주요 콘텐츠

Diagnostics

hisl_0036: Configuration Parameters > Diagnostics > Saving

ID: Titlehisl_0036: Configuration Parameters > Diagnostics > Saving
Description

Set these configuration parameters to error:

  • Block diagram contains disabled library links

  • Block diagram contains parameterized library links

RationalePrevent unexpected results.
Model Advisor ChecksCheck safety-related diagnostic settings for saving (Simulink Check)
References
  • DO-331, Section MB.6.3.3.b ‘Software architecture is consistent’

  • IEC 61508-3, Table A.3 (3) 'Language subset'

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) 'Use of language subsets'
    ISO 26262-6, Table 1 (1f) 'Use of unambiguous graphical representation'

  • EN 50128, Table A.4 (11) 'Language Subset'

See AlsoModel Configuration Parameters: Diagnostics
Last ChangedR2021a

hisl_0043: Configuration Parameters > Diagnostics > Solver

ID: Titlehisl_0043: Configuration Parameters > Diagnostics > Solver
Description

In the Configuration Parameters dialog box, on the Diagnostics pane, set the Solver parameters as follows:

  • Algebraic loop to error.

  • Minimize algebraic loop to error.

  • Block priority violation to error if you are using block priorities.

  • Automatic solver parameter selection to error.

  • State name clash to warning.

Note

Enabling diagnostics pertaining to the solver provides information to detect violations of other guidelines.

This table clarifies the result of not specifying the configuration parameter as indicated above.

Configuration ParameterResult
Algebraic loop Automatic breakage of algebraic loops can go undetected and might result in unpredictable block order execution.
Minimize algebraic loopAutomatic breakage of algebraic loops can go undetected and might result in unpredictable block order execution.
Block priority violationBlock execution order can include undetected conflicts that might result in unpredictable block order execution.
Automatic solver parameter selectionAn automatic change to the solver, step size, or simulation stop time can go undetected and might impact the operation of generated code.
State name clashA name being used for more than one state might go undetected.

RationaleSupport generation of robust and unambiguous code.
Model Advisor ChecksCheck safety-related diagnostic settings for solvers (Simulink Check)
References
  • DO-331, Section MB.6.3.3.b – Software architecture is consistent.
    DO-331, MB.6.3.3.e 'Software architecture conforms to standards’

  • IEC 61508-3, Table A.3 (3) 'Language subset’

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) 'Use of language subsets'

  • EN 50128, Table A.4 (11) 'Language Subset'

See Also
Last ChangedR2018b

hisl_0044: Configuration Parameters > Diagnostics > Sample Time

ID: Titlehisl_0044: Configuration Parameters > Diagnostics > Sample Time
Description

In the Configuration Parameters dialog box, on the Diagnostics > Sample Time pane, set these parameters to error:

If the target system does not allow preemption between tasks that have equal priority, set Tasks with equal priority to none.

Note

Enabling diagnostics pertaining to the solver provides information to detect violations of other guidelines.

This table clarifies the result of not specifying the configuration parameter as indicated above.

Configuration ParameterResult
Source block specifies -1 sample timeUse of inherited sample times for a source block, such as Sine Wave, can go undetected and result in unpredictable execution rates for source and downstream blocks.
Multitask data transferInvalid transfer of data between two blocks operating in multitasking mode can go undetected. You cannot use invalid data transfer for embedded real-time software applications.
Multitask conditionally executed subsystemsA conditionally executed multirate subsystem, operating in multitasking mode. might go undetected and corrupt data or show unexpected behavior in a target system that allows preemption.
Tasks with equal priorityTwo asynchronous tasks with equal priority might go undetected and show unexpected behavior in target systems that allow preemption.
Enforce sample times specified by Signal Specification blocksInconsistent sample times for a Signal Specification block and the connected destination block might go undetected and result in unpredictable execution rates.
Unspecified inheritability of sample timesAn S-function that is not explicitly set to inherit sample time can go undetected and result in unpredictable behavior.

RationaleSupport generation of robust and unambiguous code.
Model Advisor ChecksCheck safety-related diagnostic settings for sample time (Simulink Check)
References
  • DO-331, Section MB.6.3.1.b 'High-level requirements are accurate and consistent’

  • DO-331, Section MB.6.3.2.b 'Low-level requirements are accurate and consistent’

  • DO-331, Section MB.6.3.3.b 'Software architecture is consistent’

  • DO-331, Section MB.6.3.3.e – Software architecture conforms to standards.

