Qualkitdo SLVNV TQP

DO Qualification Kit
Simulink Verification and Validation

Tool Qualification Plan
R2015b, September 2015
How to Contact MathWorks

Latest news:
www.mathworks.com
Sales and services:
www.mathworks.com/sales_and_services
User community:
www.mathworks.com/matlabcentral
Technical support:
www.mathworks.com/support/contact_us
Phone:
508-647-7000
The MathWorks, Inc.

3 Apple Hill Drive
Natick, MA 01760-2098
DO Qualification Kit: Simulink Verification and Validation Tool Qualification Plan
COPYRIGHT 20092015 by The MathWorks, Inc.

The software described in this document is furnished under a license agreement. The software may be used or copied only under
the terms of the license agreement. No part of this manual may be photocopied or reproduced in any form without prior written
consent from The MathWorks, Inc.
FEDERAL ACQUISITION: This provision applies to all acquisitions of the Program and Documentation by, for, or through the
federal government of the United States. By accepting delivery of the Program or Documentation, the government hereby agrees
that this software or documentation qualifies as commercial computer software or commercial computer software documentation
as such terms are used or defined in FAR 12.212, DFARS Part 227.72, and DFARS 252.227-7014. Accordingly, the terms and
conditions of this Agreement and only those rights specified in this Agreement, shall pertain to and govern the use, modification,
reproduction, release, performance, display, and disclosure of the Program and Documentation by the federal government (or
other entity acquiring for or through the federal government)and shall supersede any conflicting contractual terms or conditions.
If this License fails to meet the governments needs or is inconsistent in any respect with federal procurement law, the
government agrees to return the Program and Documentation, unused, to The MathWorks, Inc.
Trademarks
MATLAB and Simulink are registered trademarks of The MathWorks, Inc. See www.mathworks.com/trademarks for a
list of additional trademarks. Other product or brand names may be trademarks or registered trademarks of their respective
holders.
Patents
MathWorks products are protected by one or more U.S. patents. Please see www.mathworks.com/patents for more
information.
Revision History
March 2009
September 2009
April 2010
March 2010
September 2010
April 2011
September 2011
March 2012
September 2012
March 2013
September 2013
March 2014
October 2014
March 2015
September 2015
New for Version 1.0 (Applies to Release 2009a)

Revised for Version 1.1 (Applies to Release 2009b)
Rereleased for Version 1.1.1 (Applies to Release 2009bSP1)
Revised for Version 1.2 (Applies to Release 2010a)
Revised for DO Qualification Kit Version 3.0 (Applies to Release 2015b)
Contents
1 Introduction ...................................................................................................................................... 1-1
2 Tool Overview and Identification .................................................................................................... 2-1
2.1 Simulink Verification and Validation Product Description ...................................................... 2-2
2.2 Simulink Verification and Validation Product Identification .................................................... 2-3
3 Tool Operational Requirements ....................................................................................................... 3-1
4 Certification Considerations ............................................................................................................. 4-1
4.1 Requirement for Qualification .................................................................................................. 4-2
4.1.1 DO-178C/DO-331 Checks ............................................................................................. 4-2
4.1.2 Model Coverage ............................................................................................................. 4-3
4.2 Certification Credit ................................................................................................................... 4-4
4.2.1 DO-178C/DO-331 Checks ............................................................................................. 4-4
4.2.2 Model Coverage ............................................................................................................. 4-8
5 Tool Development Life Cycle Tool User ...................................................................................... 5-1
5.1 Planning .................................................................................................................................... 5-2
5.2 Requirements ............................................................................................................................ 5-3
5.2.1 DO-178C/DO-331 Checks ............................................................................................. 5-3
5.2.2 Model Coverage ............................................................................................................. 5-4
5.3 Verification ............................................................................................................................... 5-5
5.3.1 DO-178C/DO-331 Checks ............................................................................................. 5-5
5.3.2 Model Coverage ............................................................................................................. 5-6
6 Additional Considerations ................................................................................................................ 6-1
6.1 Customer Bug Reporting........................................................................................................... 6-2
7 Tool Life Cycle Data ........................................................................................................................ 7-1
7.1 DO-178C/DO-331 Checks ........................................................................................................ 7-2
7.2 Model Coverage ........................................................................................................................ 7-3
8 Schedule ........................................................................................................................................... 8-1
vi
1 Introduction
This document comprises the Tool Qualification Plan (reference DO-330 Section 10.1.2) for the
following capabilities of the Simulink Verification and Validation verification tool:
DO-178C/DO-331 checks
Model coverage
This document is intended for use in the DO-178C and DO-330 tool qualification process for
Criteria 3 TQL-5 tools.
See also the DO Qualification Kit User's Guide, R2015b.
1-2
2 Tool Overview and Identification
2.1 Simulink Verification and Validation Product

