Chart Properties

hisf_0001: State Machine Type

ID: Titlehisf_0001: State Machine Type
DescriptionTo create Stateflow® charts that implement consistent Stateflow semantics, use the same State Machine Type (Classic, Mealy, or Moore) for all charts in the model.
Note

In Mealy charts, actions are associated with transitions. In the Moore charts, actions are associated with states. In Classic charts, actions can be associated with both transition and states.

At compile time, Stateflow verifies that the chart semantics comply with the formal definitions and rules of the selected type of state machine. If the chart semantics are not in compliance, the software provides a diagnostic message.

RationalePromote a clear modeling style.
Model Advisor Checks
  • By Task > Modeling Standards for DO-178C/DO-331 > High-Integrity Systems > Stateflow > Check state machine type of Stateflow charts

  • By Task > Modeling Standards for IEC 61508 > High-Integrity Systems > Stateflow > Check state machine type of Stateflow charts

  • By Task > Modeling Standards for IEC 62304 > High-Integrity Systems > Stateflow > Check state machine type of Stateflow charts

  • By Task > Modeling Standards for ISO 26262 > High-Integrity Systems > Stateflow > Check state machine type of Stateflow charts

  • By Task > Modeling Standards for EN 50128 > High-Integrity Systems > Stateflow > Check state machine type of Stateflow charts

For check details, see Check state machine type of Stateflow charts (Simulink Check).

References
  • IEC 61508-3, Table A.3 (3) - Language subset

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) 'Use of language subsets'

  • EN 50128, Table A.4 (11) 'Language Subset'

  • DO-331, Section MB.6.3.1.b 'High-level requirements are accurate and consistent'
    DO-331, Section MB.6.3.1.e 'High-level requirements conform to standards'
    DO-331, Section MB.6.3.2.b 'Low-level requirements are accurate and consistent'
    DO-331, Section MB.6.3.2.e 'Low-level requirements conform to standards'
    DO-331, Section MB.6.3.3.b 'Software architecture is consistent'
    DO-331, Section MB.6.3.3.e 'Software architecture conform to standards'

See Also
Last ChangedR2018b

hisf_0002: User-specified state/transition execution order

ID: Titlehisf_0002: User-specified state/transition execution order
Description

Do the following to explicitly set the execution order for active states and valid transitions in Stateflow charts:

A

In the Chart Properties dialog box, select User specified state/transition execution order.

Prerequisiteshisl_0311: Configuration Parameters > Diagnostics > Stateflow
Note

Selecting User specified state/transition execution order restricts the dependency of a Stateflow chart semantics on the geometric position of parallel states and transitions.

Specifying the execution order of states and transitions allows you to enforce determinism in the search order for active states and valid transitions. You have control of the order in which parallel states are executed and transitions originating from a source are tested for execution. If you do not explicitly set the execution order, the Stateflow software determines the execution order following a deterministic algorithm.

RationaleAPromote an unambiguous modeling style.
Model Advisor Checks
  • By Task > Modeling Standards for DO-178C/DO-331 > High-Integrity Systems > Stateflow > Check Stateflow charts for ordering of states and transitions

  • By Task > Modeling Standards for IEC 61508 > High-Integrity Systems > Stateflow > Check Stateflow charts for ordering of states and transitions

  • By Task > Modeling Standards for IEC 62304 > High-Integrity Systems > Stateflow > Check Stateflow charts for ordering of states and transitions

  • By Task > Modeling Standards for ISO 26262 > High-Integrity Systems > Stateflow > Check Stateflow charts for ordering of states and transitions

  • By Task > Modeling Standards for EN 50128 > High-Integrity Systems > Stateflow > Check Stateflow charts for ordering of states and transitions

For check details, see Check Stateflow charts for ordering of states and transitions (Simulink Check).

References

This guideline supports adhering to:

  • DO-331, Section MB.6.3.2.b 'Low-level requirements are accurate and consistent'
    DO-331, Section MB.6.3.3.b 'Software architecture is consistent'
    DO-331, Section MB.6.3.3.e 'Software architecture conform to standards '

  • IEC 61508–3, Table A.3 (3) 'Language subset'
    IEC 61508–3, Table A.4 (5) 'Design and coding standards'

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) 'Use of language subsets'
    ISO 26262-6, Table 1 (1e) 'Use of well-trusted design principles'
    ISO 26262-6, Table 1 (1f) 'Use of unambiguous graphical representation'
    ISO 26262-6, Table 1 (1g) 'Use of style guides'
    ISO 26262-6, Table 1 (1h) 'Use of naming conventions'

  • EN 50128, Table A.4 (11) 'Language Subset'
    EN 50128, Table A.12 (1) 'Coding Standard'
    EN 50128, Table A.12 (2) 'Coding Style Guide'

See Also
Last ChangedR2018b

hisf_0009: Strong data typing (Simulink and Stateflow boundary)

ID: Title

hisf_0009: Strong data typing (Simulink® and Stateflow boundary)

Description

To support strong data typing between Simulink and Stateflow ,

ASelect chart property Use Strong Data Typing with Simulink I/O.
NotesBy default, input to and output from Stateflow charts are of type double. To interface directly with Simulink signals of data types other than double, select Use Strong Data Typing with Simulink I/O. In this mode, data types between the Simulink and Stateflow boundary are strongly typed, and the Simulink software does not treat the data types as double. The Stateflow chart accepts input signals of any data type supported by the Simulink software, provided that the type of the input signal matches the type of the corresponding Stateflow input data object. Otherwise, the software reports a type mismatch error.
RationaleASupport strongly typed code.
Model Advisor Checks

