Task
Button
Task responsible for reading the button state
- +
Requirement Model
- +
Blinking LED
- +UART
Unknown features- Complexity
Potential customers don't like the tool
Show most important features in an lightweight demo
SafetyRequirement_93 - Runnable activation by signal events- SafetyRequirement_94 - Global variables
- SafetyRequirement_95 - Runnable activation by cyclic events
- SafetyRequirement_96 - Inter-task communication
- SafetyRequirement_97 - local and global signals
- SafetyRequirement_98 - Multiple System-States
Requirement_95 - UART- SafetyRequirement_110 - Hardware Interfacing
- SafetyRequirement_111 - SignalLayer features
- SafetyRequirement_115 - Protection Sets
- +
- +
Logical Function Model
- +
Software Model
- +
Hardware Model
- +
Testing Model
Warnings
Safety (4)
Safety Warnings for Task Button.
Safety warnings are related to the Requirements Layer, especially the SIL
Multiple Technical functions for Task Button:  Blinking LED, UART |
| Mixed SILs in Button : QM, SIL_1. |
Memory referenced by  main for the stack of Button is using main with a SIL achieved of QM, which does not satisfy the SIL required of SIL_1 for this task. |
Button needs a SIL of SIL_1 but is executing on  Arm® Cortex®-M4 which has a achieved SIL of QM. |
Diagrams
Relationships
Requirements Model
Logical Function Model
Software Model
Hardware Model
Requirements Model
Logical Function Model
Software Model
Hardware Model
Safety
| Required | |
|---|---|
The maximum SIL derived from all safety implementations used by this task.
|
SIL_1 |
|
There are multiple SILs for this task.
|
QM, SIL_1 |
Properties
| Base | |
|---|---|
|
The name of this object. Certain classes of objects require this field to be unique. Please consider that this field might be used in code and thus must not contain special characters.
| Button |
|
The type of this object within the uRTE model
| Task |
|
A descriptive text for this object. Please consider that this field might be used in code and thus must not contain special characters.
| Task responsible for reading the button state |
|
A user defined ID which can be freely chosen. Please consider that this field might be used in code and thus must not contain special characters.
| Task_50 |
|
Each object within the uRTE model has a unique ID, this is the ID for this object
| _9odTEOZiEeyZ2OzYlvU4PA |
| Configuration | |
|
The priority of the task in an multitasking environment.
|
6 |
A configuration string which is made available in code
|
Defines if this task creates an own periodic OS event to trigger all periodic operations or if the periodic events are created by the central activation engine
|
no, the central activation engine will send periodic events |
| Memory | |
|
Section in which the stack for this task will be linked (responsibility of the user).
|  .rtos.task.Button |
| Core | |
|
Core on which this task will be executed.
| Arm® Cortex®-M4 |
Requirement Layer
Hazard Scenarios (1)
Hazard Scenarios for associated Hazardous Events.
| Hazard Scenario | Parent | Hazard Events |
|---|---|---|
This would be very sad. |
Hazardous Events (2)
Hazardous Events for associated Safety Goals.
| Hazardous Event | Parent | Probability | Controllability | Effect | SIL | Safety-Goals |
|---|---|---|---|---|---|---|
The user might think µRTE is hard to use. |
QM | |||||
The customer might not see the full spectrum of features µRTE comes with. |
QM |
Safetygoals (1)
Safety Goals linking to the Requirements.
| Safety Goal | Parent | Function Type | SIL derived | SIL manual | SIL required | Safe State | Safety Requirements |
|---|---|---|---|---|---|---|---|
An small demo model with the most important features shall show the most important features of µRTE. |
System_Function | QM | derived | QM | Show slides |
|
(Safety)Requirements (7)
Requirements derived by software units, hardware components, signals, global variables and activation events associated with this task.
