Safety evaluation of in-car real-time applications distributed on TDMA-based networks Cédric Wilwert Françoise Simonot-Lion, Ye-Qiong Song François Simonot.

Slides:

Advertisements

Similar presentations

Mafijul Islam, PhD Software Systems, Electrical and Embedded Systems Advanced Technology & Research Research Issues in Computing Systems: An Automotive.

Advertisements

Assume that a file is transferred from a node A to a node B. The file has been fragmented in 5 frames. Frame 0 is corrupted, the ACK of frame 1 is corrupted,

Securing Vehicular Communications Author ： Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From ： IEEE Wireless Communications Magazine, Special.

Availability in Globally Distributed Storage Systems

Making Services Fault Tolerant

OPM Cybersecurity Competencies by Occupation (Technical Competencies) Information Technology Management Series Electronics Engineering.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Bogdan Tanasa, Unmesh D. Bordoloi, Petru Eles, Zebo Peng Department of Computer and Information Science, Linkoping University, Sweden December 3, 2010.

1 of 30 June 14, 2000 Scheduling and Communication Synthesis for Distributed Real-Time Systems Paul Pop Department of Computer and Information Science.

Trust Level Based Self-Organized Routing Protocol for Secure Ad Hoc Networks Li Xiaoqi, GiGi 12/3/2002.

WPDRTS ’05 1 Workshop on Parallel and Distributed Real-Time Systems 2005 April 4th and 5th, 2005, Denver, Colorado Challenge Problem Session Detection.

Reliability-Aware Frame Packing for the Static Segment of FlexRay Bogdan Tanasa, Unmesh Bordoloi, Petru Eles, Zebo Peng Linkoping University, Sweden 1.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

Reliability on Web Services Pat Chan 31 Oct 2006.

Scheduling with Optimized Communication for Time-Triggered Embedded Systems Slide 1 Scheduling with Optimized Communication for Time-Triggered Embedded.

REAL-TIME SOFTWARE SYSTEMS DEVELOPMENT Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.

July 15, 2002 SCI02 ORLANDO Wireless Token Ring Protocol1 UC Berkeley WOW Wireless Token Ring Protocol (WTRP) A Medium Access Control Protocol for QoS.

1 Oct 2, 2003 Design Optimization of Mixed Time/Event-Triggered Distributed Embedded Systems Traian Pop, Petru Eles, Zebo Peng Embedded Systems Laboratory.

1 Software Testing and Quality Assurance Lecture 35 – Software Quality Assurance.

The Rare Glitch Project: Verifying Bus Protocols for Embedded Systems Edmund Clarke, Daniel Kroening Carnegie Mellon University.

1 Making Services Fault Tolerant Pat Chan, Michael R. Lyu Department of Computer Science and Engineering The Chinese University of Hong Kong Miroslaw Malek.

Remote Surveillance Vehicle Design Review By: Bill Burgdorf Tom Fisher Eleni Binopolus-Rumayor.

SERIAL BUS COMMUNICATION PROTOCOLS

EtherCAT Protocol Implementation Issues on an Embedded Linux Platform

Speed and Direction Prediction- based localization for Mobile Wireless Sensor Networks Imane BENKHELIFA and Samira MOUSSAOUI Computer Science Department.

Computer Measurement Group, India Reliable and Scalable Data Streaming in Multi-Hop Architecture Sudhir Sangra, BMC Software Lalit.

Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.

Corolla Electric Power Steering PE June, 2010.

University of Tehran 1 Interface Design Vehicle Busses Omid Fatemi.

A Membership Service for a Distributed, Embedded System Based on a Time-Triggered FlexRay Network Martin Mitzlaff Rüdiger Kapitza, Michael Lang, Wolfgang.

Evaluation of Safety Critical Software -- David L. Parnas, -- A. John van Schouwen, -- Shu Po Kwan -- June 1990 Presented By Zhuojing Li.

REAL-TIME SOFTWARE SYSTEMS DEVELOPMENT Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.

Distributed Control of FACTS Devices Using a Transportation Model Bruce McMillin Computer Science Mariesa Crow Electrical and Computer Engineering University.

System & Control Control theory is an interdisciplinary branch of engineering and mathematics, that deals with the behavior of dynamical systems. The desired.

VTT-STUK assessment method for safety evaluation of safety-critical computer based systems - application in BE-SECBS project.

RTS Meeting January 2008 In-Vehicle Domains Powertrain: –Control of engine and transmission –Several complex control, high computing complexity –Multitasking.

IMPROUVEMENT OF COMPUTER NETWORKS SECURITY BY USING FAULT TOLERANT CLUSTERS Prof. S ERB AUREL Ph. D. Prof. PATRICIU VICTOR-VALERIU Ph. D. Military Technical.

USDOT, RITA RITA: Oversight of USDOT’s R&D programs  University Transportation Centers $100M  UTC Consortia $80M  UTC Multimodal R&D $40M  Intelligent.

