Completion of a task is accomplished by performing a sequence of steps. The more steps in the sequence the more likely you are to make a mistake; either by forgetting a step or doing the… More
I recently read an article about identifying programmers based on their programming “style“. One thing that was interesting about the study sited in the article was that the algorithm for determining who wrote the code was more accurate for mature programmers in that they developed unique styles and were less likely to rely on pre-existing code “snippets”.
Time to reconsider
Starting any sort of work is a balance between applying known patterns and adopting new strategies. Adopting new strategies, or at least considering them, takes time and therefore you only want to do so when warranted. The question is “How do I honestly evaluate if a new solution is required”. I would put forth there are 4 questions that you need to ask yourself honestly
- Is this a new type of problem: If you are working on your 101st iteration of the same type of problem chances are your validated solution can be applied.
- Is it new in whole or in parts: If it is something new, start scoping how much of the problem is “new”
- How well do I understand the new part: This is the hard part, do you understand, in outline at least, what is new in the system? Until you can say “Yes” to functional understanding you should not move forward.
- Can the new parts be treated in isolation: Once you understand what is new and what “known” you can determine the degree to which the new parts affect the behavior of the known parts.
Why ask What?
Life is to short to spend time reinventing the wheel for known problems, at the same time the quality of your work is dependent on the understanding of your problems. By knowing when new solutions need to be applied you can minimize the amount of needless reinvention of the wheel.
The questions listed above are intended to spark a “is this a wheel” understanding. What are your metacognition questions?
Every once in a while it is good to take a look outside and see what other people are doing, with that in mind here are a few blogs/articles that I have read recently
- Continuous integration methods with Simulink projects
- Execution order inspection for Simulink Functions
- Using the Simulation test manager
- Model-Based Design for Safety Critical Automotive systems
- The challenges and benefits of Model-Based Testing
- Model-Based Design for game architecture
- Model-Based Design architecture for large systems
So tell me, what are some of the articles you have been reading?
In the past when I have written about MetaData, I talked about how it could be used to help define a project or test. Today I want to briefly revisit the topic to discuss open-topic versus closed-topic metadata comments.
In cases where you have open-topic metadata users are free to create any metadata tags. During the initial discovery phase of a project, this is a powerful ability allowing users to define the key descriptive elements of the work in progress. On most projects, as the development matures, the rate of creating new metadata tags declines. At some point, groups should consider moving to a closed-topic metadata tagging system.
Why closed? How much
As a general rule of thumb, most objects support 5 to 10 metadata tags. More than that and the information contained in the tags is redundant. Creation of additional tags ends up being a burden in N ways
- The meaning of the tags become unclear, as the gradation between them becomes smaller
- Redundant tags creep in (truth be told my blog post uses both the #MBD and #ModelBasedDesign metadata tags)
- People search for the wrong thing; if I look in my database for #MBD and the post is tagged #ModelBasedDesign, I will miss that post.
The comments on metadata, of course, can apply across different applications. The use of categories quickly becomes useless when the categories become so small you cannot find them nor fit anything into them. #HopeYouLikedIt, #PleaseComment, #NoNeedForHashTags
Difference reports are a staple of software development, they allow you to quickly see what has changed. Model-Based Design, with its graphical environment, presents some unique issues in differencing; we will examine them with this post.
Differencing best practices
The following best practice hold regardless of the development environment
- Reasonable diffing cadence: Finding the difference between two objects is easy if the number of changes are small; however if large structural, or multiple-point changes have occurred difference operations become difficult if not impossible. Perform differencing operations when no more then 5% of the object has changed.
- Diff function changes / ignore visual changes: Visual changes, such as the use of indents in textual languages, or block placement in graphical, do not impact the behavior of the code. While these changes may violate modeling guidelines they should be ignored during the diff operations
- Include the authors: Have both the original author and updating person take part in the review for complex issues.
- Test after diffing: After performing the difference operations have been run the files should be run through their test suites to ensure that the changes did not have a negative impact.
Don’t judge a model by its cover
In text based languages changes in the text are it; with Model-Based development environments it is the combination of the
- Block connections: How the blocks are connected to each other determines execution order and data flow.
- Block parameters: How the block is parameterized determines the functionality of the block
- Model configuration: The model can have parameters that influence the behavior system beyond the data set by the blocks
It is possible to diff the underlying text files that define graphical models; at one point in time this was the only method that was possible. However, doing this presents multiple problems and should be avoided.
- Determining what is significant: The text representations often encode information into parameters / structures. Often it is not obvious what are significant changes versus cosmetic.
- Block changes: The text representation can have the same functionality “shifted” in the code to a new location depending on where it shows up in the model; however this is often not a functional change.
- Interpretation: When reviewing the text changes the reviewers then have to interpret what the text means.
Table lookup algorithms provide a powerful tool for the modeling of systems the following are some basic tips for making your table look up’s fast and accurate
Pre-process your data
Table data often comes from real-world sources. This presents two issues
- Errors in the data: Validate that any anomalous readings are removed from the data
- Non-uniform input axis: Real-world measurements frequently have jitter on the exact “place” of measurement. Data should be renormalized to a uniform input axis
Know your boundaries
With tables, there are always limits on the input axes range. Understanding the behavior of the table outside of the known range is important. There are two basic options
- Hold last value: In this instance, the last value at the tale boundary is used for all data outside of the axes
- Interpolate data: In this case, the output data is extended beyond the known boundary. For data near the boundaries this is generally acceptable; however, the accuracy can quickly break down as inputs exceed the
There are three approaches to handling this issue
- Expand the range of valid data: This is the ideal solution but is often not possible due to sampling reasons.
