11 research outputs found

    Towards Vehicle-Level Simulator Aided Failure Mode, Effect, and Diagnostic Analysis of Automotive Power Electronics Items

    Get PDF
    The increasing demand for Electronic Control Units able to perform safety-relevant tasks leads the automotive industry to find novel verification methodologies, capable to decrease the time-to-market and, at the same time, to improve the quality of the assessment. The ISO26262:2018 automotive functional safety standard requires to follow a strict development process, compliant with its “safety lifecycle”. It includes all the phases of the item life, from the concept to the decommissioning. The phase that places most difficulties about its objectivity and repeatability is the hardware/software integration verification since, usually, the software is in charge to mitigate the effects of some possible hardware failures. This paper proposes a novel technique, based on a simulation-based approach, to aid the designers during the Failure Mode, Effect, and Diagnostic Analysis (FMEDA). We consider a power electronics module, to be embedded into electric vehicles powertrains, as a challenging practical example. We performed some tests on it, considering a rear traction car with two independent electric motors, one per each wheel. This system, to allow the vehicle to curve, has to act like a differential gear. Hence, it has a strong safety impact on the driveability of the car. All the involved components have been simulated propagating their behaviours up to the entire vehicle. Due the strong coupling between item failures and vehicle dynamics, a structured way based on coupling fault injection with vehicle dynamic simulation is desirable

    Exploiting the IEEE 1149.1 Standard for Software Reliability Evaluation in Space Applications

    Get PDF
    The IEEE 1149.1 standard (boundary-scan) was originally developed as a technology to provide in-circuit testing of digital devices. Its effectiveness lead to unanticipated successes such as its extension to support on-line monitoring and in-circuit emulation. Meanwhile, its applicability for fault-injection had already been demonstrated by academic prototypes. In this paper we describe the first commercial tool, the BSCAN4FI plug in for XceptionÂź, that provides support for software reliability evaluation for aeronautics and space applications using the boundary-scan technology as a means for controlled fault-injection. This tool allows transparent integration testing without any modification to the original system to be deployed and was developed specifically for the SPARC V.7 TSC695f space processor. Besides extended fault models and test features only made possible through this technology, in-system non-intrusive monitoring capabilities are also made possible.info:eu-repo/semantics/publishedVersio

    Injecção de Falhas por Varrimento Periférico em Processadores

    Get PDF
    As técnicas de injecção de falhas mais utilizadas podem ser classificadas em técnicas de indução, técnicas de injecão por hardware e técnicas de injecção por software. Dentro das técnicas de injecção por hardware surgem as técnicas de injecção de falhas recorrendo à tecnologia de teste por varrimento periférico. Esta encontra-se fortemente implantada nos processadores mais recentes, fornecendo um método de acesso ao seu interior de forma a permitir operaçÔes de teste e depuração. A sua utilização para a injecção de falhas é um passo lógico e tem sido estudada desde os anos 90. Os trabalhos desenvolvidos nesta årea são diversos e incluem soluçÔes que não exigem qualquer alteração à infraestrutura normalizada e soluçÔes que modificam as células e a infraestrutura de controlo de forma a suportarem esta funcionalidade. Estas alteraçÔes implicam atrasos temporais acrescidos e um aumento da årea de silício destinada a funçÔes de teste, tornando-se importante uma preocupação com a optimização para que a inclusão de capacidades de injecção de falhas não afecte significativamente o desempenho e o custo dos componentes onde são implementadas.info:eu-repo/semantics/publishedVersio

