DO-331 Title: Model-Based Development and Verification Supplement to DO-178C and DO-278A

https://www.scribd.com/document/405938629/5357-Jacklin

https://thecloudstrap.com/do-331-objectives-list/

https://ntrs.nasa.gov/api/citations/20120016835/downloads/20120016835.pdf

what is new in DO-331?: simulation environment, model coverage analysis, model simulation, software model standards

Specification Models – Defining high level requirements without implementation, software architecture, or data flow and/or control flow 

Design Models – Defining architecture and design (low level requirements) 

• If code can be written from the model, then it is considered a Design Model 

• A Design Model must have parent requirements in scope of the DO-178C development process 

Note that Systems Engineering may be the author of a Specification Model and therefore subject to meeting the objectives of DO-331 for that model 

MBD Data Items (beyond the normal items) to be expected in a program: 

• Model Planning 

• How it will be used and how and where it fits into the lifecycle; what Model Standards will be used; the verification approach; simulation - if used for credit 

• Model Standards and Techniques 

• The guides for both Specification and Design models, including constraints, instructions, language, symbols used, model element libraries 

Models use well-defined language, such as simulink

• Model Element Libraries 

• Each element must be assured to meet the required Software Level as it is a set of executable code that generates a symbol and associated action. A full data package for each library is necessary 

• Unused elements should be removed from the library, unless the standard includes instructions prohibiting use, particularly for unassured elements 

•Model Coverage Analysis

The objective of model coverage analysis is to discover requirements contained in the model that were not exercised by verification test cases. DO-331 recommends model coverage be shown for all state machine transitions, logic equation decisions, numeric data equivalence classes (and boundary data), and all derived requirements. Model coverage analysis should be performed using requirements-based verification test cases. 

• Analysis which identifies requirements in a Design Model not verified by requirements testing; 

• This may identify unintended functionality 

• Criteria for this analysis and resolution of issues found must be defined in the planning document 

• Model Simulation 

The objective of model simulation is to verify that the model satisfies the requirements used to create it and to gather evidence that the model is accurate, consistent, and compatible with all system-level, highlevel, and low-level requirements. 

• This activity exercises the model behavior using a simulator 

• If used for credit, the simulation cases, procedures and results are necessary 

modeling techniques used to build the models ?

Using Model-Based Design for DO-178C and DO-331 Compliance

https://in.mathworks.com/videos/using-model-based-design-for-do-178c-and-do-331-compliance-1683729891046.html

• Requirements toolbox for textual requirements (MB.A-2 and MB.A-3)

• Requirements Table Block for specification modelling (MB.A-2 and MB.A-3)

• simulink and stateflow for design modelling (MB.A-2)

• simulink check and simulink design verifier for static analysis (MB.A-4 and FM.A-4)

• simulink test and simulink coverage simulation testing (MB.A-4)

• embedded coder for source code (MB.A-2)

• simulink code inspector and polyspace bug finder for source code verification (MB.A-5)

  • simulink code inspector ==> compliance, traceability, accuracy, consistency, verifiability objectives of MB.A-5

  • polyspace bug finder ==> conformance to code standards objective of MBA-5

• polyspace code prover for robustness verification and data flow analysis (MB.A-5, MB.A-6 and MB.A-7)

• simulink test and simulink coverage for object code testing and structural coverage analysis (MB.A-6 and MB.A-7): PIL testing

• simulink test and simulink real-time for hardware/software integration testing (MB.A-6)

----------------

• formal methods tools examples: polyspace code prover, simulink design verifier

DO-326 ==> cyber security guideline

Table of Contents: DO-331

MB.1.0 introduction

MB.2.0 system aspects related to software development

MB.3.0 software life cycle

MB.4.0 software planning process

MB.5.0 software development process

MB.6.0 software verification process

MB.7.0 software configuration management process

MB.8.0 software quality assurance process

MB.9.0 certification liaison process

MB.10.0 overview of certification process

MB.11.0 software life cycle data

MB.12.0 additional considerations

ANNEX MB.A process objectives and outputs by software level in DO-178C

ANNEX MB.B acronyms and glossary of terms

ANNEX MB.C process objectives and outputs by software level in DO-278A

APPENDIX MB.A committee membership

APPENDIX MB.B frequently asked questions and discussion papers

Table of Contents: DO-331 (blue: content updated from DO-178C. black: unchanged from DO-178C. Red: completely new content for MB)