Description
Verify models and generated code
Simulink Verification and Validation automates requirements tracing, modeling standards

compliance checking, and model coverage analysis.
You can create detailed requirements traceability reports, author your own modeling style
checks, and develop check configurations to share with engineering teams. Requirements
documentation can be linked to models, test cases, and generated code. You can generate
harness models for testing model components and code, and use model coverage analysis to
ensure that models have been thoroughly tested.
Simulink Verification and Validation provides modeling standards checks for the DO-178, ISO
26262, IEC 61508 and related industry standards.
Key Features
Compliance checking for MAAB style guidelines and high-integrity system design
guidelines (DO-178, ISO 26262, IEC-61508, and related industry standards)
Model Advisor Configuration Editor, including custom check authoring
Requirements Management Interface for traceability of model objects, code, and tests to
requirements documents
Automatic test-harness generation for subsystems
Component testing via simulation, software-in-the-loop (SIL), and processor-in-the-loop
(PIL)
Programmable scripting interface for automating compliance checking, requirements
traceability analysis, and component testing
2-2
2.2 Simulink Verification and Validation Product

Identification
Software Tool
Version (Release)
Simulink Verification and Validation Version 3.10 (R2015b)

DO Qualification Kit
Version 3.0 (R2015b)
Tool Vendor
The MathWorks, Inc.
3 Apple Hill Drive
Natick, MA, 01760-2098 USA
2-3
2-4
3 Tool Operational Requirements

The Tool Operational Requirements for the following capabilities in the Simulink Verification
and Validation product are documented in DO Qualification Kit: Simulink Verification and
Validation Tool Operational Requirements:
Model coverage
To access the tool operational requirements document, on the MATLAB command line, type
qualkitdo to open the Artifacts Explorer. The document is in Simulink Verification and
Validation.
3-2
4 Certification Considerations
This section provides certification considerations for the following capabilities of the Simulink
Verification and Validation verification tool:
Model coverage
4.1 Requirement for Qualification

4.1.1 DO-178C/DO-331 Checks
To determine whether a tool must be qualified, you must answer the following questions. If you
answer yes to all three questions, you must qualify the tool.
Question
DO-178C/DO-331
Checks
Yes1
Can the tool insert an error into the airborne software or fail to detect an
existing error in the software within the scope of its intended usage?
Will the output of the tool not be verified as specified in Section 6 of DO-178C, Yes
DO-278A, DO-331, DO-332 or DO-333?
Are processes of DO-178C, DO-278A, DO-331, DO-332 or DO-333
Yes
eliminated, reduced, or automated by the use of the tool? Will you use output
from the tool to meet an objective or replace an objective of DO-178C, DO278A, DO-331, DO-332 or DO-333, Annex A or Annex C?
1 The DO-178C checks might fail to detect an error.
Given that the answer to all the preceding questions is yes, the DO-178C/DO-331 checks in the
Simulink Verification and Validation product must be qualified.
To determine the qualification type (Criteria 1, Criteria 2, or Criteria 3), you must answer the
following questions about the tool.
Question
1.
2.
Is the tool output part of the airborne software, such that the output can
insert an error into the software?
Could the tool fail to detect an error in the airborne software and is the
tool also used to justify the elimination or reduction of either of the
following:
Verification processes other than that automated by the tool.
DO-178C/DO-331
Checks
No
No
Development processes that could have an impact on the airborne

software.
3.
Could the tool fail to detect an error in the airborne software?
Yes
Because the answer to the preceding first and second questions are no, the DO-178C/DO-331
checks in the Simulink Verification and Validation product must be qualified as a Criteria 3 tool.
The tool qualification level will therefore be TQL-5.
4-2
4.1.2 Model Coverage

