Safety Evaluation of Critical Applications Distributed on TDMA-Based Networks

Critical embedded systems have to provide a high level of dependability. In automotive domain, for example, TDMA protocols are largely recommended because of their deterministic behavior. Nevertheless, under the transient environmental perturbations, the loss of communication cycles may occur with a certain probability and, consequently, the system may fail. This paper analyzes the impact of the transient perturbations (especially due to Electromagnetic Interferences) on the dependability of systems distributed on TDMA-based networks. The dependability of such system is modeled as that of "consecutive-k-out-of-n:F" systems and we provide a efficient way for its evaluation

Validation of Real Time Applications

Colloque sans acte à diffusion restreinte. internationale.International audienceIn this presentation, we show how to use a subclass of Timed Automata, called Timed Input Output State Machines (TIOSM) for the validation of real time systems. In a first step, we present a method for the formal generation of test scenarii ; this method decreases the number of inconclusive cases. In a second step we propose an hybrid method of a priori validation ; this method uses exhaustive analysis for critical parts of the model and simulation of the whole model where the critical parts are replaced by an abstarction, result of exhaustive analysis. || Dans cette présentation, nous montrons comment utiliser une sous-classe d'automates temporisés, appelés Timed Input Output State Machines (TIOSM) pour la validation d'applications temps réel. Dans une première étape, nous présentons une méthode de généra

In car embedded electronic architectures: how to ensure their safety

Colloque avec actes et comité de lecture. internationale.International audienceThe part of software based systems in a car is growing. Moreover, in the next years will emerge the X-by-Wire technology that intends to replace mechanical or hydraulic systems by electronic ones even for critical function as braking or steering. This requires a stringent proof that these new vehicles will ensure the safety of driver, occupants, vehicle and environment. In this paper, we intend to list certain activities and key points for ensuring the development of a safe and optimized embedded system. More precisely, we propose two main axis that contribute to establish a design methodology of such systems. The first one identifies the generic components of an embedded system while the second one details how to model and validate the embedded system throughout the different steps of the development process. || On assiste actuellement à un accroîssement de la part de l'informatique embarquée dans une automobile. De plus, dans les prochaines années, les systèmes X-by-Wire remplaceront de plus en plus les systèmes traditionnels reposant sur des technologies mécan

Guest Editorial - Special Section on In-vehicle Embedded Systems

International audienceThis Special Section on “In-Vehicle Embedded Systems” presents four papers that deal with relevant aspects pertaining to the topics highlighted above, covering a spectrum of topics, ranging from schedulability and real-time Quality of Service analysis, thanks to deterministic as well to stochastic approaches, to the composability issues when components provided by different partners are to be integrated or when the designer wants to obtain preliminary results on end-to-end response time during earlier phases of the design process

Safety evaluation of in-car real-time applications distributed on TDMA-based networks

The X-by-Wire systems in cars can only be accepted if they provide at least the same dependability than the traditional ones. We propose a new approach to evaluate the impact of the EMI perturbations on the dependability of an X-by-Wire architecture. The considered X-by-Wire architecture is distributed around a TDMA-like communication protocol whose main peculiarities are explained. So a perturbation causes the loss of a communication cycle with a certain probability. The vehicle level failure is then defined as the consecutive loss of a certain number of communication cycles. Its reliability is modeled as that of the well-known “consecutive-k-out-of-n:F systems”. A case study, together with the EMI perturbations collected on the roads in France, is used to illustrate our approach

The design of safe automotive embedded systems - Some problems, solutions and open issues

