A Fault Injection Approach to Evaluate Soft-Error Dependability of System Calls

Central Processing Units (CPUs) that satisfy the throughput demands of highly automated driving trade reliability off for performance. Such CPUs often do not include extensive hardware-implemented reliability measures e. g., lockstep CPU cores. At the same time, POSIX-compliant (including Linux-like) operating systems (OSs) become increasingly popular for such complex automotive systems, e. g., the upcoming AUTOSAR Adaptive standard is based on POSIX [1]. In such systems, the fault analysis of critical software components such as the OS becomes an important dependability asset. We determine the robustness of a given OS by injecting random hardware faults into the CPU and measure the extent to which these faults propagate through the OS in order to manifest as application level side effects. In this paper, we present our QEMU-based fault injection framework that simulates bit flips in x86 registers during the execution of the system calls of Linux 4.10 and classifies their effects at the application level. Our results show that for the clone, futex, mmap, mprotect, and pipe syscalls in average 76.3% of the 4.48 million injected faults are benign.Our experiments also show that the program counter and stack pointer (in case of memory operations) are the most susceptible registers. Our measurements help to guide the appropriate deployment of software-implemented hardware fault-tolerance (SIHFT) measures. Re-evaluation of the implemented SIHFT measures can be potentially used as an argument for safety.