Development of Safety-Critical Software Using Automatic Code Generation

The number of safety-critical systems in vehicles is rapidly increasing. A few years ago, the failure of a computer system in a vehicle would in the worst case mean the loss of a function, but in the systems of the future, the wrong reaction to a fault may be a safety hazard for the vehicle’s occupants and other road users. To cope with rising demands, such as the growing number of electronic systems in a vehicle, increasing complexity and shorter time-to-market, the automotive industry is increasingly adopting model-based design methods and using automatic code generators for software development.

In contrast, automatic code generators are hardly ever used for the development of safety-critical systems. Firstly, very special requirements are imposed on the code for safety-critical systems. Secondly, many software suppliers are only just beginning to apply appropriate development standards, and so they cannot tackle the introduction of automatic code generation at the same time.

However especially the high complexity and functional requirements of safety-critical systems demand the use of modern tools for developing, designing, implementing, verifying and validating such systems. It is natural to rely on experiences from the aviation industry when developing safety-critical systems for automotive applications. In the aviation industry for several decades programmable systems have been used for flight control, aircraft engine control, landing gear control etc.. The safety and reliability requirements of these systems are comparable with steer-by-wire or brake-by-wire systems which are currently under development in the automotive industry.