On the Effective Use of Fault Injection for the Assessment of AUTOSAR Safety Mechanisms

2015 11th European Dependable Computing Conference (EDCC) Pub Date : 2015-09-07 DOI:10.1109/EDCC.2015.14

Thorsten Piper, Stefan Winter, N. Suri, T. Fuhrman

{"title":"On the Effective Use of Fault Injection for the Assessment of AUTOSAR Safety Mechanisms","authors":"Thorsten Piper, Stefan Winter, N. Suri, T. Fuhrman","doi":"10.1109/EDCC.2015.14","DOIUrl":null,"url":null,"abstract":"The automotive safety standard ISO 26262 strongly recommends the use of fault injection (FI) for the assessment of safety mechanisms that typically span composite dependability and real-time operations. However, with the standard providing very limited guidance on the actual design, implementation and execution of FI experiments, most AUTOSAR FI approaches use standard fault models (e.g., bit flips and data type based corruptions), and focus on using simulation environments. Unfortunately, the representation of timing faults using standard fault models, and the representation of real-time properties in simulation environments are hard, rendering both inadequate forthe comprehensive assessment of AUTOSAR's safety mechanisms. The actual development of ISO 26262 advocated FI is further hampered by the lack of representative software fault models and the lack of an openly accessible AUTOSAR FI framework. We address these gaps by (a) adapting the open source FI framework GRINDER to AUTOSAR and (b) showing how to effectively apply it for the assessment of AUTOSAR's safety mechanisms.","PeriodicalId":138826,"journal":{"name":"2015 11th European Dependable Computing Conference (EDCC)","volume":"28 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-09-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 11th European Dependable Computing Conference (EDCC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/EDCC.2015.14","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 11

Abstract

The automotive safety standard ISO 26262 strongly recommends the use of fault injection (FI) for the assessment of safety mechanisms that typically span composite dependability and real-time operations. However, with the standard providing very limited guidance on the actual design, implementation and execution of FI experiments, most AUTOSAR FI approaches use standard fault models (e.g., bit flips and data type based corruptions), and focus on using simulation environments. Unfortunately, the representation of timing faults using standard fault models, and the representation of real-time properties in simulation environments are hard, rendering both inadequate forthe comprehensive assessment of AUTOSAR's safety mechanisms. The actual development of ISO 26262 advocated FI is further hampered by the lack of representative software fault models and the lack of an openly accessible AUTOSAR FI framework. We address these gaps by (a) adapting the open source FI framework GRINDER to AUTOSAR and (b) showing how to effectively apply it for the assessment of AUTOSAR's safety mechanisms.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

故障注入在AUTOSAR安全机制评估中的有效应用

汽车安全标准ISO 26262强烈建议使用故障注入(FI)来评估通常跨越复合可靠性和实时操作的安全机制。然而，由于该标准对FI实验的实际设计、实现和执行提供了非常有限的指导，大多数AUTOSAR FI方法使用标准故障模型(例如，位翻转和基于数据类型的损坏)，并专注于使用仿真环境。不幸的是，使用标准故障模型来表示时序故障，以及在仿真环境中表示实时属性都很困难，这对于全面评估AUTOSAR的安全机制来说都是不够的。ISO 26262所提倡的FI的实际发展由于缺乏代表性的软件故障模型和缺乏开放的AUTOSAR FI框架而受到进一步的阻碍。我们通过(a)将开源FI框架GRINDER应用于AUTOSAR和(b)展示如何有效地将其应用于AUTOSAR安全机制的评估来解决这些差距。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2015 11th European Dependable Computing Conference (EDCC)

自引率

0.00%

发文量