Formal verification of automotive embedded UML designs

Software applications are increasingly dominating safety critical domains. Safety critical domains are domains where the failure of any application could impact human lives. Software application safety has been overlooked for quite some time but more focus and attention is currently directed to this area due to the exponential growth of software embedded applications. Software systems have continuously faced challenges in managing complexity associated with functional growth, flexibility of systems so that they can be easily modified, scalability of solutions across several product lines, quality and reliability of systems, and finally the ability to detect defects early in design phases. AUTOSAR was established to develop open standards to address these challenges. ISO-26262, automotive functional safety standard, aims to ensure functional safety of automotive systems by providing requirements and processes to govern software lifecycle to ensure safety. Each functional system needs to be classified in terms of safety goals, risks and Automotive Safety Integrity Level (ASIL: A, B, C and D) with ASIL D denoting the most stringent safety level. As risk of the system increases, ASIL level increases and the standard mandates more stringent methods to ensure safety. ISO-26262 mandates that ASILs C and D classified systems utilize walkthrough, semi-formal verification, inspection, control flow analysis, data flow analysis, static code analysis and semantic code analysis techniques to verify software unit design and implementation. Ensuring software specification compliance via formal methods has remained an academic endeavor for quite some time. Several factors discourage formal methods adoption in the industry. One major factor is the complexity of using formal methods. Software specification compliance in automotive remains in the bulk heavily dependent on traceability matrix, human based reviews, and testing activities conducted on either actual production software level or simulation level. ISO26262 automotive safety standard recommends, although not strongly, using formal notations in automotive systems that exhibit high risk in case of failure yet the industry still heavily relies on semi-formal notations such as UML. The use of semi-formal notations makes specification compliance still heavily dependent on manual processes and testing efforts. In this research, we propose a framework where UML finite state machines are compiled into formal notations, specification requirements are mapped into formal model theorems and SAT/SMT solvers are utilized to validate implementation compliance to specification. The framework will allow semi-formal verification of AUTOSAR UML designs via an automated formal framework backbone. This semi-formal verification framework will allow automotive software to comply with ISO-26262 ASIL C and D unit design and implementation formal verification guideline. Semi-formal UML finite state machines are automatically compiled into formal notations based on Symbolic Analysis Laboratory formal notation. Requirements are captured in the UML design and compiled automatically into theorems. Model Checkers are run against the compiled formal model and theorems to detect counterexamples that violate the requirements in the UML model. Semi-formal verification of the design allows us to uncover issues that were previously detected in testing and production stages. The methodology is applied on several automotive systems to show how the framework automates the verification of UML based designs, the de-facto standard for automotive systems design, based on an implicit formal methodology while hiding the cons that discouraged the industry from using it. Additionally, the framework automates ISO-26262 system design verification guideline which would otherwise be verified via human error prone approaches

An investigation of model-based techniques for automotive electronic system development

Over the past decades, the adoption of electronic systems for the manufacturing of automotive vehicles has been exponentially popularized. This growth has been driven by the premium automobile sector where, presently, diverse electronic systems are used. These electronic systems include systems that control the engine, transmission, suspension and handling of a vehicle; air bag and other advanced restraint systems; comfort systems; security systems; entertainment and information (infotainment) systems. In systems terms, automotive embedded electronic systems can now be classified as a System of Systems (SoS). Automotive systems engineering requires a sustainable integration of new methods, development processes, and tools that are specifically adapted to the automotive domain. Model-based design is one potential methodology to carry out design, implement and manage such complex distributed systems, and their integration into one cohesive and reliable SoS to meet the challenges for the automotive industry. This research was conducted to investigate the model-based design of a 4×4 Information System, within an automotive electronic SoS. Two distinct model-based approaches to the development of an automotive electronic system are discussed in this study. The first approach involves the use of the Systems Modelling Language (SysML) based tool ARTiSAN Studio for structural modelling, functional modelling and code generation. The second approach involves the use of the MATLAB based tools Simulink and Stateflow for functional modelling, and code generation. The results show that building the model in SysML by using ARTiSAN Studio provides a clearly structured visualization of the 4×4 Information System from both structural and behavioural viewpoints of the system with relevant objects. SysML model facilitates a more comprehensive understanding of the system than the model built in Simulink/Stateflow. The Simulink/Stateflow model demonstrates its superior performance in producing high quality and better efficiency of C code for the automotive software delivery compared with the model built in ARTiSAN Studio. Furthermore, this Thesis also gets insight into an advanced function development approach based on the real-time simulation and animation for the 4×4 Information System. Finally, the Thesis draws conclusions about how to make use of model-based design for the development of an automotive electronic SoS

Estimating the cost of a new technology intensive automotive product: A case study approach.

