Diagnostics

hisl_0036: Configuration Parameters > Diagnostics > Saving

ID: Titlehisl_0036: Configuration Parameters > Diagnostics > Saving
Description

Set these configuration parameters to error:

  • Block diagram contains disabled library links

  • Block diagram contains parameterized library links

RationalePrevent unexpected results.
Model Advisor Checks
  • By Task > Modeling Standards for DO-178C/DO-331 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for saving

  • By Task > Modeling Standards for IEC 61508 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for saving

  • By Task > Modeling Standards for IEC 62304 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for saving

  • By Task > Modeling Standards for EN 50128 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for saving

  • By Task > Modeling Standards for ISO 26262 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for saving

For check details, see Check safety-related diagnostic settings for saving (Simulink Check).

References
  • DO-331, Section MB.6.3.3.b ‘Software architecture is consistent’

  • IEC 61508-3, Table A.3 (3) 'Language subset'

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) 'Use of language subsets'
    ISO 26262-6, Table 1 (1f) 'Use of unambiguous graphical representation'

  • EN 50128, Table A.4 (11) 'Language Subset'

Last ChangedR2017b

hisl_0043: Configuration Parameters > Diagnostics > Solver

ID: Titlehisl_0043: Configuration Parameters > Diagnostics > Solver
Description

In the Configuration Parameters dialog box, on the Diagnostics pane, set the Solver parameters as follows:

  • Algebraic loop to error.

  • Minimize algebraic loop to error.

  • Block priority violation to error if you are using block priorities.

  • Automatic solver parameter selection to error.

  • State name clash to warning.

Note

Enabling diagnostics pertaining to the solver provides information to detect violations of other guidelines.

This table clarifies the result of not specifying the configuration parameter as indicated above.

Configuration ParameterResult
Algebraic loop Automatic breakage of algebraic loops can go undetected and might result in unpredictable block order execution.
Minimize algebraic loopAutomatic breakage of algebraic loops can go undetected and might result in unpredictable block order execution.
Block priority violationBlock execution order can include undetected conflicts that might result in unpredictable block order execution.
Automatic solver parameter selectionAn automatic change to the solver, step size, or simulation stop time can go undetected and might the operation of generated code.
State name clashA name being used for more than one state might go undetected.

RationaleSupport generation of robust and unambiguous code.
Model Advisor Checks
  • By Task > Modeling Standards for DO-178C/DO-331 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for solvers

  • By Task > Modeling Standards for IEC 61508 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for solvers

  • By Task > Modeling Standards for IEC 62304 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for solvers

  • By Task > Modeling Standards for EN 50128 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for solvers

  • By Task > Modeling Standards for ISO 26262 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for solvers

For check details, see Check safety-related diagnostic settings for solvers (Simulink Check).

References
  • DO-331, Section MB.6.3.3.b – Software architecture is consistent.
    DO-331, MB.6.3.3.e 'Software architecture conforms to standards’

  • IEC 61508-3, Table A.3 (3) 'Language subset’

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) 'Use of language subsets'

  • EN 50128, Table A.4 (11) 'Language Subset'

See Also
Last ChangedR2018b

hisl_0044: Configuration Parameters > Diagnostics > Sample Time

ID: Titlehisl_0044: Configuration Parameters > Diagnostics > Sample Time
Description

In the Configuration Parameters dialog box, on the Diagnostics > Sample Time pane, set these parameters to error:

  • Source block specifies -1 sample time

  • Multitask rate transition

  • Single task rate transition

  • Multitask conditionally executed subsystem

  • Tasks with equal priority

  • Enforce sample times specified by Signal Specification blocks

  • Unspecified inheritability of sample times

If the target system does not allow preemption between tasks that have equal priority, set Tasks with equal priority to none.

Note

Enabling diagnostics pertaining to the solver provides information to detect violations of other guidelines.

This table clarifies the result of not specifying the configuration parameter as indicated above.

