ISO 26262 Compliance with Parasoft

Try Parasoft

ISO 26262 Software Development and Testing with Parasoft

ISO 26262 "Road vehicles – Functional safety" is a functional safety standard that covers electrical and electronic automotive systems and their development process including requirements specification, design, implementation, integration, verification, validation, and configuration. The standard provides guidance on automotive safety lifecycle activities by specifying the following requirements:

  • Functional safety management for automotive applications
  • The concept phase for automotive applications
  • Product development at the system level for automotive applications
  • Product development at the hardware level for automotive applications
  • Product development at the software level for automotive applications
  • Production, operation, service and decommissioning
  • Supporting processes: interfaces within distributed developments, safety management requirements, change and configuration management, verification, documentation, use of software tools, qualification of software components, qualification of hardware components, and proven-in-use argument.
  • Automotive Safety Integrity Level (ASIL)-oriented and safety-oriented analyses

Part 6 of the standard specifically addresses product development at the software level. Requirements for the following development activities are specified:

  • Initialization of product development
  • Specification of software safety requirements
  • Software architectural design
  • Unit design and implementation
  • Unit testing
  • Software integration and testing
  • Verification of software safety requirements

ISO 26262 specifies E/E systems lifecycle starting with a Hazard and Safety Analysis, which is a base for deducing the class of risk level (ASIL) required to avoiding an unreasonable residual risk. ASIL D represents the most stringent level and ASIL A the least stringent level. ASILs are used to define required safety measures for given system which are implemented in a variety of technologies, like mechanical, electronic, programmable electronic, etc.

For the system development at the software level, users need to deploy a collection of software testing techniques. Which specific testing methods are required depends on the ASIL level classification of the system. For example, users developing systems classified as ASIL A will only need to demonstrate statement coverage to prove sufficient level of software testing, while users developing ASIL D systems will need to invest more work to assure appropriate level of MC/DC coverage.

To comply with ISO 26262, organizations must implement multiple processes and requirements supported with software tools. Usage of the tools in ISO 26262 is regulated and has to be preceded with analysis (classification) and potentially qualification, which is a formal process of approving the tool for use. Tools that automate software development activities can significantly help organizations meet ISO 26262 requirements, and software tool qualification proves that the tool is suitable for developing a safety-related item or element.

One of the qualification methods defined in the ISO 26262 relies on running the development tool on a control codebase and making sure that the product is consistent and accurate. Parasoft’s Tool Qualification Kit brings more automation than other vendors, to make the process as least time consuming as possible. With its Qualification Support Tool, Parasoft runs static analysis, unit tests, and any other testing practice used in your development process on a set of control code, and automatically generates the reports necessary to qualify the tool.

How to Leverage Parasoft Tools for ISO 26262 Compliance

With Parasoft C/C++test, users can reduce the cost of achieving ISO 26262 compliance by automating multiple testing methods required by the standard. Time saved thanks to the automated testing process can be spent on developing the core product. Automatically-generated reports and dashboards provide teams with a practical way to prevent, expose, and correct errors in the software and prepare the documentation required for the audits.

Parasoft C/C++test facilitates and automates the software testing methods specified in ISO 26262, part 6 of which is devoted to product development at the software level. The following tables match key software testing methods from ISO 26262 with Parasoft C/C++test. (The tables are intended to provide a sample of Parasoft functionality and are by no means complete.)

Initialization of Product Development at the Software Level

This section of ISO 26262 (Part 6) defines general information about the process of software development and validation. See specifics in table below.

5.4.6 Requirements for achieving correctness of software design and implementation. Methods described here apply to both modeling and programming languages.
Requirement Parasoft C/C++test capability
Enforcement of low complexity Reports cyclomatic complexity, essential complexity, Halstead complexity, and other code metrics
Use of language subset Coding standards enforcement, e.g., detection of unsafe language constructions
Enforcement of strong typing Coding standards enforcement, Implicit conversions detection
Use of defensive implementation techniques Enforces defensive programming against appropriate coding standards rules, e.g., checking the return value of malloc, checking the error code value returned by called functions, etc.
Use of established design principles Enforcement of industry coding standards rule sets, e.g. MISRA C/C++, JSF, HIS source code metrics, etc.
Use of unambiguous graphical representation Enforcement of specific formatting conventions
Use of style guides Enforcement of specific coding conventions
Use of naming conventions Enforcement of specific naming conventions

Software Unit Design and Implementation

This section defines the process of specifying and implementing software units, as well as the verification of the design and implementation.

