SyncCrc Review

Overview

Summary Sheet
Synergy Project
Davinci Files
Source Code - SyncCRC
Source Code - SyncCRCNonRte
MDD
PolySpace
Integration Manual

Sheet 1: Summary Sheet

Rev 1.2

8-Jun-15

Peer Review Summary Sheet

Synergy Project Name:

kzshz2: Intended Use: Identify which component is being reviewed. This should be the Module Short Name from Synergy Rationale: Required for traceability. It will help to ensure this form is not attaced to the the wrong change request. CM800A_SyncCrc_Impl

Revision / Baseline:

kzshz2: Intended Use: Identify which Synergy revision of this component is being reviewed Rationale: Required for traceability. It will help to ensure this form is not attaced to the the wrong change request. CM800A_SyncCrc_Impl_1.0.0

Change Owner:

kzshz2: Intended Use: Identify the developer who made the change(s) Rationale: A change request may have more than one resolver, this will help identify who made what change. Change owner identification may be required by indusrty standards. K. Smith

Work CR ID:

EA4#5405

kzshz2: Intended Use: Intended to identify at a high level to the reviewers which areas of the component have been changed. Rationale: This will be good information to know when ensuring appropriate reviews have been completed. Modified File Types:

kzshz2: Intended Use: Identify who where the reviewers, what they reviewed, and if the reviewed changes have been approved to release the code for testing. Comments here should be at a highlevel, the specific comments should be present on the specific review form sheet. Rationale: Since this Form will be attached to the Change Request it will confirm the approval and provides feedback in case of audits. ADD DR Level Move reviewer and approval to individual checklist form Review Checklist Summary:

Reviewed:

Yes

MDD

Yes

Source Code

Yes

PolySpace

Yes

Integration Manual

Yes

Davinci Files

Comments:

General Guidelines:
- The reviews shall be performed over the portions of the component that were modified as a result of the Change Request.
- New components should include FDD Owner and Integrator as apart of the Group Review Board (Source Code, Integration Manual, and Davinci Files)
- Enter any rework required into the comment field and select No. When the rework is complete, review again using this same review sheet and select Yes. Add date and additional comment stating that the rework is completed.
- To review a component with multiple source code files use the "Add Source" button to create a Source code tab for each source file.
- .h file should be reviewed with the source file as part of the source file.

Sheet 2: Synergy Project

Peer Review Meeting Log (Component Synergy Project Review)

Quality Check Items:

Rationale is required for all answers of No

New baseline version name from Summary Sheet follows

Yes

Comments:

naming convention

Project contains necessary subprojects

Yes

Comments:

Project contains the correct version of subprojects

Yes

Comments:

Design subproject is correct version

Yes

Comments:

General Notes / Comments:

Need to add design component when baseline is complete. Done 1/14

LN: Intended Use: Identify who were the reviewers and if the reviewed changes have been approved. Rationale: Since this Form will be attached to the Change Request it will confirm the approval and provides feedback in case of audits. KMC: Group Review Level removed in Rev 4.0 since the design review is not checked in until approved, so it would always be DR4. Review Board:

Change Owner:

K. Smith

Review Date :

01/14/16

Lead Peer Reviewer:

Kathleen Creager

Approved by Reviewer(s):

Yes

Other Reviewer(s):

Sheet 3: Davinci Files

Rev 1.2

8-Jun-15

Peer Review Meeting Log (Davinci Review)

Quality Check Items:

Rationale is required for all answers of No

Only StdDef Port types are used

Yes

Comments:

new types have not been added to StdDef yet (done 1/13/16)

array data type name does not meet conventions - done 1/8/16

For components not using application data types, do all

Yes

Comments:

port interface names end in PortIf and a sequence number

Non-program-specific components saved

Yes

Comments:

in Autosar 4.0.3 format

*Cfg.arxml.TT: Verfied Davinci Configurator imported the

N/A

Comments:

change correctly

*Cfg.h.TT: Verfied Davinci Configurator generates

Yes

Comments:

the configuration header(s) file correctly

kzshz2: Either a generic sandbox or a baselined integration project can be used to verify

All changed files have been compared against previous

N/A

Comments:

versions (If available)

kzshz2: Intended Use: Identify if previous version was compared and only the expected change(s) was present. This is for text files only, not binary or GUIs Rationale: This is helpful in identifying unapproved (intended or mistaken) changes.