Configuration ParameterResult
Source block specifies -1 sample timeUse of inherited sample times for a source block, such as Sine Wave, can go undetected and result in unpredictable execution rates for source and downstream blocks.
Multitask rate transitionInvalid rate transitions between two blocks operating in multitasking mode can go undetected. You cannot use invalid rate transitions for embedded real-time software applications.
Single task rate transitionA rate transition between two blocks operating in single-tasking mode can go undetected. You cannot use single-tasking rate transitions for embedded real-time software applications.
Multitask conditionally executed subsystemsA conditionally executed multirate subsystem, operating in multitasking mode. might go undetected and corrupt data or show unexpected behavior in a target system that allows preemption.
Tasks with equal priorityTwo asynchronous tasks with equal priority might go undetected and show unexpected behavior in target systems that allow preemption.
Enforce sample times specified by Signal Specification blocksInconsistent sample times for a Signal Specification block and the connected destination block might go undetected and result in unpredictable execution rates.
Unspecified inheritability of sample timesAn S-function that is not explicitly set to inherit sample time can go undetected and result in unpredictable behavior.

RationaleASupport generation of robust and unambiguous code.
Model Advisor Checks
  • By Task > Modeling Standards for DO-178C/DO-331 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for sample time

  • By Task > Modeling Standards for IEC 61508 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for sample time

  • By Task > Modeling Standards for IEC 62304 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for sample time

  • By Task > Modeling Standards for EN 50128 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for sample time

  • By Task > Modeling Standards for ISO 26262 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for sample time

For check details, see Check safety-related diagnostic settings for sample time (Simulink Check).

References
  • DO-331, Section MB.6.3.1.b 'High-level requirements are accurate and consistent’
    DO-331, Section MB.6.3.2.b 'Low-level requirements are accurate and consistent’
    DO-331, Section MB.6.3.3.b 'Software architecture is consistent’
    DO-331, Section MB.6.3.3.e – Software architecture conforms to standards.

  • IEC 61508-3, Table A.3 (3) 'Language subset’

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) 'Use of language subsets'
    ISO 26262-6, Table 1 (1f) 'Use of unambiguous graphical representation'

  • EN 50128, Table A.4 (11) 'Language Subset'

See AlsoModel Configuration Parameters: Sample Time Diagnostics in the Simulink documentation
Last ChangedR2017b

hisl_0301: Configuration Parameters > Diagnostics > Compatibility

ID: Titlehisl_0301: Configuration Parameters > Diagnostics > Compatibility
DescriptionSet configuration parameter S-function upgrades needed to error.
Rationale

Improve robustness of design.

Model Advisor Checks
  • By Task > Modeling Standards for DO-178C/DO-331 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for compatibility

  • By Task > Modeling Standards for IEC 61508 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for compatibility

  • By Task > Modeling Standards for IEC 62304 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for compatibility

  • By Task > Modeling Standards for EN 50128 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for compatibility

  • By Task > Modeling Standards for ISO 26262 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for compatibility

For check details, see Check safety-related diagnostic settings for compatibility (Simulink Check).

References
  • DO-331, Section MB.6.3.3.b – Software architecture is consistent

  • IEC 61508-3, Table A.4 (3) 'Defensive Programming’

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) 'Use of language subsets'
    ISO 26262-6, Table 1 (1d) 'Use of defensive implementation techniques'

  • EN 50128, Table A.3 (1) 'Defensive Programming'

See Also

Model Configuration Parameters: Compatibility Diagnostics in the Simulink documentation

Last ChangedR2017b

hisl_0302: Configuration Parameters > Diagnostics > Data Validity > Parameters

ID: Titlehisl_0302: Configuration Parameters > Diagnostics > Data Validity > Parameters
Description

In the Configuration Parameters dialog box, on the Diagnostics > Data Validity pane, set the Parameters parameters as follows:

  • Detect downcast to error

  • Detect underflow to error

  • Detect loss of tunability to error

  • Detect overflow to error

  • Detect precision loss to error

Rationale

Improve robustness of design.

Model Advisor Checks
  • By Task > Modeling Standards for DO-178C/DO-331 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for parameters

  • By Task > Modeling Standards for IEC 61508 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for parameters

  • By Task > Modeling Standards for IEC 62304 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for parameters

  • By Task > Modeling Standards for EN 50128 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for parameters

  • By Task > Modeling Standards for ISO 26262 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for parameters

For check details, see Check safety-related diagnostic settings for parameters (Simulink Check).

