Main Content

Motivation

MathWorks® intends the guidelines for engineers developing models and generating code for high-integrity systems using Model-Based Design with MathWorks products. The guidelines provide recommendations for creating Simulink® models that are complete, unambiguous, statically deterministic, robust, and verifiable. The guidelines focus on model settings, block usage, and block parameters that impact simulation behavior or code generated by the Embedded Coder® product.

These guidelines do not assume that you use a particular safety or certification standard. The guidelines reference some safety standards where applicable, including:

  • DO-178C/DO-331, Software Considerations in Airborne Systems and Equipment Certification

  • DO-254, Design Assurance Guidance for Airborne Electronic Hardware

  • IEC 61508, Functional Safety of Electrical/Electronic/Programmable Electronic Safety Related Systems

  • IEC 62304, Medical Device Software – Software Life Cycle Processes

  • ISO 26262, Road vehicles — Functional Safety

  • EN 50128/EN 50657, Railway applications - Communication, Signalling and Processing Systems - Software for Railway Control and Protection Systems

  • ISO 25119, Tractors And Machinery For Agriculture And Forestry — Safety-Related Parts Of Control Systems

  • MISRA C, Use of the C Language in Critical Systems

You can use the Model Advisor to support adhering to these guidelines. Each guideline lists the checks that are applicable to that guideline, or to parts of that guideline.

The guidelines do not address model style or development processes. For more information about creating models in a way that improves consistency, clarity, and readability, see the MAB Modeling Guidelines guidelines. Development process guidance and additional information for specific standards is available with the IEC Certification Kit (for ISO 26262 and IEC 61508) and DO Qualification Kit (for DO-178) products.

Disclaimer

While adhering to the recommendations in the guidelines will reduce the risk that an error is introduced during development and not be detected, it is not a guarantee that the system being developed will be safe. Conversely, if some of the recommendations in the guidelines are not followed, it does not mean that the system being developed will be unsafe.