Timing Analysis of Safety-Critical Automotive Software

timing analysis of safety critical automotive n.w
1 / 22
Embed
Share

Explore the AUTOSAFE Tool Flow for timing analysis of complex automotive software, addressing challenges in testing and ensuring correctness. Learn about the motivation, goals, and interface creation between disciplines to enhance control design and verification processes.

  • Automotive Software
  • Timing Analysis
  • Safety-Critical
  • AUTOSAFE Tool
  • Formal Verification
rayaanacharya
sani_3 Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Timing Analysis of Safety-Critical Automotive Software: The AUTOSAFE Tool Flow M. Becker1, S. Mohamed2, K. Albers3, P.P. Chakrabarti2, S. Chakraborty1, P. Dasgupta2, S. Dey2, R. Metta4 2 Indian Institute of Technology (IIT) Kharagpur, Computer Science and Engineering (CSE) 1 Technische Universit t M nchen, Real-Time Computer Systems (RCS) 4 Tata Research Development and Design Centre (TRDDC) 3 INCHRON GmbH 1 19-03-2025 Formal Verification Research Group, IIT Kharagpur

  2. Outline Introduction Motivation and Goals AUTOSAFE flow A. From High-Level Specification to Task Mapping B. Timing Analysis C. Automata Generation and Formal Verification D. Closing the loop Example Conclusion 2 19-03-2025 Formal Verification Research Group, IIT Kharagpur

  3. Introduction Currently: automotive architectures getting complex: Hardware: 50-100 ECUs, numerous sensors and actuators, kilometers of cabling, ... Software: 100M lines of code, many safety-critical functions More functionality, more interfaces, much more software Testing becomes infeasible! How to guarantee that the software is correct ? 3 19-03-2025 Formal Verification Research Group, IIT Kharagpur

  4. Motivation and Goals Co-design of real-time control typical design flow Requires analysis and optimisation skills from multiple disciplines Control design Real-time analysis Formal verification Tool flows in each realm lacks interface points between each other Goal: To create an interface between multiple disciplines 4 19-03-2025 Formal Verification Research Group, IIT Kharagpur

  5. Motivation and Goals Control design Numerous Assumptions Negligible delays Computation Instantaneous, Periodic Typical Design Flow High-level Model Control Performance satisfied Real-time analysis Code Generation Formal Verification Execution Time satisfied Several design iterations needed Design without any analytic backup Hinders Certification Low-level Platform Model Response Time satisfied A semantic gap exists between high-level models and their implementation Implementation Goal: To bridge this semantic gap Performance not met 5 19-03-2025 Formal Verification Research Group, IIT Kharagpur

  6. AUTOSAFE Flow - Overview High-level Model Performance criteria not satisfied Control Performance satisfied High-level Model Code Generation Performance criteria satisfied Implementation Execution Time satisfied Timing Information Low-level Platform Model Response Time satisfied 6 19-03-2025 Formal Verification Research Group, IIT Kharagpur

  7. AUTOSAFE Flow 7 19-03-2025 Formal Verification Research Group, IIT Kharagpur

  8. A. From High-Level Specification to Task Mapping i. High-level specification i. Functional behaviour of the system ii. Timing constraints ii. Functional modeling of the system Tools like MATLAB Simulink iii. Control theoretic analysis i. Generate formal properties (control performance specification) iv. Generate C code v. Modeling system architecture vi. Mapping Binding of functional parts to the architecture blocks 8 19-03-2025 Formal Verification Research Group, IIT Kharagpur

  9. From High-Level Specification to Task Mapping Example: ABS Performance specification Car shall stop within a certain distance when the brakes are applied Functional specification Regulate brake pressure to keep slip at an optimal value (20%) Timing constraint Threshold for fresh or stale sensor data Control theoretic analysis Quantify freshness in terms of (m,k)-firm deadline [1] m out of k successive runs meet deadline Fig: Anti-lock braking system with distributed sensors and controller [1] Hamdaoui, Moncef, and Parameswaran Ramanathan. "A dynamic priority assignment technique for streams with (m, k)-firm deadlines." Computers, IEEE Transactions on 44.12 (1995): 1443-1451. 9 19-03-2025 Formal Verification Research Group, IIT Kharagpur

  10. B. Timing Analysis Goal: predict safe upper bound for end-to-end timing of implementation (incl. scheduling, bus arbitration, etc.) A) task-level timing analysis worst-case execution time per task B) system-level timing analysis compose tasks via shared resources 10 19-03-2025 Formal Verification Research Group, IIT Kharagpur

  11. Timing Analysis: Task Level Scheduling diagrams for each ecu Sensor 1 task Sensor 2 task t t ECU 1 ECU 2 Bus t Controller ECU 11 19-03-2025 Formal Verification Research Group, IIT Kharagpur

