A TOOL-CHAIN FOR FUNCTIONAL SAFETY AND RELIABILITY IMPROVEMENT IN AUTMOTIVE SYSTEMS

Similar documents
Virtual Hardware ECU How to Significantly Increase Your Testing Throughput!

GAIO. Solution. Corporate Profile / Product Catalog. Contact Information

Entwicklung zuverlässiger Software-Systeme, Stuttgart 30.Juni 2011

Safety and Reliability of Software-Controlled Systems Part 14: Fault mitigation

Verification, Validation, and Test with Model-Based Design

Compatible Qualification Metrics for Formal Property Checking

Formal Verification and Automatic Testing for Model-based Development in compliance with ISO 26262

Automatic test generation based on functional coverage

Automated testing of embedded systems in medical device development

ISO26262 This Changes Everything!

AN EFFICIENT APPROACH FOR MODEL- BASED TESTING: SIEMENS USE CASE IN THE MBAT EUROPEAN PROJECT

New ARMv8-R technology for real-time control in safetyrelated

Tools and Methods for Validation and Verification as requested by ISO26262

European Conference on Nanoelectronics and Embedded Systems for Electric Mobility. HIL platform for EV charging and microgrid emulation

Workflow for Control System Design and Implementation

Is This What the Future Will Look Like?

DRYING CONTROL LOGIC DEVELOPMENT USING MODEL BASED DESIGN

Reuse of Hardware Independent Test Sequences across MiL-, SiL- and HiL-Test Scenarios

Fault-Injection testing and code coverage measurement using Virtual Prototypes on the context of the ISO standard

V&V: Model-based testing

Functional Safety and Safety Standards: Challenges and Comparison of Solutions AA309

Software architecture in ASPICE and Even-André Karlsson

Model-Based Design for High Integrity Software Development Mike Anthony Senior Application Engineer The MathWorks, Inc.

Automated Continuous Verification & Validation for Automobile Software

Software Verification for Low Power, Safety Critical Systems

Hardware-In-Loop Test Setup Automation

Experiences with CANoe-based Fault Injection for AUTOSAR

Functional Safety Design Packages for STM32 & STM8 MCUs

Model-Based Design for Safety-Critical and Mission-Critical Applications Bill Potter Technical Marketing April 17, 2008

Virtualization of Heterogeneous Electronic Control Units Testing and Validating Car2X Communication

Certified Automotive Software Tester Sample Exam Paper Syllabus Version 2.0

Verification and Test with Model-Based Design

Guido Sandmann MathWorks GmbH. Michael Seibt Mentor Graphics GmbH ABSTRACT INTRODUCTION - WORKFLOW OVERVIEW

Using Cost Effective Distributed HIL for Rapid Prototyping

Real-Time Hardware-In-Loop simulation for automated validation of diagnostic services

Create, Embed, Empower. Crevavi Technologies Company profile

Industrial Embedded Systems - Design for Harsh Environment - Dr. Alexander Walsch

A Model-Based Reference Workflow for the Development of Safety-Related Software

Development and Deployment of ECU based Control Systems through MBD. Imperative role of Model based design in System Engineering

Handling Challenges of Multi-Core Technology in Automotive Software Engineering

Functional verification on PIL mode with IAR Embedded Workbench

Silver + TestWeaver Tools for Simulation-Based Design System Test and Validation

FULL VIRTUALIZATION OF RENAULT'S ENGINE MANAGEMENT SOFTWARE APPLICATION TO SYSTEM DEVELOPMENT

FMEDA-Based Fault Injection and Data Analysis in Compliance with ISO SPEAKER. Dept. of Electrical Engineering, National Taipei University

Testing, Validating, and Verifying with Model-Based Design Phil Rottier

Software Verification and Validation (VIMMD052) Introduction. Istvan Majzik Budapest University of Technology and Economics

Volvo Car Group Jonn Lantz Agile by Models

Advanced AC Motor Control S/W Development Sang-Ho Yoon Senior Application Engineer The MathWorks

