Estudo do impacto de transientes elétricos em protocolos de comunicação em sistemas embarcados

O aumento da complexidade e responsabilidade dos dispositivos embarcados nos veículos hoje, tem orientado os esforços no desenvolvimento de sistemas de controle para que estes sejam mais rápidos, precisos, robustos e principamente seguros. Com isso, estes dispositivos estão levando os protocolos de comunicação a um patamar inédito de exigência, tanto no quesito de capacidade como confiabilidade. Protocolos como CAN, CAN-FD e FlexRay entre outros, tem sido utilizados devido às suas características de segurança e a capacidade de atender aos requisitos temporais dos diversos circuitos embarcados. O desenvolvimento e utilização cada vez mais frequente de dispositivos focados em segurança, fazem com que a comunicação entre os diversos componentes destes dispositivos seja exigida ao máximo, levando à necessidade de respostas confiáveis ao extremo. Sistemas como freios ABS, suspensão ativa, frenagem autonoma de emergência, controle de velocidade e distância adaptativo, entre outros, que envolvem várias ECUs distribuídas ao longo do veículo, dispões de frações de segundo para a reação do sistema, entre o sinal de entrada e a atuação correspondente, demandando uma comunicação segura e tolerante à falhas. Os veículos hoje estão passando por grandes mudanças conceituais, trazendo cada vez mais elementos onde o funcionamento demanda mais energia das fontes de alimentação. Diversos sistemas existentes nos veículos geram ruídos como os Transientes Elétricos Rápidos, ou "Electric Fast Transient" (EFT), que estão presentes nas mais simples operações cotidianas do veículo, como ligar e desligar o farol, o ar condicionado, o limpador de para brisas, ou mesmo o acionamento de iluminação diurna (DRL), etc. Neste trabalho foram realizados diversos ensaios, utilizando ECUs com diferentes funções e protocolos, para identificar a susceptibilidade dos referidos sistemas e os protocolos à presença destes ruídos. Visando atender às normas IEC 62228 e a ISO26262, este trabalho demandou o projeto e construção de dois circuitos eletrônicos diferentes, um circuito observando os dados de tempos de subida e de descida (rise and fall time) dos pulsos de EFT, e outro observando a arquitetura do layout da placa de circuito impresso (PCB), as suas entradas, saídas, componentes, etc. Estes ensaios visaram identificar o quanto estes protocolos são suscetíveis à estes tipos de ruídos, utilizando métricas de análise baseadas nos tempos de latência e variação de jitter dos pacotes de comunicação.The increasing complexity and accountability of embedded devices in vehicles today has driven efforts to develop control systems to make them faster, accuratest, safest, robustest. Thus, these devices are taking communication protocols to an unprecedented level of demand, both in terms of capacity and reliability. Protocols such as CAN, CANFD and FlexRay among others have been used due to their safety characteristics and the ability to meet the time requirements of various embedded circuits. The increasing development and use of safety-focused devices, means that communication between the various components of these devices is required to the utmost, leading to the need for extremely reliable responses. Systems such as ABS brakes, active suspension, autonomous emergency braking, adaptative cruise control, among others, which involve various ECUs distributed throughout the vehicle, have milliseconds for system reaction, between input signal and concrete actuation, requiring safe and failure tolerant communication. Vehicles today are undergoing major conceptual changes, bringing more and more elements whose operation require more energy from power supplies. These systems generate noise such as "Electric Fast Transient" (EFT), which are present in the simplest daily operations of the vehicle, such as turning the headlight on, the air conditioner, the windscreen wiper, or even the daytime running light (DRL), etc. In this work several tests were carried out, using different ECUs with different functions and different protocols to identify the susceptibility of these systems and the protocols to these noises. In order to comply with IEC 62228 and ISO 26262 standards, this work required the design and construction of two different electronic circuits, one circuit observing the rise and fall time data of the EFT pulses, and the other observing the architecture of the printed circuit board (PCB) layout, its inputs and outputs, components, etc. These tests aimed to identify how susceptible these protocols are to these types of noise, using analysis metrics based on latency time and jitter variation of communication packets