Automated validation check is performed

Yes

Comments:

Naming conventions followed. All names should

Yes

Comments:

match DataDict.m

Sender/Receiver port properties match DataDict.m

N/A

Comments:

file (use .m file helper tool)

Calibration port properties match DataDict.m

N/A

Comments:

file (use .m file helper tool)

Components using application data types:

Sender/Receiver port initialization values match

N/A

Comments:

DataDict.m file

Calibration port initialization values match

N/A

Comments:

DataDict.m file

Components not using application data types:

Sender/Receiver port initialization values match

N/A

Comments:

DataDict.m file and have been converted to counts

for fixed point types

Calibration port initialization values match

N/A

Comments:

DataDict.m file and have been converted to counts

for fixed point types

Mapping set and all unused items have been

Yes

Comments:

removed

All sender/receiver port read/writes using direct

N/A

Comments:

read/writes(List justification if not)

Runnable calling frequencies match FDD

N/A

Comments:

DataDict.m display variables: created as

N/A

Comments:

PerInstanceMemory. Matches the FDD

Component is correct component type

Yes

Comments:

General Notes / Comments:

do any of the APIs need to be available outside the RTE? -- yes -- done 1/8/16

enum types need changes for naming conventions - done 1/8/16

anything visible to Developer to be defined in Developer -- CrcHwSts1 still pending (1/8/16);

anything visible in the API needs to be in StdDef (still pending as of 1/8/16)

ResvCrcFctLockOut -- change name to ResvCrcFctLockdOut, make a boolean -- this PIM has been removed -- 1/8/16

CDD_SyncCrc_private.h.tt -- remove #define CRCHWUNIT -- just use DCRA - done 1/8/16

move non-configurable items out of the Cfg.h template files - done 1/8/16

make "AvailableCRCHardwareUnits" grayed out in Configurator -- leave functionality for possible future use, but don't want to start using it now -- done 1/8/16

make the check on number of active hw units vs available a generated check i.e.. generate the #error if values are wrong - done 1/8/16

Change Owner:

K. Smith

Review Date :

01/13/16

Component Type :

CDD

Lead Peer Reviewer:

Kathleen Creager

Approved by Reviewer(s):

Yes

Other Reviewer(s):

Archana

Lucas Wendling

Sheet 4: Source Code - SyncCRC

Rev 1.2

8-Jun-15

Peer Review Meeting Log (Source Code Review)

Source File Name:

CDD_SyncCrc.c

Source File Revision:

Header File Name:

CDD_SyncCrc.h, CDD_SyncCRC_private.h

Header File Revision:

kzshz2: Intended Use: Identify which version of the source file is being review. Rationale: Required for traceability between source code and review. Auditors will likely require this. 1, 1

MDD Name:

CM800A_SyncCrc_MDD

Revision:

FDD/SCIR/DSR/FDR/CM Name:

CM800A_SyncCrc_Design

Revision:

1.0.0

Quality Check Items:

Rationale is required for all answers of No

Working EA4 Software Naming Convention followed:

for variable names

Yes

Comments:

for constant names

Yes

Comments:

for function names

Comments:

OK that the AUTOSAR wrapper functions

use the names defined in the AUTOSAR API

for other names (component, memory

Comments:

OK that the AUTOSAR wrapper functions'

mapping handles, typedefs, etc.)

arguments use the names defined in the AUTOSAR API

All paths assign a value to outputs, ensuring

N/A

Comments:

no outputs

all outputs are initialized prior to being written

Requirements Tracability tags in code match the requirements tracability in the FDD

Yes

Comments:

requirements tracability in the FDD

All variables are declared at the function level.

Yes

Comments:

Synergy version matches change history

kzshz2: Intended Use: Indicate that the the versioning was confirmed by the peer reviewer(s). Rationale: There have been many occassions where versions were not updated in files and as a result Unit Test were referencing wrong versions. This often time leads to the need to re-run of batch tests.

Yes

Comments:

and Version Control version in file comment block

Change log contains detailed description of changes

Yes

Comments:

and Work CR number

Code accurately implements FDD (Document or Model)

Yes

Comments:

Verified no Compiler Errors or Warnings

KMC: Intended Use: To confirm no compiler errors or warnings exist for the code under review (warnings from contract header files may be ignored). Rationale: This is needed to ensure there will be no errors discovered at the time of integration. A Sandox project should be used; QAC can find compiler errors but not warnings.

