5. Reactis Usage and Flow in ISO 26262 Design Environments

In this section we describe how the specific ISO 26262 tasks can be assembled into a complete ISO 26262-compliant model-based process (shown in Figure 5.1).

Fig. 5.1 An ISO 26262 model-based development process. Numbers indicate the relevant clause of ISO 26262-6.

In the reference process, executable models are produced as components of the architectural and unit designs, which are used to guide the implementation of the software. During the testing phases, the conformance of the implementation is confirmed via testing. Reactis can help during all of these phases.

During the architectural design phase (ISO 26262-6 clause 7), Reactis can be used during walkthroughs and inspections, to verify architectural designs by testing them against their safety requirements, and for simulation of the dynamic behavior of the design to find runtime errors (ISO 26262-6 requirement 7.4.14).

During the unit design and implementation phase (ISO 26262-6 clause 8), Reactis can be used for walkthroughs and inspections and to verify unit designs by testing them against their safety requirements. Reactis can also be used to measure the level of structural coverage obtained when executing a set of tests on the model.

During the unit testing phase (ISO 26262-6 clause 9), Reactis can be used to perform back-to-back comparisons of implementations and models, and also directly test C code against requirements if desired, in order to satisfy ISO 26262-6 requirement 9.4.2.

During the integration testing phase (ISO 26262-6 clause 10), Reactis can be used to perform a second round of back-to-back testing, this time comparing systems composed from multiple units against architectural models, in order to comply with ISO 26262 requirement 10.4.2.

During the safety requirements verification phase (ISO 26262-6 clause 11), tests can be exported from Reactis and then used to test the embedded software in its target environment.