MB.1.0 Introduction
MB.1.1 Purpose
MB.1.2 Scope
MB.1.3 Relationship to Other Documents
MB.1.4 How to Use This Document
MB.1.5 Document Overview
MB.1.6 Characteristics of Model-Based Development and Verification
              MB.1.6.1 Requirements from Which the Model is Developed
              MB.1.6.2 Specification Models and Design Models
              MB.1.6.3 Examples of Model Usage

MB.2.0 System Aspects Relating to Software Development
MB.2.1 System Requirements Allocation to Software
MB.2.2 Information Flow Between System and Software Life Cycle Processes
              MB.2.2.1 Information Flow from System Processes to Software Processes
              MB.2.2.2 Information Flow from Software Processes to System Processes
              MB.2.2.3 Information Flow between Software Processes and Hardware Processes
MB.2.3 System Safety Assessment Process and Software Level
              MB.2.3.1 Relationship between Software Errors and Failure Conditions
              MB.2.3.2 Failure Condition Categorization
              MB.2.3.3 Software Level Definition
              MB.2.3.4 Software Level Determination
MB.2.4 Architectural Considerations
              MB.2.4.1 Partitioning
              MB.2.4.2 Multiple-Version Dissimilar Software
              MB.2.4.3 Safety Monitoring
MB.2.5 Software Considerations in System Life Cycle Processes
              MB.2.5.1 Parameter Data Items
              MB.2.5.2 User-Modifiable Software
              MB.2.5.3 Commercial-Off-The-Shelf Software
              MB.2.5.4 Option-Selectable Software
              MB.2.5.5 Field-Loadable Software
              MB.2.5.6 Software Considerations in System Verification
MB.2.6 System Considerations in Software Life Cycle Processes

MB.3.0 Software Life Cycle
MB.3.1 Software Life Cycle Processes
MB.3.2 Software Life Cycle Definition
MB.3.3 Transition Criteria Between Processes

MB.4.0 Software Planning Process
MB.4.1 Software Planning Process Objectives
MB.4.2 Software Planning Process Activities
MB.4.3 Software Plans
MB.4.4 Software Life Cycle Environment Planning
              MB.4.4.1 Software Development Environment
              MB.4.4.2 language and Compiler Considerations
              MB.4.4.3 Software Test Environment
              MB.4.4.4 Simulation Environment
MB.4.5 Software Development Standards
MB.4.6 Review of the Software Planning Process

MB.5.0 Software Development Processes
MB.5.1 Software Requirements Process
              MB.5.1.1 Software Requirements Process Objectives
              MB.5.1.2 Software Requirements Process Activities
MB.5.2 Software Design Process
              MB.5.2.1 Software Design Process Objectives
              MB.5.2.2 Software Design Process Activities
              MB.5.2.3 Designing for User-Modifiable Software
              MB.5.2.4 Designing for Deactivated Code
MB.5.3 Software Coding Process
              MB.5.3.1 Software Coding Process Objectives
              MB.5.3.2 Software Coding Process Activities
MB.5.4 Integration Process
              MB.5.4.1 Integration Process Objectives
              MB.5.4.2 Integration Process Activities
MB.5.5 Software Development Process Traceability

MB.6.0 Software Verification Process
MB.6.1 Purpose of Software Verification
MB.6.2 Overview of Software Verification Process Activities
MB.6.3 Reviews and Analysis
              MB.6.3.1 Reviews and Analyses of High-Level Requirements
              MB.6.3.2 Reviews and Analyses of Low-Level Requirements
              MB.6.3.3 Reviews and Analyses of Software Architecture
              MB.6.3.4 Reviews and Analyses of Source Code
              MB.6.3.5 Reviews and Analyses of the Outputs of the Integration Process
MB.6.4 Software Testing
              MB.6.4.1 Test Environment
              MB.6.4.2 Requirements-Based Test Selection
                              MB.6.4.2.1 Normal Range Test Cases
                                MB.6.4.2.2 Robustness Test Cases
              MB.6.4.3 Requirements-Based Testing Methods
              MB.6.4.4 Test Coverage Analysis
                                MB.6.4.4.1 Requirements Based Test Coverage Analysis
                                MB.6.4.4.2 Structural Coverage Analysis
                                MB.6.4.4.3 Structural Coverage Analysis Resolution
              MB.6.4.5 Reviews and Analysis of Test cases, Procedures, and Results
MB.6.5 Software Verification Process Traceability
MB.6.6 Verification of Parameter Data Items
MB.6.7 Model Coverage Analysis for Design Models
              MB.6.7.1 Model Coverage Analysis Criteria
              MB.6.7.2 Model Coverage Analysis Resolution
MB.6.8 Model Simulation
              MB.6.8.1 Model Simulation for Verification of the Model
              MB.6.8.2 Model Simulation for Verification of the Executable Object Code
              MB.6.8.3 Simulation Cases, Procedures, and Results
                                MB.6.8.3.1 Development of Simulation Cases, Procedures, and Results
                                MB.6.8.3.2 Reviews and Analyses of Simulation Cases, Procedures, and Results