References
  • DO-331, Section MB.6.3.1.g – Algorithms are accurate
    DO-331, Section MB.6.3.2.g – Algorithms are accurate.

  • IEC 61508-3, Table A.4 (3) 'Defensive Programming’

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) 'Use of language subsets'
    ISO 26262-6, Table 1 (1d) 'Use of defensive implementation techniques'

  • EN 50128, Table A.3 (1) 'Defensive Programming'

See Also

Model Configuration Parameters: Data Validity Diagnostics in the Simulink documentation

Last ChangedR2018b

hisl_0303: Configuration Parameters > Diagnostics > Data Validity > Merge blocks

ID: Titlehisl_0303: Configuration Parameters > Diagnostics > Data Validity > Merge blocks
Description

Set configuration parameter Detect multiple driving blocks executing at the same time step to error.

Rationale

Improve robustness of design.

Model Advisor Checks
  • By Task > Modeling Standards for DO-178C/DO-331 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for Merge blocks

  • By Task > Modeling Standards for IEC 61508 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for Merge blocks

  • By Task > Modeling Standards for IEC 62304 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for Merge blocks

  • By Task > Modeling Standards for EN 50128 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for Merge blocks

  • By Task > Modeling Standards for ISO 26262 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for Merge blocks

For check details, see Check safety-related diagnostic settings for Merge blocks (Simulink Check).

References
  • DO-331 MB.6.3.2 (b) Accuracy and Consistency

  • IEC 61508-3, Table A.3 (3) - Language subset

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) - Use of language subsets

  • EN 50128, Table A.4 (11) - Language Subset

See Also

Detect multiple driving blocks executing at the same time step in the Simulink documentation

Last ChangedR2017b

hisl_0304: Configuration Parameters > Diagnostics > Data Validity > Model initialization

ID: Titlehisl_0304: Configuration Parameters > Diagnostics > Data Validity > Model initialization
Description

Set configuration parameter Underspecified initialization to Simplified.

Rationale

Improve robustness of design.

Model Advisor Checks
  • By Task > Modeling Standards for DO-178C/DO-331 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for model initialization

  • By Task > Modeling Standards for IEC 61508 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for model initialization

  • By Task > Modeling Standards for IEC 62304 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for model initialization

  • By Task > Modeling Standards for EN 50128 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for model initialization

  • By Task > Modeling Standards for ISO 26262 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for model initialization

For check details, see Check safety-related diagnostic settings for model initialization (Simulink Check).

References
  • DO-331, Section MB.6.3.3.b – Software architecture is consistent

  • IEC 61508-3, Table A.3 (3) - Language subset

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) - Use of language subsets

  • EN 50128, Table A.4 (11) - Language Subset

  • MISRA C:2012, Rule 9.1

See Also

Underspecified initialization detection in the Simulink documentation

Last ChangedR2017b

hisl_0305: Configuration Parameters > Diagnostics > Data Validity > Debugging

ID: Titlehisl_0305: Configuration Parameters > Diagnostics > Data Validity > Debugging
Description

Set configuration parameter Model Verification block enabling to Disable all.

Rationale

Improve robustness of design.

Model Advisor Checks
  • By Task > Modeling Standards for DO-178C/DO-331 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for data used for debugging

  • By Task > Modeling Standards for IEC 61508 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for data used for debugging

  • By Task > Modeling Standards for IEC 62304 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for data used for debugging

  • By Task > Modeling Standards for EN 50128 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for data used for debugging

  • By Task > Modeling Standards for ISO 26262 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for data used for debugging

For check details, see Check safety-related diagnostic settings for data used for debugging (Simulink Check).