    Towards Accurate Estimation of Error Sensitivity in Computer Systems

    Get PDF
    Fault injection is an increasingly important method for assessing, measuringand observing the system-level impact of hardware and software faults in computer systems. This thesis presents the results of a series of experimental studies in which fault injection was used to investigate the impact of bit-flip errors on program execution. The studies were motivated by the fact that transient hardware faults in microprocessors can cause bit-flip errors that can propagate to the microprocessors instruction set architecture registers and main memory. As the rate of such hardware faults is expected to increase with technology scaling, there is a need to better understand how these errors (known as ‘soft errors’) influence program execution, especially in safety-critical systems.Using ISA-level fault injection, we investigate how five aspects, or factors, influence the error sensitivity of a program. We define error sensitivity as the conditional probability that a bit-flip error in live data in an ISA-register or main-memory word will cause a program to produce silent data corruption (SDC; i.e., an erroneous result). We also consider the estimation of a measure called SDC count, which represents the number of ISA-level bit flips that cause an SDC.The five factors addressed are (a) the inputs processed by a program, (b) the level of compiler optimization, (c) the implementation of the program in the source code, (d) the fault model (single bit flips vs double bit flips) and (e)the fault-injection technique (inject-on-write vs inject-on-read). Our results show that these factors affect the error sensitivity in many ways; some factors strongly impact the error sensitivity or SDC count whereas others show a weaker impact. For example, our experiments show that single bit flips tend to cause SDCs more than double bit flips; compiler optimization positively impacts the SDC count but not necessarily the error sensitivity; the error sensitivity varies between 20% and 50% among the programs we tested; and variations in input affect the error sensitivity significantly for most of the tested programs

    Design for dependability: A simulation-based approach

    Get PDF
    This research addresses issues in simulation-based system level dependability analysis of fault-tolerant computer systems. The issues and difficulties of providing a general simulation-based approach for system level analysis are discussed and a methodology that address and tackle these issues is presented. The proposed methodology is designed to permit the study of a wide variety of architectures under various fault conditions. It permits detailed functional modeling of architectural features such as sparing policies, repair schemes, routing algorithms as well as other fault-tolerant mechanisms, and it allows the execution of actual application software. One key benefit of this approach is that the behavior of a system under faults does not have to be pre-defined as it is normally done. Instead, a system can be simulated in detail and injected with faults to determine its failure modes. The thesis describes how object-oriented design is used to incorporate this methodology into a general purpose design and fault injection package called DEPEND. A software model is presented that uses abstractions of application programs to study the behavior and effect of software on hardware faults in the early design stage when actual code is not available. Finally, an acceleration technique that combines hierarchical simulation, time acceleration algorithms and hybrid simulation to reduce simulation time is introduced

    Mise en Ɠuvre et caractĂ©risation d'une mĂ©thode d'injection de pannes Ă  haut niveau d'abstraction

    Get PDF
    De nos jours, l’effet des rayons cosmiques sur l’électronique est connu. De nombreuses Ă©tudes ont dĂ©montrĂ© que les neutrons Ă©taient la cause principale des erreurs non destructives sur les circuits intĂ©grĂ©s Ă  bord des avions. De plus, la rĂ©duction de la taille des transistors rend les circuits de plus en plus sensibles Ă  ces derniers. Les circuits tolĂ©rants aux radiations sont parfois utilisĂ©s afin d’amĂ©liorer la robustesse des circuits. Cependant, ces circuits sont coĂ»teux et leur technologie tend Ă  ĂȘtre en retard de quelques gĂ©nĂ©rations par rapport aux circuits non tolĂ©rants. Les concepteurs prĂ©fĂšrent donc utiliser des circuits conventionnels et appliquent des mĂ©thodes de mitigation afin d’amĂ©liorer la tolĂ©rance aux erreurs passagĂšres. Tout au long de la conception d’un circuit, il est indispensable d’en analyser et d’en vĂ©rifier la fiabilitĂ©. Les mĂ©thodologies conventionnelles de conception ont besoin d’ĂȘtre adaptĂ©es afin d’évaluer la tolĂ©rance aux erreurs non destructives causĂ©es par les radiations. Aujourd’hui, les concepteurs ont besoin de nouveaux outils et de nouvelles mĂ©thodologies afin de valider leurs stratĂ©gies de mitigation dans le but de satisfaire leurs exigences de tolĂ©rance. Dans ce mĂ©moire, une nouvelle mĂ©thodologie permettant de capturer Ă  bas niveau d’abstraction le comportement fautif d’un circuit et de l’appliquer Ă  plus haut niveau est proposĂ©e. Pour cela, le nouveau concept de Signature du comportement fautif d’un circuit est prĂ©sentĂ©. Une Signature permet de crĂ©er, Ă  haut niveau d’abstraction (niveau systĂšme) des modĂšles qui reflĂštent avec prĂ©cision le comportement fautif d’un circuit appris Ă  bas niveau, au niveau portes logiques. Les comportements fautifs d’un additionneur et d’un multiplicateur 8 bits ont Ă©tĂ© reproduits sous Simulink avec respectivement des coefficients de corrĂ©lation de 98,53 % et 99,86 %. Une mĂ©thodologie permettant de gĂ©nĂ©rer une bibliothĂšque de composants fautifs sous Simulink est proposĂ©e dans le but de permettre aux concepteurs de vĂ©rifier la tolĂ©rance de leurs modĂšles tĂŽt lors de la conception d’un circuit. Les rĂ©sultats ainsi obtenus pour trois circuits sont prĂ©sentĂ©s et critiquĂ©s tout au long de ce mĂ©moire. Dans le cadre de ce projet, un article scientifique a Ă©tĂ© publiĂ© Ă  la confĂ©rence NEWCAS 2013 (Robache et al., 2013). Ce travail prĂ©sente le nouveau concept de Signature du comportement fautif, la mĂ©thodologie de gĂ©nĂ©ration de Signatures dĂ©veloppĂ©e ainsi qu’une preuve de concept avec un multiplicateur 8 bits

