Safety & Functional Requirements

Safety Goal

Need: (SG) Prevent thermal damage by detecting abnormal temperature conditions and notifying the system to take corrective action. REQ_SAFETY_001 _images/arrow-right-circle.svg
status: active
tags: thermal, monitoring, safety-goal
links outgoing: ARCH_001, ARCH_SEOOC_001
links incoming: REQ_SAFETY_002, REQ_SAFETY_003, ARCH_001, ARCH_ERROR_001, ARCH_SEOOC_001, TEST_VERIFY_001, TEST_ERROR_RECOVERY_001

Safety Requirements

Need: (SR) The system shall detect when temperature exceeds the safe operating limit and report an unsafe state within 100ms. REQ_SAFETY_002 _images/arrow-right-circle.svg
status: active
tags: thermal, detection, timing
links outgoing: REQ_SAFETY_001, ARCH_FUNC_003, ARCH_SIGNAL_003
links incoming: REQ_FUNC_001, REQ_FUNC_002, REQ_FUNC_003, ARCH_001, ARCH_FUNC_003, ARCH_SIGNAL_003, ARCH_ERROR_002, ARCH_SEOOC_001, TEST_VERIFY_001, TEST_METHOD_003, TEST_THRESHOLD_001, TEST_END_TO_END_001, TEST_FAIL_SAFE_001

Rationale: Timely detection enables corrective action before damage occurs.

Architecture: (ARCH) The State Machine sh... (ARCH_FUNC_003)

Tests: (TEST) TEST_END_TO_END_001:... (TEST_END_TO_END_001)
Need: (SR) The system shall report a safe state when temperature returns to normal operating range. REQ_SAFETY_003 _images/arrow-right-circle.svg
status: active
tags: thermal, recovery
links outgoing: REQ_SAFETY_001, ARCH_ERROR_002, ARCH_SIGNAL_003
links incoming: REQ_FUNC_004, ARCH_001, ARCH_SIGNAL_003, ARCH_ERROR_002, TEST_VERIFY_001, TEST_HYSTERESIS_001, TEST_FAIL_SAFE_001

Rationale: Clear state transitions enable predictable system behavior.

Architecture: (ARCH) The module shall tra... (ARCH_ERROR_002)

Tests: (TEST) TEST_FAIL_SAFE_001: ... (TEST_FAIL_SAFE_001)

Functional Requirements

Need: (FR) The module shall read analog sensor input and convert it to temperature in degrees Celsius. REQ_FUNC_001 _images/arrow-right-circle.svg
status: active
tags: sensor, conversion
links outgoing: REQ_SAFETY_002, ARCH_FUNC_001, ARCH_SIGNAL_001
links incoming: ARCH_DESIGN_002, ARCH_FUNC_001, ARCH_SIGNAL_001, TEST_VERIFY_001, TEST_CONVERSION_001, CODE_IMPL_001

Output Range: -40°C to +125°C (covers medical, industrial, automotive domains)

Architecture: (ARCH) The Sensor Driver sh... (ARCH_FUNC_001), (ARCH) Raw Temperature Sign... (ARCH_SIGNAL_001), (ARCH) Temperature Reading ... (ARCH_SIGNAL_002)

Tests: (TEST) TEST_CONVERSION_001:... (TEST_CONVERSION_001)
Need: (FR) The module shall filter sensor noise using a 5-sample moving average. REQ_FUNC_002 _images/arrow-right-circle.svg
status: active
tags: filtering, stability
links outgoing: REQ_SAFETY_002, ARCH_FUNC_002, ARCH_SIGNAL_002
links incoming: ARCH_FUNC_002, ARCH_SIGNAL_002, TEST_VERIFY_001, TEST_FILTER_001, CODE_IMPL_001

Rationale: Prevents spurious state changes from sensor noise.

Architecture: (ARCH) The Temperature Filt... (ARCH_FUNC_002)

Tests: (TEST) TEST_FILTER_001: Noi... (TEST_FILTER_001)
Need: (FR) The module shall trigger a safe state alert when temperature ≥ 100°C (configurable threshold). REQ_FUNC_003 _images/arrow-right-circle.svg
status: active
tags: threshold, alert
links outgoing: REQ_SAFETY_002, ARCH_FUNC_003, ARCH_DESIGN_001
links incoming: ARCH_DESIGN_001, ARCH_DESIGN_003, ARCH_FUNC_003, ARCH_SIGNAL_003, TEST_VERIFY_001, TEST_THRESHOLD_001, CODE_IMPL_001

Architecture: (ARCH) The State Machine sh... (ARCH_FUNC_003), (ARCH) Temperature monitori... (ARCH_DESIGN_001)

Tests: (TEST) TEST_THRESHOLD_001: ... (TEST_THRESHOLD_001)
Need: (FR) The module shall trigger a recovery to normal state when temperature ≤ 95°C (hysteresis). REQ_FUNC_004 _images/arrow-right-circle.svg
status: active
tags: threshold, hysteresis, recovery
links outgoing: REQ_SAFETY_003, ARCH_DESIGN_001
links incoming: ARCH_DESIGN_001, ARCH_DESIGN_003, ARCH_FUNC_003, ARCH_SIGNAL_003, TEST_VERIFY_001, TEST_HYSTERESIS_001, CODE_IMPL_001

Rationale: 5°C hysteresis prevents oscillation at threshold boundary.

Architecture: (ARCH) Temperature monitori... (ARCH_DESIGN_001)

Tests: (TEST) TEST_HYSTERESIS_001:... (TEST_HYSTERESIS_001)

Design Specifications

Need: (ARCH) Temperature monitoring shall be implemented as a state machine with two states: SAFE and UNSAFE. ARCH_DESIGN_001 _images/arrow-right-circle.svg
status: active
tags: architecture, state-machine
links outgoing: REQ_FUNC_003, REQ_FUNC_004, ARCH_FUNC_003
links incoming: REQ_FUNC_003, REQ_FUNC_004, TEST_THRESHOLD_001, TEST_HYSTERESIS_001

States:

  • SAFE: Temperature within safe range (< 95°C)

  • UNSAFE: Temperature exceeds threshold (≥ 100°C)

Implementation: (CODE) Implementation is tr... (CODE_IMPL_001)

Tests: (TEST) TEST_THRESHOLD_001: ... (TEST_THRESHOLD_001), (TEST) TEST_HYSTERESIS_001:... (TEST_HYSTERESIS_001)
Need: (ARCH) The module shall store the last valid temperature reading and timestamp. ARCH_DESIGN_002 _images/arrow-right-circle.svg
status: active
tags: data, state
links outgoing: REQ_FUNC_001, ARCH_SIGNAL_002
Need: (ARCH) All temperature thresholds shall be stored in read-only configuration registers. ARCH_DESIGN_003 _images/arrow-right-circle.svg
status: active
tags: configuration, safety
links outgoing: REQ_FUNC_003, REQ_FUNC_004

Rationale: Prevents accidental or malicious threshold modification during operation.

Test Coverage Mapping

Need: REQ_SAFETY_002 shall be verified by TEST_DETECTION_001 and TEST_TIMING_001. TRACE_TEST_001 _images/arrow-right-circle.svg
status: active
tags: traceability
Need: REQ_FUNC_003 shall be verified by TEST_THRESHOLD_001. TRACE_TEST_002 _images/arrow-right-circle.svg
status: active
tags: traceability