  • IEC 61508-3, Table A.3 (3) 'Language subset’

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) 'Use of language subsets'

  • ISO 26262-6, Table 1 (1f) 'Use of unambiguous graphical representation'

  • ISO 26262-6, Table 1 (1i) - 'Concurrency aspects'

  • ISO 26262-6, Table 3 (1i) - 'Appropriate management of shared resources'

  • EN 50128, Table A.4 (11) 'Language Subset'

See AlsoModel Configuration Parameters: Sample Time Diagnostics
Last ChangedR2024a

hisl_0301: Configuration Parameters > Diagnostics > Compatibility

ID: Titlehisl_0301: Configuration Parameters > Diagnostics > Compatibility
DescriptionSet configuration parameter S-function upgrades needed to error.
Rationale

Improve robustness of design.

Model Advisor ChecksCheck safety-related diagnostic settings for compatibility (Simulink Check)
References
  • DO-331, Section MB.6.3.3.b – Software architecture is consistent

  • IEC 61508-3, Table A.4 (3) 'Defensive Programming’

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) 'Use of language subsets'
    ISO 26262-6, Table 1 (1d) 'Use of defensive implementation techniques'

  • EN 50128, Table A.3 (1) 'Defensive Programming'

See Also

Model Configuration Parameters: Compatibility Diagnostics in the Simulink documentation

Last ChangedR2017b

hisl_0302: Configuration Parameters > Diagnostics > Data Validity > Parameters

ID: Titlehisl_0302: Configuration Parameters > Diagnostics > Data Validity > Parameters
Description

In the Configuration Parameters dialog box, on the Diagnostics > Data Validity pane, set the Parameters parameters as follows:

  • Detect downcast to error

  • Detect underflow to error

  • Detect loss of tunability to error

  • Detect overflow to error

  • Detect precision loss to error

Rationale

Improve robustness of design.

Model Advisor ChecksCheck safety-related diagnostic settings for parameters (Simulink Check)
References
  • DO-331, Section MB.6.3.1.g – Algorithms are accurate
    DO-331, Section MB.6.3.2.g – Algorithms are accurate.

  • IEC 61508-3, Table A.4 (3) 'Defensive Programming’

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) 'Use of language subsets'
    ISO 26262-6, Table 1 (1d) 'Use of defensive implementation techniques'

  • EN 50128, Table A.3 (1) 'Defensive Programming'

See Also

Model Configuration Parameters: Data Validity in the Simulink documentation

Last ChangedR2018b

hisl_0303: Configuration Parameters > Diagnostics > Data Validity > Merge blocks

ID: Titlehisl_0303: Configuration Parameters > Diagnostics > Data Validity > Merge blocks
Description

Set configuration parameter Detect multiple driving blocks executing at the same time step to error.

Rationale

Improve robustness of design.

Model Advisor ChecksCheck safety-related diagnostic settings for Merge blocks (Simulink Check)
References
  • DO-331 MB.6.3.2 (b) Accuracy and Consistency

  • IEC 61508-3, Table A.3 (3) - Language subset

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) - Use of language subsets

  • EN 50128, Table A.4 (11) - Language Subset

See Also

Detect multiple driving blocks executing at the same time step in the Simulink documentation

Last ChangedR2017b

hisl_0304: Configuration Parameters > Diagnostics > Data Validity > Model initialization

ID: Titlehisl_0304: Configuration Parameters > Diagnostics > Data Validity > Model initialization
Description

Set configuration parameter Underspecified initialization to Simplified.

Rationale

Improve robustness of design.

Model Advisor ChecksCheck safety-related diagnostic settings for model initialization (Simulink Check)
References
  • DO-331, Section MB.6.3.3.b – Software architecture is consistent

  • IEC 61508-3, Table A.3 (3) - Language subset

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) - Use of language subsets

  • EN 50128, Table A.4 (11) - Language Subset

  • MISRA C:2012, Rule 9.1

See Also

Underspecified initialization detection in the Simulink documentation

Last ChangedR2017b

hisl_0305: Configuration Parameters > Diagnostics > Data Validity > Debugging

ID: Titlehisl_0305: Configuration Parameters > Diagnostics > Data Validity > Debugging
Description

Set configuration parameter Model Verification block enabling to Disable all.

Rationale

Improve robustness of design.