  12. Timing Analysis: Task Level (AutoGen [5]) 7. Timer <= X 8 paths? Based on explicit-state model checking Idea: work at source level, allows better abstractions Problem: differences in control flow between source and binary backtranslate differences & timing Slicing and abstraction Ask MC for timing Model checker Yes WCET <= X no 3. Extract timing 6. Slicing & abstraction w.r.t. timing 3. Extract Control flow 2. Cross- Compile 4. compare flow 5. Translate Binary flow to source 1. Extract Control flow WCET estimate differences [5] Bokil, Prasad, et al. "Automatic test data generation for c programs." Third IEEE International Conference on Secure Software Integration and Reliability Improvement, SSIRI 2009. 19-03-2025 Formal Verification Research Group, IIT Kharagpur 12

  13. Timing Analysis: System Level (chronVAL [6]) ( l, u) service curve Real-Time Calculus (RTC) [2] ECU1 ECU3 Gateway Architectural nodes: buses, ECUs, etc. Each node manipulates a stream of incoming tasks Nodes have capacities according to their policy Needs WCET Communication Bus A ( l, u) ( l , u ) ECU2 RTC Communication Bus B arrival curve Actuator Sensor User-Interface ( l , u ) bounds for end-to- end delays [2] Samarjit Chakraborty, et al. "A General Framework for Analysing System Properties in Platform-Based Embedded System Designs." DATE. Vol. 3. 2003. [6] Anssi, Saoussen, et al. "chronVAL/chronSIM: A Tool Suite for Timing Verification of Automotive Applications." Proc. Embedded Real-Time Software and Systems, ERTS (2012). 19-03-2025 Formal Verification Research Group, IIT Kharagpur 13

  14. Abs on architetcure :: RTCs generated Sensor 1 task Sensor 2 task l={(0,0), (10,1), (20,2),..} u={(0,1), (10,2), (20,3),..} l = {(0,0), (20,1), (40,2),..} u= {(0,1), (20,2), (40,3),..} ECU 1 ECU 2 Bus l={(15.34,1), (25.34,2), (35.34,3),..} u={(0,1), (4.66,2), (14.66,3),..} l = {(26.29,1,0),(30.29,2,0),(46.29,3,0), } u= {(0,1), (1.11,2), (11.11,3),..} Controller ECU WCRT = 5.4 BCRT = 1.11 14 19-03-2025 Formal Verification Research Group, IIT Kharagpur

  15. Example: ABS 15 19-03-2025 Formal Verification Research Group, IIT Kharagpur

  16. C. Automata Generation and Formal Verification High-level timed automata model of the system Event or task generating automata Uses system level timing analysis results RTC curves Task automaton Uses task level timing analysis results WCET Tracks task generation, execution and completion Scheduler automaton To specify tasks scheduling policy Resource automaton Models and simulates system architecture Observer automaton Quantifies the parameters for verification Formal verification using UPPAAL [3]. [3] Behrmann, Glenn, et al. "UPPAAL 4.0." IEEE Third International Conference on Quantitative Evaluation of Systems, QEST 2006. 16 19-03-2025 Formal Verification Research Group, IIT Kharagpur

  17. C. Automata Generation and Formal Verification RTC TA ABS properties Timed event Generation satisfying RTC is easier For time threshold = 4 s, the maximum (m,k)- firm tolerance for sensor1 data = fresh and sensor2 data = stale is (4,5) Abstractions of the system can be easily represented For time threshold = 6 s, the (m,k)-firm tolerance for both sensor data = fresh, does not go below (8,10) Formal verification tools available 17 19-03-2025 Formal Verification Research Group, IIT Kharagpur

  18. Example: ABS Query: If m is reachable? 18 19-03-2025 Formal Verification Research Group, IIT Kharagpur

  19. D. Closing the loop Properties are satisfied Formal guarantee provided by the tool flow Property violations Counterexample trace If spurious? Modify respective RTC curves Re-execute tool flow like CEGAR loop [4] [4] Clarke, Edmund, et al. "Abstraction and counterexample-guided refinement in model checking of hybrid systems." International Journal of Foundations of Computer Science 14.04 (2003): 583-604. 19 19-03-2025 Formal Verification Research Group, IIT Kharagpur

  20. Conclusion AUTOSAFE flow an integrated approach to system design An interface between different realms Control designer species the control law Embedded systems engineer comes up with implementation mapping Verification engineer checks for target property Co-design of real-time control made easier Automating model refinement using CEGAR loop is part of future work 20 19-03-2025 Formal Verification Research Group, IIT Kharagpur

