| 1. |
- Folkesson, Peter, 1968, et al.
(författare)
-
Back-to-Back Fault Injection Testing in Model-Based Development
- 2015
-
Ingår i: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). - Cham : Springer International Publishing. - 1611-3349 .- 0302-9743. - 9783319242545 - 9783319242552 ; 9337, s. 135-148
-
Konferensbidrag (refereegranskat)abstract
- Today, embedded systems across industrial domains (e.g., avionics, automotive) are representatives of software-intensive systems with increasing reliance on software and growing complexity. It has become critically important to verify software in a time, resource and cost effective manner. Furthermore, industrial domains are striving to comply with the requirements of relevant safety standards. This paper proposes a novel workflow along with tool support to evaluate robustness of software in model-based development environment, assuming different abstraction levels of representing software. We then show the effectiveness of our technique, on a brake-by-wire application, by performing back-to-back fault injection testing between two different abstraction levels using MODIFI for the Simulink model and GOOFI-2 for the generated code running on the target microcontroller. Our proposed method and tool support facilitates not only verifying software during early phases of the development lifecycle but also fulfilling back-to-back testing requirements of ISO 26262 when using model-based development.
|
|
| 2. |
- Lijun, Shan, et al.
(författare)
-
A Survey on the Application of Safety, Security,and Privacy Standards for Dependable Systems
- 2019
-
Ingår i: Proceedings of the 15th European Dependable Computing Conference.
-
Konferensbidrag (refereegranskat)abstract
- Safety-critical systems are required to comply withsafety standards as well as security and privacy standards.In order to provide insights into how practitioners apply thestandards on safety, security or privacy (Sa/Se/Pr), as well ashow they employ Sa/Se/Pr analysis methodologies and softwaretools to meet such criteria, we conducted a questionnaire-basedsurvey. This paper summarizes our major analysis results of thereceived responses.
|
|
| 3. |
- Sangchoolie, Behrooz, et al.
(författare)
-
A Comparison of Inject-on-Read and Inject-on-Write in ISA-Level Fault Injection
- 2016
-
Ingår i: Proceedings - 2015 11th European Dependable Computing Conference, EDCC 2015. - : Institute of Electrical and Electronics Engineers Inc.. - 9781467392891 ; , s. 178-189, s. 178-189
-
Konferensbidrag (refereegranskat)abstract
- ISA-level fault injection, i.e. the injection of bit-flip faults in Instruction Set Architecture (ISA) registers and main memory words, is widely used for studying the impact of transient and intermittent hardware faults in computer systems. This paper compares two techniques for ISA-level fault injection: inject-on-read, and inject-on-write. The first technique injects bit-flips in a data-item (the content of a register or memory word) just before the data-item is read by a machine instruction, while the second one injects bit-flips in a data-item just after it has been updated by a machine instruction. In addition, the paper compares two variants of inject-on-read, one where all faults are given the same weight and one where weight factors are used to reflect the time a data-item spends in a register or memory word. The weighted injected-on-read aims to accurately model soft errors that occur when an ionizing particle perturbs a data-item while it resides in an ISA register or a memory word. This is in contrast to inject-on-write, which emulates errors that propagate into an ISA register or a memory word. Our experiments show significant differences in the results obtained with the three techniques.
|
|
| 4. |
- Sangchoolie, Behrooz, 1986-, et al.
(författare)
-
A Study of the Interplay Between Safety and Security Using Model-Implemented Fault Injection
- 2018
-
Konferensbidrag (refereegranskat)abstract
- The combination of high mobility and wireless communication in many safety-critical systems have increased their exposure to malicious security threats. Consequently, many works in the past have proposed solutions to ensure safety and security of these systems. However, not much attention has been given to the interplay between these two groups of nonfunctional requirements. This is a concern as safety solutions may negatively impact system security and vice versa. This paper addresses the interplay between safety and security by proposing an attack injection framework, based on model-implemented fault injection, suitable for model-based design. The framework enables us to study and evaluate the impact of cybersecurity attacks on system safety early in the development process. To this end, we have implemented six attack injection models and conducted experiments on Simulink models of a CAN bus and a brake-by-wire controller. The results show that the security attacks modeled could successfully impact the system safety by violating our defined safety requirements.
|
|
| 5. |
- Sangchoolie, Behrooz, et al.