Mitigating timing error propagation in mixed-criticality automotive systems

For mixed-criticality automotive systems, the functional safety standard ISO 26262 stipulates freedom from interference, i.e., errors should not propagate from low to high criticality tasks. To prevent the propagation of timing errors, the automotive software standard AUTOSAR provides monitor based timing protection, which detects and confines task timing errors. As current monitors are unaware of a criticality concept, the effective protection of a critical task requires to monitor all tasks that constitute a potential source of propagating errors, thereby causing overhead for worst-case execution time analysis, configuration and monitoring. Differing from the indirect protection of critical tasks facilitated by existing mechanisms, we propose a novel monitoring scheme that directly protects critical tasks from interference, by providing them with execution time guarantees. Overall, our approach provides efficient lowoverhead interference protection, while also adding transient timing error ride-through capabilities. © 2015 IEEE

On the Efficient Design and Testing of Dependable Systems Software

Modern computing systems that enable increasingly smart and complex applications permeate our daily lives. We strive for a fully connected and automated world to simplify our lives and increase comfort by offloading tasks to smart devices and systems. We have become dependent on the complex and ever growing ecosystem of software that drives the innovations of our smart technologies. With this dependence on complex software systems arises the question whether these systems are dependable, i.e., whether we can actually trust them to perform their intended functions. As software is developed by human beings, it must be expected to contain faults, and we need strategies and techniques to minimize both their number and the severity of their impact that scale with the increase in software complexity. Common approaches to achieve dependable operation include fault acceptance and fault avoidance strategies. The former gracefully handle faults when they occur during operation, e.g., by isolating and restarting faulty components, whereas the latter try to remove faults before system deployment, e.g., by applying correctness testing and software fault injection (SFI) techniques. On this background, this thesis aims at improving the efficiency of fault isolation for operating system kernel components, which are especially critical for dependable operation, as well as at improving the efficiency of dynamic testing activities to cope with the increasing complexity of software. Using the widely used Linux kernel, we demonstrate that partial fault isolation techniques for kernel software components can be enhanced with dynamic runtime profiles to strike a balance between the expected overheads imposed by the isolation mechanism and the achieved degree of isolation according to user requirements. With the increase in software complexity, comprehensive correctness and robustness assessments using testing and SFI require a substantially increasing number of individual tests whose execution requires a considerable amount of time. We study, considering different levels of the software stack, if modern parallel hardware can be employed to mitigate this increase. In particular, we demonstrate that SFI tests can benefit from parallel execution if such tests are carefully designed and conducted. We furthermore introduce a novel SFI framework to efficiently conduct such experiments. Moreover, we investigate if existing test suites for correctness testing can already benefit from parallel execution and provide an approach that offers a migration path for test suites that have not originally been designed for parallel execution

Aplicaciones de la teoría de la información y la inteligencia artificial al testing de software

Tesis inédita de la Universidad Complutense de Madrid, Facultad de Informática, Departamento de Ingeniería de Sistemas lnformáticos y de Computación, leída el 4-05-2022Software Testing is a critical field for the software industry, as it has the main tools used to ensure the reliability of the produced software. Currently, mor then 50% of the time and resources for creating a software product are diverted to testing tasks, from unit testing to system testing. Moreover, there is a huge interest into automatising this field, as software gets bigger and the amount of required testing increases. however, software Testing is not only an industry oriented field; it is also a really interesting field with a noble goal (improving the reliability of software systems) that at the same tieme is full of problems to solve....Es Testing Software es un campo crítico para la industria del software, ya que éste contienen las principales herramientas que se usan para asegurar la fiabilidad del software producido. Hoy en día, más del 50% del tiempo y recursos necesarios para crear un producto software son dirigidos a tareas de testing, desde el testing unitario al testing a nivel de sistema. Más aún, hay un gran interés en automatizar este campo, ya que el software cada vez es más grande y la cantidad de testing requerido crece. Sin embargo, el Testing de Software no es solo un campo orientado a la industria; también es un campo muy interesante con un objetivo noble (mejorar la fiabilidad de los sistemas software) que al mismo tiempo está lleno de problemas por resolver...Fac. de InformáticaTRUEunpu