CS4730 Real-Time Systems and Modeling Fall 2010 José M. Garrido Department of Computer Science & Information Systems Kennesaw State University.

1 CAR 1 st Dec Core-group on Automotive R&D (CAR) Ministry of Science & Technology, Govt. of India. Constituted by Dr.R. Chidambaram,

DEVICES AND COMMUNICATION BUSES FOR DEVICES NETWORK

Other Chapters From the text by Valvano: Introduction to Embedded Systems: Interfacing to the Freescale 9S12.

Boltzmann Machine (BM) (§6.4) Hopfield model + hidden nodes + simulated annealing BM Architecture –a set of visible nodes: nodes can be accessed from outside.

1 of 14 1/15 Synthesis-driven Derivation of Process Graphs from Functional Blocks for Time-Triggered Embedded Systems Master thesis Student: Ghennadii.

Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai 28 October 2003.

Dependable communication synthesis for distributed embedded systems Nagarajan Kandasamy, John P. Hayes, Brian T. Murray Presented by John David Eriksen.

Part 2: Packet Transmission Packets, frames Local area networks (LANs) Wide area networks (LANs) Hardware addresses Bridges and switches Routing and protocols.

CONTI'20041 Event Management in Distributed Control Systems Gheorghe Sebestyen Technical University of Cluj-Napoca Computers Department.

Building Dependable Distributed Systems Chapter 1 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

REAL-TIME SOFTWARE SYSTEMS DEVELOPMENT Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.

1 Computer Networking Dr. Mohammad Alhihi Communication and Electronic Engineering Department Philadelphia University Faculty of Engineering.

Collision-free Time Slot Reuse in Multi-hop Wireless Sensor Networks

Membership and Clique Avoidance in TTP/C Gunther Bauer, Michael Paulitsch Presented by Michael Sirivianos 02/01/2005.

MMAC: A Mobility- Adaptive, Collision-Free MAC Protocol for Wireless Sensor Networks Muneeb Ali, Tashfeen Suleman, and Zartash Afzal Uzmi IEEE Performance,

Design of Technical Condition Monitoring System of Vehicle Based on CAN Bus Authors ： Ruili Zeng, Yunkui Xiao Department of Automobile Engineering Academy.

CS4730 Real-Time Systems and Modeling Fall 2010 José M. Garrido Department of Computer Science & Information Systems Kennesaw State University.

National Institute Of Science & Technology CAN-based Higher Layer Protocols and Profiles Rajaaranjan Mishra 1 EI DECEMBER-2004 CAN-based Higher.

CCSDS SOIS Working Group Meeting – Berlin, Germany 14th of October 2008 Prototyping of CCSDS SOIS services on 1553 Bus Sev Gunes-Lasnet, Olivier Notebaert.

An Efficient Localization Algorithm Focusing on Stop-and-Go Behavior of Mobile Nodes IEEE PerCom 2011 Takamasa Higuchi, Sae Fujii, Hirozumi Yamaguchi and.

1 of 14 1/15 Schedulability-Driven Frame Packing for Multi-Cluster Distributed Embedded Systems Paul Pop, Petru Eles, Zebo Peng Embedded Systems Lab (ESLAB)

Dr. John P. Abraham Introduction to Computer Networks INTRODUCTION TO COMPUTER NETWORKS.

Rate-Adaptive MAC Protocol in High-Rate Personal Area Networks Byung-Seo Kim, Yuguang Fang and Tan F. Wong Department of Electrical and Computer Engineering.

Embedded Systems - the Neural Backbone of Society ARTEMIS Industry Association ARTEMIS, from successful R&D to cutting-edge Innovation Rolf Ernst, TU Braunschweig.

T.Russell Shields, Co-Chair, Collaboration on ITS Communication Standards Martin Adolph, Programme Coordinator, ITU ITU activities on secure vehicle software.

AN EFFICIENT TDMA SCHEME WITH DYNAMIC SLOT ASSIGNMENT IN CLUSTERED WIRELESS SENSOR NETWORKS Shafiq U. Hashmi, Jahangir H. Sarker, Hussein T. Mouftah and.

Sine-Wave Application v2.0 Pavel Čírtek. Sine-Wave Application v2.0 2 The Aim of the Work Create representative prototype of highly dependable synthetic.

Krishna Suman Kadiyala Fault Tolerant Systems EE 585 Fall 2006

Seminar on ELECTRONIC POWER STEERING

November 18 July 2008 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: Task Group 4e definitions Date.

