EN 
DE Continuous Integration in safety-oriented development
Author: Gudrun Neumann, SGS-TÜV Saar GmbH
Contribution – Embedded Software Engineering Congress 2015
A manual software integration process cannot always keep pace with the speed of changes in software development. Therefore, more and more manufacturers are switching to a manual process. Continuous Integration (CI) process to be carried out. This means that software build cycles for software integration are performed early and frequently, along with automated tests. This article uses an example CI process to illustrate which requirements of the functional safety standards must be observed. Particular attention is paid to version management, Traceability and automation of tests. Even with this approach, evidence for safety-relevant activities must be provided, such as the selection of test methods and test specifications. A summary of the key aspects follows at the end of this article.
Introduction
Industry places a wide variety of demands on software integration processes. These include, especially in safety-critical development, the repeatability of verification steps and an early, visible result—that is, a software system that is at least partially functional. This can be achieved through the continuous software integration described below.
Definitions
Software integration tests serve
- to verify that the requirements for the security-related software have been met and
- to demonstrate that all software modules, elements and subsystems work together properly and perform their intended functions and no others.
(see also IEC 61508, Part 3).
A distinction is made between pure software integration and the integration of software on the target hardware.
The following discussion focuses solely on pure software integration.
There are various strategies for integrating software components into a software system:
- „"Big Bang" means that all software components are integrated in one step.
- „"Stepwise integration" means that logically related software components are integrated, and in a further step, the resulting software components are...
- „"Continuous Integration (CI)" means that every software change released by the developer is integrated and tested with already known code as soon as possible.
The prerequisites for a cochlear implant are:
- Version and configuration management
- Automated software build
- Automated testing
Example CI process
The following is an example CI process (see also Figure 1, PDF).
The following steps are considered:
- The developer releases his generated and locally tested source code for testing, i.e., he saves his working version as a valid version in the version management system (e.g., SVN tool).
- At certain times, e.g. "overnight", a new software system version is automatically created from all valid versions on the build server.
- The new software system version undergoes automated testing. This can involve a very large number (>10,000) of test cases. The test results are compared with the previously specified expected test results. The results of this comparison are then made available.
- These test results will be analyzed the following morning and corrections will be made as necessary within a predefined process.
Steps 2 and 3 also exist in a shortened version, which involves performing the build process and a limited test to check whether the "new" source code is translatable and fundamentally compatible with the existing software. This shortened procedure is used in combination with a full test run.
Requirements and their implementation in the example of the CI process
Reliable software tools are crucial in such a process. All functional safety standards require the documentation, classification, and, if necessary, qualification of the tools used. In the case of a CI process, the tools for version control (e.g., SVN), build scripts (e.g., Perl scripts), the automated test environment, and the development environments must be considered. Particular attention is paid to the seamless interaction of the various tools as a toolchain for the CI process.
When generating test cases for automated testing, it's crucial to ensure that it's clear which requirements are verified by each test case. This should also be evident in the results log to facilitate traceability. In case of problems, i.e., a "Fail" test result, the link to the relevant requirements can then be easily established.
At a minimum, the test logs of specific test runs, such as the final test before software release, should be archived, even if individual test runs in the CI process are always traceable. This archiving is required by some functional safety standards, such as IEC 60880. During CI, additional test cases are typically added during the verification phases, which can lead to better test coverage.
Most functional safety standards also require documentation of the test methodology used, such as requirements-based testing. This can be included in the documentation of the test case creation process, which forms part of the documentation of the CI process.
Summary
The software tools used must be documented, classified, and, if necessary, qualified according to the requirements of the applicable functional safety standard. Particular attention should be paid to the interfaces between the individual software tools. The traceability of the requirements' implementation in the source code, from test case to test result, should be firmly anchored in the continuous integration (CI) process to facilitate compliance for developers. The CI process documentation should also consider other requirements of safety-oriented software development. In this way, continuous integration of software can be effectively integrated into safety-oriented software development.
List of abbreviations
CI: Continuous Integration
literature
IEC 61508:2010: Functional safety of electrical/electronic/programmable electronic safety-related systems
DIN EN 61508:2011: Functional safety of safety-related electrical/electronic/programmable electronic systems
IEC 60880:2006: Nuclear power plants – Instrumentation and control systems important to safety – Software aspects for computer-based systems performing category A functions
Our training courses & coaching sessions
Do you want to bring yourself up to date with the latest technology?
Then find out more here Regarding training courses/seminars/workshops and individual coaching sessions offered by MircoConsult on the topic Quality, Safety & Security.
Hhere You will also find training courses on software and contract law.
Training & coaching on the other topics in our portfolio can be found here. here.
Quality, Safety & Security – Expertise
Valuable expertise on the topics of quality, safety & security is available. here Available for you to download free of charge.
You can find expertise on other topics in our portfolio here. here.