Metodologia para teste e análise de degradação de desempenho em protocolos de comunicação intra-veiculares

Considerar os efeitos de falhas e interferências que afetam as redes intra-veiculares desde o projeto dos seus sistemas de controle tornou-se fundamental, pois, a complexidade da eletrônica embarcada, o aumento do fluxo de informação e também as possibilidades de ataques maliciosos, tornaram o projeto destes sistemas uma tarefa cada vez mais complexa. Neste contexto, a presente tese visa explorar formas de integrar e modelar os efeitos de degradação causados por diferentes tipos de falhas que afetam os protocolos de comunicação, na interconexão das unidades de controle eletrônicas (ECUs). Dentre estas falhas, a pesquisa destaca o estudo aprofundado dos transientes elétricos rápidos – EFT, que degradam o desempenho e geram efeitos como perda de pacotes e atrasos de comunicação. Desta forma, contribui-se com uma metodologia para o tratamento de falhas em sistemas críticos de tempo real, desde as fases iniciais do projeto, utilizando a modelagem orientada a aspectos para modelar e especificar requisitos do sistema, de acordo com características transversais dos requisitos não funcionais relacionados a falhas. Para a definição dos requisitos não funcionais, esta pesquisa usa como base o framework RTFRIDA (Real-Time From Requirements to Design using Aspects), o qual foi estendido para agregar com mais detalhes a modelagem de falhas. Para fins de validação da metodologia foi desenvolvido um mecanismo de diagnóstico de degradação de desempenho, o qual foi integrado a um sistema de controle de suspensão ativa. O estudo foi avaliado em diferentes cenários de carga da rede e com injeções de falhas usando dois tipos de hardwares que seguem normas de teste usadas na indústria. Os resultados evidenciaram a aplicabilidade da metodologia, com a modelagem de um mecanismo de diagnóstico que detectou e registrou os distúrbios de desempenho nos cenários estudados. As análises enfatizam a degradação de desempenho acentuada registrada com as injeções EFT de maior amplitude de tensão e menor tempo de rajada, com carga de ocupação da rede acima de 30%. Os experimentos avaliaram o desempenho dos atuais protocolos de comunicação, com melhores resultados obtidos em FlexRay e CAN-FD, o que confirma a evolução dos protocolos para atender as recentes demandas de desempenho da indústria automotiva.Embedded computing applications are increasingly demanding performance and reliability because these factors are critical to the safety of real-time systems. Reliability aspects in design phases is a fundamental point of many researches because with the increase of embedded electronics, network data transmission and also possibilities of attacks on them, make the design of these systems an increasingly complex task. The present thesis aims to explore and correlate different fault types that degrade vehicular communication protocols performance used to interconnect embedded control units (ECUs). Among these faults, the electrical fast transients - EFT are highlighted, since they generate effects such as packet loss and communication delays. Thus, a methodology based on aspect-oriented modeling concepts, in real-time critical systems is proposed, to model and specify system requirements according to cross-cutting concerns of non-functional requirements related to faults. For non-functional requirements specification, this work is based on RT-FRIDA (Real-Time From Requirements to Design using Aspects) framework, which was be extended for fault modeling. Thus, the novel methodology allows fault modeling following the aspect-oriented principles from the early design phases. For the methodology validation purposes, a performance degradation diagnostic mechanism was developed, which was integrated into an active suspension control system. The study was evaluated in different network busload scenarios and with fault injections using two hardware types, certified by standards used in the automotive industry. The results present that the developed mechanism detected performance disturbances, recording occurrence data in the studied scenarios. The analyzes emphasize the best performance degradation observed with EFT injection of higher voltage amplitude, shorter burst time, and busload above 30%. The experiments evaluated the performance of current communication protocols, with better results obtained in FlexRay and CAN-FD, which confirms the protocol’s evolution to meet the recent performance demands of the automotive industry