Cross-Domain Verification & Validation

VERIFICATION & VALIDATION · MIL · SIL · HIL · MC/DC

Verification and Validation Across Domains.

Agnile supports verification and validation across automotive, aerospace, embedded, IoT, and enterprise software programmes — connecting requirements, implementation, tests, results, defects, and release decisions into a traceable engineering evidence chain.

Schedule a 60-minute callContact Us
MIL · SIL · HILMC/DC AT DAL AASIL D EXPERIENCEDSPACE · ETAS · VECTORCAST

VERIFICATION COVERAGE

Verification Coverage Across Domains.

  • Automotive MIL/SIL/PIL/HIL
  • Aerospace Requirements-Based Verification
  • Embedded and IoT Validation
  • Frontend, Backend, and API Testing
  • Regression Automation
  • System Integration Testing
  • Release Reports and Evidence Packages

CAPABILITY AREAS

Verification and Validation Across Systems, Software, and Hardware.

Test Strategy & Planning

Verification strategy, test planning, coverage objectives, toolchain selection, traceability planning, and release evidence structure.

MIL / SIL / PIL / HIL

Model-in-loop, software-in-loop, processor-in-loop, and hardware-in-loop testing across embedded software and control systems.

Requirements-Based Testing

Test case design, automation, traceability to requirements, test execution, result analysis, defect logging, and regression support.

Coverage and Release Evidence

Structural coverage, MC/DC support where applicable, fault injection, robustness testing, validation reports, and release evidence packages.

ENGAGEMENT MODELS

How we engage on Verification & Validation programmes.

A full SIL-to-HIL test architecture, a HIL bench build for an ECU under test, or coverage closure to MC/DC on a software unit. We scope the actual work on the call.

  • VV-01·6–8 weeks

    V&V Strategy + Test Architecture

    Test strategy across MIL, SIL, PIL, HIL, and vehicle layers. We design what gets tested where, why, and how coverage will be argued. Outcome: a written test architecture aligned to your ASIL / DAL rigor target and ready to fund.

    ENGAGEMENT FLOW

    Discovery
    2w
    Architecture Design
    3w
    Pilot + Handover
    2w

    DELIVERABLES

    • Test Strategy document
    • Test Architecture (across MIL/SIL/HIL)
    • Pilot test set + tooling decisions
  • VV-02·8–12 weeks

    HIL Test Bench Build

    Full HIL bench for an ECU under test — dSPACE / ETAS hardware, plant model, CAN/Ethernet network, fault-injection rig, and the test framework that drives it. Delivered ready for production-scale regression.

    ENGAGEMENT FLOW

    Bench Design
    2w
    Plant Model
    3w
    Integration
    4w
    Handover
    1w

    DELIVERABLES

    • HIL bench (HW + plant model)
    • Test framework + first scenarios
    • Operator handover + docs
  • VV-03·4–8 weeks per item

    Coverage Closure to MC/DC

    Targeted coverage closure on a software unit under DAL A or ASIL D rigor. We design missing test cases, justify uncoverable code, and bundle the structural-coverage analysis into the certification or Confirmation pack.

    ENGAGEMENT FLOW

    Gap Analysis
    1w
    Test Authoring
    4w
    Coverage Closure
    2w

    DELIVERABLES

    • MC/DC test set
    • Uncoverable-code analysis
    • Coverage closure report

WHY AGNILE

What we do differently.

  • 01

    We test on the silicon already in your programme. PIL and HIL on AURIX, RH850, S32K, S32G — not host-only environments that hide target-specific bugs.

  • 02

    MC/DC closure on real safety-critical code. Every condition independently affecting the decision outcome — written-rationale uncoverable-code analysis bundled in.

  • 03

    Tool-agnostic — VectorCAST, LDRA, GoogleTest, Unity, dSPACE, ETAS. We integrate into your existing pipeline; we don't ask you to retool.

  • 04

    ASPICE Level 2+ test deliverables. Test specifications, cases, and results bidirectionally traceable to software requirements — ready for assessment.

  • 05

    Fault-injection rigs that exercise robustness, not just nominal paths. Edge cases, malformed CAN frames, ECU brown-outs — the tests that catch what production silicon will see.

STANDARDS DEPTH

Standards we work to.

ISO 26262 Part 6 at ASIL D. DO-178C §6 at DAL A. ASPICE SWE.5/6 in steady state.

