MBSEによる上流要求と下流諸元間の双方向設計収束を目指したデジタルスレッド基盤の構築

島村　青之・土川　晴久・鈴木　千里・穂積　麻巳・庄司　喜代隆・野口　隆三・西脇　聡・香月　亮二（日産自動車）

本報は，MBSEに適合するデジタルスレッド基盤を構築し，要求と部品スペックを物理モデルで双方向に結合したうえで，Simulation Process and Data Management（SPDM）による一元管理とイベント駆動の自動ハンドオフにより，要求更新から解析・最適化・設計確定・登録までの自動化を進める運用を実装した事例を報告する．社内案件では，変更→結果反映リードタイムの短縮，トレーサビリティの向上を確認した．

Selection of model development guidelines for MBD development system

SEUNGJUN BACK (hyundai motor)

MBD (Model Design Development) is investigated for applying to develop automotive controller. In order to implement MBD in automotive, the development guideline is indispensable. When compared with investigation of the guideline such as MISRA C in C-code, however, the investigation on MBD is currently insufficient. In this paper, we studied the selection of guidelines for the development of MBD of the thermal energy system controller. Comparing MISRA AC SLSF:2023 and MAB 5.0, we selected and applied the guidelines for the development of the thermal energy system controller. Design of data precision is presented for actuator control.

Sound Static Analysis for Safety and Security

Daniel Kaestner･Ferdinand Christian (AbsInt GmbH)

Runtime errors such as buffer overflows or data races are safety- and security-relevant code defects. A sound static analyzer reports all such defects in the code, can prove their absence, and covers further verification objectives such as code guideline checking as well as data and control flow analysis. The analysis can be used to satisfy requirements from norms like ISO 26262, ISO 21434, and from the novel European Cyber Resilience Act (CRA). We will show practical experiments that demonstrate that sound static analysis scales for real-life AUTOSAR integration projects.

形式検証されたコンパイラと機能安全への運用

Daniel Kaestner・Adrian Dapprich・Alexander Rogovskyy（アブシント有限会社）

CompCertは，誤コンパイルから解放されていることが，数学的証明を用いて形式的に検証されたコンパイラです．本発表ではコンパイラの設計と証明について概説し，TriCore向けにサイズとパフォーマンスに関する実験データを提示します．ソフトウェア開発および検証プロセスの効率向上に向けた新規の取り組みを説明し，安全規格を準拠のための認証について議論します．

CBMCによる車載ソフトウェアのモデル検査

三治　真也・黄　文鴻（デンソー）

車載ソフトウェアの大規模化・複雑化に伴い，既存検証プロセスでは発見困難なバグが増加している．本研究ではモデル検査に着目し，車載ソフトウェアの検証プロセスへの適用手法を提案する．また，社内事例を用いて適用性を評価した結果，および今後の展望について報告する．

Why Model Credibility Is not Enough: Rethinking Trust in Simulation Architectures

Romain Barbedienne･Boussaad Soualmi･Adeline Lanugue (IRT SystemX)･Julien Silande (Keysight)･Anthony Levillain (OPmobility)･Cedric Leclerc (Renault Group)･Maxime Hayet (Stellantis)･Rim Kaddah･Cristian Maxim (IRT SystemX)

Assessing the credibility of simulation models is crucial, yet models are often integrated within broader simulation architectures. Can the credibility of simulation architectures be derived from their constituent models? This paper explores this question by reviewing state-of-the-art approaches in assembly credibility, including sensitivity analysis, expert qualitative analysis, AI explainability, and network-based methods. Each approach is evaluated according to "rigor", "generalizability", and "resource requirements", highlighting their respective strengths and limitations. The analysis provides insights into the feasibility and challenges of assessing architectural credibility, offering a foundation for future research in this emerging field.