Described in this presentation is the design and implementation of a software implemented fault injection tool, which can be used to perform robustness testing on application software components in embedded systems based on the AUTOSAR standard architecture.
It analyses the AUTOSAR standard in order to identify mechanisms, which can be used at run-time in order to inject faults. Three techniques are identified: the use of wrappers, the use of trace hooks and modification of the run-time environment.
The wrapper technique was found to be most suitable and therefore implemented in a prototype fault injection tool. The fault injection tool is evaluated on two applications.
The first application is a calculator application residing on a single electronic control unit, and the second application is a brake-by-wire system distributed over several electronic control units.
It is assumed that software components are delivered as object code and therefore regarded as black boxes.
The focus of the analysis is on the software layers surrounding the run-time environment in the AUTOSAR architecture, in order to find suitable fault injection locations.
The fault injection tool uses a wrapper, an extra layer introduced between the component and the Run-Time Environment (RTE), to trigger fault injections, inject faults and to monitor the ports of software components during experiments.
We investigated two other techniques that could be used instead of wrappers. One technique is to make use of trace hooks placed in the RTE as standardised by the AUTOSAR standard. The other technique uses code modification of the RTE source code.
The validation shows that the tool is successful in injecting faults into the interfaces of application software components, and that it can emulate hardware faults by causing the same reactions in the brake-by-wire system as an open circuit fault.
Furthermore, it shows that it is possible to automate the wrapper generation by processing AUTOSAR XML configuration files and that an AUTOSAR complex device driver component can be efficiently utilised as an embedded fault injection controller in order to achieve performance, low intrusion and portability.
To read this external content in full, download the complete paper from the author archives at the Chalmers University http://publications.lib.chalmers.se/records/fulltext/164544.pdf