To determine whether a tool must be qualified, you must answer the following questions. If you
answer yes to all three questions, you must qualify the tool.
Question
Model Coverage
Can the tool insert an error into the airborne software or fail to detect an
Yes2
existing error in the software within the scope of its intended usage?
Will the output of the tool not be verified as specified in Section 6 of DO-178C, Yes
DO-278A, DO-331, DO-332 or DO-333?
Are processes of DO-178C, DO-278A, DO-331, DO-332 or DO-333
Yes
eliminated, reduced, or automated by the use of the tool? Will you use output
from the tool to meet an objective or replace an objective of DO-178C, DO278A, DO-331, DO-332 or DO-333, Annex A or Annex C?
2
Model coverage might fail to detect an error.
Given that the answer to all the preceding questions is yes, the model coverage capability in the
Simulink Verification and Validation product must be qualified.
To determine qualification type (Criteria 1, Criteria 2, or Criteria 3), you must answer the
following questions about the tool.
Question
1.
2.
Is the tool output part of the airborne software, such that the output can
insert an error into the software?
Could the tool fail to detect an error in the airborne software and is the
tool also used to justify the elimination or reduction of either of the
following:
Verification processes other than that automated by the tool.
Model Coverage
No
No
Development processes that could have an impact on the airborne

software.
3.
Could the tool fail to detect an error in the airborne software?
Yes
Because the answer to the preceding first and second questions are no, the model coverage
capability in the Simulink Verification and Validation product must be qualified as a Criteria 3
tool. The tool qualification level will therefore be TQL-5.
4-3
4.2 Certification Credit

The following table shows the certification credit (see DO-331 Annex A or Annex C
Objectives), being taken for the DO-178C/DO-331 checks in the Simulink Verification and
Validation product.
Note The DO-178C/DO-331 checks can contain two sections: an analysis section
for reviewing the model and an action section for automatically fixing warnings
and failures. The DO Qualification Kit covers the DO-178C/DO-331 check
analysis, not the check actions.
The DO Qualification Kit does not cover Model Advisor check exclusions.
4-4
Certification Credit for DO-178C/DO-331 Checks

Annex A
or C
Table
Table
MB.A-3
Objective
DO-331
Reference
High-level
requirements are
accurate and
consistent
Section
MB.6.3.1.b
Table
MB.A-3
High-level
Section
requirements are
MB.6.3.1.c
compatible with target
computer
Table
MB.A-3
High-level
requirements are
verifiable
Table
MB.A-3
High-level
Section
requirements conform MB.6.3.1.e
to standards
Table
MB.A-3
High-level
requirements are
traceable to system
requirements
Section
MB.6.3.1.d
Section
MB.6.3.1.f
Software or
Assurance
Levels
A, B, C, D
AL1, AL2, AL3,
AL4, AL5
Credit Taken
(in conjunction with other tools)
Full or Partial1 The DO-178C/DO-331

checks verify the accuracy and
consistency of the model statically. A
combination of Model Advisor checks,
simulation against the higher-level
requirements, and review of the System
Design Description can be used to take
full credit for this objective.
A, B
Full or Partial1, 3 The DO-178C/DO331 checks verify the code generator
AL1, AL2
settings related to the CPU. A
combination of Model Advisor checks
and review of the System Design
Description can be used to take full
credit for this objective.
A, B, C
AL1, AL2, AL3, checks verify parameter tunability, test
point visibility, and in some cases can
AL4
find unreachable decisions. A
and model coverage during simulation
can be used to take full credit for this
objective.
A, B, C
AL1, AL2, AL3, checks verify conformance to standards
that have dedicated checks. For
AL4
modeling standards that do not have
Model Advisor checks, this verification
may be completed via manual reviews of
the System Design Description.
A, B, C, D
Partial1 The DO-178C/DO-331 checks
AL1, AL2, AL3, verify that the requirements links are
consistent; the actual traceability must be
AL4, AL5
verified independently by reviewing the
Requirements Traceability section of
4-5
Annex A
or C
Table
Table
MB.A-3
Objective
DO-331
Reference
Algorithms are
accurate
Section
MB.6.3.1.g
Table
MB.A-4
Low-level
requirements are
accurate and
consistent
Section
MB.6.3.2.b
Table
MB.A-4
Low-level
Section
requirements are
MB.6.3.2.c
compatible with target
computer
Table
MB.A-4
Low-level
requirements are
verifiable
Table
MB.A-4
Low-level
Section
to standards
Table
MB.A-4
Low-level
Section
requirements are
MB.6.3.2.f
traceable to high-level
requirements
Section
MB.6.3.2.d
Software or
Assurance
Levels
A, B, C
AL1, AL2, AL3,
AL4
Credit Taken