Presentation transcript:

Safety evaluation of in-car real-time applications distributed on TDMA-based networks Cédric Wilwert Françoise Simonot-Lion, Ye-Qiong Song François Simonot 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Nancy, October 2005

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) X-by-Wire and Safety assessment: which issue? Critical functions - Steering according to the drivers’ request -Force feedback to the steering wheel Drivers’request Filtering, … Control law Steering system

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) X-by-Wire and Safety assessment: which issue? Steer-by-Wire Steering function - Steering function Drivers’ request micro-controllers Control law Filtering, … Control law Connected on communication networks (TDMA) redundancies

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) X-by-Wire and Safety assessment: which issue? Control law Filtering, … Control law TDMA-based protocol

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) TDMA protocol ( Time Division Multiplexed Access ) TTP/C  Slot : time interval for a node to send a message (frame)  Round (cycle) : a sequence of slots such as each node sends one and only one time (TTP/C) Node A Node B Node C Node D abcd bcd t Bus a round slot

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) TDMA protocol ( Time Division Multiplexed Access ) TTP/C  Slot : time interval for a node to emit a message (frame)  Round : a sequence of slots such as each node emit one and only one time (TTP/C) Node A Node B Node C Node D a bcd abcbcdd t Bus a round slot

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) TDMA protocol - Fault Tolerant Unit (FTU) FTU: redundant nodes perform identical computations message redundancy in each TDMA round Node A2 Node A1 a1a2 t Bus round FTU a2a1

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) TDMA protocol for X-by-Wire systems abcbcd t Bus a round Node X consumer of message b Reception of b Deterministic response time Fault detection (heart beat)

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Impact of EMI perturbation on a TDMA-based communication system Control law OK KO OK KO OK KOOK Quality, performances dependability of the system ? Safety of the vehicle ?

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Standard and Certification A Steer-by-Wire system is a Safety Critical System Probability to have a critical failure in one hour < (IEC / SIL4) Verification on an Operational Architecture? Regulatory laws  Certification and standard Quantitative evaluation of the safety < Industrial requirement -Mechanical / hydraulical components - architectures -Electronic devices - ???? Behavior of software architecture (tasks, messages)

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) A contribution to the safety assement of X- by-Wire systems  Quantitative evaluation of a failure probability –extreme situation for the vehicle (worst case) –focus on the communication and EMI perturbations TDMA-based protocol Granularity: one TDMA cycle –transient faults (EMI perturbations): from transient faults to vehicle failure –metric and means for safety evaluation

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Outline Introduction Key points for the safety assessment of X-by-Wire system Technical solutions Case study Conclusions 

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Leading angles of the method  Robustness of the control law  System possibly perturbated –How? –How long?

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Robustness of the control law  Control law used as a black box  Matlab / Simulink model –of the vehicle (SimulinkCar – PSA Peugeot-Citroën) –of the control law for an « extreme » situation of the vehicle (worst case) Fault injection + Simulations  2 results –Acceptable length of the TDMA cycle –Maximal number of consecutive lost TDMA cycles -  max

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) How is a TDMA cycle affected by a perturbation?  Error model –Obtained by measurement –Know-how of PSA Peugeot-Citroën  result P err, probability for a TDMA cycle to be fully corrupted when the network is submitted to a perturbation

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) How long is a perturbation?  Electric field level of a reference road –Based on the results of a French project –Measured on board –Assuming a tolerance level of embedded electronic components

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Tolerated by in-vehicle electronic components How long is a perturbation? driving situation

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) How long is a perturbation?  WC (Z) TDMA cycles

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Outline Problem Key points for the safety assessment of X-by-Wire system Technical solutions Case study Conclusions 

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Technical solutions  Given: –  max : tolerance (consecutive corrupted TDMA cycles) –  wc : length of the perturbation (TDMA cycles) - extreme situation for the vehicle, worst case of perturbation cover – P err : probability for one TDMA cycle to be corrupted  Problem: determine the probability to have more than  max consecutive corrupted cycles in  wc cycles (under P err ): P fail (  max,  WC,P err )

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Technical solutions  Similar to « consecutive-k-out-of-n:F » systems - C(k,n:F) –System = ordered sequence of n components –The system fails if and only if more than k consecutive components fail –L n : number of consecutive failed components [Burr,1961], [Lambridis,1985], [Hwang,1986]

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Technical solution  Recurrent relation: P fail (  max,  WC,P err ) = 1-R(  max,  WC ;P err ) = 1-u  max (  WC )

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Outline Problem Key points for the safety assessment of X-by-Wire system Technical solutions Case study Conclusions 

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Case study: a Steer-by-Wire system Drivers’request Filtering, … Control law -extreme situation vehicle speed (90 km/h) sharp turning perturbated area = 2s -robustness  max = 7 TDMA cycles -impact of the EMI perturbation P err = duration of the possibly perturbated area  WC = 336 TDMA cycles P fail (  max,  WC,P err ) =

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Case study: configuration of a system P err TDMA cycle (ms)  (  WC,  max ) P fail (  WC,  WC,P err )   P fail (  WC,  WC,P err ) < P fail (  WC,  WC,P err ) <

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Outline Problem Key points for the safety assessment of X-by-Wire system Technical solutions Case study Conclusions 

3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Conclusions  A contribution to the dependability evaluation of an embedded system –Transient fault at communication level to safety property at vehicle level –Mathematical evaluation / simulation  Generalisation – P err variable (error pattern, Markov process) – Other systems (e.g., dependability for application based on wireless networks)