References
  • DO-331, Section MB.6.3.1.e – High-level requirements conform to standards
    DO-331, Section MB.6.3.2.e – Low-level requirements conform to standards

  • IEC 61508-3, Table A.3 (3) - Language subset

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) - Use of language subsets

  • EN 50128, Table A.4 (11) - Language Subset

See Also

Model Verification block enabling in the Simulink documentation

Last ChangedR2017b

hisl_0306: Configuration Parameters > Diagnostics > Connectivity > Signals

ID: Titlehisl_0306: Configuration Parameters > Diagnostics > Connectivity > Signals
Description

In the Configuration Parameters dialog box, on the Diagnostics > Connectivity pane, set the Signals parameters as follows:

  • Signal label mismatch to error

  • Unconnected block input ports to error

  • Unconnected block output ports to error

  • Unconnected line to error

Rationale

Improve robustness of design.

Model Advisor Checks
  • By Task > Modeling Standards for DO-178C/DO-331 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for signal connectivity

  • By Task > Modeling Standards for IEC 61508 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for signal connectivity

  • By Task > Modeling Standards for IEC 62304 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for signal connectivity

  • By Task > Modeling Standards for EN 50128 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for signal connectivity

  • By Task > Modeling Standards for ISO 26262 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for signal connectivity

For check details, see Check safety-related diagnostic settings for signal connectivity (Simulink Check).

References
  • DO-331, Section MB.6.3.1.e – 'High-level requirements conform to standards'
    DO-331, Section MB.6.3.2.e – 'Low-level requirements conform to standards'

  • IEC 61508-3, Table A.3 (3) - 'Language subset'

  • IEC 62304, 5.5.3 - 'Software Unit acceptance criteria'

  • ISO 26262-6, Table 1 (1b) - 'Use of language subsets'
    ISO 26262-6, Table 1 (1f) - 'Use of unambiguous graphical representation'

  • EN 50128, Table A.4 (11) - 'Language Subset'

See Also

Model Configuration Parameters: Connectivity Diagnostics in the Simulink documentation

Last ChangedR2017b

hisl_0307: Configuration Parameters > Diagnostics > Connectivity > Buses

ID: Titlehisl_0307: Configuration Parameters > Diagnostics > Connectivity > Buses
Description

In the Configuration Parameters dialog box, on the Diagnostics > Connectivity pane, set the Buses parameters as follows:

  • Unspecified bus object at root Outport block to error

  • Element name mismatch to error

  • Bus signal treated as vector to error

  • Non-bus signals treated as bus signals to error

  • Repair bus selections to Warn and repair

Rationale

Improve robustness of design.

Model Advisor Checks
  • By Task > Modeling Standards for DO-178C/DO-331 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for bus connectivity

  • By Task > Modeling Standards for IEC 61508 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for bus connectivity

  • By Task > Modeling Standards for IEC 62304 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for bus connectivity

  • By Task > Modeling Standards for EN 50128 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for bus connectivity

  • By Task > Modeling Standards for ISO 26262 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for bus connectivity

For check details, see Check safety-related diagnostic settings for bus connectivity (Simulink Check).

References
  • DO-331, Section MB.6.3.3.b – Software architecture is consistent

  • IEC 61508-3, Table A.3 (3) - Language subset

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) - Use of language subsets

  • EN 50128, Table A.4 (11) - Language Subset

See Also

Model Configuration Parameters: Connectivity Diagnostics in the Simulink documentation

Last ChangedR2018b

hisl_0308: Configuration Parameters > Diagnostics > Connectivity > Function calls

ID: Titlehisl_0308: Configuration Parameters > Diagnostics > Connectivity > Function calls
Description

In the Configuration Parameters dialog box, on the Diagnostics > Connectivity pane, set the Function calls parameters as follows:

  • Invalid function-call connection to error

  • Context-dependent inputs to Enable all as errors

Rationale

Improve robustness of design.

Model Advisor Checks
  • By Task > Modeling Standards for DO-178C/DO-331 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings that apply to function-call connectivity

  • By Task > Modeling Standards for IEC 61508 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings that apply to function-call connectivity

  • By Task > Modeling Standards for IEC 62304 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings that apply to function-call connectivity

  • By Task > Modeling Standards for EN 50128 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings that apply to function-call connectivity

  • By Task > Modeling Standards for ISO 26262 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings that apply to function-call connectivity

For check details, see Check safety-related diagnostic settings that apply to function-call connectivity (Simulink Check).

