Christoph Kuznik

Timing modeling and analysis for AUTOSAR-based software development: a case study

Safety-critical automotive systems must fulfill hard real-time constraints for reliability and safety. This paper presents a case study for the application of an AUTOSAR-based language for timing modeling and analysis. We present and apply the Timing Augmented Description Language (TADL) and demonstrate a methodology for the development of a speed-adaptive steer-by-wire system. We examine the impact of TADL and the methodology on the development process and the suitability and interoperability of the applied tools with respect to the AUTOSAR-based tool chain in the context of our case study.

Safety Evaluation of Automotive Electronics Using Virtual Prototypes: State of the Art and Research Challenges

Intelligent automotive electronics significantly improved driving safety in the last decades. With the increasing complexity of automotive systems, dependability of the electronic components themselves and of their interaction must be assured to avoid any risk to driving safety due to unexpected failures caused by internal or external faults. Additionally, Virtual Prototypes (VPs) have been accepted in many areas of system development processes in the automotive industry as platforms for SW development, verification, and design space exploration. We believe that VPs will significantly contribute to the analysis of safety conditions for automotive electronics. This paper shows the advantages of such a methodology based on todays industrial needs, presents the current state of the art in this field, and outlines upcoming research challenges that need to be addressed to make this vision a reality.

XEMU: an efficient QEMU based binary mutation testing framework for embedded software

This paper presents the XEMU framework for mutation based testing of embedded software binaries. We apply an extension of the QEMU software emulator, which injects mutations at run-time by dynamic code translation without affecting the binary software under test. The injection is based on a mutation table, which is generated by control flow graph (CFG) analysis of the disassembled code prior to its execution without presuming access to source code. We introduce our approach by the example of the ARM instruction set architecture for which a mutation taxonomy is presented. In addition to extending the testing scope to target specific low level faults, XEMU addresses the reduction of the mutants creation, execution, and detection overheads. Moreover, we reduce testing efforts by applying binary CFG analysis and constraint-based test generation for improved test quality. The experimental results of a car motor management software show significant improvements over conventional source code based approaches while providing 100% accuracy in terms of the computed test quality metrics.

The system verification methodology for advanced TLM verification

The IEEE-1800 SystemVerilog [20] system description and verification language integrates dedicated verification features, like constraint random stimulus generation and functional coverage, which are the building blocks of the Universal Verification Methodology (UVM)[3], the emerging standard for electronic systems verification. In this article, we introduce our System Verification Methodology (SVM) as a SystemC library for advanced Transaction Level Modeling (TLM) testbench implementation. As such, we first present SystemC libraries for the support of verification features like functional coverage and constrained random stimulus generation. Thereafter, we introduce the SVM with advanced TLM support based on SystemC and compare it to UVM and related approaches. Finally, we demonstrate the application of our SVM by means of a testbench for a two wheel self-balancing electric vehicle.

Aspect enhanced functional coverage driven verification in the SystemC HDVL

As embedded systems incorporate more and more amounts of IP and embedded software the functional and nonfunctional verification task is one of the key bottlenecks in the design process. Despite proprietary design and verification languages such as IEEE-1800 SystemVerilog and IEEE-1647 e offer CDV functionalities neither SystemC or the SCV addon library contain these features. Moreover, as programming languages and verification paradigms of the hardware and software domain continue to converge the verification techniques and methodologies need to take account of that, e.g. by adaption of the aspect-oriented programming scheme. In this paper we describe an approach for enhancing the functional coverage collection in the SystemC ecosystem by means of aspects, allowing cross-cutting the concern of CDV verification in stand-alone aspects, increasing the overall verification productivity.

Verification of a CAN bus model in SystemC with functional coverage

Many heterogeneous embedded systems, for example industrial automation and automotive applications, require hard-real time constraints to be exhaustively verified - which is a challenging task for the verification engineer. To cope with complexity, verification techniques working on different abstraction levels are best practice. SystemC is a versatile C++ based design and verification language, offering various mechanisms and constructs required for embedded systems modeling. Using the add-on SystemC Verification Library (SCV) elemental constrained-random stimuli techniques may be used for verification. However, SCV has several drawbacks such as lack of functional coverage. In this paper we present a functional coverage library that implements parts of the IEEE 1800-2005 SystemVerilog standard and allows capturing functional coverage throughout the design and verification process with SystemC. Moreover, we will demonstrate the usability of the approach with a case study working on a CAN bus model written in SystemC.

Binary mutation testing through dynamic translation

This paper presents a novel mutation based testing method through binary mutation. For this, a table of mutants is derived by control flow analysis of a disassembled binary under test. Mutations are injected at runtime by dynamic translation. Thus, our approach neither relies on source code nor a certain compiler. As instrumentation is avoided, testing results correspond to the original binary. In addition to high-level language faults, the proposed approach captures target specific faults related to compiling and linking. We investigated the software of an automotive case study. For this, a taxonomy of mutation operators for the ARM instruction set is proposed. Our experimental results prove 100% accuracy w.r.t. confidence metrics provided by conventional testing methods while avoiding significant mutant compilation overhead. Further speed up is achieved by an efficient binary mutation testing framework that relies on extending the open source software emulator QEMU.

Virtual Platforms for Model-Based Design of Dependable Cyber-Physical System Software

In this article, we present a virtual platform driven methodology for model-based design of dependable SW targeting cyber-physical systems. Our methodology covers an eight levels spanning flow for smooth refinement of discrete/continuous application models towards the implementation of distributed SW stacks providing flexibility w.r.t. early integration of object/binary code. For this, we propose multiple virtual platform abstraction levels supporting SW synthesis from high level MoCs. By continuous interfacing with a model of the physical environment in-the-loop we enable to holistically consider mutual impacts of the SW and its environment. In order to assess and improve SW dependability we investigate the injection of faults and their effects into both the environment model and the SW under test. We present a mapping of the proposed methodology to a completely SystemC-based framework by employing several SystemC extensions, such as AMS/TDF, QEMU, and abstract models of RTOS, HAL and middleware. Finally, we present experimental results from an automotive case study: a fault- tolerant fuel injection control system for which we consider two fault injection use cases: (i) robustness/stress testing and (ii) mutation testing. Our results were derived by prototypic integration of our SystemC framework with a commercial Simulink- based tool chain for AUTOSAR-compliant SW development and deployment.

Development of Automotive Communication Based Real-Time Systems - A Steer-by-Wire Case Study

Safety-critical automotive systems must fulfill hard real-time constraints to guarantee their reliability and safety requirements. In the context of network-based electronics systems, high-level timing requirements have to be carefully mastered and traced throughout the whole development process. In this paper, we outline the management of scheduling-specific timing information by the application of a steer-by-wire design example. We apply the principles of the AUTOSAR-compliant Timing Augmented Description Language (TADL) following the methodology introduced by the TIMMO project[2]. Focus of the example will be the identification of end-to-end timing constraints and their refinement by means of stimuli-response event chains.

Native Binary Mutation Analysis for Embedded Software and Virtual Prototypes in SystemC

Mutation analysis is a powerful tool for white-box testing of the verification environment in order to produce dependable and higher quality software products. However, due to high computational costs and the focus on high-level software languages such as Java mutation analysis is not yet widely used in commercial design flows targeting embedded (software) systems. Here the industry is modeling both hardware and related software parts at higher levels of abstraction, called virtual prototypes, to accelerate parallel development and shorten time-to-market. In this paper we propose a mutation testing verification flow for SystemC based virtual prototypes that may not rely on source code only but on annotated basic blocks and enables mutant creation at assembler level to heavily reduce execution costs and equivalence mutants likelihood.