checks verify the accuracy of data types
used within the model statically. A
A, B, C
AL1, AL2, AL3, checks verify the accuracy and
consistency of the model statically. A
AL4
A, B
Full or Partial2, 3 The DO-178C/DO331 checks verify the code generator
AL1, AL2
settings related to the CPU. A
and review of the System Design
Description can be used to take full
A, B
checks verify parameter tunability, test
AL1, AL2
point visibility, and in some cases can
find unreachable decisions. A
and model coverage during simulation
can be used to take full credit for this
objective.
A, B, C
AL4
A, B, C
Partial2 The DO-178C/DO-331 checks
AL1, AL2, AL3, verify that the requirements links are
consistent; the actual traceability must be
AL4
verified independently by reviewing the
Requirements Traceability section of
4-6
Annex A
or C
Table
Table
MB.A-4
Objective
DO-331
Reference
Algorithms are
accurate
Section
MB.6.3.2.g
Table
MB.A-4
Software architecture Section

is consistent
MB.6.3.3.b
Table
MB.A-4

conforms to standards MB.6.3.3.e
Table
MB.A-5
Source code is
Section
traceable to low-level MB.6.3.4.e
requirements
Software or
Assurance
Levels
A, B, C
AL1, AL2, AL3,
AL4
Credit Taken

checks verify the accuracy of data types
used within the model statically. A
simulation against higher-level
A, B, C
AL1, AL2, AL3, checks verify that the architecture of the
model is consistent statically. A
AL4
simulation against higher-level
A, B, C
AL4
A, B, C
Partial2, 3 The DO-178C/DO-331
AL1, AL2, AL3, checks verify that the code generator is
set to generate traceable code; the actual
AL4
traceability must be verified
independently.
Notes:
1
This credit is taken only if the Simulink and Stateflow models are considered Specification Models for the project.
2
This credit is taken only if the Simulink and Stateflow models are considered Design Models for the project.
3
This credit is taken only if the Embedded Coder product is used to automatically generate code from the models.
4-7

The following table shows the certification credit with respect to DO-331 Annex A or Annex C
Objectives being taken for the model coverage capability of the Simulink Verification and
Validation product.
Note The DO Qualification Kit does not cover Model Coverage exclusions, i.e., the
usage of Model coverage filter rules and files.
Certification Credit for Model Coverage with respect to DO-331 objectives

Annex A
or C
Table
Table
MB.A-3
Objective
DO-331
Reference
High-level
requirements are
verifiable
Section
MB.6.3.1.d
Software or
Assurance
Levels
A, B, C
AL1, AL2,
AL3, AL4
Table
MB.A-3
High-level
Section
to standards
A, B, C
AL1, AL2,
AL3, AL4
Table
MB.A-4
Low-level
requirements comply
with high-level
requirements
Low-level
requirements are
verifiable
Section
MB.6.3.2.a
A, B, C
AL1, AL2,
AL3, AL4
Section
MB.6.3.2.d
A, B
AL1, AL2
Low-level
Section
to standards
A, B, C
AL1, AL2,
AL3, AL4
Table
MB.A-4
Table
MB.A-4
Credit Taken
Full or Partial1 During simulation,
model coverage verifies that conditions
and decisions in the model can be
exercised. A combination of Model
Advisor checks and model coverage
during simulation can be used to take full
Partial1 Model coverage can provide a
cyclomatic complexity metric for the
model, which might be part of the
modeling standards.
Partial2 Model coverage can assist in
detecting unintended functionality within
the model during simulation.
modeling standards.
4-8
Annex A
or C
Table
Table
MB.A-4
Objective
DO-331
Reference

is verifiable
MB.6.3.3.d
Table
MB.A-4

conforms to standards MB.6.3.3.e
Software or
Assurance
Levels
A, B
AL1, AL2
A, B, C
AL1, AL2,
AL3, AL4
Credit Taken
modeling standards.
Notes:
1
2
The following table shows the certification credit with respect to DO-178C Annex A or DO278A Annex A Objectives being taken for the model coverage capability of the Simulink
Verification and Validation product.
Certification Credit for Model Coverage with respect to DO-178C or DO-278A objectives
Annex A
Objective
Table A-7
Test procedures are

correct
Table A-7
DO-178C or
DO-278A
Reference
Section 6.4.5.b
Software or
Assurance
Levels
A, B, C
AL1, AL2,
AL3, AL4
Credit Taken
Partial During simulation, model

coverage verifies that conditions and
decisions in the model have been
exercised and provides the data ranges
achieved. The adequacy of the data ranges
and the expected results are not verified
by model coverage. The model coverage
report may be used to verify the validity
and completeness of test cases generated
by the Simulink Design Verifier
product3.
Test coverage of high- Section 6.4.4.a A, B, C, D
Partial1 During simulation, model
level requirements is
AL1, AL2,
achieved
AL3, AL4, AL5 decisions in the model have been
achieved. The test cases executed on the
model must be repeated on the object
code to complete this objective.
4-9
Annex A
Table A-7
Objective
DO-178C or
DO-278A
Reference
Test coverage of low- Section 6.4.4.b
level requirements is
achieved
Software or
Assurance
Levels
A, B, C
AL1, AL2,
AL3, AL4
Credit Taken
Partial2 During simulation, model

decisions in the model have been
achieved. The test cases executed on the
model must be repeated on the object
code to complete this objective.
Notes:
1
2
3
The Simulink Design Verifier product is not a qualified tool. However, executing the Simulink Design Verifier automatically
generated tests on the model and assessing the results, while using the qualified model coverage tool, provides credit for
demonstrating completeness and validity of those test cases.
4-10
5 Tool Development Life Cycle

Tool User
5.1 Planning
The Plan for Software Aspects of Certification (PSAC) or Plan for Software Aspects of
Approval (PSAA) designates that the following capabilities of the Simulink Verification and
Validation product will be qualified as Criteria 3 tools:
Model coverage
This document provides the Tool Qualification Plan for these capabilities of the Simulink
Verification and Validation product.
5-2
5.2 Requirements
Tool Operational Requirements for the DO-178C/DO-331 checks in the Simulink

Verification and Validation product are in:
DO Qualification Kit: Simulink Verification and Validation Tool Operational
Requirements
To access the tool operational requirements document, on the MATLAB command line,
type qualkitdo to open the Artifacts Explorer. The document is in Simulink
Verification and Validation.
The applicant will:
Review the Tool Operational Requirements for applicability to the project under
consideration.
Configure the Tool Operational Requirements in a configuration management system.
The Simulink Verification and Validation user information for the DO-178C/DO-331
checks is in the Simulink Verification and Validation DO-178C/DO-331 Checks and Model
Advisor User Information. To access the user information document, on the MATLAB
command line, type qualkitdo to open the Artifacts Explorer. The document is in
Simulink Verification and Validation. Instructions for installing the Simulink
Verification and Validation product are available at the MathWorks Documentation Center,
R2015b:
Installation
5-3
Tool Operational Requirements for the model coverage capability of the Simulink
Verification and Validation product are in:
Requirements
To access the tool operational requirements document, on the MATLAB command line,
type qualkitdo to open the Artifacts Explorer. The document is in Simulink
Verification and Validation.
The applicant will:
Review the Tool Operational Requirements for applicability to the project under
consideration.
Configure the Tool Operational Requirements in a configuration management system.
The Simulink Verification and Validation user information for model coverage is in the
Simulink Verification and Validation Model Coverage User Information.
To access the user information document, on the MATLAB command line, type
qualkitdo to open the Artifacts Explorer. The document is in Simulink Verification
and Validation.
Instructions for installing the Simulink Verification and Validation product are available at
the MathWorks Documentation Center, R2015b:
Installation
5-4
5.3 Verification
Requirements-based test cases and procedures will be developed from
Requirements
The test cases and procedures will be developed in the form of the Simulink models that
exercise the DO-178C/DO-331 checks under consideration in the Model Advisor.
The test cases and procedures are documented in:
DO Qualification Kit: Simulink Verification and Validation Test Cases and Procedures
To access the documents, on the MATLAB command line, type qualkitdo to open the
Artifacts Explorer. The documents are in Simulink Verification and Validation.
The applicant will:
Review the test cases and procedures for applicability to the project under consideration.
Configure the test cases and procedures in a configuration management system.
Execute the test cases and procedures in the installed environment.
Executing the Simulink Report Generator report listed in the following table generates tool
verification results in the specified test report.
Test File
Test Report
qualkitdo_slvnv_tcp1.rpt1
qualkitdo_slvnv_qualificationreport1.html
The applicant will:
Review the test results.

