Early-Stage Resource Estimation from Functional Reliability Specification in Embedded Cyber-Physical Systems

Reliability and fault tolerance are critical attributes of embedded cyber-physical systems that require a high safety-integrity level. For such systems, the use of formal functional safety specifications has been strongly advocated in most industrial safety standards, but reliability and fault tolerance have traditionally been treated as platform issues. We believe that addressing reliability and fault tolerance at the functional safety level widens the scope for resource optimization, targeting those functionalities that are safety-critical, rather than the entire platform. Moreover, for software based control functionalities, temporal redundancies have become just as important as replication of physical resources, and such redundancies can be modeled at the functional specification level. The ability to formally model functional reliability at a specification level enables early estimation of physical resources and computation bandwidth requirements. In this paper we propose, for the first time, a resource estimation methodology from a formal functional safety specification augmented by reliability annotations. The proposed reliability specification is overlaid on the safety-critical functional specification and our methodology extracts a constraint satisfaction problem for determining the optimal set of resources for meeting the reliability target for the safety-critical behaviors. We use SMT (Satisfiability Modulo Theories) / ILP (Integer Linear Programming) solvers at the back end to solve the optimization problem, and demonstrate the feasibility of our methodology on a Satellite Launch Vehicle Navigation, Guidance and Control (NGC) System.

[1]  Ansuman Banerjee,et al.  POWER-TRUCTOR: An Integrated Tool Flow for Formal Verification and Coverage of Architectural Power Intent , 2013, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[2]  Barry W. Johnson Design & analysis of fault tolerant digital systems , 1988 .

[3]  Chester Rebeiro,et al.  XFC: A framework for eXploitable Fault Characterization in block ciphers , 2017, 2017 54th ACM/EDAC/IEEE Design Automation Conference (DAC).

[4]  Hagbae Kim,et al.  A Time Redundancy Approach to TMR Failures Using Fault-State Likelihoods , 1994, IEEE Trans. Computers.

[5]  Pallab Dasgupta,et al.  Time-budgeting: a component based development methodology for real-time embedded systems , 2012, Formal Aspects of Computing.

[6]  Alberto L. Sangiovanni-Vincentelli,et al.  Fault-tolerant platforms for automotive safety-critical applications , 2003, CASES '03.

[7]  C. Krishna,et al.  Reliability of checkpointed real-time systems using time redundancy , 1993 .

[8]  Kameyama,et al.  Design of Dependent-Failure-Tolerant Microcomputer System Using Triple-Modular Redundancy , 1980, IEEE Transactions on Computers.

[9]  Byung Kook Kim,et al.  Reliability analysis of real-time controllers with dual-modular temporal redundancy , 1999, Proceedings Sixth International Conference on Real-Time Computing Systems and Applications. RTCSA'99 (Cat. No.PR00306).

[10]  Hagbae Kim,et al.  Design and Analysis of an Optimal Instruction-Retry Policy for TMR Controller Computers , 1996, IEEE Trans. Computers.

[11]  Byung Kook Kim,et al.  Probabilistic Schedulability Analysis of Harmonic Multi-Task Systems with Dual-Modular Temporal Redundancy , 2004, Real-Time Systems.

[12]  Rajeev Alur,et al.  A Theory of Timed Automata , 1994, Theor. Comput. Sci..

[13]  Edward A. Lee Cyber Physical Systems: Design Challenges , 2008, 2008 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC).

[14]  Pallab Dasgupta,et al.  A Heuristic for the Maximum Processor Requirement for Scheduling Layered Task Graphs with Coloring , 1998, J. Parallel Distributed Comput..

[15]  Andrea Lodi,et al.  Two-dimensional packing problems: A survey , 2002, Eur. J. Oper. Res..

[16]  Pallab Dasgupta,et al.  A Roadmap for Formal Property Verification , 2006 .

[17]  Pallab Dasgupta,et al.  Formal Verification of Architectural Power Intent , 2013, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[18]  Algirdas Avizienis,et al.  Fault Tolerance by Design Diversity: Concepts and Experiments , 1984, Computer.

[19]  Stephan Merz,et al.  Model Checking , 2000 .

[20]  Pallab Dasgupta,et al.  Taming the component timing: A CBD methodology for real-time embedded systems , 2010, 2010 Design, Automation & Test in Europe Conference & Exhibition (DATE 2010).

[21]  Matthias Templ,et al.  Analysis of commercial and free and open source solvers for linear optimization problems 1 , 2012 .

[22]  Alberto L. Sangiovanni-Vincentelli,et al.  Fault-Tolerant Distributed Deployment of Embedded Control Software , 2008, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[23]  Jing-Chiou Liou,et al.  Task Clustering and Scheduling for Distributed Memory Parallel Architectures , 1996, IEEE Trans. Parallel Distributed Syst..

[24]  Pallab Dasgupta,et al.  Formal assessment of reliability specifications in embedded cyber-physical systems , 2016, J. Appl. Log..

[25]  Ignacio E. Grossmann,et al.  Computational advances in solving Mixed Integer Linear Programming problems To Professor Sauro Pierucci for leadership in Process Systems Engineering , 2011 .

[26]  William K. Lam Hardware Design Verification: Simulation and Formal Method-Based Approaches (Prentice Hall Modern Semiconductor Design Series) , 2005 .

[27]  Armin Biere,et al.  Bounded Model Checking Using Satisfiability Solving , 2001, Formal Methods Syst. Des..

[28]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[29]  Samarjit Chakraborty,et al.  Automotive Cyber–Physical Systems: A Tutorial Introduction , 2016, IEEE Design & Test.

[30]  R. Ramaswami,et al.  Book Review: Design and Analysis of Fault-Tolerant Digital Systems , 1990 .

[31]  B. N. Suresh,et al.  Integrated Design for Space Transportation System , 2015 .

[32]  Armin Biere,et al.  Symbolic Model Checking without BDDs , 1999, TACAS.

[33]  Cesare Tinelli,et al.  Satisfiability Modulo Theories , 2021, Handbook of Satisfiability.

[34]  Twan Basten,et al.  Fault-tolerant embedded control systems for unreliable hardware , 2014, 2014 International Symposium on Integrated Circuits (ISIC).

[35]  Robert Geist,et al.  Selection of a checkpoint interval in a critical-task environment , 1988 .

[36]  Robert S. Swarz,et al.  Reliable Computer Systems: Design and Evaluation , 1992 .

[37]  Alon Itai,et al.  Timing Verification by Successive Approximation , 1992, CAV.

[38]  Kenneth L. McMillan,et al.  Symbolic model checking: an approach to the state explosion problem , 1992 .

[39]  Dave E. Eckhardt,et al.  A theoretical investigation of generalized voters for redundant systems , 1989, [1989] The Nineteenth International Symposium on Fault-Tolerant Computing. Digest of Papers.