Qualkitdo SLVNV TQP

DO Qualification Kit
Simulink® Verification and Validation™

Tool Qualification Plan
R2015a, March 2015

How to Contact MathWorks
Latest news: www.mathworks.com
Sales and services: www.mathworks.com/sales_and_services
User community: www.mathworks.com/matlabcentral
Technical support: www.mathworks.com/support/contact_us
Phone: 508-647-7000
The MathWorks, Inc.

3 Apple Hill Drive
Natick, MA 01760-2098
DO Qualification Kit: Simulink® Verification and Validation™ Tool Qualification Plan
© COPYRIGHT 2009–2015 by The MathWorks, Inc.
The software described in this document is furnished under a license agreement. The software may be used or copied only under
the terms of the license agreement. No part of this manual may be photocopied or reproduced in any form without prior written
consent from The MathWorks, Inc.
FEDERAL ACQUISITION: This provision applies to all acquisitions of the Program and Documentation by, for, or through the
federal government of the United States. By accepting delivery of the Program or Documentation, the government hereby agrees
that this software or documentation qualifies as commercial computer software or commercial computer software documentation
as such terms are used or defined in FAR 12.212, DFARS Part 227.72, and DFARS 252.227-7014. Accordingly, the terms and
conditions of this Agreement and only those rights specified in this Agreement, shall pertain to and govern the use, modification,
reproduction, release, performance, display, and disclosure of the Program and Documentation by the federal government (or
other entity acquiring for or through the federal government)and shall supersede any conflicting contractual terms or conditions.
If this License fails to meet the government’s needs or is inconsistent in any respect with federal procurement law, the
government agrees to return the Program and Documentation, unused, to The MathWorks, Inc.
Trademarks
MATLAB and Simulink are registered trademarks of The MathWorks, Inc. See www.mathworks.com/trademarks for a
list of additional trademarks. Other product or brand names may be trademarks or registered trademarks of their respective
holders.
Patents
MathWorks products are protected by one or more U.S. patents. Please see www.mathworks.com/patents for more
information.
Revision History
March 2009 New for Version 1.0 (Applies to Release 2009a)
September 2009 Revised for Version 1.1 (Applies to Release 2009b)
April 2010 Rereleased for Version 1.1.1 (Applies to Release 2009bSP1)
March 2010 Revised for Version 1.2 (Applies to Release 2010a)
April 2011 Revised for Version 1.4 (Applies to Release 2011a)
October 2014 Revised for Version 2.4 (Applies to Release 2014b)
Contents
1 Introduction ...................................................................................................................................... 1-1
2 Tool Overview and Identification .................................................................................................... 2-1
2.1 Simulink Verification and Validation Product Description ...................................................... 2-2
2.2 Simulink Verification and Validation Product Identification .................................................... 2-3
3 Tool Operational Requirements ....................................................................................................... 3-1
4 Certification Considerations ............................................................................................................. 4-1
4.1 Requirement for Qualification .................................................................................................. 4-2
4.1.1 DO-178C/DO-331 Checks ............................................................................................. 4-2
4.1.2 Model Coverage ............................................................................................................. 4-3
4.2 Certification Credit ................................................................................................................... 4-4
4.2.1 DO-178C/DO-331 Checks ............................................................................................. 4-4
4.2.2 Model Coverage ............................................................................................................. 4-8
5 Tool Development Life Cycle – Tool User ...................................................................................... 5-1
5.1 Planning .................................................................................................................................... 5-2
5.2 Requirements ............................................................................................................................ 5-3
5.2.1 DO-178C/DO-331 Checks ............................................................................................. 5-3
5.2.2 Model Coverage ............................................................................................................. 5-4
5.3 Verification ............................................................................................................................... 5-5
5.3.1 DO-178C/DO-331 Checks ............................................................................................. 5-5
5.3.2 Model Coverage ............................................................................................................. 5-6
6 Additional Considerations ................................................................................................................ 6-1
6.1 Customer Bug Reporting........................................................................................................... 6-2
7 Tool Life Cycle Data ........................................................................................................................ 7-1
7.1 DO-178C/DO-331 Checks ........................................................................................................ 7-2
7.2 Model Coverage ........................................................................................................................ 7-3
8 Schedule ........................................................................................................................................... 8-1
v
vi
1 Introduction
This document comprises the Tool Qualification Plan (reference DO-330 Section 10.1.2) for the
following capabilities of the Simulink® Verification and Validation™ verification tool:
 DO-178C/DO-331 checks
 Model coverage
This document is intended for use in the DO-178C and DO-330 tool qualification process for
Criteria 3 TQL-5 tools.
See also the DO Qualification Kit User's Guide, R2015a.

