Verifying automatically generated flight code using Simulink and Embedded Coder for DO-178 Objectives

August 23, 2012 // By Tom Erkkinen
This article describes how to measure code efficiency and perform code verification activities using MATLAB and Simulink product family Release 2011b, featuring the Embedded Coder for flight code generation. The development and verification activities discussed are intended to satisfy DO-178B and upcoming DO-178C objectives, including the Model-Based Development and Verification supplement planned for release with the DO-178C update. Not every tool or DO-178 objective is examined; rather, the focus of this article is on new technologies.

Automatically generating code from simulation models is a key development activity in Model-Based Design that inherently reduces the time and effort teams spend on hand coding. Successful deployment to a high performance embedded system requires production of extremely efficient code. Code efficiency objectives include minimizing memory usage and maximizing execution speed. Successful deployment for military and defense systems also requires the ability to rigorously verify the code. Code verification objectives include compliance to requirements and conformance to standards.

Source Code Assessment

Code Efficiency

Code efficiency metrics are divided into two broad categories. The first measures memory usage in terms of RAM, ROM, and stack size; the second measures execution cycle counts or speed. Embedded Coder helps software engineers analyze and optimize the memory footprint of generated code by producing a code metrics report after code generation. This report shows Lines of code, global RAM and stack size based on a static analysis of the source code and knowledge of the target hardware characteristics, such as integer word sizes. The analysis is static because it does not take into account the cross-compilation and execution of the code. This allows engineers to perform a quick pass for optimizing memory usage based on the source code, for example, by trying different data types or modifying logic in the model. However, the next analysis and optimization phase would require the full embedded tool chain for on-board memory utilization and execution time assessment, as described in Executable Object Code Assessment below.

Figure 1: Static Code Metrics Repor. For full resolution click here

Code Verification

Source code verification relies heavily on code reviews and requirements traceability analysis. A new product from MathWorks, Simulink Code Inspector, automatically performs a structural analysis of the generated source code and assesses its compliance with the low-level requirements model. The inspection checks if every line of code has a corresponding element or block in the model. Likewise, it checks elements

Design category: