Guy on Simulink

Simulink & Model-Based Design

This is machine translation

Translated by Microsoft
Mouseover text to see original. Click the button below to return to the English version of the page.

What can Simulink Code Inspector do for you? 1

Posted by Guy Rouleau,

Some time ago I was having a discussion with my colleague Sarah Dagen, from our Consulting Services, and she began explaining Simulink Code Inspector™ to me. I immediately stopped her and said: Wait! Write me a blog post instead!.

Here is the result:

Why Simulink Code Inspector?

You are designing a high-integrity software application using Simulink (good idea!). Once you have an excellent design that has been tested and meets the design requirements, you use Embedded Coder to generate C code that you will then compile, link, and load to your embedded hardware target.

You know your Simulink design does exactly what you want it to do - nothing more, nothing less. But you are not going to be running Simulink on the embedded hardware - you will be running an executable built from the automatically generated C code.

So what about that C code - does it still represent your exact design? How can you tell? You could use Processor-in-the-Loop (PIL) and re-run your requirements-based tests on the target processor to verify that the outputs match your simulation outputs. That's a good start. However, this is not necessarily going to prove the absence of unintended code. So, what can?

Sarah Dagen, guest blogger and Master of code inspection

So... what is Simulink Code Inspector?

Simulink Code Inspector automatically compares generated code with its source model. It examines the generated code and the model to determine if they are structurally equivalent. After inspection is complete, it produces detailed reports with model-to-code and code-to-model traceability analysis.

Because Simulink Code Inspector has been implemented completely independently of Embedded Coder, it can be used as a means of compliance for DO-178C/DO-331 certification objectives. These structural equivalence and traceability reports can be submit to certification authorities as evidence of code reviews for high-integrity standards such as DO-178C. Simulink Code Inspector is supported by our DO-178C/DO-331 Qualification Kit, allowing you to obtain certification credit when using it for DO-178C/DO-331 applications.

How does it do that?


Ok, magic and abstract syntax trees.

Simulink Code Inspector

Working with Simulink Code Inspector

To highlight what Code Inspector can do for you, let's take a very simple model to be deployed to an embedded target.

Example model

Not all Simulink/Stateflow features are supported by Code Inspector. Before running an inspection, you need to check that your model is compatible with Code Inspector. A set of Model Advisor checks, included with Code Inspector, can be run to verify compatibility.

Model Advisor Checks for Simulink Code Inspector

I run these checks on the model and review the Model Advisor report.

Code Inspector Model Advisor Report

No compatibility issues, so let's go ahead with inspection.

Open the Simulink Code Inspector window from the 'Code' menu...

Launching Simulink Code Inspector

And get this window:

Code Inspector Dialog

Once code generation and inspection are complete, a report with the results will open.

Code Inspection Report

Here's the report from the inspection - we passed!

Code Inspector Report

The report is extremely detailed - let's look at some of the information it includes.

Model-To-Code Traceability

Model-to-code traceability - with hyperlinks for navigating to the exact model object for convenience.

Code Inspector Report

Code-To-Model Traceability

Depending on your goal, it might be more convenient to know which block corresponds to a specific line of code. The report also includes a code-to-model traceability section.

Code Inspector Report

I guess it's your turn now...

We've introduced some of the basic features of Simulink Code Inspector. Obviously there's quite a bit more to this tool, but I hope that this overview will inspire you to think about your processes for verifying autogenerated code for high-integrity applications.

Does your organization's development process for high-integrity embedded software include manual code reviews or manual tracing from model to code? Are you interested in seeing more posts about high-integrity software development with Simulink? Let us know what you think by leaving a comment below.

One more thing... as mentioned in a previous post, if you need help with any part of your Model-Based Design process, you can contact our Consulting Servies.

1 CommentsOldest to Newest

Paul replied on : 1 of 1
Yes I'm interested in reading more! Perhaps you could give more examples of the types of faults this software can detect in the executable, or is it more an exercise in appeasing the certification review requirements? As you know, many modern software programs make use of temporal logic. I have previously used your Design Verifier product and one of its limitations was its relative lack of support for these systems, developing test vectors and so forth. Please PM me if you need more information.