Using Fault Injection to Verify an AUTOSAR Application According to the ISO 26262

The complexity and the criticality of automotive electronic embedded systems are steadily increasing today, and that is particularly the case for software development. The new ISO 26262 standard for functional safety is one of the answers to these challenges. The ISO 26262 defines requirements on the development process in order to ensure the safety. Among these requirements, fault injection (FI) is introduced as a dedicated technique to assess the effectiveness of safety mechanisms and demonstrate the correct implementation of the safety requirements. Our work aims at developing an approach that will help integrate FI in the whole development process in a continuous way, from system requirements to the verification and validation phase. This leads us to explore the benefits of safety analyses (Failure Mode Effects and Criticality Analysis (FMECA), Fault Tree Analysis (FTA), Critical Path Analysis (CPA) or Freedom From Interference (FFI) Analysis, etc.) for the definition of the test plan, defining efficient FI tests cases. The paper discusses the objectives and role of FI in the Verification and Validation process. It also illustrates how to apply this methodology on a platform based on AUTOSAR 4.X that integrates a trusted Front-Light Manager Application (Automotive Safety Integrity Level-ASIL B) and a non-trusted (Quality Management-QM) application. This proposed architecture allows ensuring the safety requirements with dedicated safety mechanisms and also FFI using both temporal and spatial partitioning. Finally, the results of FI test cases obtained on a mock-up running the Front-Light Manager Application, developed at Valeo GEEDS are presented.

[1]  Matthieu Roy,et al.  From Safety Analyses to Experimental Validation of Automotive Embedded Systems , 2014, 2014 IEEE 20th Pacific Rim International Symposium on Dependable Computing.

[2]  Johan Karlsson,et al.  Binary-Level Fault Injection for AUTOSAR Systems (Short Paper) , 2014, 2014 Tenth European Dependable Computing Conference.

[3]  Roger Johansson,et al.  A Study of the Impact of Single Bit-Flip and Double Bit-Flip Errors on Program Execution , 2013, SAFECOMP.

[4]  Janusz Sosnowski,et al.  Analyzing Fault Susceptibility of ABS Microcontroller , 2008, SAFECOMP.

[5]  Jean Arlat,et al.  Fault Injection for Dependability Validation: A Methodology and Some Applications , 1990, IEEE Trans. Software Eng..

[6]  Nuno Silva,et al.  A view on the past and future of fault injection , 2013, 2013 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[7]  Johan Karlsson,et al.  GOOFI-2: A tool for experimental dependability assessment , 2010, 2010 IEEE/IFIP International Conference on Dependable Systems & Networks (DSN).

[8]  Cristiano Giuffrida,et al.  EDFI: A Dependable Fault Injection Tool for Dependability Benchmarking Experiments , 2013, 2013 IEEE 19th Pacific Rim International Symposium on Dependable Computing.

[9]  Juan José Serrano,et al.  INERTE: integrated nexus-based real-time fault injection tool for embedded systems , 2003, 2003 International Conference on Dependable Systems and Networks, 2003. Proceedings..