  • By Task > Modeling Standards for DO-178C/DO-331 > High-Integrity Systems > Stateflow > Check for Strong Data Typing with Simulink I/O

  • By Task > Modeling Standards for IEC 61508 > High-Integrity Systems > Stateflow > Check for Strong Data Typing with Simulink I/O

  • By Task > Modeling Standards for IEC 62304 > High-Integrity Systems > Stateflow > Check for Strong Data Typing with Simulink I/O

  • By Task > Modeling Standards for ISO 26262 > High-Integrity Systems > Stateflow > Check for Strong Data Typing with Simulink I/O

  • By Task > Modeling Standards for EN 50128 > High-Integrity Systems > Stateflow > Check for Strong Data Typing with Simulink I/O

For check details, see Check for Strong Data Typing with Simulink I/O (Simulink Check).

References
  • DO-331, Section MB.6.3.1.b 'High-level requirements are accurate and consistent'
    DO-331, Section MB.6.3.1.e 'High-level requirements conform to standards'
    DO-331, Section MB.6.3.1.g 'Algorithms are accurate'
    DO-331, Section MB.6.3.2.b 'Low-level requirements are accurate and consistent'
    DO-331, Section MB.6.3.2.e 'Low-level requirements conform to standards'
    DO-331, Section MB.6.3.2.g 'Algorithms are accurate'

  • IEC 61508-3, Table A.3 (2) ‘Strongly typed programming language’
    IEC 61508-3, Table A.3 (3) - Language subset
    IEC 61508-3, Table A.4 (5) - Design and coding standards

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) - Use of language subsets
    ISO 26262-6, Table 1 (1c) 'Enforcement of strong typing'
    ISO 26262-6, Table 1 (1d) - Use of defensive implementation techniques
    ISO 26262-6, Table 1 (1e) - Use of well-trusted design principles
    ISO 26262-6, Table 1 (1f) - Use of unambiguous graphical representation
    ISO 26262-6, Table 1 (1g) - Use of style guides
    ISO 26262-6, Table 1 (1h) - Use of naming conventions

  • EN 50128, Table A.3 (1) - Defensive Programming
    EN 50128, Table A.4 (8) 'Strongly Typed Programming Language'
    EN 50128, Table A.4 (11) - Language Subset

See AlsoSpecify Properties for Stateflow Charts (Stateflow)
Last ChangedR2017b

hisf_0011: Stateflow debugging settings

ID: Title

hisf_0011: Stateflow debugging settings

Description

To protect against unreachable code and indeterminate execution time,

A

Set configuration parameters Wrap on overflow and Simulation range checking to error.

In the model, open the Debug tab and select Diagnostics > Detect Cyclical Behavior

B

Right-click on each truth table in the model and select Properties. Set these parameters to Error:

  • Underspecified

  • Overspecified

Notes

Run-time diagnostics are only triggered during simulation. If the error condition is not reached during simulation, the error message is not triggered for code generation.

RationaleA, BProtect against unreachable code and unpredictable execution time.
Model Advisor Checks

  • By Task > Modeling Standards for DO-178C/DO-331 > High-Integrity Systems > Stateflow > Check Stateflow debugging options

  • By Task > Modeling Standards for IEC 61508 > High-Integrity Systems > Stateflow > Check Stateflow debugging options

  • By Task > Modeling Standards for IEC 62304 > High-Integrity Systems > Stateflow > Check Stateflow debugging options

  • By Task > Modeling Standards for ISO 26262 > High-Integrity Systems > Stateflow > Check Stateflow debugging options

  • By Task > Modeling Standards for EN 50128 > High-Integrity Systems > Stateflow > Check Stateflow debugging options

For check details, see Check Stateflow debugging options (Simulink Check).

References
  • DO-331, Section MB.6.3.1.b 'High-level requirements are accurate and consistent'
    DO-331, Section MB.6.3.1.e 'High-level requirements conform to standards'
    DO-331, Section MB.6.3.2.b 'Low-level requirements are accurate and consistent'
    DO-331, Section MB.6.3.2.e 'Low-level requirements conform to standards'

  • IEC 61508-3, Table A.3 (2) ‘Strongly typed programming language’
    IEC 61508-3, Table A.3 (3) - Language subset
    IEC 61508-3, Table A.4 (5) - Design and coding standards

  • IEC 62304, 5.5.3 - Software Unit acceptance criteria

  • ISO 26262-6, Table 1 (1b) - 'Use of language subsets'
    ISO 26262-6, Table 1 (1c) 'Enforcement of strong typing'
    ISO 26262-6, Table 1 (1d) - 'Use of defensive implementation techniques'
    ISO 26262-6, Table 1 (1e) - 'Use of well-trusted design principles'
    ISO 26262-6, Table 1 (1f) - 'Use of unambiguous graphical representation'
    ISO 26262-6, Table 1 (1g) - 'Use of style guides'
    ISO 26262-6, Table 1 (1h) - 'Use of naming conventions'

  • EN 50128, Table A.3 (1) - Defensive Programming
    EN 50128, Table A.4 (8) 'Strongly Typed Programming Language'
    EN 50128, Table A.4 (11) - Language Subset

See AlsoSpecify Properties of Truth Table Functions (Stateflow)
Last ChangedR2017b