    Fault injection testing of software implemented fault tolerance mechanisms of distributed systems

    Get PDF
    PhD ThesisOne way of gaining confidence in the adequacy of fault tolerance mechanisms of a system is to test the system by injecting faults and see how the system performs under faulty conditions. This thesis investigates the issues of testing software-implemented fault tolerance mechanisms of distributed systems through fault injection. A fault injection method has been developed. The method requires that the target software system be structured as a collection of objects interacting via messages. This enables easy insertion of fault injection objects into the target system to emulate incorrect behaviour of faulty processors by manipulating messages. This approach allows one to inject specific classes of faults while not requiring any significant changes to the target system. The method differs from the previous work in that it exploits an object oriented approach of software implementation to support the injection of specific classes of faults at the system level. The proposed fault injection method has been applied to test software-implemented reliable node systems: a TMR (triple modular redundant) node and a fail-silent node. The nodes have integrated fault tolerance mechanisms and are expected to exhibit certain behaviour in the presence of a failure. The thesis describes how various such mechanisms (for example, clock synchronisation protocol, and atomic broadcast protocol) were tested. The testing revealed flaws in implementation that had not been discovered before, thereby demonstrating the usefulness of the method. Application of the approach to other distributed systems is also described in the thesis.CEC ESPRIT programme, UK Engineering and Physical Sciences Research Council (EPSRC)

    Fault Injection and Monitoring Capability for a Fault-Tolerant Distributed Computation System

    Get PDF
    The Configurable Fault-Injection and Monitoring System (CFIMS) is intended for the experimental characterization of effects caused by a variety of adverse conditions on a distributed computation system running flight control applications. A product of research collaboration between NASA Langley Research Center and Old Dominion University, the CFIMS is the main research tool for generating actual fault response data with which to develop and validate analytical performance models and design methodologies for the mitigation of fault effects in distributed flight control systems. Rather than a fixed design solution, the CFIMS is a flexible system that enables the systematic exploration of the problem space and can be adapted to meet the evolving needs of the research. The CFIMS has the capabilities of system-under-test (SUT) functional stimulus generation, fault injection and state monitoring, all of which are supported by a configuration capability for setting up the system as desired for a particular experiment. This report summarizes the work accomplished so far in the development of the CFIMS concept and documents the first design realization

    An approach for evaluation of efficacy of vulnerability scanning tools in web applications