References
  • DO-331, Section MB.6.3.3.b – Software architecture is consistent

  • IEC 61508-3, Table A.3 (3) - Language subset

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) - Use of language subsets

  • EN 50128, Table A.4 (11) - Language Subset

See Also

Model Configuration Parameters: Connectivity Diagnostics in the Simulink documentation

Last ChangedR2017b

hisl_0309: Configuration Parameters > Diagnostics > Type Conversion

ID: Titlehisl_0309: Configuration Parameters > Diagnostics > Type Conversion
Description

In the Configuration Parameters dialog box, on the Diagnostics > Type Conversion pane, set these parameters as follows:

  • Unnecessary type conversion to warning

  • Vector/matrix block input conversion to error

  • 32-bit integer to single precision float conversion to warning

Rationale

Improve robustness of design.

Model Advisor Checks
  • By Task > Modeling Standards for DO-178C/DO-331 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for type conversions

  • By Task > Modeling Standards for IEC 61508 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for type conversions

  • By Task > Modeling Standards for IEC 62304 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for type conversions

  • By Task > Modeling Standards for EN 50128 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for type conversions

  • By Task > Modeling Standards for ISO 26262 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for type conversions

For check details, see Check safety-related diagnostic settings for type conversions (Simulink Check).

References
  • DO-331, Section MB.6.3.1.g – Algorithms are accurate
    DO-331, Section MB.6.3.2.g – Algorithms are accurate

  • IEC 61508–3, Table A.3 (2) Strongly typed programming language
    IEC 61508–3, Table A.4 (3) Defensive programming

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) Use of language subsets
    ISO 26262-6, Table 1 (1c) Enforcement of strong typing
    ISO 26262-6, Table 1 (1d) Use of defensive implementation techniques

  • EN 50128, Table A.4 (8) Strongly Typed Programming Language
    EN 50128, Table A.3 (1) Defensive Programming

See Also

Model Configuration Parameters: Type Conversion Diagnostics in the Simulink documentation

Last ChangedR2017b

hisl_0310: Configuration Parameters > Diagnostics > Model Referencing

ID: Titlehisl_0310: Configuration Parameters > Diagnostics > Model Referencing
Description

In the Configuration Parameters dialog box, on the Diagnostics > Model Referencing pane, set these parameters as follows:

  • Model block version mismatch to none

  • Port and parameter mismatch to error

  • Invalid root Inport/Outport block connection to error

  • Unsupported data logging to error

Rationale

Improve robustness of design.

Model Advisor Checks
  • By Task > Modeling Standards for DO-178C/DO-331 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for model referencing

  • By Task > Modeling Standards for IEC 61508 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for model referencing

  • By Task > Modeling Standards for IEC 62304 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for model referencing

  • By Task > Modeling Standards for EN 50128 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for model referencing

  • By Task > Modeling Standards for ISO 26262 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for model referencing

For check details, see Check safety-related diagnostic settings for model referencing (Simulink Check).

References
  • DO-331, Section MB.6.3.1.d – High-level requirements are verifiable
    DO-331, Section MB.6.3.2.d – Low-level requirements are verifiable.
    DO-331, Section MB.6.3.3.b – Software architecture is consistent

  • IEC 61508-3, Table A.3 (3) - Language subset

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) - Use of language subsets

  • EN 50128, Table A.4 (11) - Language Subset

See Also

Model Configuration Parameters: Model Referencing Diagnostics in the Simulink documentation

Last ChangedR2018a

hisl_0311: Configuration Parameters > Diagnostics > Stateflow

ID: Titlehisl_0311: Configuration Parameters > Diagnostics > Stateflow®
Description

In the Configuration Parameters dialog box, on the Diagnostics > Stateflow pane, set these parameters:

  • Unexpected backtracking to error

  • Invalid input data access in chart initialization to error

  • No unconditional default transitions to error

  • Transitions outside natural parent to error

  • Undirected event broadcasts to error

  • Transition action specified before condition action to error

  • Unreachable execution path to error

Rationale

Improve robustness of design and promote a clear modeling style.