| (Safety)Requirement | Parent | User-ID | Author | Creation Date | Start Date | Deadline | Expense | Responsibe | Category | Type | Status | Justification | Function Type | SIL derived | SIL manual | SIL required | Tests | Technical Functions | Software | Other SW | Hardware | Signals | Global variables | Activation events | Use-Cases | User-Stories | Refining | Conflicting | refined by | conflicted by |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Global variables can store data for Runnables and other Software Functions. |
SafetyRequirement_94 | Thomas Barth | Wed Jun 08 17:34:15 CEST 2022 | 0.0 | Thomas Barth | product | functional | implemented | System_Function | QM | derived | QM | ||||||||||||||||||
How to read and write data form and to hardware. |
SafetyRequirement_110 | Thomas Barth | Thu Jun 09 20:50:22 CEST 2022 | 0.0 | Thomas Barth | product | functional | approved | System_Function | QM | derived | QM | ||||||||||||||||||
µRTE easily can transmit events and data between tasks |
SafetyRequirement_96 | Thomas Barth | Wed Jun 08 17:46:14 CEST 2022 | 0.0 | Thomas Barth | product | functional | implemented | System_Function | QM | derived | QM |
|
|||||||||||||||||
Runnables can be activated by cyclic events. |
SafetyRequirement_95 | Thomas Barth | Wed Jun 08 17:34:15 CEST 2022 | 0.0 | Thomas Barth | product | functional | implemented | System_Function | QM | SIL_1 | SIL_1 |
|
|||||||||||||||||
Runnables can be activated by signal (onData/onError) events. |
SafetyRequirement_93 | Thomas Barth | Wed Jun 08 17:34:15 CEST 2022 | 0.0 | Thomas Barth | product | functional | implemented | System_Function | QM | derived | QM |
|
|||||||||||||||||
Demonstrate the use of scalers and validators. |
SafetyRequirement_111 | Thu Jun 09 20:52:41 CEST 2022 | 0.0 | product | functional | approved | System_Function | QM | derived | QM | ||||||||||||||||||||
Signals can either be global data objects of local objects on the task stack. |
SafetyRequirement_97 | Wed Jun 08 17:49:01 CEST 2022 | 0.0 | product | non_functional | implemented | System_Function | QM | derived | QM |
|
Functional Layer
Technical Functions (2)
Technical Functions derived from hardware and software handled by this task.
| Function | LFB | Software | Hardware | Other Software | SIL required | SIL achieved | SIL justification | sub Technical Functions | Requirements | sub Requirements |
|---|---|---|---|---|---|---|---|---|---|---|
An LED shall blink to indicate that the system is alive and responding. |
SIL_1 | QM | ||||||||
If the button is pressed, UART messages indicating the press duration are sent. |
SIL_1 | QM |
Logical Function Blocks (4)
Logical function blocks based on the technical functions.
| Function | Type | Technical functions |
|---|---|---|
An binary HMI |
Input | |
The MCU implementing the logic |
Service | |
An LED to indicate a binary state |
Output | |
A PC receiving UART messages |
Monitor |
Software Layer
Runnable Trigger Ports (1)
Runnable ports executing runnables in the context of this task.
| Port | Events | Signal event source | Container | Task | Guard | Order |
|---|---|---|---|---|---|---|
| Runnable_run_readButton_Tick |
|
 run_readButton
|
Button |
0 |
Activation-Events (1)
Activation Events executing runnables in the context of this task.
| Event | Type | Cycle Time (C) | Offset (C) | Task-Init (S) | Requirements | Ports | Runnables | Tasks | SystemStates | SIL required | SIL achieved |
|---|---|---|---|---|---|---|---|---|---|---|---|
Timebase for button read operations |
CyclicEvent | 200 | 0 | - |
|
SIL_1 | QM |
Software units (2)
Software units executed in the context of this task.
| Unit | Parent | Function calls | other Software Elements | Technical Functions | Requirements | Type | Tasks | WCET | Stack | ROM | Globals | ProtectionSets | SIL required | SIL achieved | sub Technical Functions (R) | sub Requirements (R) | Has a return value (R) | SystemStates (R) | Ingoing Trigger Ports (R) | Outgoing Trigger Ports (R) | Ingoing Data Ports (R) | Outgoing Data Ports (R) | Signals (D) | Runnables (D) | DataType (D) | Is Synchronous (D) | Hardware (D) | Ports (G) | Callers (F) | Return Type (F) | Parameters (F) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Reads the current button state from hardware |
 Button |
InDriver | 0 | 0 | 0 | SIL_1 | QM | - | - | - | - | - | - | - | - |  uRTE_boolean_t |
true | - | - | - | - | ||||||||||
Acquires the button state periodically and provides button signals |
Button |
Runnable | 0 | 0 | 0 | SIL_1 | QM | false |
|
|
|
|
- | - | - | - | - | - | - | - | - |
Runnable_run_readButton_Edge_OUT
run_readButton_HW_IN
Runnable_run_readButton_Button_OUT
Signals (4)
Signals used within the context of this task.