Yes

Comments:

warnings from Renesas header files -- ok

Component.h is included

Comments:

ok -- both RTE and component.h are

included in the other source file -- verifies that declarations match

All other includes are actually needed. (System includes

Yes

Comments:

only allowed in Nexteer library components)

Software Design and Coding Standards followed:

Version: 2.1

Code comments are clear, correct, and adequate

Yes

Comments:

and have been updated for the change: [N40] and

all other rules in the same section as rule [N40],

plus [N75], [N12], [N23], [N33], [N37], [N38],

[N48], [N54], [N77], [N79], [N72]

Source file (.c and .h) comment blocks are per

Yes

Comments:

standards and contain correct information: [N41], [N42]

Function comment blocks are per standards and

Yes

Comments:

contain correct information: [N43]

Code formatting (indentation, placement of

Yes

Comments:

braces, etc.) is per standards: [N5], [N55], [N56],

[N57], [N58], [N59]

Embedded constants used per standards; no

Yes

Comments:

"magic numbers": [N12]

Memory mapping for non-RTE code

Yes

Comments:

is per standard

All execution-order-dependent code can be

Yes

Comments:

recognized by the compiler: [N80]

All loops have termination conditions that ensure

Yes

Comments:

finite loop iterations: [N63]

All divides protect against divide by zero

Yes

Comments:

if needed: [N65]

All integer division and modulus operations

Yes

Comments:

handle negative numbers correctly: [N76]

All typecasting and fixed point arithmetic,

Yes

Comments:

including all use of fixed point macros and

timer functions, is correct and has no possibility

of unintended overflow or underflow: [N66]

All float-to-unsiged conversions ensure the.

N/A

Comments:

float value is non-negative: [N67]

All conversions between signed and unsigned

N/A

Comments:

types handle msb==1 as intended: [N78]

All pointer dereferencing protects against

Comments:

functions assume the pointers that are

null pointer if needed: [N70]

passed in as arguments are non-null; ok for source

pointer (may need to be zero); future version to consider

checking pointer where result is written

Component outputs are limited to the legal range

N/A

Comments:

no component outputs

defined in the FDD DataDict.m file : [N53]

all server runnable outputs have full range

All code is mapped with FDD (all FDD

Yes

Comments:

subfunctions and/or model blocks identified

with code comments; all code corresponds to

some FDD subfunction and/or model block): [N40]

Review did not identify violations of other

Yes

Comments:

coding standard rules

Anomaly or Design Work CR created

N/A

Comments: List Anomaly or CR numbers

for any FDD corrections needed

FDD updates to be completed and baselined

before implementation baseline

General Notes / Comments:

requirements tags should refer to requirement numbers. Should also have comments mapping to FDD paragraph numbers. - done 1/8/16

add design rationale comment regarding why exclusive area not needed in static function for releasing a hw unit -- 1/8 added the exclusive area instead - done 1/8/16

move enter/exit exclusive area inside GetAvlCrcHwUnit instead of around calls. Done 1/8/16
Document design rationale for "can enter" access in all the functions that call this function - to be done in MDD - done 1/13/16

document restriction - GetAvlCrcHwUnit has to be called from a task context - done 1/8/16

remove "break" to get out of loops; must use while instead of for loop - done 1/8/16

move "Autosar wrapper" functions to a "NonRte" source file - done 1/8/16

some parameter names need to change in the function calls inside the AUTOSAR wrapper functions-- param names checked, ok 1/8/16

test to make sure the writes to .CIN of uint16 or uint8 work correctly without a cast to uint32 -- tested ok done 1/8/16

note in some design documentation that the Calc*_Oper runnables need to be set up in DaVinci for able to be invoked concurrently - to be done in MDD - done 1/13/16

add "can be invoked concurrently" property to the ResvCrcHwUnit_Oper runnable - done 1/8/16

in ResvCrcHwUnit_Oper, move the switch case stmt outside of the loop to make exclusive area as small as possible; also change to while loop and remove break 1/8/16

above change will restructure the whole function -- need to re-review all logic at that point - done 1/8/16

casting of argument in switch (in ResvCrcHwUnit) should go away after putting enum type in Developer - done 1/8/16

In ResvCrcHwUnit, set all outputs to known values even if no hw unit was available; set address args to zero - done 1/8/16

release logic needs to change to make sure the correct unit is released (not erroneously called by someone that didn't succeed on their initial resv call) - done 1/8/16

consider using task id in resv function; may not be able to depending on whether flash crc is going to start before the RTE -- 1/8/16 - leave as is - ok

add DET in the last else of the ResvCrcHwUnit_Oper -- done 12/16

Change Owner:

K. Smith

Review Date :

01/13/16

Lead Peer Reviewer:

Kathleen Creager

Approved by Reviewer(s):

Yes

Other Reviewer(s):

Archana

Lucas Wendling

Sheet 5: Source Code - SyncCRCNonRte

Rev 1.2

8-Jun-15

Peer Review Meeting Log (Source Code Review)

Source File Name:

CDD_SyncCrcNonRte.c

Source File Revision:

Header File Name:

CDD_SyncCrc.h, CDD_SyncCRC_private.h

Header File Revision:

kzshz2: Intended Use: Identify which version of the source file is being review. Rationale: Required for traceability between source code and review. Auditors will likely require this. 1, 1

MDD Name:

CM800A_SyncCrc_MDD

Revision:

FDD/SCIR/DSR/FDR/CM Name:

CM800A_SyncCrc_Design

Revision:

1.0.0

Quality Check Items:

Rationale is required for all answers of No

Working EA4 Software Naming Convention followed:

for variable names

Yes

Comments:

for constant names

Yes

Comments:

for function names

Comments:

OK that the AUTOSAR wrapper functions

use the names defined in the AUTOSAR API

for other names (component, memory

Comments:

OK that the AUTOSAR wrapper functions'

mapping handles, typedefs, etc.)

arguments use the names defined in the AUTOSAR API

All paths assign a value to outputs, ensuring

N/A

Comments:

no outputs

all outputs are initialized prior to being written

Requirements Tracability tags in code match the requirements tracability in the FDD

Yes

Comments:

requirements tracability in the FDD

All variables are declared at the function level.

Yes

Comments:

Synergy version matches change history

Yes

Comments:

and Version Control version in file comment block

Change log contains detailed description of changes

Yes

Comments:

and Work CR number

Code accurately implements FDD (Document or Model)

Yes

Comments:

Verified no Compiler Errors or Warnings

Yes

Comments:

Component.h is included

Yes

Comments:

All other includes are actually needed. (System includes

Yes

Comments:

only allowed in Nexteer library components)

Software Design and Coding Standards followed:

Version: 2.1

Code comments are clear, correct, and adequate

Yes

Comments:

and have been updated for the change: [N40] and

all other rules in the same section as rule [N40],

plus [N75], [N12], [N23], [N33], [N37], [N38],

[N48], [N54], [N77], [N79], [N72]

Source file (.c and .h) comment blocks are per

Yes

Comments:

standards and contain correct information: [N41], [N42]

Function comment blocks are per standards and

Yes

Comments:

contain correct information: [N43]

Code formatting (indentation, placement of

Yes

Comments:

braces, etc.) is per standards: [N5], [N55], [N56],

[N57], [N58], [N59]

Embedded constants used per standards; no

Yes

Comments:

"magic numbers": [N12]

Memory mapping for non-RTE code

Yes

Comments:

is per standard

All execution-order-dependent code can be

Yes

Comments:

recognized by the compiler: [N80]

All loops have termination conditions that ensure

Yes

Comments:

finite loop iterations: [N63]

All divides protect against divide by zero

Yes

Comments:

if needed: [N65]

All integer division and modulus operations

Yes

Comments:

handle negative numbers correctly: [N76]

All typecasting and fixed point arithmetic,

Yes

Comments:

including all use of fixed point macros and

timer functions, is correct and has no possibility

of unintended overflow or underflow: [N66]

All float-to-unsiged conversions ensure the.

N/A

Comments:

float value is non-negative: [N67]

All conversions between signed and unsigned

N/A

Comments:

types handle msb==1 as intended: [N78]

All pointer dereferencing protects against

Yes

Comments:

null pointer if needed: [N70]

Component outputs are limited to the legal range

N/A

Comments:

no component outputs

defined in the FDD DataDict.m file : [N53]

all server runnable outputs have full range

All code is mapped with FDD (all FDD

Yes

Comments:

subfunctions and/or model blocks identified

with code comments; all code corresponds to

some FDD subfunction and/or model block): [N40]

Review did not identify violations of other

Yes

Comments:

coding standard rules

Anomaly or Design Work CR created

N/A

Comments: List Anomaly or CR numbers

for any FDD corrections needed

FDD updates to be completed and baselined

before implementation baseline

General Notes / Comments:

all comments for both source files were captured in SyncCRC source code tab.

