Simulink Verification and Validation

Key Features

  • Compliance checking for MAAB style guidelines and high-integrity system design guidelines (DO-178, ISO 26262, IEC 61508, and related industry standards)
  • Model Advisor Configuration Editor, including custom check authoring
  • Requirements Management Interface for traceability of model objects, code, and tests to requirements documents
  • Automatic test-harness generation for subsystems
  • Component testing via simulation, software-in-the-loop (SIL), and processor-in-the-loop (PIL)
  • Programmable scripting interface for automating compliance checking, requirements traceability analysis, and component testing
Analysis views and reports generated by Simulink Verification and Validation for requirements tracing, modeling standards compliance checking, component testing, and model coverage.
Analysis views and reports generated by Simulink Verification and Validation for requirements tracing, modeling standards compliance checking, component testing, and model coverage.

Working with Simulink Verification and Validation

The Requirements Management Interface creates links that connect external documents with Simulink® blocks. These links can be used for requirements reviews, design reviews, traceability analysis, and project documentation.

Using the Requirements Management Interface, you can:

  • Associate Simulink and Stateflow® objects with requirements
  • Navigate from a Simulink or Stateflow object to requirements
  • Review requirements links in your model using highlighting and tags that you define
  • Create reports for your Simulink model that show which objects link to which requirements

Simulink Verification and Validation provides a library of ready-to-use checks for compliance checking with style guidelines and modeling standards. The checks are preconfigured to support MathWorks Automotive Advisory Board (MAAB) Style Guidelines and the DO-178B and IEC 61508 standards for developing high-integrity software.

Using Model Advisor and modeling standards checks, you can:

  • Run checks against models or model components to verify compliance with modeling guidelines
  • Create and share check configurations
  • Automate running of checks using the command-line API
  • Author custom checks for new modeling style guidelines

Simulink Verification and Validation provides component testing functions that generate harness models and log data from existing models to help you run simulations of model components. You can:

  • Automate component testing of models
  • Extract subsystem or subchart content into a new model for analysis
  • Log input port values in simulation
  • Simulate models using test cases
  • Run tests against generated code
  • Collect and analyze model coverage

Tracing Requirements to Models, Tests, and Generated Code

The Requirements Management Interface in Simulink Verification and Validation lets you link Simulink and Stateflow objects to text in requirements documents. It supports requirements stored in IBM® Rational® DOORS®, Microsoft® Word, Excel®, PDF, or HTML files. It can be customized to support additional document types and requirements management systems.

Requirements Traceability 1:51
Connect models, tests, and code with requirement definitions, using Requirements Tracebility interface in Simulink Verification and Validation™.

Creating Links

Links are references in the model that point to external documents. They are associated with model blocks unique identifiers that ensure robustness and persistence of requirements traceability information.

Requirements traceability lets you select a requirement object or bookmark in an external document and create a link via context menus in Simulink. In the Requirements dialog box you can apply keywords and descriptions to links for a more targeted analysis.

Requirements Management Interface context menu and Requirements dialog box.
Requirements Management Interface context menu and Requirements dialog box.

Reviewing Designs and Requirements

The Requirements Management Interface lets you highlight blocks in the model or generate a requirements report that combines images of model subsystems with information from requirements documents. You can customize report templates using Simulink Report Generator.

In conjunction with IBM Rational DOORS, Simulink Verification and Validation lets you replicate Simulink links as link objects in DOORS, enabling bidirectional traceability without the need to modify requirement documents. The Requirements Management Interface synchronizes your links in DOORS and Simulink. As a result, you can create links in IBM Rational DOORS or IBM Rational DOORS Web Access and then synchronize them with Simulink models.To ensure that your requirements links are consistent with their source documents, you can run requirements consistency checks that identify removed or modified requirements. These checks can be combined with other Model Advisor checks for systematic analysis of models.

Reviewing Code

Using Embedded Coder, HDL Coder, or Simulink PLC Coder to generate code from your models enables you to include requirements labels as comments in your source code and as hyperlinks in the code generation report. Hyperlinks in the code generation report provide direct navigation from code to requirements.

Visit the MathWorks Connections Program for third-party requirements management solutions that support the Requirements Management Interface and provide linking and traceability.

Annotated source code, created with Real-Time Workshop Embedded Coder, showing hyperlinks to requirements.
Annotated source code, created with Embedded Coder, showing hyperlinks to requirements.

Modeling Standards Compliance Checking

Simulink Verification and Validation provides checks for the following:

  • MathWorks Automotive Advisory Board
  • DO-178B
  • IEC 61508 (ISO 26262)
  • Requirements consistency

You can run individual checks or a group of checks with the Model Advisor. Each check comes with detailed documentation and recommendations for resolving inconsistencies; some checks also provide additional configuration options.

Modeling Standards Compliance 1:30
Verify compliance with modeling standards using Model Advisor.

