Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

ISO 26262 / ASPICE workflow

A reference setup for automotive functional-safety and process-compliance projects. This recipe covers the entry type vocabulary, V-model traceability structure, and required label vocabulary.

Profile

Activate the bundled compliance profile in .markspec.yaml:

profiles:
  - "@driftsys/iso26262"

Or declare a local profile that extends it:

profiles:
  - "./profiles/my-project"

with profiles/my-project/markspec.yaml:

id: "my-project"
version: 0.1.0
extends: "@driftsys/iso26262"

Entry type vocabulary

The ISO 26262 profile declares the following entry types:

Display-ID prefixTypeExtendsLevel
STK_stakeholderRequirementAcceptance
SYS_system-requirementRequirementSystem
SRS_software-requirementRequirementSoftware
ARC_architectureContractSoftware
ICD_interfaceSoftwareInterfaceSoftware
TST_validation-testTestAcceptance
SIT_integration-testTestSystem
SWT_unit-testTestSoftware
HZD_hazardRiskSystem

V-model traceability structure

STK (stakeholder)
  └─ Satisfies ─→  SYS (system requirement)
                     └─ Satisfies ─→  SRS (software requirement)
                                        └─ Satisfies ─→  ARC / ICD

TST (validation)  ←─ Verifies ─  STK
SIT (integration) ←─ Verifies ─  SYS
SWT (unit test)   ←─ Verifies ─  SRS

The compiler generates inverse edges automatically — authors only write the forward Satisfies: and Verifies: attributes.

ASIL labels

Declare allowed ASIL labels in project.yaml to enable MSL-L010 enforcement:

name: io.acme.braking
version: "1.0.0"
labels:
  - ASIL-QM
  - ASIL-A
  - ASIL-B
  - ASIL-C
  - ASIL-D

Entries carry the label in the trailer block:

- [SRS_BRK_0107] Sensor debouncing

  The sensor driver shall debounce raw inputs to eliminate transient noise
  spikes of duration less than 10 ms.

      Id: 01HGW2Q8MNP3RSTVWXYZABCDEF
      Satisfies: SYS_BRK_0042
      Labels: ASIL-B

In-code entries (V-model colocated)

Software requirements and unit tests at the SRS/SWT level are colocated in source files using doc comments:

#![allow(unused)]
fn main() {
/// [SRS_BRK_0107] Sensor debouncing
///
/// The sensor driver shall debounce raw inputs to eliminate
/// transient noise spikes of duration less than 10 ms.
///
///     Id: 01HGW2Q8MNP3RSTVWXYZABCDEF
///     Satisfies: SYS_BRK_0042
///     Labels: ASIL-B
#[cfg(test)]
fn swt_brk_0107_debounce_rejects_short_pulse() {
    let result = debounce(5); // 5 ms pulse, below 10 ms threshold
    assert!(!result.passed);
}
}

Coverage report

markspec compile "docs/**/*.md" "src/**/*.rs"
markspec report coverage "docs/**/*.md" "src/**/*.rs"

The coverage report shows which requirements have at least one linked test and which are uncovered — the key metric for ISO 26262 traceability audits.

CI gate

Add to your pipeline (see CI traceability gate):

markspec validate --strict "docs/**/*.md" "src/**/*.rs"
markspec report coverage "docs/**/*.md" "src/**/*.rs" --output coverage.md

Flag the coverage report as a required CI artifact for the functional safety manager’s review.