MB.7.0 Software Configuration Management Process
MB.7.1 Software Configuration Management Process Objectives
MB.7.2 Software Configuration Management Process Activities
              MB.7.2.1 Configuration Identification
              MB.7.2.2 Baselines and Traceability
              MB.7.2.3 Problem Reporting, Tracking, and Corrective Action
              MB.7.2.4 Change Control
              MB.7.2.5 Change Review
              MB.7.2.6 Configuration Status Accounting
              MB.7.2.7 Archive, Retrieval, and Release
MB.7.3 Data Control Categories
MB.7.4 Software Load Control
MB.7.5 Software Life Cycle Environment Control

MB.8.0 Software Quality Assurance Process
MB.8.1 Software Quality Assurance Process Objectives
MB.8.2 Software Quality Assurance Process Activities
MB.8.3 Software Conformity Review

MB.9.0 Certification Liaison Process
MB.9.1 Means of Compliance and Planning
MB.9.2 Compliance Substantiation
MB.9.3 Minimum Software Life Cycle Data Submitted to Certification Authority
MB.9.4 Software Life Cycle Data Related to Type Design

MB.10.0 Overview of Certification Process
MB.10.1 Certification Basis
MB.10.2 Software Aspects of Certification
MB.10.3 Compliance Determination

MB.11.0 Software Life Cycle Data
MB.11.1 Plan for Software Aspects of Certification
MB.11.2 Software Development Plan
MB.11.3 Software Verification Plan
MB.11.4 Software Configuration Management Plan
MB.11.5 Software Quality Assurance Plan
MB.11.6 Software Requirements Standards
MB.11.7 Software Design Standards
MB.11.8 Software Code Standards
MB.11.9 Software Requirements Data
MB.11.10 Design Description
MB.11.11 Source Code
MB.11.12 Executable Object Code
MB.11.13 Software Verification Cases and Procedures
MB.11.14 Software Verification Results
MB.11.15 Software Life Cycle Environment Configuration Index
MB.11.16 Software Configuration Index
MB.11.17 Problem Reports
MB.11.18 Software Configuration Management Records
MB.11.19 Software Quality Assurance Records
MB.11.20 Software Accomplishment Summary
MB.11.21 Trace Data
MB.11.22 Parameter Data Item File
MB.11.23 Software Model Standards

MB.12.0 Additional Considerations
MB.12.1 Use of Previously Developed Software
                MB.12.1.1 Modifications of Previously Developed Software
                MB.12.1.2 Change of Aircraft Installation
                MB.12.1.3 Change of Application or Development Environment
                MB.12.1.4 Upgrading a Development Baseline
                MB.12.1.5 Software Configuration Management Considerations
                MB.12.1.6 Software Quality Assurance Considerations
MB.12.2 Tool Qualification
                MB.12.2.1 Determining if Tool Qualification is Needed
                MB.12.2.2 Determining the Tool Qualification Level
                MB.12.2.3 Tool Qualification Process
MB.12.3 Alternative Methods
                MB.12.3.1 Exhaustive Input Testing
                MB.12.3.2 Considerations for Multiple-Version Dissimilar Software Verification
                                    MB.12.3.2.1 Independence of Multiple-Version Dissimilar Software
                                    MB.12.3.2.2 Multiple Processor-Related Verification
                                    MB.12.3.2.3 Multiple Version Source Code Verification
                                    MB.12.3.2.4 Tool Qualification for Multile-Version Dissimilar Software
                                    MB.12.3.3.5 Multiple Simulators and Verification
                MB.12.3.3 Software Reliability Models
                MB.12.3.4 Product Service History
                      MB.12.3.4.1 Relevance of Service History
                      MB.12.3.4.2 Sufficiency of Accumulated Service History
                      MB.12.3.4.3 Collection, Reporting, and Analysis of Problem Reports Found During Service

                                          History
                      MB.12.3.4.4 Service History Information to be Included in the Plan for Software Aspects of

                                          Certification

Annex MB.A: Process Objectives and Outputs by Software Level in DO-178C
Annex MB.B: Acronyms and Glossary of Terms
Annex MB.C: Process Objectives and Outputs by Assurance Level in DO-278A

Appendix MB.A: Committee Membership
Appendix MB.B: Frequently asked Questions and Discussion Papers