8.4.5 Specifies the verification methods for checking software unit design and implementation.
Requirement Parasoft C/C++test capability
Control flow analysis Control Flow Analysis
Data flow analysis Data flow analysis
Static code analysis Coding standards enforcement

Software Unit Testing

This section defines the process of planning, defining, and executing software unit testing.

9.4.1 Describes general information about unit test execution
Requirement Parasoft C/C++test capability
Unit test execution
  • Unit test execution module
  • Reports module for presenting results
Unit test specification
  • Configurable unit test generation module creates tests according to the defined specification
  • Test Case Explorer module presents a list of all defined test cases with pass/fail status
9.4.2 Describes methods used to specify and execute unit tests
Requirement Parasoft C/C++test capability
Requirement-based tests
  • Users can design unit test cases with Parasoft C/C++test according to requirements
  • Unit test cases can be attributed with requirement ID
  • Parasoft C/C++test reporting framework integrates with Requirements Management Systems and generates reports presenting test results in context of specific requirements
Unit test specification
  • Maps test cases with requirements and/or defects in conjunction with the Concerto
  • Supports user-defined test cases created manually and tests created with the Test Case Editor
Interface tests
  • Unit test cases can be created
  • Uses function stubs and data sources to emulate behavior of external components for automatic unit test execution
Fault injection tests
  • Enforcing fault conditions using function stubs
  • Automatic unit test generation using different set of preconditions (e.g., min, max, heuristic values)
9.4.3 Defines methods that should be used to create test cases
Requirement Parasoft C/C++test capability
Analysis of requirements Parasoft DTP provides requirements to code and requirements to test traceability
Generation and analysis of equivalence classes
  • Uses factory functions to prepare sets of input parameter values for automated unit test generation
  • Uses data sources to efficiently use a wide range of input values in tests
Analysis of boundary values
  • Automatically-generated test cases (e.g.heuristic values, boundary values)
  • Employs data sources to use a wide range of input values in tests
Error guessing
  • Uses the function stubs mechanism to inject fault conditions into tested code
  • Flow Analysis results can be used to write additional tests
9.4.4 Defines the methods for demonstrating the completeness of the test cases
Requirement Parasoft C/C++test capability
Statement coverage Code Coverage module
Branch coverage Code Coverage module
MC/DC (modified condition/decision coverage) Code Coverage module
9.4.5 Defines the requirements for the test environment.
Requirement Parasoft C/C++test capability
Test environment for unit testing shall correspond as far as possible to the target environment Unit test execution on both target device and simulator to perform tests in different environments (e.g. software-in-the-loop, processor-in-the-loop, hardware-in-the-loop

Software Integration and Testing

10.4.2 Describes general information about executing software integration tests.
Requirement Parasoft C/C++test capability
Integration tests Flexible configuration of tested software scope (from single function to entire application)
10.4.5 Defines methods for demonstrating completeness of integration testing.
Requirement Parasoft C/C++test capability
Function Coverage Code Coverage module
Function Call Coverage Code Coverage module
10.4.7 Defines requirements for the integration test environment.
Requirement Parasoft C/C++test capability
Test environment for software integration testing shall correspond as far as possible to the target environment
  • Integration tests can be executed on both target device and simulator to perform tests in different environments (e.g. software-in-the-loop, processor-in-the-loop, hardware-in-the-loop)
  • Flexible stub framework
  • Service virtualization module is available to thoroughly mimic complete system

Developing ISO 26262-compliant software for E/E systems in automobiles is no easy feat, but Parasoft eases the burden by offering a broad range of analysis tools and, enabling you to automatically monitor compliance with your development policy — bridging the gap between development activities and business processes. Development teams can also generate configurable test reports that contain a high level of detail, which helps facilitate the work required for the software verification process.