178B Software Life Cycle Table A-4 Verification of Design Process (Continued) Objective Sections Software Levels A, B, C Available Products for Model-Based Design Simulink Verification and Validation, SystemTest, Simulink Report Generator, DO Qualification Kit Simulink Report Generator 7 Algorithms are accurate. 6. 3. 2g 8 Software architecture is compatible with high-level requirements. Software architecture is compatible with the target computer. Software architecture conforms to standards. Software partitioning integrity is confirmed. 6. 3. 3a A, B, C 9 6. 3. 3b A, B, C Simulink Verification and Validation, Simulink Report Generator, DO Qualification Kit Simulink Verification and Validation, Simulink Report Generator, DO Qualification Kit Simulink Verification and Validation, Simulink Report Generator, DO Qualification Kit Simulink Verification and Validation, Simulink Report Generator, DO Qualification Kit Not applicable 10 6. 3. 3c A, B 11 6. 3. 3d A, B 12 6. 3. 3e A, B, C 13 6. 3. 3f A, B, C, D The following sections describe in more detail the potential impacts for each of the verification of design process objectives when using Model-Based Design, if applicable, as compared to traditional development. Low-Level Requirements Comply with High-Level Requirements If models are defined as low-level software requirements, compliance with high-level software requirements may be accomplished using a combination 1-20 Verification of Design Process of model reviews, model analysis, and simulation. The Simulink Report Generator product may be used to generate a System Design Description report that includes a trace report to the system requirements. The SystemTest and Simulink Verification and Validation products may be used to develop test cases from the high-level requirements and execute those test cases on the model to assist in verifying that the high-level requirements are satisfied. The Simulink Design Verifier product may be used to prove properties of the model in order to assist in verifying certain high-level requirements are satisfied. The following capabilities may be qualified as a verification tool using the DO Qualification Kit product: · When used for pass and fail determination, the Limit Check element in the SystemTest product. · System Design Description report in the Simulink Report Generator product. If the models are defined as high-level software requirements, code may be generated directly from the high-level requirements, and this objective does not apply. For details, see DO-178B, Section 6. 1. b. Low-Level Requirements Are Accurate and Consistent If models are defined as low-level software requirements, accuracy and consistency may be verified using a combination of model reviews and simulation. [. . . ] If requirements-based test cases are developed at the model level and reused for testing of the executable object code, the model coverage capability may be used during development of the requirements based test cases. Using the 1-41 1 DO-178B Software Life Cycle tool helps predict the effectiveness of the test cases in providing structural coverage for the generated code. Test Coverage of Software Structure (Statement Coverage) Is Achieved Statement coverage of the software structure may be verified using a commercial, off-the-shelf structural coverage analysis tool. This analysis is accomplished during the execution of the requirements based tests described in "Executable Object Code Complies with High-Level Requirements" on page 1-34. If requirements-based test cases are developed at the model level and reused for testing of the executable object code, then the model coverage capability may be used during development of the requirements based test cases. [. . . ]