search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
Feature: EDA


The aim of qualification Qualification of a soſtware library is critical because code from the library is linked with the application and installed in the target device. If a library component is defective, the functional safety of the entire application can be jeopardised. Every functional safety standard has its own specific objectives


when it comes to using soſtware libraries, but, in general, they all share a common goal: to verify that the library implementation complies with the specification. ISO 26262 provides two routes to library qualification, detailed in ISO 26262 Parts 6 and 8. Te SuperGuard C Library Safety Qualification Suite can be used in both cases.


SuperGuard tests When implementing the requirements-based testing recommended in Parts 6 and 8 of the ISO 26262 functional safety standard, the main issue with the C and C++ standard library specifications is that, although they provide a detailed behavioural description for each function, neither defines a clear set of requirements. Te necessary requirements for each function must therefore be created from the behavioural descriptions. Te SuperGuard C Library Safety Qualification Suite incorporates


the proven tests for the C standard library already included in the Solid Sands SuperTest compiler test and verification suite, which tracks the (ISO) language specifications. However, SuperGuard goes much further than SuperTest in terms of its reporting capabilities, documenting requirements, individual tests and test results in accordance with functional safety standards such as ISO 26262, EN 50128 and IEC 61508. Te tests in SuperGuard’s test suite are designed according to


the following principles, making them suitable for a wide range of development environments: SuperGuard tests are behavioural tests – i.e. they verify that


the behaviour of the implementation complies with the library specification. Each test executes the construct or function under test and compares the results of execution with the expected (‘model’) results defined in the library specification. Te test itself reports success or failure to the test driver. In order to check the behaviour of the implementation, these


tests are compiled and executed in an execution environment, which means the entire toolchain, including the target processor, is involved in each test. Tis makes SuperGuard suitable for hardware- in-the-loop library verification. Te tests for the freestanding part of the library (typically used in


bare-metal systems) require minimal resources. Most SuperGuard tests can run on systems with less than 4k memory, making it possible to use SuperGuard on very small embedded systems. To implement requirements-based testing, SuperGuard provides


a detailed breakdown of the C standard library specifications into testable implementation requirements together with test specifications describing how each requirement is tested. By linking individual test execution results back to the corresponding test specification, test requirement and standard library function, SuperGuard provides the full traceability needed for requirements-


based testing. To provide evidence of completeness, it provides close to 100% structural code coverage for more than 80% of the functions, with high modified-condition/decision coverage (MC/DC). Note that this addresses the library implementation itself, not the underlying OS layer.


Header files and function-like macros Te C language throws in one more spanner to complicate the tester’s life; i.e., not all functions in the C standard library are only implemented as pre-compiled binaries. Many are also heavily dependent on information contained in source header files. Tese header files, which define things such as types, global variables and macros, are as much a part of the library as the (pre-compiled) library functions. Many functions are implemented both as a real function and as a macro; for speed and efficiency it is common practice to use the macro implementation. Both are tested by SuperGuard. Unlike the corresponding binaries, function-like macros are not


pre-compiled. Tey are compiled by the SDK’s compiler together with the application source code. It is therefore important that, together with other content in the header files, they are verified for the specific use-case of a given safety-critical application. In the C++ library the use of macros is elevated to an even higher level through type-generic templates that exist only in the headers.


Full traceability Safety-critical applications require soſtware developers to do everything in their power to ensure that their development processes, toolchains and application code pose no risk of injury, loss of life, the interruption of essential services, or damage to the environment. When using third-party and/or commercial off-the-shelf (COTS) tools and components, including compilers and standard libraries, developers should not assume that these tools and components are error-free or that pre-qualification implies that to be the case. Qualification is only truly valid if carried out in precisely the same development environment and under exactly the same use-case scenario as used in the application. Employing the library test suite included in the Solid Sands


SuperTest compiler test and verification solution, the SuperGuard C Library Safety Qualification Suite adds the traceability needed to relate the results of requirements-based tests – the recommended method of testing in functional safety standards such as ISO 26262 – back to the C standard library specification. Full traceability is provided by breaking down the ISO C standard library functional specifications into clearly-defined requirements, developing suitable test specifications to check those requirements, and implementing them in accordance with ISO 26262 recommendations. In addition, it allows soſtware developers to perform these tests in the same development environment, under the same use-case conditions and on the same target hardware used in their application, with close to 100% structural code coverage. By generating a comprehensive qualification report tailored to


the needs of ISO 26262 certification organisations, SuperGuard alleviates much of the burden of demonstrating the integrity of library components used in safety-critical applications.


www.electronicsworld.co.uk October 2021 27


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46