Flight Mechanics, Flight Control and Aeroelasticity

MCAS – Model Check Methodology for Avionic Software

MCAS is a joint research project to design a verification process for the model-based development of safety-critical avionics software. The project is supported by the Federal Ministry for Economic Affairs and Energy (BMWi) as part of the Central Innovation Program for Small and Medium-sized Enterprises (ZIM). Its duration is 33 months (01.08.2015 - 31.04.2018)


Electronic control systems for vehicles contain functions that are both complex and safety-critical. Examples are electronic flight control systems for aircraft or advanced driver assistance systems in the automotive industry. The certification of such systems requires a well-structured development process that is governed by strict, industry-specific regulations. The risk, effort and ultimately cost of the development process can be reduced significantly, by employing a model-based software development process.
Model-based software development is characterized by the implementation of an executable model of the software that is being developed. There are two advantages:

  1. The software model can be used to generate code automatically,
  2. The developed functions can be validated at an early stage with simulation.

The guideline RTCA DO‐331 "Model‐Based Development and Verification Supplement to DO‐178C and DO‐278“ released in December 2011 opens up the possibility to employ model-based software development in the development of avionic software – particularly in the certification process – and requires verification of the utilized models. There is a lack of strict modeling rules and efficient methods to verify the compliance of models to that rules for common development tools. The required effort to develop guidelines and verification methods particularly hinders small and medium sized enterprises in developing avionics software for CS-23 aircraft.


The MCAS project aims at reducing the required effort for development and certification of avionic software, to facilitate the development and implementation of electronic flight control systems for aircraft in the CS-23 segment. The objective is the development of a verification process that ensures the compliance of the model-based development process of avionic software to the requirements set forth in RTCA DO-331. Possible errors should be identified and rectified during the modelling phase by frequent, automated, static analysis of software models throughout the course of development. The practical implementation of the verification process is based on MATLAB®/ Simulink®/ Stateflow®/ TargetLink® as a commonly used tool chain for model-based development of embedded software systems.

Project plan

AP100Classification of models, establishment of requirementsDeriving specific requirements for specification models and design models; Analysis of demand for higher quality checks for verifying models.
AP200Steps for verifying the required propertiesDesign of model patterns for specification and design models and prototypical check algorithms for Simulink®/Stateflow®.
AP300Design of integrated check methodologyIntegration of all test steps relevant for certification into a three-layered verification method encompassing checks of specification models, design models and the generated source code.
AP400Validation and evaluation of the verification methodEvaluation and validation of the integrated check methodology using existing complex avionic software models especially of flight control systems.

Project Partner

  • Model Engineering Solutions GmbH
  • Department for Flight Mechanics, Flight Control and Aeroelasticity (FMRA) at the Technical University of Berlin