Multi-level fault injection for embedded systems
Several standards addressing the development of critical embedded systems, e.g., ISO 26262, recommend fault injection (FI) to validate computer-based systems throughout all the development cycle. However, historically, fault injection has been mostly applied to concrete targets (operating systems, middleware, application servers, etc.). The challenge is to define fault injection in early development phases and integrate the results in a consistent and coherent way along the complete development process up to the post implementation phase.
We have defined a multi-level fault injection approach that is aimed at fulfilling such objective. In the pre-implementation phase, FI helps defining safety mechanisms i) to detect possible failure modes, and ii) to mitigate their effects or reduce the risk by diminishing their occurrence. Indeed, the results of FI during the pre-implementation phase guide the planning of the FI experiments on the post-implementation phase. We have shown on a simple example that fault classes can be identified early in the development using behavioural modelling. We also showed that both FMECA and fault injection may be used for qualitative analysis purpose without any quantification, and both may also be used with quantitative analyses to assess for example the proportion of potential causes leading to critical or benign failures.
We are experimenting this approach on a case study from the automotive domain (an Electronic Steering Lock System) provided by VALEO, our industrial partner. In parallel, a fault injection tool is currently developed in collaboration with VALEO to validate experimentally our approach.