Doctoral Thesis Presentation
description
Transcript of Doctoral Thesis Presentation
Dependability Analysis and Enhancement of Real-Time
Embedded Systems
Dawid Trawczynski, MSc.Advisor: Janusz Sosnowski, Prof.
Warsaw University of Technology
Department of Electronics and Information Technology
Computer Science Institute
22 December, 2009
Outline
• Thesis and objective• Dependability problems in embedded
systems• Faults – models, detection and correction• Research methods• Case study• Summary
Thesis
Integrated structural and functional modeling of an embedded, real-time embedded system enables more accurate dependability (in comparison to existing approaches) analysis and enhancement. The effectiveness of the latter process is influenced by many factors such as control algorithms, characteristics of the controlled object, and system environment.
Objective
• Definition and analysis of fault models important in real-time (RT) embedded systems
• Development of an integrated environment needed to study fault effects in embedded systems
• Analysis and development of methods that can improve system’s resistance to faults
Dependability Problems in Embedded Systems
• Fault set extension and development of fault handling mechanisms
• Integration of various modeling and fault simulation tools
– controller (local, distributed, network, task scheduler)– controlled object and scheduler
• Selection of testing scenarios– normal– critical
• System behavior monitoring and its qualification– interaction dynamics and grading complexity
Fault Models
• Structural– transient („latched” i „non-latched”)– permanent– intermittent
• Abstract (functional)– control-flow in a real-time network’s protocol MAC
FSM– task execution delay– message transmission delay in a RT network– clock synchronization
Fault Detection and Handling• Integration of programmed procedures
with system exception handling• Mechanisms exploiting natural
system’s behavior and redundancy– simple and complex assertions– a TREE method for the task execution
delay fault
Dependability Analysis Methods
• Analytical and stochastic approaches(e.g., Markov Chains)
• Simulation methods – Model of the analyzed system– Real systems– Hybrids
• Fault injection– Software (SWIFI)– Hardware (HWIFI)
Integrated Simulation Environment
Integration of a real-time simulator and fault injector:TrueTime + Matlab/Simulink + FITS + MSVC
Simulation-Based Dependability Research Method
• Development of a structural and functional model for the application and environment
• Instrumentation of the target application• Integration of models with the fault simulator• Fault injection (abstract and transient ) –
testing scenarios, localization, and fault activation
• System’s behavior qualification
Case Study
Anti-Lock Braking System (ABS)
Single-Wheel ABS Model• PID controller modulating brake fluid pressure
• Environment consisting of a dynamic wheel, tire and suspension models
SWabs Algorithm
Four-Wheel ABS Model
DSlip and DSim Algorithms
Distributed Task
Schedule
Experiments
• Single and four-wheel ABS models• Tested the controller and RT network• Transient faults („latched” and „non-
latched”) and abstract (functional)• Application behavior statistics (C,I,S,T)
Integration of System Exception Handling
0%
20%
40%
60%
80%
100%
REG MEM FPU CODE INSTR
INC C T S
Selective Assertions
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
Slip Tresh.
Slip Tresh. Wzm.
Filter TConst.
Filter Tconst. Wzm.
Filter Gain
Filter Gain Wzm.
Int. Sample Time
Int. Sample Time Wzm.
Tire Radius
Tire Radius Wzm.
C INC S T
Fault Resilience and Program Design
0%
20%
40%
60%
80%
100%
REG PTR
REGM
EM PTR
MEM
CODE PTR
CODE
INST PTR
INSTFPU PTR
FPU
C INC S T
Task Execution Delay Fault
Contributions• Fault set extension and development of new fault
handling methods• Development of an embedded system dependability
analysis method– method takes into account external environment– result qualification method and analysis of fault
effects on system behavior– effectiveness analysis of programmable fault
tolerance mechanisms• Integrated simulation environment
– enhancement of a RT simulator– interfacing of various design environments
• Complex implementation of a realistic case-study
Observations• Fault susceptibility is dependant on system
dynamics, control phase, and ability to mask faults via the feedback loop
• Effective fault handling can achieve over 90% transient fault coverage
• Complex handling mechanisms have significant drawbacks
• Result qualification and code separation are essential to guarantee trustworthy simulation results
• Future research– Automatic abstract fault injection and mapping to structural
faults– Fault injection benchmark development
Thank You for Attention!
Network PFSM MAC Control-Flow Fault
Worst-Case Task Execution Delay Fault
∑=
=n
kks
1it
∑=
+=n
kkk ts
1
'i ))((t φ
: fault-free task i WCET
: faulty task i WCET
Message Delay Fault
Cm,MDF = Cm + C'm
C'm = (8sm + smdf)τbit where smdf (β) = [0,103] bytes
bitmm
m ss
C τ
++
+= 847
5
834: CAN bus
Clock Synchronization Fault
fnew = (p-1) * fo, where 1 > p ≥ 0
p = [10-2, 100] sec./sec.