Configure the test results in a configuration management system.
5-5

Requirements-based test cases and procedures will be developed from:
Requirements
The test cases and procedures will be developed in the form of the Simulink models that
exercise the model coverage capability.
The test cases and procedures are documented in:
DO Qualification Kit: Simulink Verification and Validation Test Cases and Procedures
To access the documents, on the MATLAB command line, type qualkitdo to open the
Artifacts Explorer. The document is in Simulink Verification and Validation.
The applicant will:
Review the test cases and procedures for applicability to the project under consideration.
Configure the test cases and procedures in a configuration management system.
Execute the test cases and procedures in the installed environment.
5-6
Executing the Simulink Report Generator reports listed in the following table generates tool
verification results in the specified test reports.
Test File
Test Report
1
qualkitdo_slvnv_tcp2.rpt
Notes:
1
Requires a Fixed-Point Designer license
2
Requires a Stateflow license.
3
Requires a Simulink Design Verifier license
The applicant will:
Review the test results.

Configure the test results in a configuration management system.
5-7
5-8
6 Additional Considerations
6.1 Customer Bug Reporting

MathWorks reports known critical bugs brought to its attention on its bug report system at
www.mathworks.com/support/bugreports. The bug reports are an integral part of the
documentation for each release.
The bug report system provides an interface for customers to view and submit bug reports. Users
can track the status of open bugs. Users can choose to receive notifications for new or updated
bug reports. The bug reports on this web site include internally and externally nominated bugs.
If applicable, bug reports include provisions for known workarounds or file replacements.
Customers can use the bug report mechanism to nominate bugs. These nominations are
processed and evaluated by The MathWorks, Inc. development organization.
6-2
7 Tool Life Cycle Data
7.1 DO-178C/DO-331 Checks

The following table shows the life cycle data for the DO-178C/DO-331 checks in the Simulink
Verification and Validation product. The table maps the documents and artifacts to DO-330 life
cycle data items.
Simulink Verification and Validation DO-178C/DO-331 Checks Life Cycle Data
Data
Plan for Software Aspects
of Certification (PSAC) or
of Approval (PSAA)
Tool Operational
Requirements
Available/
Submit
Submit
DO-330
Documents/Artifacts
Reference
Section
<Insert PSAC or PSAA** reference here.>
10.1.1
Submit*
Section
10.1.2
Available
Section
10.3.1
DO Qualification Kit: Simulink Verification

and Validation Tool Qualification Plan (this
document)
and Validation Tool Operational
Requirements
and Validation DO-178C/DO-331 Checks
and Model Advisor User Information
Test Cases and Procedures
Available*
Section
10.3.3
Test Results
Available*
Software Accomplishment
Summary (SAS)
Tool Qualification
Accomplishment Summary
Submit
Section
10.3.4
Section
10.1.16
Section
10.1.15
Submit

and Validation Model Coverage User
Information
and Validation Test Cases and Procedures
qualkitdo_slvnv_qualificationrepor
t1.html
<Insert reference to SAS** here.>

<Insert reference to Tool Qualification
Accomplishment Summary** here.>
Notes:
* Optional for TQL-5 tool qualification
** To be created by applicant
The applicant must deliver data marked Submit to the certification authorities. Data marked
Available must be available at the applicants or tool vendors site for inspection by the
certification authorities.
7-2
7.2 Model Coverage