1-2
2 Tool Overview and Identification
2.1 Simulink Verification and Validation Product
Description
Verify models and generated code
Simulink Verification and Validation automates requirements tracing, modeling standards
compliance checking, and model coverage analysis.
You can create detailed requirements traceability reports, author your own modeling style
checks, and develop check configurations to share with engineering teams. Requirements
documentation can be linked to models, test cases, and generated code. You can generate
harness models for testing model components and code, and use model coverage analysis to
ensure that models have been thoroughly tested.
Simulink Verification and Validation provides modeling standards checks for the DO-178, ISO
26262, IEC 61508 and related industry standards.
Key Features
 Compliance checking for MAAB style guidelines and high-integrity system design
guidelines (DO-178, ISO 26262, IEC-61508, and related industry standards)
 Model Advisor Configuration Editor, including custom check authoring
 Requirements Management Interface for traceability of model objects, code, and tests to
requirements documents
 Automatic test-harness generation for subsystems
 Component testing via simulation, software-in-the-loop (SIL), and processor-in-the-loop
(PIL)
 Programmable scripting interface for automating compliance checking, requirements
traceability analysis, and component testing
2-2
2.2 Simulink Verification and Validation Product
Identification
Software Tool Version (Release) Tool Vendor

Simulink Verification and Validation Version 3.9 (R2015a) The MathWorks, Inc.
3 Apple Hill Drive
Natick, MA, 01760-2098 USA
2-3
2-4
3 Tool Operational Requirements
The Tool Operational Requirements for the following capabilities in the Simulink® Verification
and Validation™ product are documented in DO Qualification Kit: Simulink Verification and
Validation Tool Operational Requirements:
 Model coverage
To access the tool operational requirements document, on the MATLAB ® command line, type
qualkitdo to open the Artifacts Explorer. The document is in Simulink Verification and
Validation > r2015a.
3-2
4 Certification Considerations
This section provides certification considerations for the following capabilities of the Simulink
Verification and Validation verification tool:
 Model coverage
4.1 Requirement for Qualification
4.1.1 DO-178C/DO-331 Checks
To determine whether a tool must be qualified, you must answer the following questions. If you
answer yes to all three questions, you must qualify the tool.
Question DO-178C/DO-331
Checks
Can the tool insert an error into the airborne software or fail to detect an Yes1
existing error in the software within the scope of its intended usage?
Will the output of the tool not be verified as specified in Section 6 of DO-178C, Yes
DO-278A, DO-331, DO-332 or DO-333?
Are processes of DO-178C, DO-278A, DO-331, DO-332 or DO-333 Yes
eliminated, reduced, or automated by the use of the tool? Will you use output
from the tool to meet an objective or replace an objective of DO-178C, DO-
278A, DO-331, DO-332 or DO-333, Annex A or Annex C?
1 The DO-178C checks might fail to detect an error.
Given that the answer to all the preceding questions is yes, the DO-178C/DO-331 checks in the
Simulink Verification and Validation product must be qualified.
To determine the qualification type (Criteria 1, Criteria 2, or Criteria 3), you must answer the
following questions about the tool.
Question DO-178C/DO-331
Checks
1. Is the tool output part of the airborne software, such that the output can No
insert an error into the software?
2. Could the tool fail to detect an error in the airborne software and is the No
tool also used to justify the elimination or reduction of either of the
following:
 Verification processes other than that automated by the tool.
 Development processes that could have an impact on the airborne
software.
3. Could the tool fail to detect an error in the airborne software? Yes
Because the answer to the preceding first and second questions are no, the DO-178C/DO-331
checks in the Simulink Verification and Validation product must be qualified as a Criteria 3 tool.
The tool qualification level will therefore be TQL-5.
4-2
4.1.2 Model Coverage
To determine whether a tool must be qualified, you must answer the following questions. If you
answer yes to all three questions, you must qualify the tool.
Question Model Coverage