Model Advisor ChecksCheck safety-related diagnostic settings for data used for debugging (Simulink Check)
References
  • DO-331, Section MB.6.3.1.e – High-level requirements conform to standards
    DO-331, Section MB.6.3.2.e – Low-level requirements conform to standards

  • IEC 61508-3, Table A.3 (3) - Language subset

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) - Use of language subsets

  • EN 50128, Table A.4 (11) - Language Subset

See Also

Model Verification block enabling in the Simulink documentation

Last ChangedR2017b

hisl_0306: Configuration Parameters > Diagnostics > Connectivity > Signals

ID: Titlehisl_0306: Configuration Parameters > Diagnostics > Connectivity > Signals
Description

In the Configuration Parameters dialog box, on the Diagnostics > Connectivity pane, set the Signals parameters as follows:

  • Signal label mismatch to error

  • Unconnected block input ports to error

  • Unconnected block output ports to error

  • Unconnected line to error

Rationale

Improve robustness of design.

Model Advisor ChecksCheck safety-related diagnostic settings for signal connectivity (Simulink Check)
References
  • DO-331, Section MB.6.3.1.e – 'High-level requirements conform to standards'
    DO-331, Section MB.6.3.2.e – 'Low-level requirements conform to standards'

  • IEC 61508-3, Table A.3 (3) - 'Language subset'

  • IEC 62304, 5.5.3 - 'Software Unit acceptance criteria'

  • ISO 26262-6, Table 1 (1b) - 'Use of language subsets'
    ISO 26262-6, Table 1 (1f) - 'Use of unambiguous graphical representation'

  • EN 50128, Table A.4 (11) - 'Language Subset'

See Also

Model Configuration Parameters: Connectivity Diagnostics in the Simulink documentation

Last ChangedR2017b

hisl_0307: Configuration Parameters > Diagnostics > Connectivity > Buses

ID: Titlehisl_0307: Configuration Parameters > Diagnostics > Connectivity > Buses
Description

In the Configuration Parameters dialog box, on the Diagnostics > Connectivity pane, set the Buses parameters as follows:

  • Unspecified bus object at root Outport block to error

  • Element name mismatch to error

  • Bus signal treated as vector to error

  • Non-bus signals treated as bus signals to error

Rationale

Improve robustness of design.

Model Advisor ChecksCheck safety-related diagnostic settings for bus connectivity (Simulink Check)
References
  • DO-331, Section MB.6.3.3.b – Software architecture is consistent

  • IEC 61508-3, Table A.3 (3) - Language subset

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) - Use of language subsets

  • EN 50128, Table A.4 (11) - Language Subset

See Also

Model Configuration Parameters: Connectivity Diagnostics in the Simulink documentation

Last ChangedR2020a

hisl_0308: Configuration Parameters > Diagnostics > Connectivity > Function calls

ID: Titlehisl_0308: Configuration Parameters > Diagnostics > Connectivity > Function calls
DescriptionSet configuration parameter Context-dependent inputs to error.
Rationale

Improve robustness of design.

Model Advisor ChecksCheck safety-related diagnostic settings that apply to function-call connectivity (Simulink Check)
References
  • DO-331, Section MB.6.3.3.b – Software architecture is consistent

  • IEC 61508-3, Table A.3 (3) - Language subset

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) - Use of language subsets

  • EN 50128, Table A.4 (11) - Language Subset

See Also

Model Configuration Parameters: Connectivity Diagnostics in the Simulink documentation

Last ChangedR2017b

hisl_0309: Configuration Parameters > Diagnostics > Type Conversion

ID: Titlehisl_0309: Configuration Parameters > Diagnostics > Type Conversion
Description

In the Configuration Parameters dialog box, on the Diagnostics > Type Conversion pane, set these parameters as follows:

  • Unnecessary type conversion to warning

  • Vector/matrix block input conversion to error

  • 32-bit integer to single precision float conversion to warning

Rationale

Improve robustness of design.

Model Advisor Checks Check safety-related diagnostic settings for type conversions (Simulink Check)
References
  • DO-331, Section MB.6.3.1.g – Algorithms are accurate
    DO-331, Section MB.6.3.2.g – Algorithms are accurate

  • IEC 61508–3, Table A.3 (2) Strongly typed programming language
    IEC 61508–3, Table A.4 (3) Defensive programming

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) Use of language subsets
    ISO 26262-6, Table 1 (1c) Enforcement of strong typing
    ISO 26262-6, Table 1 (1d) Use of defensive implementation techniques

  • EN 50128, Table A.4 (8) Strongly Typed Programming Language
    EN 50128, Table A.3 (1) Defensive Programming

See Also

Model Configuration Parameters: Type Conversion Diagnostics in the Simulink documentation

Last ChangedR2017b

hisl_0310: Configuration Parameters > Diagnostics > Model Referencing

ID: Titlehisl_0310: Configuration Parameters > Diagnostics > Model Referencing
Description

Set these configuration parameters to error:

  • Port and parameter mismatch

  • Unsupported data logging

Rationale

Improve robustness of design.

