Case Study

Apex.AI Achieves ISO26262 Compliance Faster with Lattix

Apex.AI is a Palo Alto, Munich, and Berlin-based company that is developing breakthrough safe, certified, developer-friendly, and scalable software for mobility systems.   Apex launched its award-winning first product Apex.OS after three years in 2020 and have taken it through certification in record time for launch in May 2021

Apex.AI products are based on proven open-source software, such as ROS or Eclipse iceoryx, so that they don’t spend time redeveloping what already works. They then add what is missing: Functional safety, flawless performance, and support for application in commercial and safety-critical products. In order to do so, Apex.AI has developed a proprietary process to rework open-source software in record time such that it conforms to the highest requirements of the applicable functional safety standard.

Why Apex Chose Lattix

At first, Apex AI tried some open source analyzers such as Doxygen and UML modeling tools, but they did not give sufficient coverage to all the ISO 26262-2018 Part 6 software architecture and design requirements. The Apex.OS and Apex.Middleware software needed to be validated quickly. The team at Apex was taking months to calculate the metrics manually and create the software hierarchy.

“We had evaluated several architecture analysis solutions, and Lattix stood out in our tests,” said Dejan Pangeric, CTO and Co-Founder of Apex.AI. “The solution performed best in terms of architecture analysis and convinced us through its ease of use, and its clear generation of the DSM matrix, that it could help us in satisfying clauses in ISO 26262-2018 Part 6. Lattix has already become a mainstay in our development workflow and a valuable component in our DevOps pipeline.”

How Apex Uses Lattix

Apex now has integrated Lattix architecture metrics and compliance into a DevOps pipeline, and automated the creation of certification artifacts. Previously, these artifacts needed to be generated by hand, but now everything including the report generation is automated. With Lattix, Apex.AI can analyze their C++ software dependencies, and see any violations of the code against the intended architecture. This helps their engineers to continuously analyze their source code in the build process and safeguard their software quality. The Lattix scripting and API interface was also used to help interface Lattix to Apex.OS software and increase productivity.

A key part of ISO26262-2018-6 is control flow and data flow analysis. Apex.AI extended its analysis to include control and data coupling, looking for instances where the control or data flow in one module could affect the flow in a different module. To help solve this complex problem which originated in the Avionics D-O178C standard, Apex.AI used tags in Lattix to identify modules which were relevant to functional safety and the dependencies were filtered to examine global relationships which crossed module boundaries. These cross-module dependencies were then verified using the dynamic testing and coverage engine in VectorCAST. In this way, TUV-compliant artifacts satisfying control and data flow analysis are automatically generated, an activity which would have taken many man months if it had been undertaken manually.

The Results

Lattix played a vital role in the certification of Apex.OS and Apex.Middleware. Now Apex.OS is the world’s first certified open-source operating system that has been certified by TÜV Nord to ISO 26262 ASIL D, the highest level of automotive risk management. Apex.AI believes they have a distinct competitive advantage with their integrated pipeline that includes Lattix, static analysis solution Axivion, and dynamic testing tool VectorCAST. With this combination, they can certify OSS software faster than anyone else on the market.

Get a Fast Start to your Compliance objectives by engaging our experienced Services team.