Featured On-Demand Webinar: Accelerate Software Compliance With AI Watch Now >>
ISO 26262 (the international standard for functional safety) is an automotive functional safety standard that covers the entire automotive product development process. ISO 26262 inherited or is an adaptation of safety requirements standard IEC 61508 for the industrial automation industry, but tailored specifically for the automotive industry. The latest version is ISO 26262-1:2018.
It includes activities such as requirements analysis , safety analysis, quality management, design, implementation, integration, verification, validation, and configuration. This applies to road vehicles such as motorcycles, traditional oil-powered cars and trucks, hybrids, and autonomous vehicles.
The standard provides guidance on automotive safety lifecycle activities for OEMs and other suppliers by specifying the following requirements:
Overall, ISO 26262 is separated into 12 parts to ISO that can be broken down simply using the above diagram.
Part 6 of the standard specifically addresses product development at the software level, and Parasoft users can save time and effort adhering to this part of the standard. Sections 6.9, 6.10, and 6.11 represent the testing or formal verification and validation of the software.
This includes the multiple verification methods (unit testing, static analysis, structural code coverage, requirements traceability, and more) recommended or highly recommended based on the assigned automotive safety integrity levels (ASIL). As with safety concepts and safety-related systems, the margin for error in hardware and software is thin.
Satisfy ISO 26262 compliance objectives by automating verification and validation methods like code reviews, requirements traceability, static analysis, unit testing, code coverage, and more, while also reducing the amount of labor costs and time to market.
Compliance Walkthroughs and Inspections
Parasoft’s walkthroughs or Code Review module is designed to make peer reviews more practical and productive by automating preparation, notification, and tracking. It automatically identifies updated code, matches it with designated reviewers, and tracks the progress of each review item until closure.
Compliance Control Flow Analysis
Parasoft technology uses several analysis techniques, including simulation of application execution paths, to identify paths that could trigger runtime defects. Defects detected include the use of uninitialized memory, null pointer dereferencing, division by zero, memory, and resource leaks.
Compliance Data Flow Analysis
Parasoft’s data flow analysis helps find potentially crash-causing defects like exceptions and resource leaks without having to create, execute, or maintain test cases. Also, shows whether actual application execution paths could lead to injection vulnerabilities, XSS, exposure of sensitive data, and other vulnerabilities. This provides a fast and easy way to identify reliability and performance problems without having to execute the application.
Compliance Static Code Analysis
Achieve compliance with safety coding standards such as MISRA, AUTOSAR C++14, and more. Or create your own custom coding standards configuration for your organization and suppliers using our RuleWizard.
Static Analysis Security Testing (SAST)
Weave compliance with security coding standards like SEI CERT, CWE, OWASP, DISA-ASD-STIG, and UL 2900 into the SA testing processes and ensure your code meets stringent security standards.
Code Coverage Compliance Requirements
Fulfill all ISO 26262 code coverage requirements. All code coverage types (statement, branch, MC/DC and more) are supported and help ensure code safety, security, and reliability by exposing untested code, dead code and flushes out defects.
Unit Testing
Isolate the unit to be tested with Parasoft’s automated stubbing framework and mocks in cases where the dependent code is unavailable, lacks controllability, or in instances where fault injection is difficult.
Automated Test Case Generation
Creating unit tests manually is tedious, but fortunately, unit tests lend themselves well to automatic unit test creation. Parasoft’s configurable test case generation can build smart test cases that will identify bugs, automate code coverage, collect results and metrics to feed project analytics.
Incorporate Static & Dynamic Analysis Into Your CI/CD Workflow
Parasoft’s static analysis, unit testing, regression testing, and code coverage integrate easily into your CI/CD pipeline. With continuous testing, teams can deliver safe, secure, and quality code — quickly.
Compliance Reporting
Parasoft’s dynamic reporting dashboard automatically tracks compliance and can automatically produce reports. It also enables advanced reporting strategies using historical data, even when working with large codebases and legacy code where visibility into the code is typically challenging.
Automate bidirectional traceability between requirements, test cases, test results, code, and code reviews.
Reduce the Cost of Defects
Code defects found in production or out in the field are the most expensive. Prevent them from slipping through the cracks by highlighting code that has not been tested before you release your application. This can be performed at the developer’s workstation or automated as part of the continuous integration (CI) pipeline.
Use a TÜV Certified & Proven Solution for Safety- & Security-Critical Systems
Parasoft solutions have been TÜV SÜD certified for ISO 26262 for all ASIL levels.
Test Smarter With AI & ML
Parasoft incorporates artificial intelligence and machine learning to improve productivity in your team’s static analysis workflow — flagging and prioritizing the violations that need to be fixed first.
“MISRA”, “MISRA C” and the triangle logo are registered trademarks of The MISRA Consortium Limited. ©The MISRA Consortium Limited, 2021. All rights reserved.
Upon completion of the HARA, an automotive safety integrity level (ASIL) is assigned to software components from levels ASIL A through ASIL D. Software categorized at level D will require a higher level of testing. Know what the expectations are.