(författare)
-
Light-weight techniques for improving the controllability and efficiency of ISA-level fault injection tools
- 2017
-
Ingår i: Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC. - : IEEE Computer Society. - 1541-0110. - 9781509056514 - 9781509056521 ; , s. 68-77
-
Konferensbidrag (refereegranskat)abstract
- ISA-level fault injection, i.e. the injection of bitflip faults in Instruction Set Architecture (ISA) registers and main memory words, is widely used for studying the impact of transient and intermittent hardware faults. ISA-level fault injection tools can be characterized by different properties such as repeatability, observability, reachability, intrusiveness, efficiency and controllability. This paper presents two preinjection analysis techniques that improve controllability and efficiency using object code analysis. To improve controllability, we propose a technique for identifying the type of data that is stored in a potential target location. This allows the user to selectively direct fault injections to addresses, data and/or control information. Experimental results show that the data type of 84-100% of the targets locations in 8 programs were successfully identified by this technique. The second technique improves efficiency by fault pruning, i.e., by avoiding injection of faults that is known a priori to be detected by the tested system. This technique leverage the fact that faults in certain bits in the program counter and the stack pointer are always detected by machine exceptions. We show that exclusion of these bits from the fault space could significantly prune the fault space and reduce the time it takes to conduct a fault injection campaign.
|
|
| 6. |
- Sangchoolie, Behrooz, 1986
(författare)
-
On Efficient Measurement of the Impact of Hardware Errors in Computer Systems
- 2017
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Technology and voltage scaling is making integrated circuits increasingly susceptible to failures caused by soft errors. The source of soft errors are temporary hardware faults that alter data and signals in digital circuits. Soft errors are predominately caused by ionizing particles, electrical noise and wear-out effects, but may also occur as a result of marginal circuit designs and manufacturing process variations.Modern computers are equipped with a range of hardware and software based mechanisms for detecting and correcting soft errors, as well as other types of hardware errors. While these mechanisms can handle a variety of errors and error types, protecting a computer completely from the effects of soft errors is technically and economically infeasible. Hence, in applications where reliability and data integrity is of primary concern, it is desirable to assess and measure the system's ability to detect and correct soft errors.This thesis is devoted to the problem of measuring hardware error sensitivity of computer systems. We define hardware error sensitivity as the probability that a hardware error results in an undetected erroneous output. Since the complexity of computer systems makes it extremely demanding to assess the effectiveness of error handling mechanisms analytically, error sensitivity and related measures, e.g., error coverage, are in practice determined experimentally by means of fault injection experiments.The error sensitivity of a computer system depends not only on the design of its error handling mechanism, but also on the program executed by the computer. In addition, measurements of error sensitivity is affected by the experimental set-up, including how and where the errors are injected, and the assumptions about how soft errors are manifested, i.e., the error model. This thesis identifies and investigates six parameters, or sources of variation, that affect measurements of error sensitivity. These parameters consist of two subgroups, those that deal with systems characteristics, namely, (i) the input processed by a program, (ii) the program's source code implementation, (iii) the level of compiler optimization; and those that deal with measurement setup, namely, (iv) the number of bits that are targeted in each experiment, (v) the target location in which faults are injected, (vi) the time of injection.To accurately measure the error sensitivity of a system, one needs to conduct several sets of fault injection experiments by varying different sources of variations. As these experiments are quite time-consuming, it is desirable to improve the efficiency of fault injection-based measurement of error sensitivity. To this end, the thesis proposes and evaluates different error space optimization and error space pruning techniques to reduce the time and effort needed to measure the error sensitivity.
|
|
| 7. |
- Sangchoolie, Behrooz, et al.