  • ISO 26262 Part 6

    Software-level requirements for ASIL A–D

    Requirements-based testing at unit, integration, and system levels per Tables 6, 7, 9, 10. Coverage rigor scales with ASIL — Statement at A, Branch at B/C, MC/DC at D.

  • DO-178C §6

    Verification process for airborne software

    DO-178C verification objectives — requirements-based test cases at HLR and LLR, structural coverage analysis with MC/DC at DAL A, robustness testing per §6.4.2.2.

  • MC/DC

    Modified Condition / Decision Coverage

    MC/DC test sets — every condition independently affects the decision outcome — for safety-critical decisions. Uncoverable code justified with written rationale.

  • ASPICE SWE.5 / SWE.6

    Software Integration Test + Software Qualification Test

    Test specifications, test cases, test results, and traceability to software requirements bidirectionally maintained, ready for ASPICE Level 2+ assessment.

  • VectorCAST / LDRA

    Test + coverage tooling

    VectorCAST or LDRA integrated into the build — auto-generate harness code, configure target adapters for AURIX / RH850 / S32K, drive coverage at Statement / Decision / MC/DC.

HOW WE TEST — THE V&V PROGRESSION

From MIL to vehicle validation.

Six stages, each with named methodology and an explicit deliverable. Earlier faults cost less — we push test maturity left in the V-model.

  1. 01

    Test Strategy & Architecture

    ASPICE SWE.5

    We define the test strategy across MIL, SIL, PIL, HIL, and vehicle layers — what gets tested where, why, and how coverage will be argued.

    Test Strategy + Architecture

  2. 02

    MIL — Model-in-the-Loop

    Earliest verification

    Algorithm-level tests against the Simulink / TargetLink / Stateflow model. Catches numeric and behavioural defects before code generation.

    MIL test cases + reports

  3. 03

    SIL — Software-in-the-Loop

    Unit + integration

    Generated or hand-written code tested in a host environment — GoogleTest, Unity, VectorCAST. Coverage tooling configured for Statement / Decision / MC/DC.

    Unit + integration tests

  4. 04

    PIL — Processor-in-the-Loop

    Target-specific behaviour

    Code executed on the target processor with stimuli mirroring the SIL test cases. Catches compiler / runtime / target-specific defects that host environments hide.

    PIL test reports + delta

  5. 05

    HIL — Hardware-in-the-Loop

    System-level closed-loop

    ECU under test on a dSPACE or ETAS bench with simulated plant model and real CAN/Ethernet stimuli. Closed-loop scenarios, fault injection, robustness testing.

    HIL bench + scenarios

  6. 06

    Vehicle Validation & Coverage Closure

    Final argument

    Field validation campaigns, edge-case scenarios, and final coverage closure. Independent verification at DAL A / ASIL D. Test report bundle ready for programme acceptance or audit.

    Coverage closure pack

CASE STUDY

What this looks like in practice.

Anonymised by request. References available on qualified enquiry.

Anonymised engagement summary. Customer identity and programme details withheld under NDA. Metrics reflect internally documented delivery outcomes.

INDIAN POWERTRAIN PROGRAMME · ASIL D ECU

MC/DC closure for an ASIL D powertrain function.

CONTEXT

An Indian engineering team was preparing for vehicle-programme acceptance on a powertrain ECU classified ASIL D. Their existing structural coverage stood at 87% Branch coverage with no MC/DC argument — sufficient for ASIL B, not ASIL D. They had 6 weeks before submission and 12 kSLOC of safety-relevant code to close.

APPROACH

Agnile ran a coverage gap analysis, designed targeted MC/DC test cases against the existing requirements, justified uncoverable code with written rationale, and integrated the resulting suite into the team's VectorCAST harness. Coverage closure delivered in 5 weeks, evidence pack in week 6.

WHAT WE DELIVERED

  • Coverage gap analysis (12 kSLOC)
  • MC/DC test cases (147 added)
  • Uncoverable-code rationale document
  • Updated VectorCAST harness + CI integration
  • Coverage closure report (ASIL D ready)

WHAT THE CUSTOMER GOT

  • MC/DC coverage closed in 5 weeks
  • Programme acceptance on first submission
  • Test framework reused on follow-on programmes

ASIL D · 12 kSLOC · MC/DC closed · 5 weeks

FAQ

Talk to a V&V engineer.

A 60-minute call: scope a HIL bench, plan a test automation framework, or close MC/DC for a DAL A function. We respond to qualified enquiries within one business day.