AutoPlug: An Automotive Test-bed for Electronic Controller Unit Testing and Verification

In 2010, over 20.3 million vehicles were recalled. Software issues related to automotive controls such as cruise control, anti-lock braking system, traction control and stability control, account for an increasingly large percentage of the overall vehicles recalled. There is a need for new and scalable methods to evaluate automotive controls in a realistic and open setting. We have developed AutoPlug, an automotive Electronic Controller Unit (ECU) test-bed to diagnose, test, update and verify controls software. AutoPlug consists of multiple ECUs interconnected by a CAN bus, a race car driving simulator which behaves as the plant model and a vehicle controls monitor in Matlab. As the ECUs drive the simulated vehicle, the physicsbased simulation provides feedback to the controllers in terms of acceleration, yaw, friction and vehicle stability. This closedloop platform is then used to evaluate multiple vehicle control software modules such as traction, stability and cruise control. With this test-bed we highlight approaches for runtime ECU software diagnosis and testing of the stability and performance of the vehicle. Code updates can be executed via a smart phone so drivers may remotely “patch” their vehicle. This closedloop automotive control test-bed allows the automotive research community to explore the capabilities and challenges of safe and secure remote code updates for vehicle recalls management

Safe and Secure UDS-Based Flash Programming Via CAN Bus

The bootloader is a firmware that helps update the application program of a microcontroller unit. In the automotive industry, a safe and secure bootloader must be implemented considering the standards that ensure the quality control of the system. In this paper, the development of a UDS bootloader via CAN bus was described according to the automotive standard ISO 26262 and automotive SPICE by using an adaptation of the V-model development cycle and considering the following sections: requirements, architecture, design and implementation, testing, and integration. For the system validation, software and system tests were executed in a controlled environment. The next step involves the execution of tests using an automotive environment.ITESO, A. C

A Comprehensive Safety Engineering Approach for Software-Intensive Systems Based on STPA

Formal verification and testing are complementary approaches which are used in the development process to verify the functional correctness of software. However, the correctness of software cannot ensure the safe operation of safety-critical software systems. The software must be verified against its safety requirements which are identified by safety analysis, to ensure that potential hazardous causes cannot occur. The complexity of software makes defining appropriate software safety requirements with traditional safety analysis techniques difficult. STPA (Systems-Theoretic Processes Analysis) is a unique safety analysis approach that has been developed to identify system hazards, including the software-related hazards. This paper presents a comprehensive safety engineering approach based on STPA, including software testing and model checking approaches for the purpose of developing safe software. The proposed approach can be embedded within a defined software engineering process or applied to existing software systems, allow software and safety engineers integrate the analysis of software risks with their verification. The application of the proposed approach is illustrated with an automotive software controller

Automatically Learning Formal Models from Autonomous Driving Software

The correctness of autonomous driving software is of utmost importance, as incorrect behavior may have catastrophic consequences. Formal model-based engineering techniques can help guarantee correctness and thereby allow the safe deployment of autonomous vehicles. However, challenges exist for widespread industrial adoption of formal methods. One of these challenges is the model construction problem. Manual construction of formal models is time-consuming, error-prone, and intractable for large systems. Automating model construction would be a big step towards widespread industrial adoption of formal methods for system development, re-engineering, and reverse engineering. This article applies active learning techniques to obtain formal models of an existing (under development) autonomous driving software module implemented in MATLAB. This demonstrates the feasibility of automated learning for automotive industrial use. Additionally, practical challenges in applying automata learning, and possible directions for integrating automata learning into the automotive software development workflow, are discussed

Safety-related challenges and opportunities for GPUs in the automotive domain

GPUs have been shown to cover the computing performance needs of autonomous driving (AD) systems. However, since the GPUs used for AD build on designs for the mainstream market, they may lack fundamental properties for correct operation under automotive's safety regulations. In this paper, we analyze some of the main challenges in hardware and software design to embrace GPUs as the reference computing solution for AD, with the emphasis in ISO 26262 functional safety requirements.Authors would like to thank Guillem Bernat from Rapita Systems for his technical feedback on this work. The research leading to this work has received funding from the European Re-search Council (ERC) under the European Union's Horizon 2020 research and innovation programme (grant agreement No. 772773). This work has also been partially supported by the Spanish Ministry of Science and Innovation under grant TIN2015-65316-P and the HiPEAC Network of Excellence. Jaume Abella has been partially supported by the Ministry of Economy and Competitiveness under Ramon y Cajal postdoctoral fellowship number RYC-2013-14717. Carles Hernández is jointly funded by the Spanish Ministry of Economy and Competitiveness and FEDER funds through grant TIN2014-60404-JIN.Peer ReviewedPostprint (author's final draft

Combined automotive safety and security pattern engineering approach

Automotive systems will exhibit increased levels of automation as well as ever tighter integration with other vehicles, traffic infrastructure, and cloud services. From safety perspective, this can be perceived as boon or bane - it greatly increases complexity and uncertainty, but at the same time opens up new opportunities for realizing innovative safety functions. Moreover, cybersecurity becomes important as additional concern because attacks are now much more likely and severe. However, there is a lack of experience with security concerns in context of safety engineering in general and in automotive safety departments in particular. To address this problem, we propose a systematic pattern-based approach that interlinks safety and security patterns and provides guidance with respect to selection and combination of both types of patterns in context of system engineering. A combined safety and security pattern engineering workflow is proposed to provide systematic guidance to support non-expert engineers based on best practices. The application of the approach is shown and demonstrated by an automotive case study and different use case scenarios.EC/H2020/692474/EU/Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems/AMASSEC/H2020/737422/EU/Secure COnnected Trustable Things/SCOTTEC/H2020/732242/EU/Dependability Engineering Innovation for CPS - DEIS/DEISBMBF, 01IS16043, Collaborative Embedded Systems (CrESt

Requirements to Models of Automotive Software: Application to the Automatic Park Assist function

International audienceIn the software development lifecycle, errors and flaws can be introduced in the different phases and lead to failures. Establishing a set of functional requirements helps producing safe software. However, ensuring that the (being) developed software is compliant with those requirements is a challenging task due to the lack of automatic and formal means to lead this verification. In this paper, we present our approach that aims at analysing a collection of automotive requirements by using formal methods. The proposed approach for formal verification is evaluated by the application to the Automatic Park Assist (APA) function