Model Advisor Checks
  • By Task > Modeling Standards for DO-178C/DO-331 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for Stateflow

  • By Task > Modeling Standards for IEC 61508 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for Stateflow

  • By Task > Modeling Standards for IEC 62304 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for Stateflow

  • By Task > Modeling Standards for EN 50128 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for Stateflow

  • By Task > Modeling Standards for ISO 26262 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for Stateflow

For check details, see Check safety-related diagnostic settings for Stateflow (Simulink Check).

References
  • DO-331, Section MB.6.3.1.b 'High-level requirements are accurate and consistent'
    DO-331, Section MB.6.3.1.e 'High-level requirements conform to standards'
    DO-331, Section MB.6.3.1.g 'Algorithms are accurate'
    DO-331, Section MB.6.3.2.b 'Low-level requirements are accurate and consistent'
    DO-331, Section MB.6.3.2.d 'Low-level requirements are verifiable'
    DO-331, Section MB.6.3.2.e 'Low-level requirements conform to standards'
    DO-331, Section MB.6.3.2.g 'Algorithms are accurate'

  • EN 50128, Table A.4 (11) - 'Language Subset'
    EN 50128, Table A.12 (6) - 'Limited Use of Recursion'

  • IEC 62304, 5.5.3 - 'Software Unit acceptance criteria'

  • ISO 26262-6, Table 1 (1b) - 'Use of language subsets'
    ISO 26262-6, Table 8 (1j) - 'No recursions'

  • IEC 61508-3, Table A.3 (3) - 'Language subset'

  • MISRA C:2012, Rule 17.2

See Also

Model Configuration Parameters: Stateflow Diagnostics in the Simulink documentation

Last ChangedR2018b

hisl_0314: Configuration Parameters > Diagnostics > Data Validity > Signals

ID: Titlehisl_0314: Configuration Parameters > Diagnostics > Data Validity > Signals
Description

In the Configuration Parameters dialog box, on the Diagnostics > Data Validity pane, set the Signals parameters as follows:

  • Signal resolution to Explicit only

  • Division by singular matrix to error

  • Underspecified data types to error

  • Inf or NaN block output to error

  • “rt” prefix for identifiers to error

  • Wrap on overflow to error

  • Saturate on overflow to error

  • Simulation range checking to error

Rationale

Improve robustness of design.

Model Advisor Checks
  • By Task > Modeling Standards for DO-178C/DO-331 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for signal data

  • By Task > Modeling Standards for IEC 61508 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for signal data

  • By Task > Modeling Standards for IEC 62304 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for signal data

  • By Task > Modeling Standards for EN 50128 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for signal data

  • By Task > Modeling Standards for ISO 26262 > High-Integrity Systems > Configuration > Check safety-related diagnostic settings for signal data

For check details, see Check safety-related diagnostic settings for signal data (Simulink Check).

References
  • DO-331, Section MB.6.4.2.2 'Robustness Test Cases’
    DO-331, Section MB.6.4.3 'Requirements-Based Testing Methods’
    DO-331, Section MB.6.3.1.e 'High-level requirements conform to standards'
    DO-331, Section MB.6.3.2.e 'Low-level requirements conform to standards'
    DO-331, Section MB.6.3.1.g 'Algorithms are accurate'
    DO-331, Section MB.6.3.2.g 'Algorithms are accurate'
    DO-331, Section MB.6.3.3.b 'Software architecture is consistent'

  • IEC 61508-3, Table A.3 (3) 'Language subset’
    IEC 61508-3, Table A.4 (3) 'Defensive programming’

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) 'Use of language subsets'
    ISO 26262-6, Table 1 (1d) 'Use of defensive implementation techniques'

  • EN 50128, Table A.4 (11) 'Language Subset'
    EN 50128, Table A.3 (1) 'Defensive Programming'

  • MISRA C:2012, Dir 4.1

See AlsoModel Configuration Parameters: Data Validity Diagnostics
Last ChangedR2018a