Presentation is loading. Please wait.

Presentation is loading. Please wait.

Safety evaluation of in-car real-time applications distributed on TDMA-based networks Cédric Wilwert Françoise Simonot-Lion, Ye-Qiong Song François Simonot.

Published byDale Stevens Modified over 9 years ago

Similar presentations

Presentation on theme: "Safety evaluation of in-car real-time applications distributed on TDMA-based networks Cédric Wilwert Françoise Simonot-Lion, Ye-Qiong Song François Simonot."— Presentation transcript:

1 Safety evaluation of in-car real-time applications distributed on TDMA-based networks Cédric Wilwert Françoise Simonot-Lion, Ye-Qiong Song François Simonot 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Nancy, 13-14 October 2005

2 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) X-by-Wire and Safety assessment: which issue? Critical functions - Steering according to the drivers’ request -Force feedback to the steering wheel Drivers’request Filtering, … Control law Steering system

3 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) X-by-Wire and Safety assessment: which issue? Steer-by-Wire Steering function - Steering function Drivers’ request micro-controllers Control law Filtering, … Control law Connected on communication networks (TDMA) redundancies

4 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) X-by-Wire and Safety assessment: which issue? Control law Filtering, … Control law TDMA-based protocol

5 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) TDMA protocol ( Time Division Multiplexed Access ) TTP/C  Slot : time interval for a node to send a message (frame)  Round (cycle) : a sequence of slots such as each node sends one and only one time (TTP/C) Node A Node B Node C Node D abcd bcd t Bus a round slot

6 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) TDMA protocol ( Time Division Multiplexed Access ) TTP/C  Slot : time interval for a node to emit a message (frame)  Round : a sequence of slots such as each node emit one and only one time (TTP/C) Node A Node B Node C Node D a bcd abcbcdd t Bus a round slot

7 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) TDMA protocol - Fault Tolerant Unit (FTU) FTU: redundant nodes perform identical computations message redundancy in each TDMA round Node A2 Node A1 a1a2 t Bus round FTU a2a1

8 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) TDMA protocol for X-by-Wire systems abcbcd t Bus a round Node X consumer of message b Reception of b Deterministic response time Fault detection (heart beat)

9 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Impact of EMI perturbation on a TDMA-based communication system Control law OK KO OK KO OK KOOK Quality, performances dependability of the system ? Safety of the vehicle ?

10 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Standard and Certification A Steer-by-Wire system is a Safety Critical System Probability to have a critical failure in one hour < 10 -8 (IEC 61508 / SIL4) Verification on an Operational Architecture? Regulatory laws  Certification and standard Quantitative evaluation of the safety < 10 -10 Industrial requirement -Mechanical / hydraulical components - architectures -Electronic devices - ???? Behavior of software architecture (tasks, messages)

11 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) A contribution to the safety assement of X- by-Wire systems  Quantitative evaluation of a failure probability –extreme situation for the vehicle (worst case) –focus on the communication and EMI perturbations TDMA-based protocol Granularity: one TDMA cycle –transient faults (EMI perturbations): from transient faults to vehicle failure –metric and means for safety evaluation

12 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Outline Introduction Key points for the safety assessment of X-by-Wire system Technical solutions Case study Conclusions 

13 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Leading angles of the method  Robustness of the control law  System possibly perturbated –How? –How long?

14 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Robustness of the control law  Control law used as a black box  Matlab / Simulink model –of the vehicle (SimulinkCar – PSA Peugeot-Citroën) –of the control law for an « extreme » situation of the vehicle (worst case) Fault injection + Simulations  2 results –Acceptable length of the TDMA cycle –Maximal number of consecutive lost TDMA cycles -  max

15 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) How is a TDMA cycle affected by a perturbation?  Error model –Obtained by measurement –Know-how of PSA Peugeot-Citroën  result P err, probability for a TDMA cycle to be fully corrupted when the network is submitted to a perturbation

16 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) How long is a perturbation?  Electric field level of a reference road –Based on the results of a French project –Measured on board –Assuming a tolerance level of embedded electronic components

17 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Tolerated by in-vehicle electronic components How long is a perturbation? driving situation

18 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) How long is a perturbation?  WC (Z) TDMA cycles

19 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Outline Problem Key points for the safety assessment of X-by-Wire system Technical solutions Case study Conclusions 

20 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Technical solutions  Given: –  max : tolerance (consecutive corrupted TDMA cycles) –  wc : length of the perturbation (TDMA cycles) - extreme situation for the vehicle, worst case of perturbation cover – P err : probability for one TDMA cycle to be corrupted  Problem: determine the probability to have more than  max consecutive corrupted cycles in  wc cycles (under P err ): P fail (  max,  WC,P err )

21 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Technical solutions  Similar to « consecutive-k-out-of-n:F » systems - C(k,n:F) –System = ordered sequence of n components –The system fails if and only if more than k consecutive components fail –L n : number of consecutive failed components [Burr,1961], [Lambridis,1985], [Hwang,1986]

22 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Technical solution  Recurrent relation: P fail (  max,  WC,P err ) = 1-R(  max,  WC ;P err ) = 1-u  max (  WC )

23 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Outline Problem Key points for the safety assessment of X-by-Wire system Technical solutions Case study Conclusions 

24 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Case study: a Steer-by-Wire system Drivers’request Filtering, … Control law -extreme situation vehicle speed (90 km/h) sharp turning perturbated area = 2s -robustness  max = 7 TDMA cycles -impact of the EMI perturbation P err = 5 10 -3 -duration of the possibly perturbated area  WC = 336 TDMA cycles P fail (  max,  WC,P err ) = 2.87 10 -8

