Model Checks for DO-254 Standard Compliance

You can check that your model or subsystem complies with selected aspects of the DO-254 safety standard by running the Model Advisor.

To check compliance with DO standards, open the Model Advisor and run the checks in By Task > Modeling Standards for DO-254.

For information on the DO-254 Software Considerations in Airborne Systems and Equipment Certification and related standards, see Radio Technical Commission for Aeronautics (RTCA).

The table below lists the DO-254 checks.

The following are the High-Integrity System Modeling checks that are applicable for the DO-178C/DO-331 standards.

Model Checks for High Integrity Systems Modeling

You can check that your model or subsystem complies with selected aspects of the High Integrity System Model safety standard by running the Model Advisor.

To check compliance with High Integrity System Model standards, run the high-integrity checks from By Task > Modeling Standards for DO-254 > High-Integrity Systems

The table below lists the High Integrity System Model checks and their corresponding modeling guidelines that support DO-254 Safety Standard. For more information about the High-Integrity Modeling Guidelines, see High-Integrity System Modeling.

High Integrity System Model ChecksApplicable High-Integrity System Modeling Guidelines
Check for inconsistent vector indexing methodshisl_0021: Consistent vector indexing method
Check for variant blocks with 'Generate preprocessor conditionals' activehisl_0023: Verification of variant blocks
Check for root Inports with missing propertieshisl_0024: Inport interface definition
Check for Relational Operator blocks that equate floating-point typeshisl_0017: Usage of blocks that compute relational operators (2)
Check usage of Relational Operator blockshisl_0016: Usage of blocks that compute relational operators
Check usage of Logical Operator blockshisl_0018: Usage of Logical Operator block
Check sample time-dependent blockshisl_0007: Usage of For Iterator or While Iterator subsystems
Check safety-related block reduction optimization settingshisl_0046: Configuration Parameters > Simulation Target > Block reduction
Check usage of Abs blockshisl_0001: Usage of Abs block
Check usage of Assignment blockshisl_0029: Usage of Assignment blocks
Check for root Inports with missing range definitionshisl_0025: Design min/max specification of input interfaces
Check for root Outports with missing range definitionshisl_0026: Design min/max specification of output interfaces
Check Stateflow charts for transition paths that cross parallel state boundarieshisf_0013: Usage of transition paths (crossing parallel state boundaries)
Check Stateflow charts for ordering of states and transitionshisf_0002: User-specified state/transition execution order
Check Stateflow debugging optionshisf_0011: Stateflow debugging settings
Check Stateflow charts for uniquely defined data objectshisl_0061: Unique identifiers for clarity
Check usage of shift operations for Stateflow datahisf_0064: Shift operations for Stateflow data to improve code compliance
Check Stateflow charts for unary operatorshisf_0211: Protect against use of unary operators in Stateflow Charts to improve code compliance
Check for Strong Data Typing with Simulink I/Ohisf_0009: Strong data typing (Simulink and Stateflow boundary)
Check MATLAB Code Analyzer messageshiml_0004: MATLAB Code Analyzer recommendations for code generation
Check safety-related model referencing settingshisl_0037: Configuration Parameters > Model Referencing
Check safety-related diagnostic settings for parametershisl_0302: Configuration Parameters > Diagnostics > Data Validity > Parameters
Check safety-related diagnostic settings for type conversionshisl_0309: Configuration Parameters > Diagnostics > Type Conversion
Check safety-related diagnostic settings for signal connectivityhisl_0306: Configuration Parameters > Diagnostics > Connectivity > Signals
Check safety-related diagnostic settings for bus connectivityhisl_0307: Configuration Parameters > Diagnostics > Connectivity > Buses
Check safety-related diagnostic settings for model initializationhisl_0304: Configuration Parameters > Diagnostics > Data Validity > Model initialization
Check safety-related diagnostic settings for model referencinghisl_0310: Configuration Parameters > Diagnostics > Model Referencing
Check safety-related diagnostic settings for savinghisl_0036: Configuration Parameters > Diagnostics > Saving
Check safety-related diagnostic settings for Stateflowhisl_0311: Configuration Parameters > Diagnostics > Stateflow
Check model object nameshisl_0032: Model object names
Check for model elements that do not link to requirementshisl_0070: Placement of requirement links in a model
Check for inappropriate use of transition pathshisf_0014: Usage of transition paths (passing through states)
Check usage of Bitwise Operator blockhisl_0019: Usage of bitwise operations
Check data types for blocks with index signalshisl_0022: Data type selection for index signals
Check model file namehisl_0031: Model file names
Check if/elseif/else patterns in MATLAB Function blockshiml_0006: MATLAB code if / elseif / else patterns
Check switch statements in MATLAB Function blockshiml_0007: MATLAB code switch / case / otherwise patterns
Check global variables in graphical functionshisl_0062: Global variables in graphical functions
Check for length of user-defined object nameshisl_0063: Length of user-defined object names to improve MISRA C:2012 compliance
Check usage of conditionally executed subsystemshisl_0012: Usage of conditionally executed subsystems
Check usage of standardized MATLAB function headershiml_0001: Usage of standardized MATLAB function headers
Check usage of relational operators in MATLAB Function blockshiml_0008: MATLAB code relational operator data types
Check usage of equality operators in MATLAB Function blockshiml_0009: MATLAB code with equal / not equal relational operators
Check usage of logical operators and functions in MATLAB Function blockshiml_0010: MATLAB code with logical operators and functions
Check naming of ports in Stateflow chartshisf_0016: Stateflow port names
Check scoping of Stateflow data objectshisf_0017: Stateflow data object scoping
Check usage of Gain blockshisl_0066: Usage of Gain blocks
Check usage of bitwise operations in Stateflow chartshisf_0003: Usage of bitwise operations
Check data type of loop control variableshisl_0102: Data type of loop control variables to improve MISRA C:2012 compliance