Architecture concepts in Body Control Modules

IMPROVING ADAS VALIDATION WITH MBT

정형기법을활용한 AUTOSAR SWC 의구현확인및정적분석

FUNCTIONAL SAFETY FOR INDUSTRIAL AUTOMATION

Ensuring System Integrity through Advanced System Software Verification

Model-Based Testing: an Approach with SDL/RTDS and DIVERSITY

Automatic Code Generation Technology Adoption Lessons Learned from Commercial Vehicle Case Studies

DENETS HIDENETS DENETS. Highly Dependable IP-based Networks and Services (FP6 STREP, Jan Dec 2008)

Model to Code, Made Simple and Easy Sebastien Dupertuis Application Engineer Applications Engineering Group MathWorks Switzerland June 11, 2015

KPIT Cummins. Automotive Body Electronics and Chassis Presentation

Virtual Platforms, Simulators and Software Tools

Test and Verification Solutions. ARM Based SOC Design and Verification

10 th AUTOSAR Open Conference

AUTOBEST: A microkernel-based system (not only) for automotive applications. Marc Bommert, Alexander Züpke, Robert Kaiser.

By V-cubed Solutions, Inc. Page1. All rights reserved by V-cubed Solutions, Inc.

Model Based Systems Engineering Engine Control: from concept to validation. Jan Smolders Technical Account Manager

Model based testing and Hardware-in-the-Loop simulation of embedded CANopen control devices

Taking the Right Turn with Safe and Modular Solutions for the Automotive Industry

Eliminating Single Points of Failure in Software Based Redundancy

Assignment - 1. Why we need Test plan and what are the elements that it identifies?

Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, t he Energy Efficient Solutions logo, mobilegt, PowerQUICC,

Virtualizing the TCU of BMW's 8 speed transmission

Riccardo Mariani, Intel Fellow, IOTG SEG, Chief Functional Safety Technologist

COMPASS GRAPHICAL MODELLER

Benefits of Collecting Code Coverage Metrics during HIL/ECU Testing

Countermeasures against Cyber-attacks

Report. Certificate M6A SIMATIC Safety System

Development of a modern Airbag System Prototype COSIDE User Experience

Report. Certificate Z Rev. 00. SIMATIC Safety System

From Design to Production

A Software-based Environment for Development & Validation of Spacecraft On-board Software

Controller Calibration using a Global Dynamic Engine Model

Automated test of the AMG Speedshift DCT control software

Ein Modell - viele Zielsysteme

Virtual Validation of Cyber Physical Systems

Communication Patterns in Safety Critical Systems for ADAS & Autonomous Vehicles Thorsten Wilmer Tech AD Berlin, 5. March 2018

Complex Signal Processing Verification under DO-254 Constraints by François Cerisier, AEDVICES Consulting

Enabling Increased Safety with Fault Robustness in Microcontroller Applications

What s New with the MATLAB and Simulink Product Families. Marta Wilczkowiak & Coorous Mohtadi Application Engineering Group

Production Code Generation Introduction and New Technologies

AVS: A Test Suite for Automatically Generated Code

Final Presentation AUTOCOGEQ GMV, 2017 Property of GMV All rights reserved UNCLASSIFIED INFORMATION

EDA Support for Functional Safety How Static and Dynamic Failure Analysis Can Improve Productivity in the Assessment of Functional Safety

Tools for CAN based networking. On the street, in the air, in the orbit

A Meta-Modeling-Based Approach for Automatic Generation of Fault- Injection Processes

IDE for medical device software development. Hyun-Do Lee, Field Application Engineer

FUNCTIONAL SAFETY CERTIFICATE

Non-invasive Software Verification using Vista Virtual Platforms by Alex Rozenman, Vladimir Pilko, and Nilay Mitash, Mentor Graphics

VDE Testing and Certification Institute

Model Interpretation for an AUTOSAR compliant Engine Control Function

Understanding SW Test Libraries (STL) for safetyrelated integrated circuits and the value of white-box SIL2(3) ASILB(D) YOGITECH faultrobust STL

