ISO 26262 is a safety standard for the automotive industry created as a derivative from IEC61508 Functional Safety standard.
On ISO 26262, the developer is required to make a hazard analysis and a risk assessment and to classify in ASIL(Automotive Safety Integrity Level) of the considered function.
* D represents the most stringent Automotive Safety Integrity Level (ASIL) and A represents the least.
At the same time, the developer is also required to set TCL (Tool Confidence Level).
TCL is determined with TI(Tool Impact) which is a measure of the possibility of the development system failure based on the cause of the tool problem and TD(Tool error Detection) which is a measure of the possibility of tool's problem detection and making a workaround.
Above figure describes the TCL level for the software tool. The software tool of TCL2 or 3 is required to be qualified for the safety according to the corresponding ASIL of the software to be developed using this tool.
In the spirit of asking a rational explanation to the users of the specific software tool among many other tools, ISO 26262 defines that the users who use the tools to develop the considered software, and not the tool developers, are required to qualify themselves the quality and the safety of the tools.
ISO 26262 defines that the tool qualification method should be made up based on the corresponding ASIL and TCL with an appropriate combination of the following 4 methods.
At a software development requiring higher degree of safety which correspond with ASIL-C or D, the method of 1c. (Validation of the software tool) or 1d. (Development in compliance with a safety standard) is highly recommended for TCL 3 software tool which has higher effect to the considered software.
However, since a safety standard which can be applied to the development of a software tool does not exist yet, the tool users are requested to qualify it themselves.
Compiler is almost always used at the development of embedded systems.
If that compiler has a problem, the execution module as a compilation output has a possibility of making a hazard to the target system.
Since it is extremely difficult to verify the compiler in a systematical way when it is made, TCL for the compiler tool should be assigned as 3 for the problem is usually detected at the testing stage.
Because of that, we think that the compiler for the development of the software with high ASIL level should take 1c. (Validation of the software tool) as a qualification method.
However, the compiler tools as its nature having a variety of functions with high complexity, it is very difficult to qualify the compiler by the user.
Japan Novel has been providing the third party compiler qualification services more than 15 years including the quality assessment for IEC61508.
In 2012, along with the official release of ISO 26262, Japan Novel has started the "ISO 26262 Tool Qualification Support Service".
On behalf of the tool user, our service basically provides the Tool Qualification Report in which it includes not only the complete test report but the document(list of test items against the language standard or coding guidelines for the test suites, etc.) which is required by ISO 26262 and describes the validity of our tests as well as the data of validity of the problem.
Japan Novel's compiler qualification service performs an extensive test to check the compiler quality and provides a comprehensive report of the test results.
Our test service uses the test programs (ANSI-C 310,000, ANSI-C++ 140,000) which is one of the largest in the world. We have a certain track record of qualifications from many compiler vendors.
If you need a help for the quality qualification of the tools in your development environment, call us for the services.
3 Waihona Box 44610, Kamuela HI 96743 USA
TEL 808-882-1255, FAX 808-882-1556
Reception time 9:30-17:30 (Weekdays) JST
Please feel free to contact us for any questions or requests.