The following table shows the life cycle data for the model coverage capability of the Simulink
Verification and Validation product. The table maps the documents and artifacts to DO-330 life
cycle data items.
Simulink Verification and Validation Model Coverage Life Cycle Data
Data
Available/
Submit
DO-330
Documents/Artifacts
Reference

of Certification (PSAC) or
of Approval (PSAA)
Submit
Section
10.1.1
<Insert PSAC or PSAA** reference here.>
Submit*
Section
10.1.2
Tool Operational
Requirements
Available
Section
10.3.1

and Validation Tool Qualification Plan (this
document)
and Validation Tool Operational
Requirements
and Validation DO-178C/DO-331 Checks
and Model Advisor User Information
Test Cases and Procedures
Test Results
Available*
Available*
Section
10.3.3
Section
10.3.4

and Validation Model Coverage User
Information
and Validation Test Cases and Procedures
qualkitdo_slvnv_tcp2.rpt,
qualkitdo_slvnv_
qualificationreport2.html,
qualkitdo_slvnv_
qualkitdo_slvnv_
qualkitdo_slvnv_
qualkitdo_slvnv_
qualificationreport6.html
7-3
Data
Available/
Submit
DO-330
Documents/Artifacts
Reference
Software Accomplishment
Summary (SAS)
Tool Qualification
Accomplishment Summary
Submit
Section
10.1.16
Section
10.1.15
Submit
<Insert reference to SAS** here.>

<Insert reference to Tool Qualification
Accomplishment Summary** here.>
Notes:
* Optional for TQL-5 tool qualification
** To be created by applicant
The applicant must deliver data marked Submit to the certification authorities. Data marked
Available must be available at the applicants or tool vendors site for inspection by the
certification authorities.
7-4
8 Schedule
<Insert tool schedule in this section.>

Qualkitdo SLVNV TQP

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Qualkitdo SLVNV TQP

Hochgeladen von

Copyright:

Verfügbare Formate

DO Qualification Kit

Simulink Verification and Validation

How to Contact MathWorks

Sales and services:

The MathWorks, Inc.

COPYRIGHT 20092015 by The MathWorks, Inc.

New for Version 1.0 (Applies to Release 2009a)

2 Tool Overview and Identification

2.1 Simulink Verification and Validation Product

Simulink Verification and Validation automates requirements tracing, modeling standards

2.2 Simulink Verification and Validation Product

Simulink Verification and Validation Version 3.10 (R2015b)

Version 3.0 (R2015b)

3 Tool Operational Requirements

4.1 Requirement for Qualification

Development processes that could have an impact on the airborne

Could the tool fail to detect an error in the airborne software?

4.1.2 Model Coverage

Model coverage might fail to detect an error.

Development processes that could have an impact on the airborne

Could the tool fail to detect an error in the airborne software?

4.2 Certification Credit

Certification Credit for DO-178C/DO-331 Checks

Full or Partial1 The DO-178C/DO-331

Full or Partial1 The DO-178C/DO-331

Software architecture Section

Software architecture Section

Full or Partial2 The DO-178C/DO-331

4.2.2 Model Coverage

Certification Credit for Model Coverage with respect to DO-331 objectives

Software architecture Section

Software architecture Section

Test procedures are

Partial During simulation, model

Partial2 During simulation, model

5 Tool Development Life Cycle

Tool Operational Requirements for the DO-178C/DO-331 checks in the Simulink

5.2.2 Model Coverage

The applicant will:

Review the test results.

5.3.2 Model Coverage

The applicant will:

Review the test results.

6.1 Customer Bug Reporting

7 Tool Life Cycle Data

7.1 DO-178C/DO-331 Checks

DO Qualification Kit: Simulink Verification

Test Cases and Procedures

DO Qualification Kit: Simulink Verification

<Insert reference to SAS** here.>

7.2 Model Coverage

Plan for Software Aspects

<Insert PSAC or PSAA** reference here.>

Tool Qualification Plan

DO Qualification Kit: Simulink Verification

Test Cases and Procedures

DO Qualification Kit: Simulink Verification

<Insert reference to SAS** here.>

Das könnte Ihnen auch gefallen