International audienceFrom the last decade, the number of software based systems embedded in a car increases every year. The reasons for this evolution are economical as well as technological. On the one hand, this situation is the result of the decreasing cost of hardware components, their increasing reliability and performances and the emergence of embedded fieldbuses; on the other hand, software technology makes easier and less costly the introduction of new functions. Formerly confined to functionalities such as engine or chassis control, this evolution now affects all car domains: wipers, door controls, lights, air condition, braking assistance, multimedia, etc. In the future, even critical functions, as for example, braking or steering, will be fully controlled by electronic systems leading to the X-by-Wire concept. The realization of such systems is obtained through a complex cooperative development process shared by several actors, in particular, OEM (carmakers) and tier-1 suppliers. Furthermore, it's no longer possible to study each system as a stand-alone one and all the partners involved in the design of these systems have to observe a global and common view of the whole embedded architecture. In this context, the main challenge is nowadays to provide means for an efficient development of a safe and optimal embedded system. In this presentation, we will focus on some keywords whose impact and meaning may look antagonist. For example, component, modularity and reusability are recurrent concepts aiming to increase the efficiency of a development while reducing its length. Nevertheless, these principles can be opposed to safety, reliability, dependability purposes. Indeed, the verification of these required properties have to be done on the whole system and not only on a single component. Therefore, we have to complete these first concepts and to introduce the notion of composition of components and moreover of interoperability of components. We will show how this composition can be described through a reference model of embedded architecture that provides on the one hand a standard embedded middleware and on the other hand, an architecture description language. Then, we will focus on the verification of safety/dependability properties and identify which kind of activities they can require and how these activities are related to the first point

Interoperability issues on the design of safe in-vehicle embedded systems

International audienceThe design of in-vehicle embedded systems follows a complex multi-partner development process. Carmakers specify the whole system and have to integrate several parts of the system provided by different suppliers. Specification as well as integration are concerned with properties requirements (safety, performance, cost, etc.) and validation issues. On another hand, the economical aspects lead suppliers to reuse previously developped components. At least, the portability of components is a necessary means that enable the flexibility of the development. For short, the problem when developping an automotive embedded system is the interoperability between components. To tackle this problem, two complementary solutions have been proposed by the automotive industry. The first one is the definition of a reference model for embedded systems that identifies component types and the formal rules of their interactions together. The other solution is a modeling language that can be shared by the different actors. In this paper, we show how automotive industry has contributed to these two aspects

Langages de description des architectures embarquées dans l'automobile

Ce papier présente les besoins des acteurs de l'industrie automobile pour maîtriser le développement sûr des systèmes embarqués dans un contexte multi-partenaires. Un besoin premier est celui de la description des systèmes à toute étape de leur développement depuis l'établissement d'un cahier des charges jusqu'à le modélisation de composants et d'architectures opérationnelles. Dans ce contexte, le langage AIL_Transport défini dans le projet français Architecture Electronique Embarqué (AEE) est présenté

Performance and safety construction and evaluation for in-car embedded systems

This paper presents two important problems that have to be solved in the development of in-vehicle embedded systems implementing critical functions. The first one concerns the optimal configuration of message set and is presented both for priority-based and TDMA-based protocols. The second one specifies a method for ensuring the safety of a TDMA-based communication system under perturbations

AEE : un projet pour la conception des logiciels embarqués dans l'automobile

Colloque avec actes sans comité de lecture. nationale.National audienceAEE : " Architecture Electronique Embarquée " est un projet français, se terminant en décembre 2001, qui a regroupé les constructeurs automobiles, des équipementiers et des universitaires pour réfléchir sur les problèmes de la conception des logiciels embarqués dans les automobiles actuelles ou à venir. Un résultat essentiel de ces travaux est la proposition d'un langage de description d'architecture permettant de spécifier l'organisation des objets d'une architecture véhicule sous différents points de vue : fonctionnel (les services à rendre), logiciel (les fonctions élémentaires logicielles et les équipements), matériel (les calculateurs et les réseaux) et opérationnel (l'association matériel / logiciel finale). || AEE " Embedded Electronic Architecture " is a french project which ended in december 2001. It gathered car makers, suppliers and research laboratories for the definition of methods and tools in the context of in-vehicle embedded systems. A main result o