Unit Testing: ISO 26262 Software Compliance

See what API testing solution came out on top in the GigaOm Radar Report. Get your free analyst report >>

Unit Testing

Software verification and validation is an inherent part of automotive software development and testing is a key way to demonstrate correct software behavior. Unit testing is the verification of module design. It ensures that each software unit does what it’s required to do.

In addition, safety and security requirements may require that software units don’t behave in unexpected ways and are not susceptible to manipulation with unexpected data inputs.

The V-model of software development showing the relationship between each phase and the validation inferred at each stage of testing. Unit testing is highlighted as that is the topic for this page. — The V-model of software development showing the relationship between each phase and the validation inferred at each stage of testing.

ISO 26262 has specific guidelines for testing in accordance with safety integrity levels where requirements-based testing, interface testing, and resource usage evaluation are highly recommended for all levels. Fault injection is recommended at lower ASIL (Automotive Safety Integrity Levels) A and B and highly recommended at ASIL C and D. Similarly, the method of driving test cases is also specified with recommended practices.

ISO 26262 Part 6, 10.4.2:2018 - Methods for verification of software integration — ISO 26262 Part 6, 10.4.2:2018

ISO 26262 Part 6, 10.4.3:2018 - Methods for deriving test cases — ISO 26262 Part 6, 10.4.3:2018

Unit Test Methods

Requirement-Based Test

These tests directly test functionality as specified in each requirement. Test automation tools need to support bidirectional traceability of requirements to their tests and the requirements testing coverage reports to show compliance.

Interface Test

These tests ensure programming interfaces behave and perform as specified. Test tools need to create function stubs and data sources to emulate behavior of external components for automatic unit test execution.

Fault Injection Test

These tests use unexpected inputs and introduce failures in the execution of code to examine failure handling or lack thereof. Test automation tools must support injection of fault conditions using function stubs and automatic unit test generation using a diverse set of preconditions, such as min, max, and heuristic values.

Resource Usage Evaluation

These tests evaluate the amount of memory, file space, CPU execution or other target hardware resources used by the application.

Test Case Drivers

Analysis of Requirements

Every requirement drives at minimum a single unit test case. Although test automation tools do not generate tests directly from requirements, they must support two-way traceability from requirements to code and requirements to tests and maintain requirements, tests, and code coverage information.

Generation & Analysis of Equivalence Classes

Test cases must ensure that units behave in the same manner for a range of inputs, not just cherry-picked inputs for each unit. Test automation tools must support test case generation using data sources to efficiently use a wide range of input values. Parasoft C/C++test uses factory functions to prepare sets of input parameter values for automated unit test generation.

Analysis of Boundary Values

Automatically generated test cases (such as heuristic values, boundary values) employ data sources to use a wide range of input values in tests.

Error Guessing

This method uses the function stubs mechanism to inject fault conditions into tested code flow analysis results and can be used to write additional tests.

Automated Test Execution and Test Case Generation

Test automation provides large benefits to embedded automotive software. Moving away from test suites that require a lot of manual intervention means that testing can be done quicker, easier, and more often.

Offloading this manual testing effort frees up time for better test coverage and other safety and quality objectives. An important requirement for automated test suite execution is being able to run these tests on both host and target environments.

Target-Based Testing for Automotive Systems

Automating testing for automotive software is more challenging due to the complexity of initiating and observing tests on embedded targets—not to mention the limited access to target hardware that software teams have.

Software test automation is essential to make embedded testing workable on a continuous basis from host development system to target system. Testing embedded software is particularly time consuming. Automating the regression test suite provides considerable time and cost savings. In addition, test results and code coverage data collection from the target system are essential for validation and standards compliance.

Traceability between test cases, test results, source code, and requirements must be recorded and maintained. So data collection is critical in test execution.

Parasoft C/C++test is offered with its test harness optimized to take minimal additional overhead for the binary footprint and provides it in the form of source code, where it can be customized if platform-specific modifications are required.

A high-level view of deploying, executing, and observing tests from host to target in Parasoft C/C++test and C/C++test CT.

Automated Test Case Generation

Unit test automation tools universally support some sort of test framework, which provides the harness infrastructure to execute units in isolation while satisfying dependencies via stubs. Parasoft C/C++test is no exception. Part of its unit test capability is the automated generation of test harnesses and the executable components needed for host and target-based testing.

Test data generation and management is by far the biggest challenge in unit testing. Test cases are particularly important in safety-critical software development because they must ensure functional requirements and test for unpredictable behavior, security, and safety requirements. All while satisfying test coverage criteria.

Parasoft C/C++test automatically generates test cases like the popular CppUnit format. By default, C/C++test generates one test suite per source/header file. It can also be configured to generate one test suite per function or one test suite per source file.

Safe stub definitions are automatically generated to replace “dangerous” functions, which include system I/O routines such as rmdir(), remove(), rename(), and so on. In addition, stubs can be automatically generated for missing function and variable definitions. User-defined stubs can be added as needed.