uRTEDemo_03_Nucleo-F446RE_SystemStates_10_Model

Hazardous Event

Unknown features

The customer might not see the full spectrum of features µRTE comes with.

Diagrams

Requirements Model
Logical Function Model
Software units
Signals
Global variables
Activation Events
Hardware Model
Testing Model

Safety

Definition
Probability
Controllability
Effect
SILQM

Properties

Base
NameUnknown features
Type HazardousEvent
Description

The customer might not see the full spectrum of features µRTE comes with.
User-IDHazardousEvent_93
UID_xhYDEOc_EeyMHMAOoLxcsQ
Package UART
References

Safetygoals (1)

Safety Goals this Hazardous Event links to.

Safety Goal Parent Function Type SIL derived SIL manual SIL effective Safe State Safety Requirements
Show most important features in an lightweight demo

An small demo model with the most important features shall show the most important features of µRTE.

 System_Function QM derived QM Show slides

Requirement Layer

Hazard Scenarios (1)

Hazard Scenarios linking to this Hazardous Event.

Hazard Scenario Parent Hazard Events
Potential customers don't like the tool

This would be very sad.

(Safety)Requirements (7)

(Safety)Requirements defined by the safety goals linked by this Hazardous Event.

(Safety)Requirement Parent User-ID Author Creation Date Start Date Deadline Expense Responsibe Category Type Status Function Type SIL derived SIL manual SIL effective Tests Technical Functions Software Hardware Signals Global variables Activation events Use-Cases User-Stories Refining Conflicting refined by conflicted by
(SafetyRequirement_110) Hardware Interfacing

How to read and write data form and to hardware.

 SafetyRequirement_110 Thomas Barth Thu Jun 09 20:50:22 CEST 2022 0.0 Thomas Barth product functional approved System_Function QM derived QM
(SafetyRequirement_115) Protection Sets

Show how protection sets can be used to grant access to hardware.

 SafetyRequirement_115 Fri Jun 10 14:24:52 CEST 2022 0.0 product functional implemented System_Function QM derived QM
(SafetyRequirement_93) Runnable activation by signal events

Runnables can be activated by signal (onData/onError) events.

 SafetyRequirement_93 Thomas Barth Wed Jun 08 17:34:15 CEST 2022 0.0 Thomas Barth product functional implemented System_Function QM derived QM
(SafetyRequirement_94) Global variables

Global variables can store data for Runnables and other Software Functions.
The memory protection will automatically be generated.
The actual declaration is implemented as user-code to allow the use of non-trivial datatypes and operations.

 SafetyRequirement_94 Thomas Barth Wed Jun 08 17:34:15 CEST 2022 0.0 Thomas Barth product functional implemented System_Function QM derived QM
(SafetyRequirement_95) Runnable activation by cyclic events

Runnables can be activated by cyclic events.

 SafetyRequirement_95 Thomas Barth Wed Jun 08 17:34:15 CEST 2022 0.0 Thomas Barth product functional implemented System_Function QM SIL_1 SIL_1
(SafetyRequirement_96) Inter-task communication

µRTE easily can transmit events and data between tasks

 SafetyRequirement_96 Thomas Barth Wed Jun 08 17:46:14 CEST 2022 0.0 Thomas Barth product functional implemented System_Function QM derived QM
(SafetyRequirement_98) Multiple System-States

uRTE allows the definition of multiple system-states where each state has an own data-flow.
For each runnable the system state it shall be active in is configured.
The resulting data-flow can be visualized in Software Model/uRTE/SystemStates

 SafetyRequirement_98 Wed Jun 08 17:52:52 CEST 2022 0.0 product functional implemented System_Function QM derived QM

Functional Layer

Technical Functions (2)

Technical Functions of the (Safety)Requirements.

Function LFB Software Hardware Technical Functions sub Technical Functions Requirements sub Requirements
Blinking LED

An LED shall blink to indicate that the system is alive and responding.
UART

If the button is pressed, UART messages indicating the press duration are sent.

Logical Function Blocks (4)

Logical Function Blocks of the technical functions.

Function Type Technical functions
Button

An binary HMI

 Input
Controller

The MCU implementing the logic

 Service
LED

An LED to indicate a binary state

 Output
PC

A PC receiving UART messages

 Monitor

Software Layer

Software units (5)

Sofware units associated with (Safety)Requirements.

Unit Parent Function calls Technical Functions Requirements Type Tasks WCET Stack ROM Globals ProtectionSets SIL req SIL ach sub Technical Functions (R) sub Requirements (R) Has a return value (R) SystemStates (R) Ingoing Trigger Ports (R) Outgoing Trigger Ports (R) Ingoing Data Ports (R) Outgoing Data Ports (R) Signals (D) Runnables (D) DataType (D) Is Synchronous (D) Hardware (D) Ports (G) Callers (F) Return Type (F) Parameters (F)
ButtonRead

Reads the current button state from hardware

 Button
InDriver 0 0 0
QM QM - - - - - - - - uRTE_boolean_t true - - - -
drv_LED

Hardware write-Interface towards the LED

 LED
OutDriver 0 0 0
QM QM - - - - - - - - uRTE_boolean_t true - - - -
run_UART_send

Sends UART messages periodically via the UART signal

 UART
Runnable 0 0 0
QM QM
true
  • Runnable_run_UART_send_TPortIN_1
  • Runnable_run_UART_send_DPortIN_1
  • Runnable_run_UART_send_DPortIN_2
  • Runnable_run_UART_send_UART_OUT
 - - - - - - - - -
run_UART_wakeUp

Runnable to switch into the UART state if there is an event in the Blink State.
This runnable does not use hardware signals but accesses hardware directly and is therefore associated with
an protection set grandting access to hardware.

 UART
Runnable 0 0 0
QM QM
true
  • Runnable_run_UART_WakeUP
- - - - - - - - -
run_readButton

Acquires the button state periodically and provides button signals

 Button
Runnable 0 0 0
QM QM false
  • Runnable_run_readButton_Tick
  • Runnable_run_readButton_Edge_OUT
  • run_readButton_HW_IN
  • Runnable_run_readButton_Button_OUT
  • Runnable_run_readButton_button_pressed_cnt
 - - - - - - - - -

Signals (3)

Signals of the (Safety)Requirements.

Signal Type Storage Runnables OUT Runnables IN Tasks SystemStates Requirements miminum Age maximum Age Checksum Force Sync Inline ISR API effective inline SIL req SIL ach Initial value (D) Pointer access (D) Datatype (D) Alt-In (D) Alt-Out (D) In-Driver (D) Out-Driver (D) OnData (D) OnError (D) OnTrigger (E)
button state

A representation of the current button state

 Data local in
0 105 false false false false false SIL_1 QM false false uRTE_boolean_t
-
-
button_cnt

contains the number of seconds, the button has been pressed

 Data global in
Button		 0 202 true false false false false QM QM 0 false button_cnt_t
-
-
button_edge

Fired whenever the button is pressed (but not if it is released)

 Event local in
0 0 false false false false false QM QM - - - - - - - - -

Global Variables (1)

Global variables of the (Safety)Requirements.

Global Variable Container DataType Requirements public (S) InitValue Storage Protection Set (S) SIL req SIL ach
press_cnt

internal counter for button press duration

 run_readButton uRTE_uint16_t - 0 .button - QM QM

Activation-Events (1)

Activation Events of the (Safety)Requirements.

Event Type Cycle Time (C) Offset (C) Task-Init (S) Requirements Ports Runnables Tasks SystemStates SIL req SIL ach
Button Timebase

Timebase for button read operations

 CyclicEvent 200 0 - SIL_1 QM