Contents

Math Operations

hisl_0001: Usage of Abs block

ID: Titlehisl_0001: Usage of Abs block
DescriptionTo support robustness of generated code, when using the Abs block,
AAvoid Boolean and unsigned integer data types as inputs to the Abs block.
BIn the Abs block parameter dialog box, select Saturate on integer overflow.
Notes

The Abs block does not support Boolean data types. Specifying an unsigned input data type, might optimize the Abs block out of the generated code, resulting in a block you cannot trace to the generated code.

For signed data types, Simulink® does not represent the absolute value of the most negative value. When you select Saturate on integer overflow, the absolute value of the data type saturates to the most positive representable value. When you clear Saturate on integer overflow, absolute value calculations in the simulation and generated code might not be consistent or expected.

RationaleASupport generation of traceable code.
BAchieve consistent and expected behavior of model simulation and generated code.
Model Advisor Checks
References
  • IEC 61508-3, Table A.3 (3) 'Language subset'
    IEC 61508-3, Table A.4 (3) 'Defensive programming'
    IEC 61508-3, Table A.3 (2) 'Strongly typed programming language'
    IEC 61508-3, Table B.8 (3) 'Control Flow Analysis'

  • ISO 26262-6, Table 1 (b) 'Use of language subsets'
    ISO 26262-6, Table 1 (d) 'Use of defensive implementation techniques'
    ISO 26262-6, Table 7 (f) 'Control flow analysis'

  • EN 50128, Table A.4 (11) 'Language Subset'
    EN 50128, Table A.3 (1) 'Defensive Programming'
    EN 50128, Table A.4 (8) 'Strongly Typed Programming Language'
    EN 50128, Table A.19 (3) 'Control Flow Analysis'

  • DO-331, Section MB.6.3.2.d 'Low-level requirements are verifiable'

  • MISRA-C:2004, Rule 14.1
    MISRA-C:2004, Rule 21.1

Last ChangedR2013b
Examples

Recommended

Not Recommended

hisl_0002: Usage of Math Function blocks (rem and reciprocal)

ID: Titlehisl_0002: Usage of Math Function blocks (rem and reciprocal)
Description

To support robustness of generated code, when using the Math Function block with remainder-after-division (rem) or reciprocal (reciprocal) functions:

A

Protect the input of the reciprocal function from going to zero.

B

Protect the second input of the rem function from going to zero.

Note

You can get a divide-by-zero operation, resulting in an infinite (Inf) output value for the reciprocal function, or a Not-a-Number (NaN) output value for the rem function. To avoid overflows or undefined values, protect the corresponding input from going to zero.

RationaleA, BProtect against overflows and undefined numerical results.
Model Advisor Checks

By Task > Modeling Standards for DO-178C/DO-331 > Check usage of Math Operations blocks

References
  • IEC 61508-3, Table A.3 (3) 'Language subset'
    IEC 61508-3, Table A.4 (3) 'Defensive programming'

  • ISO 26262-6, Table 1(b) 'Use of language subsets'
    ISO 26262-6, Table 1(d) 'Use of defensive implementation techniques'

  • EN 50128, Table A.4 (11) 'Language Subset'
    EN 50128, Table A.3 (1) 'Defensive Programming'

  • DO-331, Section MB.6.3.2.g 'Algorithms are accurate'

  • MISRA-C:2004, Rule 21.1

Last ChangedR2014a
Examples

In the following example, when the input signal oscillates around zero, the output exhibits a large change in value. You need further protection against the large change in value.

hisl_0003: Usage of Square Root blocks

ID: Titlehisl_0003: Usage of Square Root blocks
Description

To support robustness of generated code, when using the Square Root block, do one of the following:

A

Account for complex numbers as the output.

B

Protect the input from going negative.

RationaleA, BAvoid undesirable results in generated code.
References
  • IEC 61508-3, Table A.3 (3) 'Language subset'
    IEC 61508-3, Table A.4 (3) 'Defensive programming'

  • ISO 26262-6, Table 1(b) 'Use of language subsets'
    ISO 26262-6, Table 1(d) 'Use of defensive implementation techniques'

  • EN 50128, Table A.4 (11) 'Language Subset'
    EN 50128, Table A.3 (1) 'Defensive Programming'

  • DO-331, Section MB.6.3.2.g 'Algorithms are accurate'

Last ChangedR2013b
Examples

hisl_0028: Usage of Reciprocal Square Root blocks

ID: Titlehisl_0028: Usage of Reciprocal Square Root blocks
Description

To support robustness of generated code, when using the Reciprocal Square Root block, do one of the following:

A

Protect the input from going negative.

B

Protect the input from going to zero.

Note

You can get a divide-by-zero operation, resulting in an (Inf) output value for the reciprocal function. To avoid overflows or undefined values, protect the corresponding input from going to zero.

