Formal verification of automotive embedded UML designs

Software applications are increasingly dominating safety critical domains. Safety critical domains are domains where the failure of any application could impact human lives. Software application safety has been overlooked for quite some time but more focus and attention is currently directed to this area due to the exponential growth of software embedded applications. Software systems have continuously faced challenges in managing complexity associated with functional growth, flexibility of systems so that they can be easily modified, scalability of solutions across several product lines, quality and reliability of systems, and finally the ability to detect defects early in design phases. AUTOSAR was established to develop open standards to address these challenges. ISO-26262, automotive functional safety standard, aims to ensure functional safety of automotive systems by providing requirements and processes to govern software lifecycle to ensure safety. Each functional system needs to be classified in terms of safety goals, risks and Automotive Safety Integrity Level (ASIL: A, B, C and D) with ASIL D denoting the most stringent safety level. As risk of the system increases, ASIL level increases and the standard mandates more stringent methods to ensure safety. ISO-26262 mandates that ASILs C and D classified systems utilize walkthrough, semi-formal verification, inspection, control flow analysis, data flow analysis, static code analysis and semantic code analysis techniques to verify software unit design and implementation. Ensuring software specification compliance via formal methods has remained an academic endeavor for quite some time. Several factors discourage formal methods adoption in the industry. One major factor is the complexity of using formal methods. Software specification compliance in automotive remains in the bulk heavily dependent on traceability matrix, human based reviews, and testing activities conducted on either actual production software level or simulation level. ISO26262 automotive safety standard recommends, although not strongly, using formal notations in automotive systems that exhibit high risk in case of failure yet the industry still heavily relies on semi-formal notations such as UML. The use of semi-formal notations makes specification compliance still heavily dependent on manual processes and testing efforts. In this research, we propose a framework where UML finite state machines are compiled into formal notations, specification requirements are mapped into formal model theorems and SAT/SMT solvers are utilized to validate implementation compliance to specification. The framework will allow semi-formal verification of AUTOSAR UML designs via an automated formal framework backbone. This semi-formal verification framework will allow automotive software to comply with ISO-26262 ASIL C and D unit design and implementation formal verification guideline. Semi-formal UML finite state machines are automatically compiled into formal notations based on Symbolic Analysis Laboratory formal notation. Requirements are captured in the UML design and compiled automatically into theorems. Model Checkers are run against the compiled formal model and theorems to detect counterexamples that violate the requirements in the UML model. Semi-formal verification of the design allows us to uncover issues that were previously detected in testing and production stages. The methodology is applied on several automotive systems to show how the framework automates the verification of UML based designs, the de-facto standard for automotive systems design, based on an implicit formal methodology while hiding the cons that discouraged the industry from using it. Additionally, the framework automates ISO-26262 system design verification guideline which would otherwise be verified via human error prone approaches

A Design Framework for Reactive and Time-triggered Embedded Systems via the UML-SystemC bridge

Ph.DDOCTOR OF PHILOSOPH

Towards Automotive Embedded Systems with Self-X Properties

With self-adaptation and self-organization new paradigms for the management of distributed systems have been introduced. By enhancing the automotive software system with self-X capabilities, e.g. self-healing, self-configuration and self-optimization, the complexity is handled while increasing the flexibility, scalability and dependability of these systems. In this chapter we present an approach for enhancing automotive systems with self-X properties. At first, we discuss the benefits of providing automotive software systems with self-management capabilities and outline concrete use cases. Afterwards, we will discuss requirements and challenges for realizing adaptive automotive embedded systems

Design of automotive X-by-Wire systems

http://www.taylorandfrancis.com/X-by-Wire is a generic term referring to the replacement of mechanical or hydraulic systems, such as braking or steering, by electronic ones. In this chapter, we analyze the real-time and dependability constraints of X-by-Wire systems, review the fault-tolerant services that are needed and the communication protocols (TTP/C, FlexRay and TTCAN) considered for use in such systems. Using a Steer-by-Wire case-study, we detail the design principles and verification methods that can be used to ensure the stringent constraints of X-by-Wire systems