25 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Case study: configuration of a system P err TDMA cycle (ms)  (  WC,  max ) P fail (  WC,  WC,P err )  10 -7 10 -10  P fail (  WC,  WC,P err ) < 10 -7 P fail (  WC,  WC,P err ) < 10 -10

26 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Outline Problem Key points for the safety assessment of X-by-Wire system Technical solutions Case study Conclusions 

27 3rd Nancy-Saarbrücken Workshop on Logic, Proofs and Programs Françoise Simonot-Lion (LORIA UMR 7503) Conclusions  A contribution to the dependability evaluation of an embedded system –Transient fault at communication level to safety property at vehicle level –Mathematical evaluation / simulation  Generalisation – P err variable (error pattern, Markov process) – Other systems (e.g., dependability for application based on wireless networks)

Download ppt "Safety evaluation of in-car real-time applications distributed on TDMA-based networks Cédric Wilwert Françoise Simonot-Lion, Ye-Qiong Song François Simonot."

Similar presentations

Mafijul Islam, PhD Software Systems, Electrical and Embedded Systems Advanced Technology & Research Research Issues in Computing Systems: An Automotive.

Mafijul Islam, PhD Software Systems, Electrical and Embedded Systems Advanced Technology & Research Research Issues in Computing Systems: An Automotive.
Assume that a file is transferred from a node A to a node B. The file has been fragmented in 5 frames. Frame 0 is corrupted, the ACK of frame 1 is corrupted,

Assume that a file is transferred from a node A to a node B. The file has been fragmented in 5 frames. Frame 0 is corrupted, the ACK of frame 1 is corrupted,
Securing Vehicular Communications Author : Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From : IEEE Wireless Communications Magazine, Special.

Securing Vehicular Communications Author : Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From : IEEE Wireless Communications Magazine, Special.
Availability in Globally Distributed Storage Systems

Availability in Globally Distributed Storage Systems
Making Services Fault Tolerant

Making Services Fault Tolerant
OPM Cybersecurity Competencies by Occupation (Technical Competencies) 2210085508540391 Information Technology Management Series Electronics Engineering.

OPM Cybersecurity Competencies by Occupation (Technical Competencies) Information Technology Management Series Electronics Engineering.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
Bogdan Tanasa, Unmesh D. Bordoloi, Petru Eles, Zebo Peng Department of Computer and Information Science, Linkoping University, Sweden December 3, 2010.

Bogdan Tanasa, Unmesh D. Bordoloi, Petru Eles, Zebo Peng Department of Computer and Information Science, Linkoping University, Sweden December 3, 2010.
1 of 30 June 14, 2000 Scheduling and Communication Synthesis for Distributed Real-Time Systems Paul Pop Department of Computer and Information Science.

1 of 30 June 14, 2000 Scheduling and Communication Synthesis for Distributed Real-Time Systems Paul Pop Department of Computer and Information Science.
Trust Level Based Self-Organized Routing Protocol for Secure Ad Hoc Networks Li Xiaoqi, GiGi 12/3/2002.

Trust Level Based Self-Organized Routing Protocol for Secure Ad Hoc Networks Li Xiaoqi, GiGi 12/3/2002.
WPDRTS ’05 1 Workshop on Parallel and Distributed Real-Time Systems 2005 April 4th and 5th, 2005, Denver, Colorado Challenge Problem Session Detection.

WPDRTS ’05 1 Workshop on Parallel and Distributed Real-Time Systems 2005 April 4th and 5th, 2005, Denver, Colorado Challenge Problem Session Detection.
Reliability-Aware Frame Packing for the Static Segment of FlexRay Bogdan Tanasa, Unmesh Bordoloi, Petru Eles, Zebo Peng Linkoping University, Sweden 1.

Reliability-Aware Frame Packing for the Static Segment of FlexRay Bogdan Tanasa, Unmesh Bordoloi, Petru Eles, Zebo Peng Linkoping University, Sweden 1.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
Reliability on Web Services Pat Chan 31 Oct 2006.

Reliability on Web Services Pat Chan 31 Oct 2006.
Scheduling with Optimized Communication for Time-Triggered Embedded Systems Slide 1 Scheduling with Optimized Communication for Time-Triggered Embedded.

Scheduling with Optimized Communication for Time-Triggered Embedded Systems Slide 1 Scheduling with Optimized Communication for Time-Triggered Embedded.
REAL-TIME SOFTWARE SYSTEMS DEVELOPMENT Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.

REAL-TIME SOFTWARE SYSTEMS DEVELOPMENT Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.
July 15, 2002 SCI02 ORLANDO Wireless Token Ring Protocol1 UC Berkeley WOW Wireless Token Ring Protocol (WTRP) A Medium Access Control Protocol for QoS.

July 15, 2002 SCI02 ORLANDO Wireless Token Ring Protocol1 UC Berkeley WOW Wireless Token Ring Protocol (WTRP) A Medium Access Control Protocol for QoS.
1 Oct 2, 2003 Design Optimization of Mixed Time/Event-Triggered Distributed Embedded Systems Traian Pop, Petru Eles, Zebo Peng Embedded Systems Laboratory.

1 Oct 2, 2003 Design Optimization of Mixed Time/Event-Triggered Distributed Embedded Systems Traian Pop, Petru Eles, Zebo Peng Embedded Systems Laboratory.
1 Software Testing and Quality Assurance Lecture 35 – Software Quality Assurance.

1 Software Testing and Quality Assurance Lecture 35 – Software Quality Assurance.

Similar presentations

Ads by Google