As DO-178B was updated to DO-178C it was decided that the increasingly popular model-based development should be made available to compliant appl i cations , and that they should be addressed by a supplement, DO-33 1 , “ Model-Based Development and Verification Supplement to DO-178C and DO-278A ”.
DO-331 takes the approach that specification model s or design models take the place of high-level and low - level requirements respectively . Textual requirements may be linked to models upstream or downstream ( Figure 1 ).
Figure 1 : Model Usage Examples , b ased on table MB.1.1 from RTCA DO-331
Popular tools such as MathWorks ® Simulink ® , IBM ® Engineering Systems Design Rhapsody ® , and ANSYS ® SCADE can generate code automatically. DO-331 MB. 5.0 (Software D evelopment P rocesses) addresses traceability, model standards and more for both software requirements and design processes where such tools are used . MB. 5.3 (Software C oding P rocess) is merely a cross-reference the equivalent section in DO-178C , underlining the fact that best-practice c oding -related process activities still apply whether code is hand-coded based on a set of textual requirements, hand-coded based on design models, or auto-generated from a tool.
Projects using auto - generated code almost always contain some hand - code too , and often include legacy hand - coded components. It is possible to apply different coding standards to these different code subsets , such as MISRA-C 2012 for hand - code, MISRA-C 2012 Appendix E for auto -generated code, and a custom coding standard for legacy code.
DO-331 MB 6.0 (Software verification process) expands on how best practice applies to MBD , with DO-331 MB.6.8.2 (Model Simulation for Verification of Executable Object Code ) expanding upon which verification objectives can be partially satisfied at the model level , and wh ich must be performed at the target level.