You can modify shipping checks using the Model Advisor Configuration Editor, which enables you to:

  • Select combinations of checks
  • Save a selection of checks as a new configuration
  • Import and apply checks from an existing configuration
  • Add custom checks to the configuration
  • Export and deploy a configuration
Violation in highlighted model block found through modeling standards checks in Model Advisor.
Violation in highlighted model block found through modeling standards checks in Model Advisor.

The scripting API lets you author custom checks. Examples of custom checks are available in the product documentation.

To automate compliance checking, you can run checks in batch mode on a single machine or on multiple machines in parallel with Parallel Computing Toolbox. You can view results within the Model Advisor or in the HTML report generated at the end of the analysis run.

When using the Simulink DO Qualification Kit, you can qualify the DO-178B checks in Model Advisor for use in DO-178B or DO-254 certified projects.

Component Testing

Simulink Verification and Validation provides an API for the analysis and simulation of one or more referenced models, subsystems, or atomic subcharts in a model. All component testing functions can be used from the command line or incorporated into MATLAB® scripts.

Harness Model Generation

The harness model generation function lets you isolate an atomic subsystem or a model referenced by a larger control system model and extract it into a harness model for additional testing and analysis. You can use the harness model for exhaustive testing of components that are being developed, or when the rest of the system model may not be available for simulation.

The harness model generation function automates interface configuration for the root-level inputs and outputs including complex deeply nested buses. Subsystem dependencies, such as external data stores, are integrated in the harness and associated with the new model inputs. All required signal labeling and connections are automated to match the attributes of the component under test.

Create a Test Harness and Import Test Cases 1:52
Create a test harness to verify model behavior. Import existing functional tests and set up harness for analysis using Simulink Verification and Validation™.

Data Logging, Importing, and Authoring

With the data logging function you can capture input signals during closed-loop simulation and reuse the logged test vectors for simulation of the harness model. Because the underlying data format is compatible with Simulink Design Verifier, you can use the test-generation capability provided in Simulink Design Verifier to generate additional test cases.

When generating the harness model, the model harness generation function can include the logged data and import it in the Signal Builder block for editing.

Harness models that include a Signal Builder block can be used for debugging and detailed analysis. The Simulink Signal Builder block lets you graphically edit test vectors and import existing test data from document spreadsheets.

Workflow in Simulink Verification and Validation utilizing component testing functions to augment tests done on the control system model and to verify the model and code in the simulation.
Component testing workflow with Simulink Verification and Validation. The workflow utilizes the component testing functions in the product to augment tests done on the control system model and to verify the model and code in the simulation.

Executing Tests

With the test execution function you can automate execution of test cases against models and generated code in simulation, SIL, and PIL modes. The SIL and PIL modes require Embedded Coder.

Component test results can be imported into the Data Inspector for further analysis. The test execution function integrates with model coverage and code coverage tools to collect additional information about test completeness.

Simulate Test Cases and Measure Model Coverage 1:16
Execute functional test cases to test your design components using Simulink Verification and Validation™.

Linking Tests with Requirements

You can link the test cases in Signal Builder to external documents, such as functional requirements and test plans, via the Requirements pane in the Signal Builder window. In addition, you can assign assertions to individual test cases to automatically analyze pass/fail results.

Using the Simulink Signal Builder block to link test cases with verification blocks and requirements.
Using the Simulink Signal Builder block to link test cases with verification blocks and requirements. The Verification block settings pane and the Requirements pane are displayed.

Analyzing Model Coverage

Simulink Verification and Validation produces model coverage reports to indicate untested elements of your design, such as logical conditions, switches, lookup table interpolation intervals, and subsystems. Published as HTML documents, these reports use industry-standard metrics for structural coverage. They also display coverage information on the model, letting you traverse the model for missing coverage and navigate to the associated requirements. You can then determine whether you need to modify the requirements, test cases, or design to meet your coverage goals.

Model Coverage 2:04
Detect untested elements of your design using model coverage in Simulink Verification and Validation™.

Simulink Verification and Validation provides eight model coverage analysis metrics:

Cyclomatic complexity measures the structural complexity of a model, approximating the McCabe complexity measure for code generated from the model.

Decision coverage examines items that represent decision points in a model, such as Simulink Switch blocks and Stateflow states.

Condition coverage examines blocks that output the logical combination of their inputs, such as the Logic block and Stateflow transitions.

Modified condition/decision coverage (MC/DC) analyzes safety-critical software, as defined by RTCA DO-178B, and determines whether the logical inputs have independently changed the output.

Lookup table coverage (LUT) records the frequency of usage for each interpolation interval. (A test case achieves full coverage if it executes each interpolation and extrapolation interval at least once.)

Signal range coverage indicates the minimum and maximum values generated during simulation by each block output and for all Stateflow data objects.

Signal size coverage records the minimum, maximum, and allocated size for all variable-size signals in a model. Only blocks with variable-size output signals are included in the report.

Simulink Design Verifier coverage records model coverage data for the Simulink Design Verifier blocks and functions.

Try Simulink Verification and Validation

Get trial software

Mejores Prácticas para la Verificación y Validación de modelos Simulink y Código C

View webinar