Chara Technologies: Driving the zero emissions future with the LDRA tool suite
The Client
Chara Technologies’ development team, based in Bangalore, India, is focused on the development of Rare-Earth free and affordable motors. The emergence of electric and hybrid vehicles in recent years has led to heightened interest in Chara’s Synchronous Reluctance Motors (SynRM). These can typically develop higher continuous torque levels than similarly sized induction motors.
The development work for Chara’s SynRM range includes proprietary motor control algorithms, communication stacks, application layer software and a cloud-based analytics platform handling motor data.
Navigating the automotive standards landscape
The automotive industry relies heavily on software to power various aspects of modern vehicles, and the number of applicable standards reflects its proliferation. Although there is some overlap between the standards, for the most part they are representative of the large number of requirements and objectives faced by automotive developers beyond the merely functional. These include safety, reliability, regulation, cybersecurity, modularity, and more.
It would be neither practical nor desirable to address all these issues in a single document – but it does mean that in order to achieve several of these attributes in the same system, developers are often required to adhere to multiple standards concurrently.
Three of these standards are of particular interest to Chara’s SynRM development team:
ISO 26262: Road vehicles – Functional safety outlines a systematic approach to developing and maintaining the safety of electrical and electronic systems within road vehicles. Parts 4 and 6 are especially relevant to safety considerations within the realm of software development.
Automotive SPICE (Software Process Improvement and Capability dEtermination) – known colloquially as ASPICE is a framework used for assessing and improving software development processes. A sector-specific adaptation of the ISO/IEC 15504 standard, ASPICE provides a set of guidelines and best practices to enhance the quality and efficiency of software development.
ISO 25119 “Tractors and machinery for agriculture and forestry – Safety-related parts of control systems” has much in common with ISO 26262 but is written in a more compact form. It also features less demanding requirements for safety in system and software development, primarily because agricultural machinery is frequently employed on private land, and the vehicles’ speed is generally low compared to cars.
Omkar Lad, Head of Firmware & Software at Chara Technologies, takes up the story. “We are currently in the process of developing products catering to the global markets for 2, 3, and 4-wheeled vehicles. A majority of 4-wheeler Original Equipment Manufacturers (OEMs) have mandated compliance with ISO 26262 and ASPICE standards, and the others are progressively adopting them. Some off-road and agricultural applications require us to align with ISO 25119. All these process standards necessitate the structured development of software, and to that end we have adopted the V-model.”
Getting the Code Right
For C programmers working on safety- or security-critical applications, restrictions and guidelines to ensure safe coding practices can be painful. Some developers find these rules to be stringent and restrictive. Adhering to these rules can sometimes be perceived as limiting the expressive power of the C language.
Nevertheless, critical applications demand the observance of the most rigorous best practices, and adherence to such guidelines is a prevalent requirement in functional safety standards, including those applicable to the automotive sector. For instance, the correct application of the MISRA C Guidelines achieves significant benefits by:
Fostering portability and preventing unexpected outcomes
Guaranteeing independence from compiler- or platform-specific constructs
Detecting unreachable or impractical code segments
Prohibiting certain language constructs known to be common sources of errors or security vulnerabilities
Tangibly reducing program complexity
Enhancing program testability and facilitating standard compliance and certifiability
To preserve these benefits while alleviating restrictions on developers, MISRA has consistently worked to refine rules, making them more precise to avoid impeding reasonable uses or behaviours that carry no undesirable consequences.
The influence of the MISRA organization continues to grow. March 2023 saw the introduction of MISRA C:2012 Amendment 4 (AMD4). It specifies rules and directives for multithreading and atomic types as well as clarifications on existing guidance to better align with how developers use the C language today. It also saw the announcement of MISRA C:2023 which continues the informative and educational approach first adopted in MISRA C:2012. The new document consolidates the previous versions of the Guidelines, amendments (including AMD4), and addenda into a single, comprehensive edition.
Choosing and using the LDRA tool suite
To address the challenges posed by the obligation to adhere to these standards and guidelines, Chara Technologies settled on the LDRA tool suite. They were impressed not only by its integrated static and dynamic capabilities, but less obviously by its intuitive, easy-to-use interface.
“When we develop various software modules for motor control, CAN protocol stack, vehicle control, diagnostics etc., we first perform static analysis and ensure MISRA compliance” notes Omkar. “We then develop and apply unit tests before performing structural coverage analysis. The results of our testing and review activities serve as artefacts for standard compliance.
For example, the code coverage analysis and data/control flow graphs form part of our safety case for functional safety.”
The LDRA tool suite has yielded significant commercial advantage for the company “Since using the LDRA tool suite, we have saved the equivalent of a developer’s time on code review. By replacing the open-source unit test framework we relied on previously, we have gained reporting on code coverage, test results, and control & data flow, all of which are needed for certification. The tool suite makes the certification process much smoother.”
Using the LDRA tool suite has resulted in other, less obvious benefits for the development team. In particular, Omkar noted that they have adopted complexity and other code quality metrics since using the tool, and that their code quality in general has improved significantly – perhaps with the benefit of reduced support overheads in the future.
Looking forward together
Chara Technologies have been so pleased with the impact of the LDRA tool suite that they have started to apply it even where standards are less demanding. “Outside the automotive sector, many of our projects need not comply with such stringent functional safety requirements. Even so, we have retained the LDRA tool suite as part of the software development lifecycle. It allows us to apply the same rigorous verification and validation processes, ensuring higher reliability and quality for industrial and HVAC customers.”
Omkar’s enthusiasm for the LDRA tool suite makes him keen to see it improved even further. For example, Chara Technologies has made suggestions for the refinement of the tool suite’s interface to automation servers (such as Jenkins) and for licensing model to be more accommodating to today’s workplace evolution. LDRA encourages and embraces customer feedback like this to ensure that its products continue to meet market needs.
Wherever the future takes Chara Technologies, it seems certain that LDRA will be involved. “We will definitely continue to use the LDRA tool suite in our future projects” confirmed Omkar. “It has been invaluable to us in providing evidence of our adherence to the ISO 26262, ASPICE, and ISO 25119 standards, including MISRA C compliance which is an integral part of all three.”
“We confidently predict a return-on-investment period for the LDRA tool suite of no more than 18 months” Omkar concluded. “Even the accountants are happy.”
