Model-Based Development of Embedded Software in Compliance with ISO 26262

• Foundations of model-based development
• Overview of development
• ISO 26262 and development cycle
  • ISO 26262
  • Development cycle and functional safety process
• Functional safety
  • Hands-on: Hazard examples
  • Hazard analysis and risk assessment
  • ASIL determination
  • Fault types
  • ASIL allocation, ASIL decomposition
  • ISO 26262 work products
• Overview on quality assurance activities
  • Model and code verification
  • Combination of quality assurance measures
  • Continuous test process
• Benefits of Model-based development

• Basics of software architecture
• Expected properties of an ISO 26262-compliant software architecture
• Software architecture in models
• Principles for layered models
• Interface handling in models
• Simulink design patterns for safety-critical software

• Model structure analysis
• Introduction to complexity metrics
• Calculating model complexity
• Measures to reduce model complexity
• Identification of ineffective interfaces and model clones
• Hands-on: Model structure
  • Learn the workflow in MXAM
  • Analyze model complexity (using MXAM on your models)
  • Get used to complexity values and look at most complex subsystems
  • Analyze ineffective interfaces in your models
  • Look at cloned subsystems in your models
  • Discuss different ways to refactor complexity and clones
• Hands-on: Model refactoring
  • Simplify refactoring of models
  • Usage of Autolayout to improve model layout

• Main challenges and typical use cases
• Quality assessment workflow
• Calculation of quality
• Live exercise: Quality monitoring project

• Overview of modeling guidelines
• General modeling guidelines for MISRA- and ISO 26262-compliant modeling
• Specific guidelines on improving code generator application
• Automatic checking of modeling guidelines
• Hands-on
  • Analyze models for guideline compliance (using MXAM on your models)
  • Understand and discuss findings regarding layout, understandability, …
  • Look at Stateflow modeling and the findings in your models
  • Guidelines for consistent models: color, naming, configuration, …
  • Repair models supported by MXAM in a safe and guided way
  • Reuse analysis results for documentation and later review

• Foundations of tool qualification
• Determination of the tool confidence level
• Qualification methods
• Live exercise: Presentation and discussion of a tool qualification kit

• ISO 26262 requirements in the testing process
• Test goals on different testing levels
• Regression testing and back-to-back testing, MiL – SiL – PiL
• Model and code coverage
• Automatic test evaluation with test assessment
• Live exercise: Model testing project
  • Introduction to a test project
  • Understanding test case definition and the corresponding signal curves
  • MiL and SiL test case execution
  • Textual requirements and the corresponding formal requirements
  • Test evaluation by generated test assessments
  • Mil-SiL back-to-back test for test evaluation
  • Model coverage of Simulink and Stateflow units
  • Batch testing for automated test re-execution

• Prioritizing ISO 26262 requirements for model-based development
• Assessing effort and benefits of ISO 26262 requirements
• Available methods and tools for process tailoring

Qualification assessment (SAE Certificate of Competency optional)