(författare)
-
One Bit is (Not) Enough : An Empirical Study of the Impact of Single and Multiple Bit-Flip Errors
- 2017
-
Ingår i: Proceedings - 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2017. - : Institute of Electrical and Electronics Engineers Inc.. - 9781538605417 ; , s. 97-108
-
Konferensbidrag (refereegranskat)abstract
- Recent studies have shown that technology and voltage scaling are expected to increase the likelihood that particle-induced soft errors manifest as multiple-bit errors. This raises concerns about the validity of using single bit-flips for assessing the impact of soft errors in fault injection experiments. The goal of this paper is to investigate whether multiple-bit errors could cause a higher percentage of silent data corruptions (SDCs) compared to single-bit errors. Based on 2700 fault injection campaigns with 15 benchmark programs, featuring a total of 27 million experiments, our results show that single-bit errors in most cases yields a higher percentage of SDCs compared to multiple-bit errors. However, in 8% of the campaigns we observed a higher percentage of SDCs for multiple-bit errors. For most of these campaigns, the highest percentage of SDCs was obtained by flipping at most 3 bits. Moreover, we propose three ways of pruning the error space based on the results.
|
|
| 8. |
- Shan, Lijun, et al.
(författare)
-
A Survey on the Applicability of Safety, Security and Privacy Standards in Developing Dependable Systems
- 2019
-
Ingår i: Computer Safety,Reliability, and Security. - 9783030262501
-
Konferensbidrag (refereegranskat)abstract
- Safety-critical systems are required to comply with safety standards. These systems are increasingly digitized and networked to an extent where they need to also comply with security and privacy standards. This paper aims to pro-vide insights into how practitioners apply the standards on safety, security or pri-vacy (Sa/Se/Pr), as well as how they employ Sa/Se/Pr analysis methodologies and software tools to meet such criteria. To this end, we conducted a question-naire-based survey within the participants of an EU project SECREDAS and ob-tained 21 responses. The results of our survey indicate that safety standards are widely applied by product and service providers, driven by the requirements from clients or regulators/authorities. When it comes to security standards, practition-ers face a wider range of standards while few target specific industrial sectors. Some standards linking safety and security engineering are not widely used at the moment, or practitioners are not aware of this feature. For privacy engineering, the availability and usage of standards, analysis methodologies and software tools are relatively weaker than safety and security, reflecting the fact that privacy en-gineering is an emerging concern for practitioners.
|
|
| 9. |
- Skoglund, Martin, et al.
(författare)
-
Agreements of an Automated Driving System
- 2018
-
Konferensbidrag (övrigt vetenskapligt/konstnärligt)abstract
- When introducing automated driving systems (ADS), it is imperative that there exist mutual agreements between the ADS and stakeholders – such as the ADS equipped vehicle user, other road users, and society at large – on how the ADS should behave. Lacking such agreements, the ADS may antagonize stakeholders and, even worse, pose severe safety risks. The ADS needs a complete and unambiguous set of machine-interpretable properties describing these interactions, while the human stakeholders need to understand and accept how the ADS is designed to behave. We propose to make these considerations explicit in the form of agreements. The completeness problem is tackled by cataloguing and categorizing all agreements that need to be considered during the lifetime of an ADS in a systematic way.
|
|
| 10. |
- Skoglund, Martin, et al.
(författare)
-
In search of synergies in a multi-concern development lifecycle : Safety and cybersecurity
- 2018
-
Ingår i: Lecture notes in Computer Science. - Cham : Springer International Publishing. - 9783319992280 ; , s. 302-313
-
Konferensbidrag (refereegranskat)abstract
- The complexity of developing embedded electronic systems has been increasing especially in the automotive domain due to recently added functional requirements concerning e.g., connectivity. The development of these systems becomes even more complex for products - such as connected automated driving systems – where several different quality attributes (such as functional safety and cybersecurity) need to also be taken into account. In these cases, there is often a need to adhere to several standards simultaneously, each addressing a unique quality attribute. In this paper, we analyze potential synergies when working with both a functional safety standard (ISO 26262) and a cybersecurity standard (first working draft of ISO/SAE 21434). The analysis is based on a use case developing a positioning component for the automotive domain. The results regarding the use of multi-concern development lifecycle is on a high level, since most of the insights into co-engineering presented in this paper is based on process modeling. The main findings of our analysis show that on the design-side of the development lifecycle, the big gain is completeness of the analysis when considering both attributes together, but the overlap in terms of shared activities is small. For the verification-side of the lifecycle, much of the work and infrastructure can be shared when showing fulfillment of the two standards ISO 26262 and ISO/SAE 21434.
|
|
