Contenuto principale

Check safety-related diagnostic settings for sample time

mathworks.hism.hisl_0044

Dependencies: Simulink® Check™

Usage: High-Integrity System Modeling

Guideline: hisl_0044: Configuration Parameters > Diagnostics > Sample Time

Description

This check verifies that the model configuration uses optimal parameter settings pertaining to sample time diagnostics for generating code for a safety-related application.

Recommended Actions and Results

Review the violations that are flagged by the check and the recommended action for fixing the issue. After applying the changes, save the model and rerun the check analysis.

If you consider the flagged violation to either not be relevant or not feasible for your design, use the Justify button to provide rationale as to why the violation is either not relevant or not feasible for your design.

You can use the Fix button to allow the Model Advisor to fix all flagged violations. For this check, the Model Advisor configures model code generation settings that can impact safety.

Modeling ConditionRecommended Action
Simulink does not issue an error when a source block inherits a sample time. The use of inherited sample times for a source block can result in unpredictable execution rates for the source block and blocks connected to it. For safety-related applications, use explicit sample times for source blocks to prevent incorrect execution sequencing.Set model configuration parameter Source block specifies -1 sample time to error or set the parameter InheritedTsInSrcMsg to 'error'.
Simulink does not issue an error when it detects invalid data transfer between two blocks operating in multitasking mode. Do not use such data transfer for safety-related applications.Set model configuration parameter Multitask data transition to error or set the parameter MultiTaskRateTransMsg to 'error'.
Simulink does not issue an error when it detects subsystems that can cause data corruption or nondeterministic behavior. The software detects whether conditionally executed multirate subsystems (enabled, triggered, or function-call subsystems) operate in multitasking mode. Such subsystems can corrupt data and behave unpredictably in real-time environments that allow preemption. Set model configuration parameter Multitask conditionally executed subsystem to error or set the parameter MultiTaskCondExecSysMsg to 'error'.
Simulink does not issue an error when the sample time of a Signal Specification block differs from the destination port. An over-specified sample time can result in an unpredictable execution rate. Set model configuration parameter Enforce sample times specified by Signal Specification blocks to error or set the parameter SigSpecEnsureSampleTimeMsg to 'error'.
Simulink does not issue an error when it detects two tasks with equal priority that can preempt each otherSet model configuration parameter Tasks with equal priority to error or set the parameter TasksWithSamePriorityMsg to 'error'.
Simulink does not issue an error when a model contains S-functions that do not specify whether they preclude this model from inheriting their sample times from a parent model. Using these S-functions can result in unpredictable behavior. A model developer needs to know when such an S-function exists in a model so it can be modified to produce predictable behavior. Set model configuration parameter Unspecified inheritability of sample time to error or set the parameter UnknownTsInhSupMsg to 'error'.

Capabilities and Limitations

  • Does not require model compilation

  • Does not run on library models

  • Does not allow exclusions of blocks or charts

Version History

Introduced in R2020a

expand all