Hazard Analysis and FMECA

Transcription:

A TOOL-CHAIN FOR FUNCTIONAL SAFETY AND RELIABILITY IMPROVEMENT IN AUTMOTIVE SYSTEMS R. Nouacer, M. Djemal, S. Niar, G. Mouchard, N. Rapin, J.P. Gallois, P. Fiani, F. Chastrette, T. Adriano and B. Mac-Eachen reda.nouacer@cea.fr smail.niar@univ-valenciennes.fr https://equitas-project.com/site/ Bpifrance AAP FUI16 and the General Council of Essonne France GDR SoC-IP 1

ENHANCED QUALITY USING INTENSIVE TEST AND ANALYSIS ON SIMULATORS AGENDA! Context and Trends! Objectives and Results! Methodology and tools! Technical challenges! Automatic test generation! Analysis and verification of compliance with the requirements! Virtual platforms and HW faults injection! Current status Tools chain V2! Next works GDR SoC IP 2

ENHANCED QUALITY USING INTENSIVE TEST AND ANALYSIS ON SIMULATORS CONTEXT AND TRENDS! µelectronic Miniaturization! Increased sensitivity of ECU to transient hardware faults! Increased number of functions! 10-100 ECU (distributed system)! Hostile operating environment! Electromagnetic fields, temperature, humidity! ISO26262 standard! Safety constraints (product and process)! Embedded software V&V! Complex iterative process!! 40-50% total development cost MIL SIL PIL HIL Exigences Allocation0et0Validation0des0exigences Vérification0des0 exigences RP Système cible MIL: Model In the Loop RP : Rapid Prototyping SIL : Software-in-the-Loop PIL : Processor-in-the-Loop HIL : Hardware-in-the Loop GDR SoC IP 3

ENHANCED QUALITY USING INTENSIVE TEST AND ANALYSIS ON SIMULATORS BLOC DIAGRAM OF CONTROL LOOP Instructions (e.g.(windshield(wiper("commodo") Analysis(and( decision monitoring(and( control((system (e.g.(bcm) Measurements(/( Interruptions Commands(/(Actions Inputs (e.g.(can,(adc) Outputs (e.g.(can,(pwm) Sensors Actuators Physical(system (e.g.(usm) Driven(process (e.g.(wiper(blades) Disturbances( (e.g.(dirt,(wind,(age,(t C,(magnetic(field) GDR SoC IP 4

ENHANCED QUALITY USING INTENSIVE TEST AND ANALYSIS ON SIMULATORS FUNCTIONAL SAFETY AND RELIABILITY ANALYSIS Injection Reference Fault Scenarios Reliability Model Test Bench Embedded System Data Analyzer Tolerance Scenarios GDR SoC IP 5

ENHANCED QUALITY USING INTENSIVE TEST AND ANALYSIS ON SIMULATORS OBJECTIVES AND RESULTS! Automate the verification and validation process of whole embedded software stacks! By developing a continuous tool-chain! In the context of automotive electronic systems! Improve the relevance of the test campaigns! By detecting the redundant tests using equivalence classes! Provide assistance to the hardware failure effect analysis (FMEA)! By introducing a hardware faults model during simulation.! Extract a comprehensive V&V methodology using virtual platforms! By assessing the EQUITAS tool chain on real automotive use cases! Assess the tool-chain under the ISO 26262 requirements. GDR SoC IP 6

ENHANCED QUALITY USING INTENSIVE TEST AND ANALYSIS ON SIMULATORS VIRTUAL TESTING ENVIRONMENT Exigences Observateurs'de' propriétés'(monitors) Trace1collector Observer Observer Observer Observer Traces' d exécution ARTiMon (Checkers) Modèle'de'test Modèle'comportemental MaTeLo &'DIVERSITY UNISIM>VP'&'Fautes' Matérielles CAN,1PWM,. CAN,1ADC,. Environnement'physique Environnement'de'test [ Driver'='Adapter +'Controller'] Scénarios'de' test Driver Driver Driver Driver Séquenceur Moteur'd exécution' des'scénarios Verdicts GDR SoC IP 7

