Discover TÜV-certified GoogleTest with Agentic AI for C/C++ testing!
Get the Details »
Whitepaper
Curious what’s in the guide? Start with the preview below.
With the growing reliance on software in embedded systems, ensuring quality has become increasingly challenging. Many developers cannot readily run test programs in actual deployment environments because they lack access to final system hardware. To address this and other challenges, code quality needs to be addressed throughout the development lifecycle using a synergy of proven techniques for early defect prevention, assisted by automation for implementation and monitoring.
As software complexity increases in railway systems, so do the risks of systematic and random failures. The EN 50128 standard defines requirements and processes to reduce these risks to a tolerable level. Parasoft’s C and C++ development testing solution supports the application of EN 50128 and its successor EN 50716. They enable teams to produce higher-quality embedded software, test more efficiently, and consistently track progress toward quality goals.
Parasoft automates key quality activities—including static analysis, unit and component testing, and code coverage—across the entire development cycle, starting on the engineer’s desktop to prevent the introduction of defect-prone coding patterns.
This technical whitepaper explains how to achieve functional safety in railway software by satisfying EN 50128/EN 50716 requirements, and how Parasoft C/C++test helps teams meet SIL 0–4 through automated static analysis, dynamic testing, coverage, and comprehensive reporting.
EN 50128 is part of a group of related European Standards that define requirements for railway applications. Other standards in the group are:
EN 50128 is titled, "Communication, Signaling and Processing Systems – Software for Railway Control and Protection Systems" and specifically addresses the software aspect of railway applications. The standard defines five software safety integrity levels (SIL). The lowest SIL is 0 and the highest is 4.
The software integrity level depends on the possible risk resulting from a software failure. Software that carries a safety higher risk in the event of a failure is categorized with a higher SIL. For each SIL, the required techniques and measures are defined in the EN 50128 normative tables of Annex A.
Be aware that EN 50716 supersedes both EN 50128 (signaling/control) and EN 50657 (on-board rolling stock), merging them into a single, unified standard for railway software, and aligning closely with EN 50126 (RAMS) and EN 50129 (Safety).
Parasoft C/C++test is an integrated development testing solution for automating a broad range of best practices proven to improve software development team productivity and software quality, including:
This provides teams a practical way to prevent, expose, and correct errors in order to ensure that their C and C++ code works as expected. To promote rapid remediation, each problem detected is prioritized based on configurable severity assignments, automatically assigned to the developer who wrote the related code, and distributed to his or her IDE with direct links to the problematic code and a description of how to fix it.
C/C++test automates the complete test execution flow, including test case creation, cross-compilation, deployment, and execution. It then loads results, which include coverage metrics, back into the GUI. Testing can be driven interactively from the GUI or from the command line for automated test execution, as well as batch regression testing.
In the interactive mode, users can run tests individually or in selected groups for easy debugging or validation. For batch execution, tests can be grouped based either on the user code they are linked with, or their name or location on disk.
HTML, PDF, and custom format reports can be configured via GUI controls or an options file. The standard reports include a pass/fail summary of code analysis and test results, a list of analyzed files, and a code coverage summary.
The reports can be customized to include a listing of active static analysis checks, expanded test output with pass/fail status of individual tests, parameters of trend graphs for key metrics, and full code listings with color-coding of all code coverage results. Generated reports can be automatically sent via email, based on a variety of role-based filters. In addition to providing data directly to the developers responsible for the code flagged for defects, C/C++test sends summary reports to managers and team leads.
Code analysis and test results, coverage analysis, and other C/C++test data can be sent to Parasoft DTP where it’s correlated with data generated by third-party analyzers, source control, defect tracking, and other infrastructure components, and then processed. The result is actionable, intelligent analytics that provide visibility into the risk associated with the application under test, and also the traceability required to demonstrate EN 50128 compliance.
Defect review and correction are facilitated through automated task assignment and distribution. Each defect detected is prioritized, assigned to the developer who wrote the related code, and distributed to his or her IDE with full data and cross-links to code. To help managers assess and document trends, centralized reporting ensures real-time visibility into quality status and processes. This data also helps determine if additional actions are needed to satisfy internal goals or demonstrate regulatory compliance.
The EN 50128 standard defines requirements for supporting tools used for development and verification of railway software. Parasoft C/C++test can be categorized as tool class T2, which is defined as a tool that "supports the test or verification of the design or executable code, where errors in the tool can fail to reveal defects but cannot directly create errors in the executable software." As required for tools of class T2, C/C++test provides a user’s guide that clearly defines the behavior of the tool and gives instructions on its use.
