主权项 |
1. Method for testing control software of a controlled system, the controlled system comprising one or more electronic control units, one or more actuators, and one or more sensors, each sensor being adapted to input a respective sensor signal to at least one of the one or more electronic control units and each actuator being adapted to act responsive to respective control signals input from at least one of the electronic control units, and each electronic control unit being configured to execute a respective executable control program based on control software code data to output one or more control signals to the one or more actuators on the basis of input sensor signals,
the method comprising: providing control software code data for each of the one or more electronic control units; providing simulation code data for the controlled system; providing verification requirement information data that indicates one or more verification requirement conditions corresponding to a respective control error situation; creating a system model based on the provided simulation code data and the provided control software code data provided for each of the one or more electronic control units; creating an executable program based on the created system model; and performing a software verification process on the basis of the executable program, the software verification process comprising:
iterating through an execution tree of the executable program according to one or more path conditions of the executable program;checking, at each iteration, whether at least one of the one or more verification requirement conditions is fulfilled; andnotifying a user about the detection of the control error situation in case it is determined that at least one of the one or more verification requirement conditions is fulfilled, wherein performing the software verification process on the basis of the executable program comprises performing symbolic execution on the basis of the system model. |