Simulation-based Fault Injection with QEMU for Speeding-up Dependability Analysis of Embedded Software

Simulation-based fault injection (SFI) represents a valuable solu- tion for early analysis of software dependability and fault tolerance properties before the physical prototype of the target platform is available. Some SFI approaches base the fault injection strategy on cycle-accurate models imple- mented by means of Hardware Description Languages (HDLs). However, cycle- accurate simulation has revealed to be too time-consuming when the objective is to emulate the effect of soft errors on complex microprocessors. To overcome this issue, SFI solutions based on virtual prototypes of the target platform has started to be proposed. However, current approaches still present some draw- backs, like, for example, they work only for specific CPU architectures, or they require code instrumentation, or they have a different target (i.e., design errors instead of dependability analysis). To address these disadvantages, this paper presents an efficient fault injection approach based on QEMU, one of the most efficient and popular instruction-accurate emulator for several microprocessor architectures. As main goal, the proposed approach represents a non intrusive technique for simulating hardware faults affecting CPU behaviours. Perma- nent and transient/intermittent hardware fault models have been abstracted without losing quality for software dependability analysis. The approach mini- mizes the impact of the fault injection procedure in the emulator performance by preserving the original dynamic binary translation mechanism of QEMU. Experimental results for both x86 and ARM processors proving the efficiency and effectiveness of the proposed approach are presented

Efficient Fault Simulation through Dynamic Binary Translation for Dependability Analysis of Embedded Software

Fault injection is fundamental to evaluate the de- pendability of embedded software. Analyzing the interaction between the software and hardware components when hardware faults occur is efficient, but it is only possible once physical prototypes are available. On the other hand, fault injection on Hardware Description Language (HDL) models is a common practice that can significantly improve the verification phases, but HDL simulation speed constitutes a bottleneck of the design flow. In such a context, executing software on a virtual CPU providing fault-injection capabilities allows engineers to antic- ipate Embedded Software (ESW) dependability analysis at an earlier design stage. Thus, we present a non-intrusive approach that offers high speed for simulating hardware faults affecting CPU behaviors. This is obtained through dynamic translation of ESW binary code. In this work, hardware fault models (i.e., stuck-at, transient and delay faults) have been abstracted to an instruction-accurate CPU emulator without losing quality for ESW dependability analysis. Experimental results proves both the efficiency and effectiveness of the proposed approach