Model Advisor ChecksCheck safety-related diagnostic settings for model referencing (Simulink Check)
References
  • DO-331, Section MB.6.3.1.d – High-level requirements are verifiable

  • DO-331, Section MB.6.3.2.d – Low-level requirements are verifiable.

  • DO-331, Section MB.6.3.3.b – Software architecture is consistent

  • IEC 61508-3, Table A.3 (3) – Language subset

  • IEC 62304, 5.5.3 – Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) – Use of language subsets

  • EN 50128, Table A.4 (11) – Language Subset

See Also

Model Configuration Parameters: Model Referencing Diagnostics

Last Changed

R2024a - Removed configuration parameter Invalid root Inport/Outport block connection (ModelReferenceIOMsg). Use hisl_0079: Connections to root input/output ports instead.

hisl_0311: Configuration Parameters > Diagnostics > Stateflow

ID: Titlehisl_0311: Configuration Parameters > Diagnostics > Stateflow®
Description

On the Diagnostics > Stateflow pane, set these configuration parameters to error:

Rationale

Improve robustness of design and promote a clear modeling style.

Model Advisor ChecksCheck safety-related diagnostic settings for Stateflow (Simulink Check)
References
  • DO-331, Section MB.6.3.1.b 'High-level requirements are accurate and consistent'
    DO-331, Section MB.6.3.1.e 'High-level requirements conform to standards'
    DO-331, Section MB.6.3.1.g 'Algorithms are accurate'
    DO-331, Section MB.6.3.2.b 'Low-level requirements are accurate and consistent'
    DO-331, Section MB.6.3.2.d 'Low-level requirements are verifiable'
    DO-331, Section MB.6.3.2.e 'Low-level requirements conform to standards'
    DO-331, Section MB.6.3.2.g 'Algorithms are accurate'

  • EN 50128, Table A.4 (11) - 'Language Subset'
    EN 50128, Table A.12 (6) - 'Limited Use of Recursion'

  • IEC 62304, 5.5.3 - 'Software Unit acceptance criteria'

  • ISO 26262-6, Table 1 (1b) - 'Use of language subsets'
    ISO 26262-6, Table 6 (1j) - 'No recursions'

  • IEC 61508-3, Table A.3 (3) - 'Language subset'

  • MISRA C:2012, Rule 17.2

See Also

Model Configuration Parameters: Stateflow Diagnostics in the Simulink documentation

Last ChangedR2024a

hisl_0314: Configuration Parameters > Diagnostics > Data Validity > Signals

ID: Titlehisl_0314: Configuration Parameters > Diagnostics > Data Validity > Signals
Description

In the Configuration Parameters dialog box, on the Diagnostics > Data Validity pane, set the Signals parameters as follows:

  • Signal resolution to Explicit only

  • Division by singular matrix to error

  • Underspecified data types to error

  • Inf or NaN block output to error

  • “rt” prefix for identifiers to error

  • Wrap on overflow to error

  • Saturate on overflow to error

  • Simulation range checking to error

Rationale

Improve robustness of design.

Model Advisor ChecksCheck safety-related diagnostic settings for signal data (Simulink Check)
References
  • DO-331, Section MB.6.4.2.2 'Robustness Test Cases’
    DO-331, Section MB.6.4.3 'Requirements-Based Testing Methods’
    DO-331, Section MB.6.3.1.e 'High-level requirements conform to standards'
    DO-331, Section MB.6.3.2.e 'Low-level requirements conform to standards'
    DO-331, Section MB.6.3.1.g 'Algorithms are accurate'
    DO-331, Section MB.6.3.2.g 'Algorithms are accurate'
    DO-331, Section MB.6.3.3.b 'Software architecture is consistent'

  • IEC 61508-3, Table A.3 (3) 'Language subset’
    IEC 61508-3, Table A.4 (3) 'Defensive programming’

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) 'Use of language subsets'
    ISO 26262-6, Table 1 (1d) 'Use of defensive implementation techniques'

  • EN 50128, Table A.4 (11) 'Language Subset'
    EN 50128, Table A.3 (1) 'Defensive Programming'

  • MISRA C:2012, Dir 4.1

See AlsoModel Configuration Parameters: Data Validity
Last ChangedR2018a