The tables below present techniques and measures recommended and/or mandated by the EN 50128 standard, normative Annex A, that can be satisfied or partially satisfied using Parasoft C/C++test. For each technique and measure, the tables below list a brief description about how to comply or partially comply with it using the Parasoft C/C++test capabilities. The following markers indicate that for the given SIL:
The following tables detail how Parasoft C/C++test functionality maps to EN 50128 requirements across different software development and verification categories. Each table shows the applicable Safety Integrity Level (SIL) recommendations.
| C/C++test Functionality | SIL 0 | SIL 1 | SIL 2 | SIL 3 | SIL 4 |
|---|---|---|---|---|---|
| Modular approach | HR | M | M | M | M |
| Use the coding standards and code metric modules to verify that the code has proper modularity by checking coupling between objects metric, usage of global variables, number of function parameters, code documentation and more. | |||||
| Components | HR | HR | HR | HR | HR |
| Use the coding standards module to verify the robustness and maintainability of the software components. See Table A.20 for details. | |||||
| Design and Coding Standards | HR | HR | HR | M | M |
| Use one of the pre-defined test configurations for coding standards (MISRA C, MISRA C++, JSF++, etc.) or prepare custom test configuration using an appropriate set of built-in and user-defined coding standards rules – including C/C++ best practices, avoiding dangerous code, conforming to naming and formatting conventions for readability, and many more. See Table A.12 for details. | |||||
| Structured Programming | R | HR | HR | HR | HR |
| Use the coding standards and code metrics modules to verify the structural complexity of the software components (e.g. by keeping cyclomatic and essential complexity metric values for functions at an appropriate level. | |||||
| Language Subset | – | – | – | HR | HR |
| Use the coding standards module with a customizable configuration of coding standards rules to verify that the code applies the desired C/C++ language subset – use one of the pre-defined configurations (e.g. MISRA C/C++, CERT C/C++, JSF++, Ellemtel Coding Standards and more) or prepare a custom C/C++ subset. | |||||
| Object Oriented Programming | R | R | R | R | R |
| C/C++test Functionality | SIL 0 | SIL 1 | SIL 2 | SIL 3 | SIL 4 |
|---|---|---|---|---|---|
| Static Analysis | – | HR | HR | HR | HR |
| Perform Static Analysis using a customizable set of Coding Standards, Control Flow and Data Flow Analysis Rules. See Table A.19 for details. | |||||
| Dynamic Analysis and Testing | – | HR | HR | HR | HR |
| Perform Unit Test execution (on different levels: from file-scope to project-scope) and Application Monitoring – both with Code Coverage Analysis. See Table A.13 for details. | |||||
| Metrics | – | R | R | R | R |
| Use code metrics and coding standards modules to calculate a wide range of code metrics, including complexity metrics, coupling between objects, depth of inheritance, etc. | |||||
| Traceability | R | HR | HR | M | M |
| Connect unit tests with requirements, development tasks or defects by inserting the appropriate information as metadata in code comments. | |||||
| Test Coverage for Code | R | HR | HR | HR | HR |
| Use the coverage module to report code coverage for the executed unit tests and for the functional tests executed by monitoring the running application. See Table A.21 for details. | |||||
| Functional/ Black Box Testing | HR | HR | HR | M | M |
| Execute the unit tests prepared to verify the functionality of the developed code. See Table A.14 for details. | |||||
| Interface Testing | HR | HR | HR | HR | HR |
| Execute the unit tests that were automatically generated using a wide range of input values for the tested functions (boundary values, characteristic parameter values, user-defined values for given types, etc.) Use external data sources to define a single Unit Test with a number of input combinations. | |||||
Note: Additional compliance tables (A.6, A.7, A.8, A.12, A.13, A.14, A.19, A.20, A.21, A.22, A.23) follow the same structure, mapping C/C++test capabilities to SIL requirements across Integration, Overall Software Testing, Software Analysis Techniques, Coding Standards, Dynamic Analysis and Testing, Functional/Black Box Testing, Static Analysis, Components, Test Coverage for Code, Object Oriented Software Architecture, and Object Oriented Detailed Design categories. Each table provides detailed descriptions of how to satisfy specific EN 50128 requirements using Parasoft tools.
Parasoft C/C++test helps railway software development teams to fully or partially satisfy software development and verification process requirements defined by standard EN 50128 and its successor EN 50716. Teams gain important insights when DTP aggregates the results from automated testing and code analysis in C/C++test. The intelligent analytics and continuous monitoring of the testing significantly reduce the work required for software verification.
Ready to dive deeper?