| Signal | Type | Storage | Runnables OUT | Runnables IN | Tasks | SystemStates | Requirements | miminum Age | maximum Age | Checksum | Force Sync | Inline | ISR API | effective inline | SIL required | SIL achieved | Initial value (D) | Pointer access (D) | Datatype (D) | Alt-In (D) | Alt-Out (D) | In-Driver (D) | Out-Driver (D) | OnData (D) | OnError (D) | OnTrigger (E) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Hardware interface for the button |
Data | local in |
0 | 2 | false | false | false | false | false | - | QM | false | false | uRTE_boolean_t |
 ButtonRead |
- | ||||||||||
A representation of the current button state |
Data | local in |
0 | 105 | false | false | false | false | false | SIL_1 | QM | false | false | uRTE_boolean_t |
- |
|
- | |||||||||
contains the number of seconds, the button has been pressed |
Data | global in  Button |
0 | 202 | true | false | false | false | false | QM | QM | 0 | false | button_cnt_t |
- | - | ||||||||||
Fired whenever the button is pressed (but not if it is released) |
Event | local in |
0 | 0 | false | false | false | false | false | QM | QM | - | - | - | - | - | - | - | - | - |
|
Global Variables (1)
Global variables used within the context of this task.
| Global Variable | Container | DataType | Requirements | public (S) | InitValue | Storage | Protection Set (S) | SIL required | SIL achieved |
|---|---|---|---|---|---|---|---|---|---|
internal counter for button press duration |
run_readButton |
uRTE_uint16_t |
- | 0 | .button |
- | SIL_1 | QM |
Output-Sections (3)
Outputsections used by software units, the task itself or the RTE.
| OutputSection | SIL | References | Initialization | Generate | Section start symbol | Section end symbol | Memory |
|---|---|---|---|---|---|---|---|
a section containing application data for the button |
SIL_1 | UnInit | true | ADRL_uRTE_BUTTON_BEGIN* | ADRL_uRTE_BUTTON_END* | main |
|
Stack for the Button Task |
SIL_1 | UnInit | true | ADRL_uRTE_RTOSTASKBUTTON_BEGIN* | ADRL_uRTE_RTOSTASKBUTTON_END* | main |
|
Contains the data for uRTE internals |
SIL_1 | UnInit | true | ADRL_uRTE_URTE_BEGIN* | ADRL_uRTE_URTE_END* | main |
|
| Symbols marked with * are automatically generated because no value was set. | |||||||
System-States (2)
SystemStates in which this task is active.
| State | isStart | Runnables | Tasks |
|---|---|---|---|
In this state, an LED will blink. |
true | ||
A state that is entered if the user has pressed the button. Here, periodic UART messages are sent. |
false |
Hardware Layer
Hardware Components (3)
Hardware used by the task.
| Component | Type | Start | End | SIL required | SIL achieved | Sub-Components | Technical Functions | sub Technical Functions | Requirements | sub Requirements |
|---|---|---|---|---|---|---|---|---|---|---|
Arm® 32-bit Cortex®-M4 CPU with FPU, Adaptive real-time accelerator (ART Accelerator) allowing 0-wait state execution from Flash memory, frequency up to 180 MHz, MPU, 225 DMIPS/1.25 DMIPS/MHz (Dhrystone 2.1), and DSP instructions |
Core | - | - | - | QM | |||||
B1 [Blue PushButton] on the Nucleo Board |
Periphery | GPIOC_BASE | GPIOD_BASE - 1 | - | QM | |||||
The STM32F446RE RAM module |
RAM | 0x20000000 | 0x2001ffff | - | QM |