Can the tool insert an error into the airborne software or fail to detect an Yes2
existing error in the software within the scope of its intended usage?
Will the output of the tool not be verified as specified in Section 6 of DO-178C, Yes
DO-278A, DO-331, DO-332 or DO-333?
Are processes of DO-178C, DO-278A, DO-331, DO-332 or DO-333 Yes
eliminated, reduced, or automated by the use of the tool? Will you use output
from the tool to meet an objective or replace an objective of DO-178C, DO-
278A, DO-331, DO-332 or DO-333, Annex A or Annex C?
2
Model coverage might fail to detect an error.
Given that the answer to all the preceding questions is yes, the model coverage capability in the
Simulink Verification and Validation product must be qualified.
To determine qualification type (Criteria 1, Criteria 2, or Criteria 3), you must answer the
following questions about the tool.
Question Model Coverage

1. Is the tool output part of the airborne software, such that the output can No
insert an error into the software?
2. Could the tool fail to detect an error in the airborne software and is the No
tool also used to justify the elimination or reduction of either of the
following:
 Verification processes other than that automated by the tool.
 Development processes that could have an impact on the airborne
software.
3. Could the tool fail to detect an error in the airborne software? Yes
Because the answer to the preceding first and second questions are no, the model coverage
capability in the Simulink Verification and Validation product must be qualified as a Criteria 3
tool. The tool qualification level will therefore be TQL-5.
4-3
4.2 Certification Credit

The following table shows the certification credit (see DO-331 Annex A or Annex C
Objectives), being taken for the DO-178C/DO-331 checks in the Simulink Verification and
Validation product.
Note The DO-178C/DO-331 checks can contain two sections: an analysis section
for reviewing the model and an action section for automatically fixing warnings
and failures. The DO Qualification Kit covers the DO-178C/DO-331 check
analysis, not the check actions.
The DO Qualification Kit does not cover Model Advisor check exclusions.
4-4
Certification Credit for DO-178C/DO-331 Checks
Annex A Objective DO-331 Software or Credit Taken
or C Reference Assurance (in conjunction with other tools)
Table Levels
Table High-level Section A, B, C, D Full or Partial1 – The DO-178C/DO-331
MB.A-3 requirements are MB.6.3.1.b AL1, AL2, AL3, checks verify the accuracy and
accurate and AL4, AL5 consistency of the model statically. A
consistent combination of Model Advisor checks,
simulation against the higher-level
requirements, and review of the System
Design Description can be used to take
full credit for this objective.
Table High-level Section A, B Full or Partial1, 3 – The DO-178C/DO-
MB.A-3 requirements are MB.6.3.1.c AL1, AL2 331 checks verify the code generator
compatible with target settings related to the CPU. A
computer combination of Model Advisor checks
and review of the System Design
Description can be used to take full
credit for this objective.
Table High-level Section A, B, C Full or Partial1 – The DO-178C/DO-331
MB.A-3 requirements are MB.6.3.1.d AL1, AL2, AL3, checks verify parameter tunability, test
verifiable AL4 point visibility, and in some cases can
find unreachable decisions. A
combination of Model Advisor checks
and model coverage during simulation
can be used to take full credit for this
objective.
Table High-level Section A, B, C Full or Partial1 – The DO-178C/DO-331
MB.A-3 requirements conform MB.6.3.1.e AL1, AL2, AL3, checks verify conformance to standards
to standards AL4 that have dedicated checks. For
modeling standards that do not have
Model Advisor checks, this verification
may be completed via manual reviews of
the System Design Description.
Table High-level Section A, B, C, D Partial1 – The DO-178C/DO-331 checks
MB.A-3 requirements are MB.6.3.1.f AL1, AL2, AL3, verify that the requirements links are
traceable to system AL4, AL5 consistent; the actual traceability must be
requirements verified independently by reviewing the
“Requirements Traceability” section of
4-5
Table Levels
Table Algorithms are Section A, B, C Full or Partial1 – The DO-178C/DO-331
MB.A-3 accurate MB.6.3.1.g AL1, AL2, AL3, checks verify the accuracy of data types
AL4 used within the model statically. A
combination of Model Advisor checks,
Table Low-level Section A, B, C Full or Partial2 – The DO-178C/DO-331
MB.A-4 requirements are MB.6.3.2.b AL1, AL2, AL3, checks verify the accuracy and
accurate and AL4 consistency of the model statically. A
consistent combination of Model Advisor checks,
Table Low-level Section A, B Full or Partial2, 3 – The DO-178C/DO-
MB.A-4 requirements are MB.6.3.2.c AL1, AL2 331 checks verify the code generator
compatible with target settings related to the CPU. A
computer combination of Model Advisor checks
and review of the System Design
Description can be used to take full
Table Low-level Section A, B Full or Partial2 – The DO-178C/DO-331
MB.A-4 requirements are MB.6.3.2.d AL1, AL2 checks verify parameter tunability, test
verifiable point visibility, and in some cases can
find unreachable decisions. A
combination of Model Advisor checks
and model coverage during simulation
can be used to take full credit for this
objective.
Table Low-level Section A, B, C Full or Partial2 – The DO-178C/DO-331
MB.A-4 requirements conform MB.6.3.2.e AL1, AL2, AL3, checks verify conformance to standards
to standards AL4 that have dedicated checks. For
Table Low-level Section A, B, C Partial2 – The DO-178C/DO-331 checks
MB.A-4 requirements are MB.6.3.2.f AL1, AL2, AL3, verify that the requirements links are
traceable to high-level AL4 consistent; the actual traceability must be
requirements verified independently by reviewing the
“Requirements Traceability” section of
4-6
Table Levels
Table Algorithms are Section A, B, C Full or Partial2 – The DO-178C/DO-331
MB.A-4 accurate MB.6.3.2.g AL1, AL2, AL3, checks verify the accuracy of data types
AL4 used within the model statically. A
simulation against higher-level
Table Software architecture Section A, B, C Full or Partial2 – The DO-178C/DO-331
MB.A-4 is consistent MB.6.3.3.b AL1, AL2, AL3, checks verify that the architecture of the
AL4 model is consistent statically. A
simulation against higher-level
Table Software architecture Section A, B, C Full or Partial2 – The DO-178C/DO-331
MB.A-4 conforms to standards MB.6.3.3.e AL1, AL2, AL3, checks verify conformance to standards
AL4 that have dedicated checks. For
Table Source code is Section A, B, C Partial2, 3 – The DO-178C/DO-331
MB.A-5 traceable to low-level MB.6.3.4.e AL1, AL2, AL3, checks verify that the code generator is
requirements AL4 set to generate traceable code; the actual
traceability must be verified
independently.
Notes:
1
This credit is taken only if the Simulink® and Stateflow® models are considered Specification Models for the project.
2
This credit is taken only if the Simulink and Stateflow models are considered Design Models for the project.
3
This credit is taken only if the Embedded Coder™ product is used to automatically generate code from the models.
4-7
The following table shows the certification credit with respect to DO-331 Annex A or Annex C
Objectives being taken for the model coverage capability of the Simulink Verification and
Validation product.
Note The DO Qualification Kit does not cover Model Coverage exclusions, i.e., the
usage of Model coverage filter rules and files.
Certification Credit for Model Coverage with respect to DO-331 objectives

