The LDRA tool suite is the premier choice for building quality into the software used in automobiles; for MISRA code standards enforcement and full software lifecycle quality management. Many automotive systems have achieved their software quality objectives with the aid of the LDRA tool suite.
Whenever an automotive system is developed that includes software as a design component, the safety of the operators, occupants and other road users are factors in the development of the system. To this end, the automotive industry relies on the MISRA coding standards for C and C++, the IEC 61508 Standard for Functional Safety of Electrical/Electronic/ Programmable Electronic Safety-Related Systems, and increasingly the emerging ISO 26262 Functional Safety standard for Road vehicles as the guidelines for building safety critical automotive systems.
Both IEC 61508 and the ISO 26262 Draft International Standard (DIS) provide guidelines for the development of safety related systems, including the development of software for use in them. The scope of these guidelines is somewhat broader than the strictest definition of validation, and includes all of the aspects of good software engineering, including planning, verification, testing, traceability and configuration management.
As a result of a system safety assessment, automotive systems are assigned a Safety Integrity Level (SIL) of 1 through 4 when IEC 61508 is used, or an Automotive Safety Integrity Level (ASIL) of A through D when ISO 26262 is used. The assigned SIL/ASIL is dependent on the risk that the device poses to the vehicle occupants and/or other road users. A SIL of 1 or an ASIL of A is assigned to the systems with the lowest risk and a SIL of 4 or ASIL of D assigned to those with the greatest risk. For both guidelines, the level of process rigor, including software validation and verification increases with an increase in Safety Integrity Level.
The IEC 61508/ISO 26262 Guidelines are fundamentally process documents defining the key elements required for the development of safe automotive systems, including safety critical software. The LDRA tool suite is the most complete software validation solution for the development of automotive software, supporting the entire IEC 61508 or ISO 26262 Guidelines process from requirements through to deployment, helping to eliminate or reduce labor intensive and error prone elements of the process:
1. Requirements Traceability - The IEC 61508 and ISO 26262 guidelines advocate a requirements driven process, whereby all components of the deployed software are traceable to the original high level requirements, resulting in 100% Requirements Test Coverage and a requirements traceability matrix. TBreq® is the only Requirements Traceability solution supporting the tracing of requirements throughout the entire development process. Using TBreq, requirements are traced from system level through to individual software components, including tracing the verification artifacts such as test cases and structural coverage analysis data that were generated to validate test completion and completeness. TBreq then provides the Requirements-Based Test Coverage Analysis required by the guidelines and automatically generates a requirements traceability matrix.
2. Coding Inspections - Recognised by the Motor Industry as a very effective means to detect errors before the execution of code, the use of code inspection is advocated for enforcing adherence to the Motor Industry Software Reliability Association (MISRA) C and C++ coding standards. The LDRA Testbed® product static analysis capabilities can be used to enforce compliance with the MISRA C or C++ coding standards, offering the most complete MISRA standards checking available, in addition to identifying latent defects in code.
3. Software Testing - Testing as early in the development lifecycle as feasibly possible is advocated for the development of automotive systems, starting with rigorous unit testing. The TBrun® product excels when it comes to this arena, enabling the generation of requirements driven tests, and their maintenance for regression test purposes. In addition, the TBeXtreme® product provides automated test case generation that helps minimize developers’ overhead when maximising the code covered by unit testing. This helps to improve code quality while alleviating the onerous nature and inherent inaccuracies prevalent in a manual unit testing process.
4. Structural Coverage Analysis - System tests created against the system level requirements are recommended for the development of automotive systems to assess test effectiveness and to ensure that 100% of the software code structure is exercised. The coverage analysis level required for a system should be commensurate with the level of risk posed by the software; the higher the system SIL/ASIL, the more in-depth the chosen coverage analysis metrics need to be. The LDRA Testbed® product provides automated coverage analysis measurement for the coverage metrics advocated for automotive systems.
5. Object Code Verification - For the most safety critical software, analysis at the high level language may not be enough. It is also necessary to guarantee that 100% of the object code produced by the compiler is also exercised. The LDRA Testbed Object Box coverage module enables the automated measurement of object code coverage, helping to ensure that all of the compiler generated code is exercised.
6. Tool Qualification - Before submitting Structural Coverage Analysis results from a tool to be as system validation data, it is often prudent to adopt a tool qualification process that verifies that the tool provides confidence at least equivalent to that of the process(es) eliminated. LDRA provides a Tool Qualification Support Package that includes documentation and test procedures required to ensure that LDRA Testbed can be qualified in a customer’s environment.
7. Secure Code - With the increase in the number of networked automotive devices, the need for CyberSecurity is increasing. The LDRA Testbed coding standards capability provides the ability to assess code against the CERT-C secure coding standard, ensuring that deployed automotive systems meets the highest secure standards.