- Pre-interpolate the data: Create data outside of the range with “safe” values based on engineering knowledge.
- Limit the input data range: Create a “hard stop” at the data edge.
Reduce, reuse, recycle…
It is common for multiple tables to share the same input axis; in this case, sharing the index lookup across multiple tables is one method for reducing the total number of calculations required by the algorithm.
Data types and discontinuities
lookup algorithms are not well suited for data with discontinuities. When working with such data either piecewise approaches are used or the region in which the discontinuity appears has additional data points to handle the sharp change.
A similar issue is working with integer-based data and interpolation. When the outputs from the table are integer values then either interpolation should not be enabled or all possible input coordinates should be part of the input axes.
So there you go, a few quick suggestions for working with tables!
There is an old saying “measure twice, cut once”‘; wise words of caution before you take an irrevocable action. However, if you have a faulty measuring tape then measuring twice will just produce the same error twice.
Orthogonal redundancy is an approach to safety-critical software where the same dependent variable is calculated using 2 or more methods. In the woodworking example, this could be done by using a standard tape measure the first time and laser guide the second.
Achieving software orthogonality
There are three basic approaches to software orthogonality, listed in terms of “strength”
- Unique algorithms:
- Common algorithm: unique parameterization
- Common algorithm: unique inputs
Using a unique algorithm has the advantage that it removes the chance of a common point of failure; e.g. if one algorithm can overflow, the second doesn’t. (Mind you, you should catch the overflow problem). The downside to this approach then is that you need to create validation test cases for each unique algorithm
Common algorithm: unique parameterization
In this case, the same algorithm is used however the parameterization is different for each instance. This is commonly seen for hardware sensors, such as unique scaling on a set of analog input sensors. For example, as in the image shown a simple linear equation (y = m*x + b) can be used to determine the throttle angle, however, the coefficient or “m” and “b” are different.
Common algorithm: unique inputs
This final approach is used when the input source data is suspect or can fail. The solution, in this case, is to create multiple input sources for the same data. The throttle body example above, redundant sensors, is an example of this; a more robust example would be to have two different types of sensors.
When and how?
Using orthogonal algorithms requires additional execution steps and memory; both for the algorithm and for the validation of results against each other. Because of this, the use of the algorithms should be limited to safety critical calculations.
The standard way to use multiple results is with triple redundancy. The results are compared with each other, as long as they are in agreement (within tolerance) of each other then the result is passed on. If two of the three agree that value is used. If there is no agreement then the results are flagged as an error.
In scenario-based testing, the test author configures the input data to “move” the system through a set of desired states or maneuvers. A simple example of this would be a “wide-open throttle” scenario for automobiles
- Key set to crank
- Hold .1 second
- Key set to run
- Brake to 100%
- PRNDL to Drive
- Brake to 0%
- Throttle to 100%
Measure time to 60 MPH
In scenario-based testing, there are often common “starting points”. In our example above the common starting point would be the first 3 steps. In the example that follows, using a Test Sequence block I implemented the common steps as a single, grouped, step.
When the common setup is complete the sequence block then moves onto another “grouped” step which implements the specific test. Optionally a second or third “common setup” sequence could be defined before the actual test begins.
Another method of reusing scenarios is to “chain data” together. In this case, a series of input data files are concatenated and played in sequence into the simulation. To continue this example the first three steps would be one data file and then either the “WOT” or “idelWarmUp” would contribute to the next data file. (Please imagine the image is of a fat cat named “Nate” (Con-Cat-Ton-Nate)
Why perform scenario-based testing?
Scenario-based testing allows us to validate that models behave in the way we expect and the way we designed, if I “put the pedal to the metal” the car accelerates quickly. Most frequently I use them to
- Validation of state machine behavior
- Exercising diagnostic code
- Validate requirements
- Debug models under development
Every once and a while I take a dip into my design philosophy. This video is one of those posts. A short meditation on the link between systems that we design and inhabit. The image I show in the video is the same as the header and image shown below. If you have a chance go to the Detroit Institute of Art (DIA) and see it in person!
We all know what it is:
Bubble wrap syndrome (BWS): The overwhelming desire to “pop” cells
in a sheet of bubble wrap. See also Packing Peanut Popping (PPP).
Even if it isn’t a real psychiatric diagnosis it makes for a good, slightly humorous, starting point of this post. Bubble wrap is designed to protect items in shipping. When we “pop” bubbles we decrease the effectiveness of the wrap. In the software domain, this corresponds to the slow creep of “features” into the diagnostic code.
The road to heck…
By design diagnostic code is isolated from the functional code. Because of this diagnostic code will, sometimes, duplicate calculations that exist in the functional code. It can be tempting to interleave, reuse, those calculations for both the functional and diagnostic code.
There are three problems with this
- Unit test interference: by mixing the functional and diagnostic code you prevent unit testing of the components.
- Development independence / common failure mode: Mixing the two components together you run the risk of introducing a common failure mode in the analysis of the data.
- Link to a common processor: for some safety critical systems diagnostic code runs on a separate processor or core.
Where are the boundaries?
In this example, the “Proposed Mines” are the possible infestation of our pristine “boundary waters” diagnostic code. The question is “how close is to close?” The following rules of thumb can be applied
- The functional code should not depend on any output from the diagnostic beyond the diagnostic flags.
- The diagnostic code should not make calls to functional code
- The diagnostic code should not perform filtering, table lookups or integration operations
- The diagnostic code should be non-interuptable.
Welcome to my latest blog, I have tried for a “dynamic” whiteboard experience today; I apologize in advance for the occasional motion blur.
The focus of this video is how to exchange data between multiple tools, with a recommended approach of settling on a common data format that all tools can read and write into. A list of common data formats can be found here: