EN 
DE 1. Introduction
The development of safety-critical products typically follows the V-model. This model requires complete and consistent development documents, both on the left side of the V (specification and requirements documents) and on the right side of the V (verification and validation documents).
In vertical direction, the V-model is subdivided into product architecture levels These include at least three levels:
- system level,
- hardware level,
- software level.
Completeness and consistency mean:
a) On the left side of the V, the documents of a product architecture level must be complete and consistent with the neighboring levels above and below.
b) Verification and validation documents on the right side of the V must match the documents on the left side of the V at the same product architecture level, especially the requirements documents.
Section 2 explains how to create consistent documents on the left side of the V, while Section 3 does the same for the right side of the V. Section 4 summarizes the main ideas.
2. Consistent documents on the left side of the V
The left side of the V includes the following documents:
- Design specifications: Architecture and functions of the product,
- Safety analyses: Safety hazards, safety mechanisms and safety requirements,
- Requirement documents: Functional and non-functional requirements.
The product is decomposed into system elements, hardware elements and software elements. These elements have two kinds of interfaces:
- Intended interfaces: Functional interconnections between elements,
- Unintended interfaces: Incoming and outgoing disturbances.
Consistency is achieved by "cascading down" specifications and requirements: specifications and requirements are transferred from a given level to the next level underneath by extending and refining them. In this process, automated consistency checks help identifying missing and erroneous entries.
3. Consistent documents on the right side of the V
The right side of the V includes the following documents:
- Verification specifications: Integration and quality tests,
- Verification reports: Documentation of test results,
- Validation specifications and reports: Safety validation and final acceptance tests and results.
Verification specifications are derived directly from product requirements. Automated links ensure that the requirements are fully covered by tests. During validation, the focus is on the intended and safe use of the product in its target environment, the "parent system". Validation specifications are linked to requirements at the level of the parent system. If both the requirements and the verification and validation specifications are formulated using suitable templates, then automated consistency checks are also possible on the right side of the V.
Advantages of automated consistency checks
- Speed: Automated tests save time.
- precision: Errors and gaps are identified reliably.
- Traceability: Automatically generated error messages are standardized and easy to understand.
4. Summary
Completeness and consistency of the development-related documents are essential for the development of safety-critical products. This is achieved through the following measures:
- Hierarchical subdivision of the product into system, hardware and software levels,
- Use of essentially the same document structures at all levels,
- Semi-automated generation and checking of document contents.
With tools such as the autoConform® software, these goals can be realized effectively, so that development projects are successful more quickly and consistently.