Fault Tolerant Services for Safe In-Car Embedded Systems

http://www.taylorandfrancis.com/Due to the increasing criticality of the functions in terms of safety, embedded automotive systems must now respect stringent dependability constraints despite the faults that may occur in a very harsh environment. In a context where critical functions are distributed over the network, the communication system plays a major role. First, we discuss the main services and functionalities that a communication system should offer for easying the design of fault-tolerant applications in the automotive context. Then, we review the features of the protocols that are currently considered for being used and, finally, we highlight areas where developments are still needed

Modeling and Analysis of Mixed Synchronous/Asynchronous Systems

Practical safety-critical distributed systems must integrate safety critical and non-critical data in a common platform. Safety critical systems almost always consist of isochronous components that have synchronous or asynchronous interface with other components. Many of these systems also support a mix of synchronous and asynchronous interfaces. This report presents a study on the modeling and analysis of asynchronous, synchronous, and mixed synchronous/asynchronous systems. We build on the SAE Architecture Analysis and Design Language (AADL) to capture architectures for analysis. We present preliminary work targeted to capture mixed low- and high-criticality data, as well as real-time properties in a common Model of Computation (MoC). An abstract, but representative, test specimen system was created as the system to be modeled

A framework for assertion-based timing verification and PC-based restbus simulation of automotive systems

Innovation in der Automobilindustrie wird durch Elektronik und vor allem durch Software ermöglicht. In der Regel wird eine Vielzahl von verteilten Funktionen realisiert. Typischerweise, wird diese Software über mehrere Steuergeräte verteilt. Durch die Verteilung und die Vielzahl an Funktionen ensteht eine immer wachsende Komplexität, die den Verifikations- und Validierungsprozess anspruchsvoller und schwieriger gestaltet. Daher ist für Ingenieure in der Automobilindustrie die Entwicklung von effizienten und effektiven Design-Methoden von großem Interesse.Ein zentrales Element in der Entwicklung automobiler Software ist der komponentebasierten Ansatz. Derzeit ist AUTOSAR der wichtigste Standard, der dieses Paradigma unterstützt. Die Systembeschreibungssprache SystemC ist ebenfalls ein Mittel, um AUTOSAR-Komponenten simulieren zu können. Desweiteren stellt SystemC einen Satz von Bibliotheken zur Verfügung wie zum Beispiel die „SystemC Verification Library“ (SCV), und einen diskreten Event-Simulationskern. Inzwischen ist das Interesse an der Verwendung von SystemC in der automobile Softwareentwicklung stark gestiegen.In dieser Arbeit stellen wir eine SystemC-basierte Entwurfsmethodik für eine frühe Validierung zeitkritischer automobile Systeme vor. Die Methodik reicht von einer reinen SystemC-Simulation bis zu einer PC-basierten Restbussimulation. Um die Synchronisation bezüglich Überabtastung und Unterabtastung zwischen dem SystemC-Simulationsmodell und dem Restbus während der Restbussimulation zu gewährleisten, präsentieren wir ein Synchronisationsverfahren. Im Rahmen dieser Arbeit wurde für die Integration von SystemC-Komponenten IP-XACT als Modelierungsstandard verwendet. Um eine Zeitanalyse ermöglichen zu können, stellen wir Erweiterungen für den IP-XACT-Standard vor, mit deren Hilfe Zeitanforderungen anAutomotive system innovation is mainly driven by software which can be distributed over a large number of functions typically deployed over several ECUs. This growing design complexity makes the verification and validation process challenging and difficult. Therefore, the development of efficient and effective design methodologies is of great interest for automotive engineers.A central concept in the development of automotive software is the component-based approach. Currently, the most prominent approach that supports this design paradigm is the AUTOSAR. The SLDL SystemC provides means to simulate the behavior of AUTOSAR software components by means of a discrete-event simulation kernel. Additionally, SystemC comes with a set of libraries such as the SCV. Meanwhile, the interest of using SystemC has grown in the automotive software development community. In this thesis we present a SystemC-based design methodology for early validation of time-critical automotive systems. The methodology spans from pure SystemC simulation to PC-based Restbus simulation. To deal with synchronization issues (oversampling and undersampling) that arise during Restbus simulation between the SystemC simulation model and the remaining bus network, we also present a new synchronization approach. Finally, we make use IP-XACT for SystemC component integration. To capture timing constraints on the simulation model, we propose timing extensions for the IP-XACT standard. These timing constraints can then be used to verify the SystemC simulation model.Tag der Verteidigung: 11.09.2015Paderborn, Univ., Diss., 201