    Get PDF
    Orientadores: MĂĄrio Jino, Regina LĂșcia de Oliveira MoraesDissertação (mestrado) - Universidade Estadual de Campinas, Faculdade de Engenharia ElĂ©trica e de ComputaçãoResumo: Grande parte das aplicaçÔes Web Ă© desenvolvida atualmente sob severas restriçÔes de tempo e custo. A complexidade dos produtos de software Ă© cada vez maior resultando em vulnerabilidades de segurança produzidas por mĂĄ codificação. Ferramentas chamadas scanners de vulnerabilidade sĂŁo utilizadas para auxiliar a detecção automĂĄtica de vulnerabilidades de segurança em aplicaçÔes Web; portanto, poder confiar nos resultados da aplicação dessas ferramentas Ă© essencial. Este trabalho propĂ”e uma abordagem para avaliar a eficĂĄcia desses scanners. A abordagem proposta estĂĄ baseada em tĂ©cnicas de injeção de falhas e modelos de ĂĄrvores de ataque; os resultados da aplicação de trĂȘs scanners sĂŁo avaliados na presença de falhas realistas de software responsĂĄveis por vulnerabilidades de segurança em aplicaçÔes Web. As ĂĄrvores de ataque representam os passos para se realizar um ataque, permitindo verificar se vulnerabilidades detectadas pelo scanner existem de fato na aplicação sob teste. A abordagem tambĂ©m pode ser utilizada para realizar testes de segurança, pois permite a detecção de vulnerabilidades pela execução de cenĂĄrios de ataqueAbstract: Nowadays, most web applications are developed under strict time and cost constraints. The complexity of software products is increasingly bigger leading to security vulnerabilities due to bad coding. Tools called vulnerability scanners are being applied to automatically detect security vulnerabilities in web applications; thus, trustworthiness of the results of application of these tools is essential. The present work proposes an approach to assess the efficacy of vulnerability scanner tools. The proposed approach is based on fault injection techniques and attack tree models; the results of the application of three scanners are assessed in the presence of realistic software faults responsible for security vulnerabilities in web applications. Attack trees represent the steps of performing an attack, allowing verifying whether security vulnerabilities detected by the scanner tool do exist in the application under test. The approach can also be used to perform security tests, as it permits the detection of vulnerabilities through the execution of attack scenariosMestradoEngenharia de ComputaçãoMestre em Engenharia ElĂ©tric

    Étalonnage de la sĂ»retĂ© de fonctionnement des systĂšmes d’exploitation – SpĂ©cifications et mise en oeuvre

    Get PDF
    Les dĂ©veloppeurs des systĂšmes informatiques, y compris critiques, font souvent appel Ă  des systĂšmes d’exploitation sur Ă©tagĂšre. Cependant, un mauvais fonctionnement d’un systĂšme d’exploitation peut avoir un fort impact sur la sĂ»retĂ© de fonctionnement du systĂšme global, d’oĂč la nĂ©cessitĂ© de trouver des moyens efficaces pour caractĂ©riser sa sĂ»retĂ© de fonctionnement. Dans cette thĂšse, nous Ă©tudions l’étalonnage de la sĂ»retĂ© de fonctionnement des systĂšmes d’exploitation par rapport aux comportements dĂ©fectueux de l’application. Nous spĂ©cifions les propriĂ©tĂ©s qu’un Ă©talon de sĂ»retĂ© de fonctionnement doit satisfaire. AprĂšs, nous spĂ©cifions les mesures et la mise en oeuvre des trois Ă©talons destinĂ©s Ă  comparer la sĂ»retĂ© de fonctionnement de diffĂ©rents systĂšmes d’exploitation. Ensuite, nous dĂ©veloppons les prototypes des trois Ă©talons. Ces prototypes servent Ă  comparer les diffĂ©rents systĂšmes d’exploitation des familles Windows et Linux, et pour montrer la satisfaction des propriĂ©tĂ©s identifiĂ©es. ABSTRACT : System developers are increasingly resorting to off-the-shelf operating systems, even in critical application domains. Any malfunction of the operating system may have a strong impact on the dependability of the global system. Therefore, it is important to make available information about the operating systems dependability. In our work, we aim to specify dependability benchmarks to characterize the operating systems with respect to the faulty behavior of the application. We specify three benchmarks intended for comparing the dependability of operating systems belonging to different families. We specify the set of measures and the procedures to be followed after defining the set of properties that a dependability benchmark should satisfy. After, we present implemented prototypes of these benchmarks. They are used to compare the dependability of operating systems belonging to Windows and Linux, and to show that our benchmarks satisfy the identified properties
    corecore