RationaleA, BAvoid undesirable results in generated code.
References
  • IEC 61508-3, Table A.3 (3) 'Language subset'
    IEC 61508-3, Table A.4 (3) 'Defensive programming'

  • ISO 26262-6, Table 1(b) 'Use of language subsets'
    ISO 26262-6, Table 1(d) 'Use of defensive implementation techniques'

  • EN 50128, Table A.4 (11) 'Language Subset'
    EN 50128, Table A.3 (1) 'Defensive Programming'

  • DO-331, Section MB.6.3.2.g 'Algorithms are accurate'

Last ChangedR2013b
Examples

hisl_0004: Usage of Math Function blocks (natural logarithm and base 10 logarithm)

ID: Titlehisl_0004: Usage of Math Function blocks (natural logarithm and base 10 logarithm)
Description

To support robustness of generated code, when using the Math Function block with natural logarithm (log) or base 10 logarithm (log10) function parameters,

A

Protect the input from going negative.

B

Protect the input from equaling zero.

C

Account for complex numbers as the output value.

Notes

If you set the output data type to complex, the natural logarithm and base 10 logarithm functions output complex values for negative input values. If you set the output data type to real, the functions output NAN for negative numbers, and minus infinity (-inf) for zero values.

RationaleA, B, CSupport generation of robust code.
Model Advisor Checks

By Task > Modeling Standards for DO-178C/DO-331 > Check usage of Math Operations blocks

References
  • IEC 61508-3, Table A.3 (3) 'Language subset'
    IEC 61508-3, Table A.4 (3) 'Defensive programming'

  • ISO 26262-6, Table 1(b) 'Use of language subsets'
    ISO 26262-6, Table 1(d) 'Use of defensive implementation techniques'

  • EN 50128, Table A.4 (11) 'Language Subset'
    EN 50128, Table A.3 (1) 'Defensive Programming'

  • DO-331, Section MB.6.3.2.g 'Algorithms are accurate''

Last ChangedR2013b
Examples

You can protect against:

  • Negative numbers using an Abs block.

  • Zero values using a combination of the MinMax block and a Constant block, with Constant value set to eps (epsilon).

The following example displays the resulting output for input values ranging from -100 to 100.

 

hisl_0005: Usage of Product blocks

ID: Titlehisl_0005: Usage of Product blocks
Description

To support robustness of generated code, when using the Product block with divisor inputs,

A

In Element-wise(.*) mode, protect divisor inputs from going to zero.

B

In Matrix(*) mode, protect divisor inputs from becoming singular input matrices.

C

Set the model configuration parameter Diagnostics > Data Validity > Signals > Division by singular matrix to error.

Notes

When using Product blocks for element-wise divisions, you might get a divide by zero, resulting in a NaN output. To avoid overflows, protect divisor inputs from going to zero.

When using Product blocks to compute the inverse of a matrix, or a matrix division, you might get a divide by a singular matrix. This division results in a NaN output. To avoid overflows, protect divisor inputs from becoming singular input matrices.

During simulation, while the software inverts one of the input values of a Product block that is in matrix multiplication mode, the Division by singular matrix diagnostic can detect a singular matrix.

RationaleA, B, CProtect against overflows.
Model Advisor Checks

By Task > Modeling Standards for DO-178C/DO-331 > Check safety-related diagnostic settings for signal data

References
  • IEC 61508-3, Table A.3 (3) 'Language subset'
    IEC 61508-3, Table A.4 (3) 'Defensive programming'

  • ISO 26262–6, Table 1(b) 'Use of language subsets'
    ISO 26262–6, Table 1(d) 'Use of defensive implementation techniques'

  • EN 50128, Table A.4 (11) 'Language Subset'
    EN 50128, Table A.3 (1) 'Defensive Programming'

  • DO-331, Section MB.6.4.2.2 'Robustness Test Cases'
    DO-331, Section MB.6.4.3 'Requirements-Based Testing Methods'

  • MISRA-C:2004, Rule 21.1

Last ChangedR2013b

hisl_0029: Usage of Assignment blocks

ID: Titlehisl_0029: Usage of Assignment blocks
Description

To support robustness of generated code, when using the Assignment block, initialize array fields before their first use.

Notes

If the output vector of the Assignment block is not initialized with an input to the block, elements of the vector might not be initialized in the generated code.

When the Assignment block is used iteratively and all array field are assigned during one simulation time step, you do not need initialization input to the block.

Accessing uninitialized elements of block output can result in unexpected behavior.

RationaleAvoid undesirable results in generated code.
Model Advisor Checks
References
  • IEC 61508-3, Table A.3 (3) 'Language subset'
    IEC 61508-3, Table A.4 (3) 'Defensive programming'

  • ISO 26262–6, Table 1(b) 'Use of language subsets'
    ISO 26262–6, Table 1(d) 'Use of defensive implementation techniques'

  • EN 50128, Table A.4 (11) 'Language Subset'
    EN 50128, Table A.3 (1) 'Defensive Programming'

  • DO-331, Section MB.6.3.1.e 'High-level requirements conform to standards'
    DO-331, Section MB.6.3.2.e 'Low-level requirements conform to standards'

  • MISRA-C:2004, Rule 9.1

Last ChangedR2014a
Examples

Not Recommended: No initialization input Y0 when block is not used iteratively


Recommended: Initialization input Y0 when block is not used iteratively


Recommended: Initialize array fields when block is used iteratively

Was this topic helpful?