Table Levels
Table High-level Section A, B, C Full or Partial1 – During simulation,
MB.A-3 requirements are MB.6.3.1.d AL1, AL2, model coverage verifies that conditions
verifiable AL3, AL4 and decisions in the model can be
exercised. A combination of Model
Advisor checks and model coverage
during simulation can be used to take full
Table High-level Section A, B, C Partial1 – Model coverage can provide a
MB.A-3 requirements conform MB.6.3.1.e AL1, AL2, cyclomatic complexity metric for the
to standards AL3, AL4 model, which might be part of the
modeling standards.
Table Low-level Section A, B, C Partial2 – Model coverage can assist in
MB.A-4 requirements comply MB.6.3.2.a AL1, AL2, detecting unintended functionality within
with high-level AL3, AL4 the model during simulation.
requirements
Table Low-level Section A, B Full or Partial2 – During simulation,
MB.A-4 requirements are MB.6.3.2.d AL1, AL2 model coverage verifies that conditions
verifiable and decisions in the model can be
Table Low-level Section A, B, C Partial1 – Model coverage can provide a
MB.A-4 requirements conform MB.6.3.2.e AL1, AL2, cyclomatic complexity metric for the
to standards AL3, AL4 model, which might be part of the
modeling standards.
4-8
Table Levels
Table Software architecture Section A, B Full or Partial2 – During simulation,
MB.A-4 is verifiable MB.6.3.3.d AL1, AL2 model coverage verifies that conditions
and decisions in the model can be
Table Software architecture Section A, B, C Partial1 – Model coverage can provide a
MB.A-4 conforms to standards MB.6.3.3.e AL1, AL2, cyclomatic complexity metric for the
AL3, AL4 model, which might be part of the
modeling standards.
Notes:
1
This credit is taken only if the Simulink and Stateflow models are considered Specification Models for the project.
2
The following table shows the certification credit with respect to DO-178C Annex A or DO-
278A Annex A Objectives being taken for the model coverage capability of the Simulink
Verification and Validation product.
Certification Credit for Model Coverage with respect to DO-178C or DO-278A objectives
Annex A Objective DO-178C or Software or Credit Taken
DO-278A Assurance
Reference Levels
Table A-7 Test procedures are Section 6.4.5.b A, B, CPartial – During simulation, model
correct coverage verifies that conditions and
AL1, AL2,
decisions in the model have been
AL3, AL4
exercised and provides the data ranges
achieved. The adequacy of the data ranges
and the expected results are not verified
by model coverage. The model coverage
report may be used to verify the validity
and completeness of test cases generated
by the Simulink® Design Verifier™
product3.
Table A-7 Test coverage of high- Section 6.4.4.a A, B, C, D Partial1 – During simulation, model
level requirements is AL1, AL2, coverage verifies that conditions and
achieved AL3, AL4, AL5 decisions in the model have been
achieved. The test cases executed on the
model must be repeated on the object
code to complete this objective.
4-9
Annex A Objective DO-178C or Software or Credit Taken
DO-278A Assurance
Reference Levels
Table A-7 Test coverage of low- Section 6.4.4.b A, B, C Partial2 – During simulation, model
level requirements is AL1, AL2, coverage verifies that conditions and
achieved AL3, AL4 decisions in the model have been
achieved. The test cases executed on the
model must be repeated on the object
code to complete this objective.
Notes:
1
This credit is taken only if the Simulink and Stateflow models are considered Specification Models for the project.
2
3
The Simulink Design Verifier product is not a qualified tool. However, executing the Simulink Design Verifier automatically
generated tests on the model and assessing the results, while using the qualified model coverage tool, provides credit for
demonstrating completeness and validity of those test cases.
4-10
5 Tool Development Life Cycle –
Tool User
5.1 Planning
The Plan for Software Aspects of Certification (PSAC) or Plan for Software Aspects of
Approval (PSAA) designates that the following capabilities of the Simulink Verification and
Validation product will be qualified as Criteria 3 tools:
 Model coverage
This document provides the Tool Qualification Plan for these capabilities of the Simulink
Verification and Validation product.
5-2
5.2 Requirements
 Tool Operational Requirements for the DO-178C/DO-331 checks in the Simulink
Verification and Validation product are in:
DO Qualification Kit: Simulink Verification and Validation Tool Operational

Requirements
To access the tool operational requirements document, on the MATLAB command line,
type qualkitdo to open the Artifacts Explorer. The document is in Simulink
Verification and Validation > r2015a.
The applicant will:
 Review the Tool Operational Requirements for applicability to the project under
consideration.
 Configure the Tool Operational Requirements in a configuration management system.
 The Simulink Verification and Validation user information for the DO-178C/DO-331
checks is in the Simulink Verification and Validation DO-178C/DO-331 Checks and Model
Advisor User Information. To access the user information document, on the MATLAB
command line, type qualkitdo to open the Artifacts Explorer. The document is in
Simulink Verification and Validation > r2015a.Instructions for installing the Simulink
Verification and Validation product are available at the MathWorks Documentation Center,
R2015a:
Installation
5-3
 Tool Operational Requirements for the model coverage capability of the Simulink
Verification and Validation product are in:

Requirements
To access the tool operational requirements document, on the MATLAB command line,
type qualkitdo to open the Artifacts Explorer. The document is in Simulink
Verification and Validation > r2015a.
The applicant will:
 Review the Tool Operational Requirements for applicability to the project under
consideration.
 Configure the Tool Operational Requirements in a configuration management system.
 The Simulink Verification and Validation user information for model coverage is in the
Simulink Verification and Validation Model Coverage User Information.
To access the user information document, on the MATLAB command line, type
qualkitdo to open the Artifacts Explorer. The document is in Simulink Verification
and Validation > r2015a.
 Instructions for installing the Simulink Verification and Validation product are available at
the MathWorks Documentation Center, R2015a:
Installation
5-4
5.3 Verification
Requirements-based test cases and procedures will be developed from