Change Owner:

K. Smith

Review Date :

01/13/16

Lead Peer Reviewer:

Kathleen Creager

Approved by Reviewer(s):

Yes

Other Reviewer(s):

Archana

Lucas Wendling

Sheet 6: MDD

Rev 1.2

8-Jun-15

Peer Review Meeting Log (MDD Review)

MDD Name:

CM800A_SyncCrc_MDD.docx

MDD Revision:

Source File Name:

CDD_SyncCrc.c

Source File Revision:

Source File Name:

CDD_SyncCrcNonRte.c

Source File Revision:

Source File Name:

Source File Revision:

Quality Check Items:

Rationale is required for all answers of No

Synergy version matches document

Yes

Comments:

Change log contains detailed description of changes

Yes

Comments:

Changes Highlighted (for Unit Tester)

Comments:

previous version not unit tested

Diagrams have been included per MDD Guideline

Yes

Comments:

and reviewed

All Design Exceptions and Limitations are listed

Yes

Comments:

Design rationale given for all global

N/A

Comments:

data not communicated through RTE ports, per

Design and Coding Standards rules [N9] and [N10].

All implementation details that differ from the FDD are

Yes

Comments:

while loop vs for loop explained in

noted and explained in Design Rationale

Design Limitations

All Unit Test Considerations have been described

Yes

Comments:

General Notes / Comments:

Change Owner:

K. Smith

Review Date :

01/13/16

Lead Peer Reviewer:

Kathleen Creager

Approved by Reviewer(s):

Yes

Other Reviewer(s):

Archana

Sheet 7: PolySpace

Rev 1.2

8-Jun-15

Peer Review Meeting Log (QAC/PolySpace Review)

Source File Name:

CDD_SyncCrc.c

Source File Revision:

Source File Name:

CDD_SyncCrcNonRte.c

Source File Revision:

Source File Name:

Source File Revision:

EA4 Static Analysis Compliance Guideline version:

1.0.0

Poly Space version:

Windows User: eg. 2013b 2013b

Polyspace sub project version:

Windows User: eg. TL108a_PolyspaceSuprt_1.0.0 NA

QAC version:

Windows User: eg 8.1.1-R 8.1.1-R

QAC sub project version:

Windows User: eg. TL_100A_1.1.0 TL100A_1.2.0

Quality Check Items:

Rationale is required for all answers of No

Contract Folder's header files are appropriate and

kzshz2: Intended Use: Identify that the contract folder contains only the information required for this component. All other variables, constants, function prototypes, etc. should be removed. Rationale: This will help avoid unit testers having to considers object not used. It will also avoid having other files required for QAC.

Yes

Comments:

function prototypes match the latest component version

100% Compliance to the EA4 Static Analysis

Comments:

during review, approved additional

Compliance Guideline

deviations not yet in compliance guideline

Are previously added justification and deviation

N/A

Comments:

comments still appropriate

Do all MISRA deviation comments use approved

Yes

Comments:

during review, approved additional

deviation tags

deviations not yet in compliance guideline

Cyclomatic complexity and Static path count OK

Creager, Kathleen: use Browse Function Metrics, STCYC and STPTH

Yes

Comments:

for all functions in the component per Design

and Coding Standards rule [N47]

General Notes / Comments:

run static analysis with configurator parameters set up as variables in the contract header files, and with conditional compile constant set both ways - done 1/13/16

Change Owner:

K. Smith

Review Date :

01/13/16

Lead Peer Reviewer:

Kathleen Creager

Approved by Reviewer(s):

Yes

Other Reviewer(s):

Sheet 8: Integration Manual

Rev 1.2

8-Jun-15

Peer Review Meeting Log (Integration Manual Review)

Integration Manual Name:

kzshz2: Intended Use: Identify which file is being reviewed Rationale: Required for traceability. It will help to ensure this sheet is not attached to the wrong design review form. CM800A_SyncCrc_Integration_Manual

Integration Manual Revision:

kzshz2: Intended Use: Identify which version of the integration manual has been reviewed. Rationale: Required for traceability between the MDD and review. Auditors will likely require this. 2

Quality Check Items:

Rationale is required for all answers of No

Synergy version matches header

Yes

Comments:

Latest template used

Yes

Comments:

Change log contains detailed description of changes

Yes

Comments:

Changes Highlighted (for Integrator)

Comments:

initial version was very generic --

essentially all content is new

General Notes / Comments:

note which functions can only be called from a task context - done 1/13/16

Change Owner:

K. Smith

Review Date :

01/13/16

Lead Peer Reviewer:

Kathleen Creager

Approved by Reviewer(s):

Other Reviewer(s):

Last modified October 12, 2025: Initial commit (1fadfc4)