Simulink Code Inspector
Simulink Code Inspector supports a constrained set of modeling semantics and code optimizations often used for high-integrity system models. A compatibility checker provided by Simulink Code Inspector determines whether your model complies with the constrained set. You can invoke compatibility checking interactively from the Simulink Code Inspector user interface or programmatically using MATLAB® commands. You can place blocks and other portions of a model identified as incompatible within a referenced model, and then configure Simulink Code Inspector to omit the incompatible referenced model during code inspection. You can then perform a manual code inspection for models not automatically reviewed.
Code inspection is independent of code generation. By default, Simulink Code Inspector assumes that the code has already been generated. However, you can configure the inspector to generate code as part of the code inspection process. You can also specify the locations of the generated source code files, such as those used by your production build processes. The inspection can be invoked via the user interface or the command line.
Simulink Code Inspector examines the following general categories during code inspection:
The specific analyses performed range from high-level interface assessment, such as checking whether the initialize and step functions were generated, to a detailed analysis of block execution order to determine if the data dependency between two block components is preserved in the generated code.
You can review the inspection status message directly in MATLAB or examine detailed reports, as described in the next section, which include a fine-grained traceability analysis with interactive links to the design objects.
With Simulink Code Inspector, you can generate reports detailing the code inspection results. You specify the location where the reports are stored. This makes it easy to archive and include the reports in your complete certification package. The inspection report begins by identifying the exact model and source code examined, using the model checksum, path names, and date/time stamp. It then provides a summary of the verifications performed and each item’s status (for example, verified, partially verified, or failed). A detail section describes the verification results for every file, function, and line of the generated code.
Code inspection details include:
Traceability details include:
The standard RTCA/DO-178 Software Considerations in Airborne Systems and Equipment Certification specifies objectives for source code verification. The automated code inspection Simulink Code Inspector provides significantly reduces the time required for satisfying DO-178 source code verification objectives, as shown in the table below. Additionally, Objective (4) Source code conforms to standards can be satisfied using tools such as the MISRA C® analyzer provided by Polyspace Bug Finder™. Tool qualification support for Simulink Code Inspector and Polyspace® products is provided by DO Qualification Kit (for DO-178).
DO-178C Objectives Compatible with Simulink Code Inspector
|Annex A Table||Objective||DO-331 Reference*||Software Levels|
|Table MB A-5||(1) Source code complies with low-level requirements||Section MB 6.3.4a||A, B, C|
|Table MB A-5||(2) Source code complies with software architecture||Section MB 6.3.4b||A, B, C|
|Table MB A-5||(3) Source code is verifiable||Section MB 6.3.4c||A, B|
|Table MB A-5||(5) Source code is traceable to low-level requirements||Section MB 6.3.4e||A, B, C|
|Table MB A-5||(6) Source code is accurate and consistent**||Section MB 6.3.4f||A, B, C|
*DO-331, Model-Based Development and Verification Supplement to DO-178C and DO-278A
**Does not cover objectives requiring compiler and object code analysis.