Requirements
The test cases and procedures will be developed in the form of the Simulink models that
exercise the DO-178C/DO-331 checks under consideration in the Model Advisor.
The test cases and procedures are documented in:
DO Qualification Kit: Simulink Verification and Validation Test Cases, Procedures,

and Results
To access the documents, on the MATLAB command line, type qualkitdo to open the
Artifacts Explorer. The documents are in Simulink Verification and Validation > r2015a.
The applicant will:
 Review the test cases and procedures for applicability to the project under consideration.
 Configure the test cases and procedures in a configuration management system.
 Execute the test cases and procedures in the installed environment.
Executing the Simulink Report Generator report listed in the following table generates tool
verification results in the specified test report.
Test File Test Report

1
qualkitdo_slvnv_tcpr1.rpt qualkitdo_slvnv_qualificationreport1.html
The applicant will:
 Review the test results.

 Configure the test results in a configuration management system.
5-5
Requirements-based test cases and procedures will be developed from:

Requirements
The test cases and procedures will be developed in the form of the Simulink models that
exercise the model coverage capability.
The test cases and procedures are documented in:
DO Qualification Kit: Simulink Verification and Validation Test Cases, Procedures,

and Results
To access the documents, on the MATLAB command line, type qualkitdo to open the
Artifacts Explorer. The document is in Simulink Verification and Validation > r2015a.
The applicant will:
 Review the test cases and procedures for applicability to the project under consideration.
 Configure the test cases and procedures in a configuration management system.
 Execute the test cases and procedures in the installed environment.
5-6
Executing the Simulink Report Generator reports listed in the following table generates tool
verification results in the specified test reports.
Test File Test Report

1
qualkitdo_slvnv_tcpr3.rpt2 qualkitdo_slvnv_qualificationreport3.html
3
Notes:
1
Requires a Fixed-Point Designer™ license
2
Requires a Stateflow license.
3
Requires a Simulink Design Verifier license
The applicant will:
 Review the test results.

 Configure the test results in a configuration management system.
5-7
5-8
6 Additional Considerations
6.1 Customer Bug Reporting
MathWorks reports known critical bugs brought to its attention on its bug report system at
www.mathworks.com/support/bugreports. The bug reports are an integral part of the
documentation for each release.
The bug report system provides an interface for customers to view and submit bug reports. Users
can track the status of open bugs. Users can choose to receive notifications for new or updated
bug reports. The bug reports on this web site include internally and externally nominated bugs.
If applicable, bug reports include provisions for known workarounds or file replacements.
Customers can use the bug report mechanism to nominate bugs. These nominations are
processed and evaluated by The MathWorks, Inc. development organization.
6-2
7 Tool Life Cycle Data
7.1 DO-178C/DO-331 Checks
The following table shows the life cycle data for the DO-178C/DO-331 checks in the Simulink
Verification and Validation product. The table maps the documents and artifacts to DO-330 life
cycle data items.
Simulink Verification and Validation — DO-178C/DO-331 Checks Life Cycle Data

Data Available/ DO-330 Documents/Artifacts
Submit Reference
Plan for Software Aspects Submit Section <Insert PSAC or PSAA** reference here.>
of Certification (PSAC) or 10.1.1
Plan for Software Aspects
of Approval (PSAA)
Tool Qualification Plan Submit* Section DO Qualification Kit: Simulink Verification
10.1.2 and Validation Tool Qualification Plan (this
document)
Tool Operational Available Section DO Qualification Kit: Simulink Verification
Requirements 10.3.1 and Validation Tool Operational
Requirements
DO Qualification Kit: Simulink Verification