HDL Code Advisor Checks

The HDL Code Advisor and the Model Advisor checks in HDL Coder™ verify and update your Simulink® model or subsystem for compatibility with HDL code generation. The Code Advisor has checks for:

  • Model configuration settings

  • Ports and Subsystem settings

  • Blocks and block settings

  • Native Floating Point support

  • Industry standard guidelines

The following table lists the HDL Code Advisor checks that are supported by DO-254 Safety Standards:

HDL Code Advisor ChecksDescription
Check for infinite and continuous sample time sources (HDL Coder)Check source blocks with continuous sample time.
Check for unsupported blocks (HDL Coder)Check for unsupported blocks for HDL code generation.
Check for large matrix operations (HDL Coder)Check for large matrix operations.
Identify unconnected lines, input ports, and output portsCheck for unconnected lines or ports.
Identify disabled library linksSearch model for disabled library links.
Identify unresolved library linksSearch the model for unresolved library links, where the specified library block cannot be found.
Check for MATLAB Function block settings (HDL Coder)Check HDL compatible settings for MATLAB Function blocks.
Check for Stateflow chart settings (HDL Coder)

Check HDL compatible settings for Stateflow® Chart blocks.

Check Delay, Unit Delay and Zero-Order Hold blocks for rate transitionIdentify Delay, Unit Delay, or Zero-Order Hold blocks that are used for rate transition. Replace these blocks with actual Rate Transition blocks.
Check for unsupported storage class for signal objects (HDL Coder)Check whether signal object storage class is 'ExportedGlobal' or 'ImportedExtern' or 'ImportedExternPointer'
Check VHDL file extension (HDL Coder)Check file extensions of VHDL files containing entities.
Check naming conventions (HDL Coder)Check standard keywords used by EDA tools.
Check top-level subsystem/port names (HDL Coder)Check top-level module/entity and port names.
Check module/entity names (HDL Coder)Check module/entity names.
Check signal and port names (HDL Coder)Check signal and port name lengths.
Check package file names (HDL Coder)Check file name containing packages.
Check generics (HDL Coder)Check generics at top-level subsystem.
Check clock, reset, and enable signals (HDL Coder)Check naming convention for clock, reset, and enable signals.
Check architecture name (HDL Coder)Check VHDL architecture name in the generated HDL code.
Check entity and architecture (HDL Coder)Check whether the VHDL entity and architecture are described in the same file.
Check clock settings (HDL Coder)Check constraints on clock signals.
Check model for foreign charactersSearch the model for unresolved library links, where the specified library block cannot be found.
Check for global reset setting for Xilinx and Altera devices (HDL Coder)Check asynchronous reset setting for Altera® devices and synchronous reset setting for Xilinx® devices.
Check inline configurations setting (HDL Coder)Check whether you have InlineConfigurations enabled.
Check algebraic loops (HDL Coder)Check model for algebraic loops.
Check for visualization settings (HDL Coder)Check model for display settings: port data types and sample time color coding.
Check delay balancing setting (HDL Coder)Check Balance Delays is enabled.

Check for model parameters suited for HDL code generation (HDL Coder)

Check for model parameters set up for HDL code generation.
Check for double datatypes in the model with Native Floating Point (HDL Coder)Check for double data types in the model.
Check for Data Type Conversion blocks with incompatible settings (HDL Coder)Check conversion mode of Data Type Conversion blocks.
Check for HDL Reciprocal block usage (HDL Coder)Check HDL Reciprocal blocks are not using floating point types.
Check for Relational Operator block usage (HDL Coder)Check Relational Operator blocks which use floating point types have boolean outputs.
Check for unsupported blocks with Native Floating Point (HDL Coder)Check for unsupported blocks with native floating-point.
Check for blocks that have nonzero output latency (HDL Coder)Check for blocks that have nonzero output latency with native floating-point.
Check blocks with nonzero ulp error (HDL Coder)Check for blocks that have nonzero ulp error with native floating-point.
Check for single datatypes in the model (HDL Coder)Check for single data types in the model.
Check initial conditions of enabled and triggered subsystems (HDL Coder)Check for initial condition of enabled and triggered subsystems.
Check for invalid top level subsystem (HDL Coder)Check for subsystems that cannot be at the top level for HDL code generation.

Related Topics