Estimating cost of new technology intensive products is very ad hoc within the automotive industry. There is a need to develop a systematic approach to the cost estimating, which will make the estimates more realistic. This research proposes a methodology that uses parametric, analogy and detailed estimating techniques to enable a cost to be built for an automotive powertrain product with a high content of new technology. The research defines a process for segregating new or emerging technologies from current technologies to enable the various costing techniques to be utilised. The cost drivers from an internal combustion engine's characteristics to facilitate a cost estimate for high- volume production are also presented. A process to enable a costing expert to either build an estimate for the new technology under analysis or use a comparator and then develop a variant for the new system is also discussed. Due to the open nature of the statement ‘new technology’, research is also conducted to provide a meaningful definition applicable to the automotive industry and this pro

Combined automotive safety and security pattern engineering approach

Automotive systems will exhibit increased levels of automation as well as ever tighter integration with other vehicles, traffic infrastructure, and cloud services. From safety perspective, this can be perceived as boon or bane - it greatly increases complexity and uncertainty, but at the same time opens up new opportunities for realizing innovative safety functions. Moreover, cybersecurity becomes important as additional concern because attacks are now much more likely and severe. However, there is a lack of experience with security concerns in context of safety engineering in general and in automotive safety departments in particular. To address this problem, we propose a systematic pattern-based approach that interlinks safety and security patterns and provides guidance with respect to selection and combination of both types of patterns in context of system engineering. A combined safety and security pattern engineering workflow is proposed to provide systematic guidance to support non-expert engineers based on best practices. The application of the approach is shown and demonstrated by an automotive case study and different use case scenarios.EC/H2020/692474/EU/Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems/AMASSEC/H2020/737422/EU/Secure COnnected Trustable Things/SCOTTEC/H2020/732242/EU/Dependability Engineering Innovation for CPS - DEIS/DEISBMBF, 01IS16043, Collaborative Embedded Systems (CrESt

Model Based Automotive System Design: A Power Window Controller Case Study

Modern day vehicles come equipped with a large number of sensors, actuators and ECU’s with sophisticated control algorithms, which requires engineering activities from various disciplines. An automotive system is developed in various stages with multiple stakeholders involved at each stage. Each stakeholder provides a distinct view point on system representation, which makes it challenging to bridge the gaps in developing a holistic understanding of the system functionality. The safety critical nature of automotive systems induces timing and dependability concerns that must be addressed at all stages. Furthermore, the relatively long development life-cycle of automotive systems makes it imperative to have a clear strategy for long term evolution. To deal with these challenges, model based techniques are applied in the industry for automotive systems development. System engineers use a suitable architecture description language (ADL) to represent the system architecture at several levels of abstraction. A number of system architecture description and software architecture standards have been developed in the automotive industry to streamline the development process. However, most of these standards are elaborate and need a fair amount of understanding before they can be applied. In this work, we explore the application of existing system architecture description and software architecture standards. Our main contribution is a Power Window Controller (PWC) system demonstrator that illustrates the methodology described by EAST-ADL and AUTOSAR. Through this case study, we intend to highlight the key aspects and gaps in the application of EAST-ADL & AUTOSAR. Starting from features and requirements, we have analyzed the impact of architectural decisions at each stage of automotive system development. We also performed Design verification, timing analysis & dependability analysis to ensure correctness of the system. Lastly, considerations regarding variability have been discussed to support evolution

Simulation and BIM in building design, commissioning and operation: a comparison with the microelectronics industry

Analogy between the Microelectronics and Building industries is explored with the focus on design, commissioning and operation processes. Some issues found in the realisation of low energy buildings are highlighted and techniques gleaned from microelectronics proposed as possible solutions. Opportunities identified include: adoption of a more integrated process, use of standard cells, inclusion of controls and operational code in the design, generation of building commissioning tests from simulation, generation of building operational control code (including self-test) from simulation, inclusion of variation and uncertainties in the design process, use of quality processes such as indices to represent design robustness and formal continuous improvement methods. The possible integration of these techniques within a building information model (BIM) flow is discussed and some examples of enabling technologies given

Winning customer loyalty in an automotive company through Six Sigma: a case study

Six Sigma is a disciplined approach to improving product, process and service quality. Since its inception at Motorola in the mid 1980s Six Sigma has evolved significantly and continues to expand to improve process performance, enhance business profitability and increase customer satisfaction. This paper presents an extensive literature review based on the experiences of both academics and practitioners on Six Sigma, followed by the application of the Define, Measure, Analyse, Improve, Control (DMAIC) problem-solving methodology to identify the parameters causing casting defects and to control these parameters. The results of the study are based on the application of tools and techniques in the DMAIC methodology, i.e. Pareto Analysis, Measurement System Analysis, Regression Analysis and Design of Experiment. The results of the study show that the application of the Six Sigma methodology reduced casting defects and increased the process capability of the process from 0.49 to 1.28. The application of DMAIC has resulted in a significant financial impact (over U.S. $110 000 per annum) on the bottom-line of the company