and Validation DO-178C/DO-331 Checks
and Model Advisor User Information

and Validation Model Coverage User
Information
Test Cases and Procedures Available* Section DO Qualification Kit: Simulink Verification
10.3.3 and Validation Test Cases, Procedures, and
Results
qualkitdo_slvnv_tcpr1.rpt
Test Results Available* Section DO Qualification Kit: Simulink Verification
Results
qualkitdo_slvnv_
qualificationreport1.html
Software Accomplishment Submit Section <Insert reference to SAS** here.>
Summary (SAS) 10.1.16
Tool Qualification Submit Section <Insert reference to Tool Qualification
Accomplishment Summary 10.1.15 Accomplishment Summary** here.>
Notes:
* Optional for TQL-5 tool qualification
** To be created by applicant
7-2
The applicant must deliver data marked “Submit” to the certification authorities. Data marked
“Available” must be available at the applicant’s or tool vendor’s site for inspection by the
certification authorities.
7.2 Model Coverage

The following table shows the life cycle data for the model coverage capability of the Simulink
Verification and Validation product. The table maps the documents and artifacts to DO-330 life
cycle data items.
Simulink Verification and Validation — Model Coverage Life Cycle Data

Submit Reference
Plan for Software Aspects Submit Section <Insert PSAC or PSAA** reference here.>
of Certification (PSAC) or 10.1.1
Plan for Software Aspects
of Approval (PSAA)
Tool Qualification Plan Submit* Section DO Qualification Kit: Simulink Verification
10.1.2 and Validation Tool Qualification Plan (this
document)
Tool Operational Available Section DO Qualification Kit: Simulink Verification
Requirements 10.3.1 and Validation Tool Operational
Requirements

and Validation DO-178C/DO-331 Checks
and Model Advisor User Information

and Validation Model Coverage User
Information
Test Cases and Procedures Available* Section DO Qualification Kit: Simulink Verification
Results
qualkitdo_slvnv_tcpr2.rpt,
qualkitdo_slvnv_tcpr6.rpt
7-3
Submit Reference
Test Results Available* Section DO Qualification Kit: Simulink Verification
Results
qualkitdo_slvnv_
qualificationreport2.html,
qualkitdo_slvnv_
qualkitdo_slvnv_
qualkitdo_slvnv_
qualkitdo_slvnv_
qualificationreport6.html
Software Accomplishment Submit Section <Insert reference to SAS** here.>
Summary (SAS) 10.1.16
Tool Qualification Submit Section <Insert reference to Tool Qualification
Accomplishment Summary 10.1.15 Accomplishment Summary** here.>
Notes:
* Optional for TQL-5 tool qualification
** To be created by applicant
The applicant must deliver data marked “Submit” to the certification authorities. Data marked
“Available” must be available at the applicant’s or tool vendor’s site for inspection by the
certification authorities.
7-4
8 Schedule
<Insert tool schedule in this section.>

Qualkitdo SLVNV TQP

Uploaded by

Copyright:

Available Formats

Qualkitdo SLVNV TQP

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Qualkitdo SLVNV TQP

Uploaded by

Copyright:

Available Formats

DO Qualification Kit

Simulink® Verification and Validation™

R2015a, March 2015

The MathWorks, Inc.

See also the DO Qualification Kit User's Guide, R2015a.

Software Tool Version (Release) Tool Vendor

Question Model Coverage

Question Model Coverage

4.2.1 DO-178C/DO-331 Checks

Certification Credit for Model Coverage with respect to DO-331 objectives

DO Qualification Kit: Simulink Verification and Validation Tool Operational

The applicant will:

DO Qualification Kit: Simulink Verification and Validation Tool Operational

The applicant will:

DO Qualification Kit: Simulink Verification and Validation Tool Operational

The test cases and procedures are documented in:

DO Qualification Kit: Simulink Verification and Validation Test Cases, Procedures,

The applicant will:

Test File Test Report

The applicant will:

 Review the test results.

DO Qualification Kit: Simulink Verification and Validation Tool Operational

The test cases and procedures are documented in:

DO Qualification Kit: Simulink Verification and Validation Test Cases, Procedures,

The applicant will:

Test File Test Report

The applicant will:

 Review the test results.

Simulink Verification and Validation — DO-178C/DO-331 Checks Life Cycle Data

DO Qualification Kit: Simulink Verification

DO Qualification Kit: Simulink Verification

7.2 Model Coverage

Simulink Verification and Validation — Model Coverage Life Cycle Data

DO Qualification Kit: Simulink Verification

DO Qualification Kit: Simulink Verification

<Insert tool schedule in this section.>

You might also like