BCT-CS : blockchain technology applications for cyber defense and cybersecurity : a survey and solutions

Blockchain technology has now emerged as a ground-breaking technology with possible solutions to applications from securing smart cities to e-voting systems. Although it started as a digital currency or cryptocurrency, bitcoin, there is no doubt that blockchain is influencing and will influence business and society more in the near future. We present a comprehensive survey of how blockchain technology is applied to provide security over the web and to counter ongoing threats as well as increasing cybercrimes and cyber-attacks. During the review, we also investigate how blockchain can affect cyber data and information over the web. Our contributions included the following: (i) summarizing the Blockchain architecture and models for cybersecurity (ii) classifying and discussing recent and relevant works for cyber countermeasures using blockchain (iii) analyzing the main challenges and obstacles of blockchain technology in response to cyber defense and cybersecurity and (iv) recommendations for improvement and future research on the integration of blockchain with cyber defense. © 2022,International Journal of Advanced Computer Science and Applications. All Rights Reserved

Framework for media oriented transport systems

Dissertação de mestrado integrado em Engenharia Electrónica Industrial e ComputadoresThe natural evolution of embedded systems resulted in a faster execution of tasks, increased possibility for including additional features, allied to lower power consumption and benefiting from ever-growing rates of integration as far as silicon is concerned. The automotive industry is not an exception with regards to the integration of technology for a vast arrays of applications in systems which vary from entertainment of infotainment to systems related to vehicle safety and stability such as driver assists. The existence of diverse independent systems in modern cars, combined with the necessity of centralizing the user interface, simplifying the operation of the system and minimizing the user’s intervention, help to promote the comfort and reduce the likelihood of distractions taking place while driving. Modern communication oriented network standards, e.g. MOST or FlexRay, enable information compatibility when exchanged between systems communicating over different protocols. Moreover, the coexistence of packet, control and timesensitive information are ensured within timing requirements, providing a reliable QoS (Quality of Service) and by making use of a single physical transmission mean. Synchronized multimedia data (e.g. synchronized video and audio transmission) are example of this kind of (time-sensitive) information. This dissertation proposes a framework for design and development of network distributed applications in the field of automotive infotainment, compliant with the industry standards and using FPGA technology in order to ensure the system requirements satisfaction and promote IP Core re-utilization.A evolução natural dos sistemas embebidos traduziu-se numa maior rapidez na execução de tarefas, a possibilidade de incluir mais funcionalidades, aliado a menores consumos energéticos e beneficiando de crescentes e elevadas taxas de integração ao nível de silício. A indústria automóvel não é excepção no que diz respeito à integração de tecnologia para as mais variadas aplicações, com ou sem tolerância à falha, em sistemas que vão desde entretenimento ou infotainment a sistemas relacionados com a estabilidade e segurança do veículo, como é exemplo as driver assists. Existem de vários sistemas independentes nos modernos veículos automóveis. Estes, combinados com a necessidade de centralização ao nível de interface com o utilizador, tornam imperativa a simplicidade da operação. Para tal, requerem a minimizaccão da intervenção do utilizador, promovendo o conforto e diminuindo a probabilidade de desconcentração durante o exercício de condução. Os mais modernos standards de redes de comunicação como é exemplo o MOST ou o FlexRay, permitem a compatibilidade de informação trocada entre sistemas que comunicam através de distintos protocolos de comunicação. Para além disso, ainda garantem a coexistência de informação de controlo, informação do entretenimento e informação do tipo time-sensitive, onde os requisitos de temporização devem ser assegurados, mantendo uma qualidade de serviço fiàvel e fazendo uso de um único meio físico de transmissão. São exemplos deste tipo de informação, dados síncronos do tipo multimédia (e.g. streaming de àudio e vídeo de forma sincronizada). Pretende-se desenvolver uma framework para desenvolvimento de aplicações de rede distribuídas, do tipo infotainment e que beneficia a aplicação de tecnologias como FPGA, no offloading de computação para este dispositivo, como meio de garantir a satisfação dos requisitos, e promover a reutilização deste tipo de sistemas, mantendo o elevado desempenho na troca de dados e promovendo a portabilidade e a modularidade