ENHANCED QUALITY USING INTENSIVE TEST AND ANALYSIS ON SIMULATORS METHODOLOGY & TOOLS Tool-chain Inputs Environment Model Source Code System Model DIVERSITY & MaTeLo System Requirements Test Plan Elaboration Code Generation Test Cases Generation Requirements Translation Embedded Code Tests Cases Formal Constraints Compilation Compilation UNISIM-VP & PhiSim Executable Binary Virtual Execution Environment Simulation Embedded Target Simulation Execution Traces Analysis Requirements Verifications & Analysis Verdict Alerts! ARTiMon GDR SoC IP 8

ENHANCED QUALITY USING INTENSIVE TEST AND ANALYSIS ON SIMULATORS TECHNICAL CHALLENGES! The use of symbolic execution principle to analyze and reduce test cases obtained by a stochastic approach! MaTeLo: stochastic test generation technique!generate!the!most!likely!tests!!many!redundant/duplicate!tests!!developped!by!all4tec!(h@p://www.all4tec.net/matelo/homematelo.html)! DIVERSITY: symbolic execution!model!validaeon!by!analyzing!its!symbolic!execueon!tree!!property!verificaeon!!automaec!test!generaeon!based!mainly!on!the!paths!coverage!!developed!by!cea!list!(h@p://projects.eclipse.org/proposals/diversity)!! The extension of the simulation environment UNISIM-VP! Modeling and injection of characterised hardware faults! Interface to test cases generation tools (MaTeLo & DIVERSITY)! Interface to compliance (monitoring) analysis tool (ARTiMon) GDR SoC IP 9

ENHANCED QUALITY USING INTENSIVE TEST AND ANALYSIS ON SIMULATORS FUNCTIONAL SAFETY AND RELIABILITY ANALYSIS Injection Reference Fault Scenarios Reliability Model Test Bench Embedded System Data Analyzer Tolerance Scenarios GDR SoC IP 10

AUTOMATIC TEST GENERATION MATELO OVERVIEW 1) Graphical Design 2) Test Case Generation 33) Test Script Generation 44) Coverage Report http://www.all4tec.net/matelo/homematelo.html GDR SoC IP 11

AUTOMATIC TEST GENERATION DIVERSITY - METHODOLOGY Modeling Environment Specification Requirements Behavior tree Specification Functional model «Black box» Specification model Simulation Conformance testing Specification correctness Test cases «numeric scenarios» GDR SoC IP 12

AUTOMATIC TEST GENERATION COUPLING DIVERSITY AND MATELO Test model Test model editor (MaTeLo) Test model «MaTeLo format» Stochastic test generation (MaTeLo) Use case Application model (Simulink) Transcription to xlia (Diversity) Use case model xlia! Remove duplicates (40%)!Preserving!soNware!reliability!!Enhancing!test!coverage!! Reduction of overall test length!reducing!duraeon!of!test!execueon!!reducing!cost!!preserving!same!test!coverage! MaTeLo tests analysis using symbolic execution (Diversity) Reduced MaTeLo test campaign MaTeLo test campaign Generation of the test campaign scripts for driving simulation GDR SoC IP 13

ENHANCED QUALITY USING INTENSIVE TEST AND ANALYSIS ON SIMULATORS FUNCTIONAL SAFETY AND RELIABILITY ANALYSIS Injection Reference Fault Scenarios Reliability Model Test Bench Embedded System Data Analyzer Tolerance Scenarios GDR SoC IP 14

ANALYSIS AND VERIFICATION OF COMPLIANCE ARTIMON: ADVANCED REAL TIME INFORMATION MONITORING! Provides a temporized logic based language! To express requirements about system real-time behavior! Transforms a set of requirements into operational detectors! For the simulation/execution environment ARTiMon 4 Simulink: System.mdl An invariant (a property that should be valid at any time): when (Switch_On and (it is always the case that Redzone holds on time range [-3,0])) then (there exists at least one occurrence of Alarm on time range [0,1.5]) System x y RedZone x 2 +y > z Alarm Switch_On ARTiMon S-Function Detection signal HTML Report GDR SoC IP 15

