| 1. |
- Askerdal, Örjan, 1973, et al.
(author)
-
A Control Theory Approach for Analyzing the Effects of Data Errors in Safety-Critical Control Systems
- 2002
-
In: Pacific Rim International Symposium on Dependable Computing, 2002. Proceedings. 2002. - 0769518524 ; , s. 105-114
-
Conference paper (peer-reviewed)abstract
- Computers are increasingly used for implementing controlalgorithms in safety-critical embedded applications, such asengine control, braking control and flight surfacecontrol. Addressing the consequent coupling of control performancewith computer related errors, this paper develops a composite computerdependability/control theory methodology for analyzing the effectsdata errors have on control system dependability. The effect is measured as theresulting control error (defined as the difference between the desired value ofa physical property andits actual value). We use maximum bounds on this measure as the criterion forcontrol system failure (i.e., if the control error exceeds a certain threshold,the system has failed).In this paper we a) present suitable models of computer faults for analysis of control level effects andrelated analysis methods, and b) apply traditional control theoryanalysis methods for understanding the effects of data errors onsystem dependability. An automobile slip-control brake-system is used as an example showing the viability of our approach.
|
|
| 2. |
- Claesson, Vilgot, 1968, et al.
(author)
-
The Event-Triggered and Time-Triggered Medium-Access Methods
- 2003
-
In: Proceedings - 6th IEEE International Symposium on Object-Oriented Real-Time Distributed Computing, Hakodate, Japan, 14-16 May 2003. - 0769519288 ; , s. 131-134
-
Conference paper (peer-reviewed)abstract
- The processes of accessing a shared communication media have been extensively researched in the dependability and real-time area. For embedded systems, the primary approaches have revolved around the event-triggered and the time-triggered paradigms. In this paper, our goal is to objectively and quantitatively outline the capabilities and limitations of each of these paradigms. The event-triggered approach is commonly perceived as providing high flexibility, while the time-triggered approach is expected to provide for a higher degree of predictable communication access to the media. We have quantified the spread of their differences, and provide a summary discussion about suggested best usage for each approach. The focus of our work is on the response times of the communication system, and also on the schedulability of the communication system in collaboration with tasks in the nodes.
|
|
| 3. |
- Hiller, Martin, 1971, et al.
(author)
-
On the Placement of Software Mechanisms for Detection of Data Errors
- 2002
-
In: International Conference on Dependable Systems and Networks, 2002. DSN 2002. Proceedings. - 0769511015 ; , s. 135-144
-
Conference paper (peer-reviewed)abstract
- An important aspect in the development of dependable software is to decide where to locate mechanisms for efficient error detection and recovery. We present a comparison between two methods for selecting locations for error detection mechanisms, in this case executable assertions (EAs), in black-box, modular software. Our results show that by placing EAs based on error propagation analysis one may reduce the memory and execution time requirements as compared to experience- and heuristic-based placement while maintaining the obtained detection coverage. Further, we show the sensitivity of the EA-provided coverage estimation on the choice of the underlying error model. Subsequently, we extend the analysis framework such that error-model effects are also addressed and introduce measures for classifying signals according to their effect on system output when errors are present. The extended framework facilitates profiling of software systems from varied dependability perspectives and is also less susceptible to the effects of having different error models for estimating detection coverage.
|
|
| 4. |
- Hiller, Martin, 1971, et al.
(author)
-
PROPANE: An Environment for Examining the Propagation of Errors in Software
- 2002
-
In: ISSTA '02 Proceedings of the 2002 ACM SIGSOFT international symposium on Software testing and analysis. - New York, NY, USA : ACM. - 1581135629 ; , s. 81-85
-
Conference paper (peer-reviewed)abstract
- In order to produce reliable software, it is important to have knowledge on how faults and errors may affect the software. In particular, designing efficient error detection mechanisms requires not only knowledge on which types of errors to detect but also the effect these errors may have on the software as well as how they propagate through the software. This paper presents the Propagation Analysis Environment (PROPANE) which is a tool for profiling and conducting fault injection experiments on software running on desktop computers. PROPANE supports the injection of both software faults (by mutation of source code) and data errors (by manipulating variable and memory contents). PROPANE supports various error types out-of-the-box and has support for user-defined error types. For logging, probes are provided for charting the values of variables and memory areas as well as for registering events during execution of the system under test. PROPANE has a flexible design making it useful for development of a wide range of software systems, e.g., embedded software, generic software components, or user-level desktop applications. We show examples of results obtained using PROPANE and how these can guide software developers to where software error detection and recovery could increase the reliability of the software system.
|
|
| 5. |
- Jhumka, Arshad, 1974, et al.
(author)
-
An Approach to Specify and Test Component-Based Dependable Software
- 2002
-
In: Proceedings - 7th IEEE International Symposium on High Assurance Systems Engineering, Tokyo, 23-25 Oct. 2002. - 0769517692 ; , s. 211-220
-
Conference paper (peer-reviewed)abstract
- Components (in-house or pre-fabricated) are increasingly being used to reduce the cost of software development. Given that these components may not have not been developed with dependability as a driver, the components need to be adapted to deal with errors coming from their environment. To achieve this, error containment wrappers are often added to increase the robustness of such components. Adopting a gray-box perspective of software, we first present a modular approach for specifying and verifying embedded software made from components, based on concepts from category theory. This modular approach allows the system designer to check for semantic compatibility. To generate the error containment wrappers needed for adaptation, we subsequently present an algorithm that systematically generates the required wrappers. Using the information obtained through wrapper design, we develop an approach to identify relevant test cases to test individual components. We further exploit the modularity of the specification to identify the relevant test cases to perform testing at different levels of SW abstraction.
|
|
| 6. |
- Jhumka, Arshad, 1974, et al.
(author)
-
Component-Based Synthesis of Dependable Embedded Software
- 2002
-
In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). - Berlin, Heidelberg : Springer Berlin Heidelberg. - 1611-3349 .- 0302-9743. - 9783540441656 ; 2469, s. 111-128
-
Conference paper (peer-reviewed)abstract
- Standardized and reusable software (SW) objects (or SW components - in-house or pre-fabricated) are increasingly being used to reduce the cost of software (SW) development. Given that the basic components may not have been developed with dependability as primary driver, these components need to be adapted to deal with errors from their environment. To achieve this, error containment wrappers are added to increase the reliability of the components. In this paper, we first present a modular specification approach using fault intolerant components, based on the concepts of category theory. We further introduce the concept of wrapper consistency, based upon which, we present an algorithm that systematically generates globally consistent fault containment wrappers for each component, to make them fault tolerant. Subsequently, we enhance the initial modular specification to deal with the wrapped components, and show that safety properties of the system are preserved under composition only if the wrappers are globally consistent.
|
|
| 7. |
- Jhumka, Arshad, 1974, et al.
(author)
-
On Systematic Design of Globally Consistent Executable Assertions in Embedded Software
- 2002
-
In: SIGPLAN Notices (ACM Special Interest Group on Programming Languages). - : Association for Computing Machinery (ACM). - 0730-8566 .- 0362-1340 .- 1558-1160. ; 37:7, s. 75-84
-
Conference paper (peer-reviewed)abstract
- Over the design of software (SW) used in provisioning of dependable services, Executable Assertions (EAs) are seeing increasing usage in aiding detection of data errors. Given the requirements for provision of service despite faults, early detection of system states that can potentially lead to system failure is valuable. We address the issue of ascertaining whether localized EAs in individual modules add up complementarily to implement a global EA/property. We first show that detection of globally compliant EAs is NP-complete. Thus, we develop a two-pass approach for our objective. In the first pass, we introduce the consistency property of EAs and use it to ascertain global conformity across all EAs. The second pass, analogous to predicate transformers, generates globally consistent EAs when any inconsistency is flagged in the first pass. We show the applicability of our approach on a real embedded system. Initial results obtained show that our framework is able to detect inherent vulnerabilities (due to placement of mismatched EAs) that were previously undetected. Our intent is automation of this approach, which can be incorporated in a compiler.
|
|
