Korea Aerospace Research Institute Adopts Model-Based Design to Develop DO-178C-Compliant Control Law Software

On similar projects in the past, the engineers who developed the control laws would pass their designs to operational flight program software developers for hand-coding and manual testing. Subtle misunderstandings between the control law designer and the software developer led to errors in the software, some of which went undetected until flight tests. KARI wanted to eliminate these kinds of errors by generating software directly from their design.

The helicopter AFCS project that KARI launched was the first of its kind in Korea. Recognizing the challenge that their limited experience posed, the team wanted expert assistance in setting up a development environment that supported code generation as well as automated verification and validation of their control law software in compliance with DO-178C guidelines.

KARI engineers developed and verified the AFCS control law software using Model-Based Design with MATLAB and Simulink.

Before beginning development, the team received training on Model-Based Design from MathWorks Consulting Services. In addition to coaching and instruction, the consultants provided hands-on deployment support for a new development environment that enabled the team to automate code generation, verification, and validation.

Working in Simulink, KARI engineers developed a control law model that included submodels for basic stabilization control, external loop control, and mode authorization condition switching. This model processed input from the helicopter's pilot stick and sensors and then generated actuator displacement commands and mode change authorization signals.

The team combined the control law model with a nonlinear motion model of the aircraft and ran closed-loop simulations that included fault conditions for both actuators and sensors.

The engineers used MATLAB scripts to postprocess simulation results and produce detailed reports that included pilot inputs as well as the corresponding fuselage velocity, attitude, and actuator displacement.

Using the environment set up by the MathWorks consultants, the KARI engineers followed an automated verification and validation process. In this process, Simulink tools for verification and validation were used to perform model coverage analysis, detect design errors and dead logic, and check the model’s compliance with safety standards and high-integrity modeling guidelines, including DO-178C guidelines.

Simulink Test™ was used to manage and run requirements-based tests and create test harnesses that enabled the team to achieve 100% test coverage for each submodel in the control law model. The team then generated code from the validated control law model with Embedded Coder^® and performed unit testing on the generated code.

The team is now preparing for hardware-in-the-loop simulations, a DO-178C audit, and flight tests of the control law software.

• Software modifications quickly implemented. “During the project, we often received urgent modification requests,” says Kang. “Thanks to the automated processes we put in place with Model-Based Design, we were able to reduce the time it takes for software modification by almost 50%.”
• Software defects reduced. “Because we generated code directly from the Simulink control law model with Embedded Coder, we eliminated the occurrence of software bugs caused by the misunderstandings that can arise between the control law designer and software developer,” Kang says.
• DO-178C verification automated. “DO-178C procedures are automatically reflected in our Simulink development and verification environment,” Kang says. “As a result, even developers who have no experience with DO-178C are able to meet the guidelines.”