For a better experience on, enable JavaScript in your browser. Thank you!

Software Quality and Supported Standards

TargetLink Certified for ISO 26262, ISO 25119, and IEC 61508

TargetLink is certified by TÜV SÜD (German international certification association) for use in the development of safety-related systems. TÜV confirmed that TargetLink is suitable for software development according to ISO 26262, ISO 25119, IEC 61508, and derivative standards (such as EN 50128, which governs safety-related software on the railways). The certification was based on a number of areas:

  • Software development process and software modification process of TargetLink
  • Problem handling procedures
  • Fitness for purpose in safety-related development according to ISO 26262, ISO 25119, and IEC 61508

TÜV SÜD also approved a reference workflow providing guidance for the model-based development of safety-related software with TargetLink. IEC 61508 is the internationally recognized generic standard for the development of safety-related electronic systems. ISO 26262 is the international automotive standard for the development of safety-related systems in road vehicles. ISO 25119 is the international standard for the development of safety-related parts of control systems in tractors and machinery for agriculture and forestry. Both standards are derived from IEC 61508.

ISO/IEC 15504-Compliant Development Process

ISO/IEC 15504 (also known as SPICE: Software Process Improvement and Capability Determination) is an international standard for software processes. Its underlying concept is that a mature software product requires a mature development process. dSPACE has dedicated itself to an ISO/IEC 15504-compliant development process.

Internal Software Quality Management

An internal quality department, the dSPACE quality management team, proactively manages software quality at dSPACE. The team leads software improvement activities, sets internal standards, conducts internal assessments, and provides consultation services to all software groups. It acts independently and ensures that the highest product quality goals are consistently achieved and sustained.


As a de-facto standard for automotive E/E architectures, AUTOSAR contains specifications for communication interfaces between application functions and basic system functions. The TargetLink AUTOSAR Module makes TargetLink’s modeling, simulation and code generation features available for designing AUTOSAR software components (SWCs).


The Functional Mock-up Interface (FMI) is an open standard for the tool-independent exchange and integration of plant models that are provided by various tool vendors. Functional Mockup Units (FMUs) can be exported from TargetLink to simulation environments that support FMI.


Internal ECU variables in measurement and calibration can be defined in the description format ASAM MCD-2 MC. Because a code generator also needs to have close links with calibration systems, TargetLink can export calibration data as ASAM-MCD 2MC file for calibration tools.


The British MISRA C standard (MISRA: Motor Industry Software Reliability Association; is a widely accepted C subset for projects in the automotive industry. Its aim is to define rules for avoiding common software errors that can occur when software engineers write software by hand. Most of these rules also make sense for machine-generated code. TargetLink-generated code complies with the vast majority of MISRA C rules. If deviations from the MISRA C standard are a technical necessity, they are identified and well documented. dSPACE provides detailed documentation about TargetLink’s MISRA C compliance to all TargetLink customers on request. For more information, please contact


With the DO-178C as a highly relevant standard for the development of software in aviation, model-based design and automatic code generation has a solid base for use in the aerospace sector. The document DO-331, Model-Based Development and Verification Supplement to DO-178C and DO-278A, which is also part of the standard, was written specifically for this. dSPACE takes this into account by providing a workflow document that explains how to use TargetLink in a model-based tool chain for DO-178C-compliant projects. The workflow document describes how to meet the individual requirements or objectives of DO-178C/DO-331. It focuses not only on TargetLink itself but also on a complete model-based tool chain that can contain further third-party tools, for example, from TargetLink cooperation partners such as BTC Embedded Systems, AbsInt, and Model Engineering Solutions. The workflow document is thus an important contribution towards simplifying the certification of TargetLink-generated code in DO-178C-compliant applications, addressing all criticality levels up to Level A. To receive the approximately 60-page document, please contact

Facts About TargetLink and DO-178C/DO-331 in Brief

  • Simulink®/TargetLink models for specifying high-level requirements
  • TargetLink design models for specifying low-level requirements
  • Generation of high-quality, easy-to-read, and traceable source code from TargetLink models
  • Comprehensive simulation support for models and code according to the established MIL/SIL/PIL verification concept
  • Powerful tool chain with tools from BTC Embedded Systems for requirements specification, automatic test vector generation, requirements verification and formal verification via model checking

Further Information Related Topics