  21. References 1. Hamdaoui, Moncef, and Parameswaran Ramanathan. "A dynamic priority assignment technique for streams with (m, k)-firm deadlines." Computers, IEEE Transactions on 44.12 (1995): 1443-1451. 2. Samarjit Chakraborty, Simon K nzli, and Lothar Thiele. "A General Framework for Analysing System Properties in Platform-Based Embedded System Designs." DATE. Vol. 3. 2003. 3. Behrmann, Glenn, et al. "UPPAAL 4.0." IEEE Third International Conference on Quantitative Evaluation of Systems, QEST 2006. 4. Clarke, Edmund, et al. "Abstraction and counterexample-guided refinement in model checking of hybrid systems." International Journal of Foundations of Computer Science 14.04 (2003): 583-604. 5. Bokil, Prasad, et al. "Automatic test data generation for c programs." Third IEEE International Conference on Secure Software Integration and Reliability Improvement, SSIRI 2009. 6. Anssi, Saoussen, et al. "chronVAL/chronSIM: A Tool Suite for Timing Verification of Automotive Applications." Proc. Embedded Real-Time Software and Systems, ERTS (2012). 21 19-03-2025 Formal Verification Research Group, IIT Kharagpur

  22. THANK YOU !!! Sajid Mohamed sajidm@atdc.iitkgp.ernet.in 22 19-03-2025 Formal Verification Research Group, IIT Kharagpur

Related


ISO 9000 Vocabulary and Glossary for ISO 9001:2015

ISO 9000 Vocabulary and Glossary for ISO 9001:2015

rayyan
The Impact of the Insurance Act 2015 on Brokers and Insurers

The Impact of the Insurance Act 2015 on Brokers and Insurers

pierce
Analysis of Beam Commissioning and Tune Evolution in 2015

Analysis of Beam Commissioning and Tune Evolution in 2015

gmar
SCB Training Program Symposium 2015 - Wake Forest Biotech Place

SCB Training Program Symposium 2015 - Wake Forest Biotech Place

eudy_a
St. Thomas College Thrissur - Department of Physical Education Achievements 2015-16

St. Thomas College Thrissur - Department of Physical Education Achievements 2015-16

amatt
Regional Community Safety and Resilience Forum Meeting Agenda August 5, 2015 Jakarta

Regional Community Safety and Resilience Forum Meeting Agenda August 5, 2015 Jakarta

obri_94
California's Fiscal Outlook and Economic Trends in 2015

California's Fiscal Outlook and Economic Trends in 2015

ksatt
DDF Annual Appeal Workshop 2015

DDF Annual Appeal Workshop 2015

jaleongr
Overview of California LifeLine Program Update - October 29, 2015

Overview of California LifeLine Program Update - October 29, 2015

syme_ian
Anne Arundel County Survey Findings Fall 2015 Presentation

Anne Arundel County Survey Findings Fall 2015 Presentation

haer862
Diabetes Collaborative Project 2015-2016 Summary

Diabetes Collaborative Project 2015-2016 Summary

jennison_e
Highlights of 2015 IAOS General Assembly at 60th ISI World Statistics Congress

Highlights of 2015 IAOS General Assembly at 60th ISI World Statistics Congress

difilippo_s
Clerk-Treasurers Conference Updates and Calendar for 2014/2015

Clerk-Treasurers Conference Updates and Calendar for 2014/2015

pcode
Village CC Tour 2015: Building on Brilliance - Recap and Plans

Village CC Tour 2015: Building on Brilliance - Recap and Plans

kawtharc
University Senate Summary - October 7, 2015

University Senate Summary - October 7, 2015

eremu
Nordic Cross Country Conference 2015 Report: Latvia's Ski Season Highlights

Nordic Cross Country Conference 2015 Report: Latvia's Ski Season Highlights

makaelyn
Therapeutic Trials in HIV/HCV Coinfection: ION-4, Ally-2, and Viroteam 2015

Therapeutic Trials in HIV/HCV Coinfection: ION-4, Ally-2, and Viroteam 2015

alberson_z
Transformational Change in ASN Head Teachers Meeting - November 12, 2015

Transformational Change in ASN Head Teachers Meeting - November 12, 2015

fate_79
SAASTA AstroQuiz 2015 Round 3 - Astronomy Questions and Challenges

SAASTA AstroQuiz 2015 Round 3 - Astronomy Questions and Challenges

iemer
Auckland UC Users Group Event - July 30th, 2015

Auckland UC Users Group Event - July 30th, 2015

esha_13
TAARA 2015 Trade Adjustment Assistance Reauthorization Act

TAARA 2015 Trade Adjustment Assistance Reauthorization Act

leilanee

More Related Content