To comply with ISO 26262, organizations must implement multiple processes and requirements, and techniques like static analysis and unit testing. Test automation activities will significantly improve code safety, security, reliability, and expedite organizations in achieving ISO 26262 compliance.
Parasoft C/C++test is certified by TÜV SÜD as suitable for use when developing safety-critical systems. Our TÜV certification covers C/C++test qualification for all levels of safety in ASIL. Parasoft also has a Qualification Kit that automates a significant part of the tool qualification process if it is ever needed.
ISO 26262 requires bidirectional traceability between requirements and the test cases that verify and validate the requirements. Parasoft C/C++test has bidirectional integration between ALM tools like Jama, Polarion, codebeamer, and Jira which fulfill and have extended traceability needs.
Parasoft C/C++test and Parasoft DTP cover all the bases in reporting the test verification and validation documentation needed to demonstrate compliance to ISO 26262, including audit purposes.
Adopt an automated software testing solution that will support and take you through the entire ISO 26262 software development life cycle. The Parasoft ISO 26262 compliance dashboard puts everything at your fingertips.
Parasoft’s tool suite provides a complete verification and validation framework with static analysis, unit testing, integration testing, system testing, structural code coverage, and more for the delivery of safe, secure, and reliable software, compliant to any ASIL level, satisfying ISO 26262.
Something else that’s extremely important to note is that C/C++test integrates right into your developers’ IDE. This dramatically shortens the learning curve, simplifies adoption, improves productivity and costs.
Begin by implementing your code to requirements. As the code is written, run the static analysis often to identify and fix any coding violations identified. This prevents defects in safety, security, and quality at the earliest and least expensive phase in software development agnostic of methodology, Agile, Waterfall, Spiral, and more.
As you move into and up the software verification phases (unit, integration, and system testing), strongly consider integrating your testing into your build process. Automation into a modern continuous integration and continuous delivery (CI/CD) workflow has shown to be very beneficial in many ways.
Defects are found quicker and often, the products improve rapidly, more features are introduced, release cycles are shorter, and much more. C/C++test easily integrates into modern CI/CD development ecosystems, offering the most value and cost-effective automated software tools and testing solutions.
Why Parasoft?
There are many unique advantages that Parasoft brings to the table. Since many of our clients span across industries ranging from medical devices to defense systems, our tools must be dynamic and robust. Parasoft solutions perform a variety of tasks from offering development tools to life cycle management. Here are some of the ways Parasoft solutions help embedded software teams comply with ISO 26262.
One key Parasoft C/C++test benefit is its dedicated integrations with embedded IDEs and debuggers. Supported IDE environments include Eclipse, VS Code, Green Hills Multi, Wind River Workbench, IAR EW, ARM MDK, ARM DS-5, TI CCS, Visual Studio, and many others.
C/C++test can also be used to execute unit, integration, and system tests on the host platform, simulator, or on the embedded target hardware. The fully integrated solution can be optimized to take minimal additional overhead for the binary footprint of process cycles.
One other huge benefit Parasoft brings to the table is its unique tool suite offering to address today’s automotive needs in terms of automotive testing and confirmation measures.
Parasoft SOAtest and Virtualize are well suited for network-based system-level testing of various types. Virtualize allows developers to build integrations earlier, stabilize dependencies, and gain full control of their test data. Teams can move forward quickly without waiting for access to dependent services that are either incomplete or unavailable.
SOAtest delivers fully integrated API and web service testing tools that automate end-to-end functional API testing. Teams can streamline automated testing with advanced functional test creation capabilities for applications with multiple interfaces and protocols.
Parasoft test automation solutions provide considerable time and cost savings. We strive to make it as painless as possible with as much hand-holding as needed for your safety goals in achieving ISO 26262 compliance. Our educational materials like webinars, whitepapers, and our blog act as ongoing supplemental tools, as well.
A functional safety standard like ISO 26262 is needed because automobiles have evolved into a complex electrical and electronic architecture, containing multiple interconnected ECUs with millions of lines of code.
Assurance that these systems are equipped to address the possible hazards caused by malfunctioning behavior is crucial. ISO 26262 lays out a set of objectives throughout the entire automobile product life cycle that helps address safety in the development of electronic systems.
Automotive Software Performance Improvement and Capability dEtermination (ASPICE) is a standard that defines the process for the development of software in the automotive industry.
ASPICE addresses practices in how teams should organize their projects and manage deliverables. It builds on each of the phases of the V-model to ensure continuous innovation and product development at every stage, to help the automotive supplier become more efficient.
It’s a standard that incorporates safety functions or a fail-safe function to provide a way for the electronic system to function correctly or fail in a predictable safe manner. Hardware failures and software failures can both have catastrophic effects. Your tool confidence levels increase by using tools with TÜV certification.
An example would be the thermal heat sensor in your vehicle’s engine to detect overheating so that the engine controller would not just notify the driver of its increasing hazard condition. Ultimately, this forces the shutdown of the vehicle to prevent a fire hazard and potential loss of life.