Because it's viable ✅

Is “code first” a viable approach for safety critical automotive software?

Written by

benediktschonlau

in

VW, Mercedes, BMW and some important European top suppliers form a new software alliance to create automotive software.

They announced that they will work with the “code first” principle to create quick results and overcome the slow old economy innovation pace. But of course, they also want to certify the software according to ISO 26262 (Functional Safety).

Writing code first means to create the requirements and the architectural design later. Doing this later leads to reverse engineering of requirements and architectural designs with assumptions about the context. Usually this way of software creation finally leads to a comprehensive code enhancement after the requirements are created. It’s like building a house first and later thinking about a sustainable foundation.

But anyway the approach has some added value. Huge software projects with multiple partners intend to do endless requirements discussions without finally creating anything else than paper. That’s no solution either.

Surprisingly ISO 26262, the functional safety standard for automotive provides a viable solution to solve this dilemma: Out of context development.

Therefore, ISO 26262 provides the approach of Safety Elements out of Context (SEooC). With the help of this approach a small design team can independently work on specific capabilities that can be later used in multiple contexts, not completely out of context.

The ISO requires so-called assumptions of use to mark the boundaries of the intended usage and not intended misuse.

This requirement can be fulfilled with Bertrand Meyer’s Design by Contract approach.

Here are my 5 cents to make rapid software development for safety and security critical software viable based on Bertrand Meyer’s software development principles.

  • Use Design by Contract: Embed preconditions, postconditions, and invariants to ensure correctness and catch errors early.
  • Formal Specs First: Define formal specifications for critical components before coding to align with safety standards like ISO 26262.
  • Seamless Verification: Integrate design, coding, and verification with static analysis and automated testing for continuous error detection.
  • Modular Design: Build reusable, object-oriented components with clear interfaces for maintainability and scalability.
  • Strict Open-Source Governance: Enforce coding standards, contract compliance, and peer reviews to maintain quality in collaborative development.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

More posts