ENHANCED QUALITY USING INTENSIVE TEST AND ANALYSIS ON SIMULATORS FUNCTIONAL SAFETY AND RELIABILITY ANALYSIS Injection Reference Fault Scenarios Reliability Model Test Bench Embedded System Data Analyzer Tolerance Scenarios GDR SoC IP 16

UNISIM VIRTUAL PLATFORM COMPONENT-BASED VIRTUALIZATION ENVIRONMENT UNISIM-VP Embedded target simulation Third Party Tools Virtual Platform Services! Co-simulation! Test-bench database! Existing toolchains! System on Chip! Boards! SystemC/TLM! Debugger! Test! Monitor! Trace analysis! Profiling! HW fault injection https://unisim-vp.org/site/index.html GDR SoC IP 17

UNISIM VIRTUAL PLATFORM STAR12X AUTOMOTIVE APPLICATION UNISIM-VP S12XEP100 Board Simulator RAM FLASH EEPROM ECT XGATE XINT MMC Debugger CPU12X PIT CRG ELF Loader S-Rec. Loader.abs ELF binary AUTOSAR BSW+RTE.s19 S-Rec. binary ATDx SCI PWM SPI CANx Third Party Tools Stubs S12XEP100 Board GDR SoC IP 18

UNISIM VIRTUAL PLATFORM TEST CASE ENHANCED WITH HARDWARE FAULT INJECTION Requirements+file Hardware+target Application Fault+quantifier Fault+probability+of+occurrence P Fault+injection+ engine+&+simulation (UNISIM?VP) Test+scenarios (MaTeLo) Execution+trace+ (code/data)+with+faults Comparator+and+ analyzer+of+ execution+traces Reference+execution+trace+ (code/data) Alert? No silence Yes Reliability+quantifier?! Fault'effects'analysis! Corrective'Decisions! Compute'error'ratio'(MTTF)' GDR SoC IP 19

FAULT INJECTION STRATEGY GDR SoC IP 20

TOOLS CHAIN Test model Test model editor (MaTeLo) Test model «MaTeLo format» Stochastic test generation (MaTeLo) Use case Application model (Simulink) Translation to xlia (Diversity) Use case model xlia System properties and requirements (test objectives) Binary Code Simulation MaTeLo tests analysis using symbolic execution (Diversity) MaTeLo test campaign Reduced MaTeLo test campaign Translation as monitoring specification (ARTiMon) Embedded system +Simulink (Sys) +UNISIM-VP +HW Faults Physical system +PhiSim Test campaign in the standardized interpretable format Generation of the test campaign scripts for driving UNISIM-VP & Simulink (MaTeLo) Execution trace ARTiMon specifications Compliancy analysis (ARTiMon) Verdicts GDR SoC IP 21

USE CASE WINDSHIELD WIPER GDR SoC IP 22

ENHANCED QUALITY USING INTENSIVE TEST AND ANALYSIS ON SIMULATORS NEXT WORKS! Studying the compliancy of the EQUITAS toolchain with the ISO26262 standard.! Quantitative and qualitative assessment of the toolchain, by the project industrial partners.! Generalization of project activities! Distributed embedded systems! Heterogeneous (model, ASW, binary) validation and verification! Extension of EQUITAS toolchain! RAMS analysis (Reliability, Availability, Maintainability, Safety) GDR SoC IP 23

A TOOL-CHAIN FOR FUNCTIONAL SAFETY AND RELIABILITY IMPROVEMENT IN AUTMOTIVE SYSTEMS R. Nouacer, M. Djemal, S. Niar, G. Mouchard, N. Rapin, J.P. Gallois, P. Fiani, F. Chastrette, T. Adriano and B. Mac-Eachen reda.nouacer@cea.fr https://equitas-project.com/site/ Bpifrance AAP FUI16 and the General Council of Essonne France GDR SoC-IP 24

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback