Airborne Safety with FACE™ in the Digital Battlespace
DASC 2020
Rapita partners with EIS to expand reach into South African market
Assured Partitioning for FACE Systems
FAE Diary: The New-Starter Experience During COVID-19
FACE Components: Interchangeable but not Equal
Future Airborne Capability Environment (FACE) F2F Meeting
Future Airborne Capability Environment (FACE) Exihibition
Safe Use of Multi-Core Processors Seminar
Automotive electronics has been transformed by a series of dramatic changes over the last two decades. What are the main implications of this shift for engineers who need software testing tools to detect timing problems and conduct effective code coverage measurement?
The adoption of multiplex wiring has enabled the integration of advanced features such as stability control systems, active suspension and hybrid drive-trains as well as advanced engine management and transmission control systems.
At the same time, these compute-intensive applications required the adoption of the latest high performance embedded microprocessors. Over time, as the functionality provided by Electronic Control Units (ECUs) became more complex, so the job of testing for correct functional and, in particular, correct timing behaviour grew ever more difficult.
Now the number of breakdowns that can be traced back to bugs in automotive electronic systems has been estimated at over 50%. In 2003 alone, warranty expenditure by automotive companies in the US exceeded $11Bn, with as much as half of this expenditure related to problems with embedded software. With production delays, no-fault-found ECU replacements and damage to the company’s reputation, the impact of intermittent software glitches is considerable.
As a consequence, interest in engineering approaches and tools that can detect potential timing problems during development and conduct effective code coverage measurement has increased.
Rapita Systems developed RVS Auto for software developers working on high-integrity automotive applications. RVS Auto increases the efficiency of testing processes, aids identification of performance bottlenecks, and is designed for the typical resource constrained embedded environment. RVS Auto consists of RapiTime Auto (for on-target timing verification) and RapiCover Auto (on-target code coverage measurement).
Supporting automotive processors, compilers and real-time operating systems which meet AUTOSAR and OSEK standards, RVS Auto is for engineers working with micro-controllers of 8 bits upwards, whether using real-time operating systems or not, and helps meet the verification requirements of ISO 26262.
RVS Auto:
- provides advanced timing measurement and optimisation capabilities, and coverage metrics including Call pair, Statement, Decision and MC/DC;
- supports all microprocessors and DSPs, including Power PC; ARM; Infineon Tricore; C167 (and derivatives); Freescale HC12/HCS12/HCS12X; NEC V850; MIPS; TI TMS320 and others;
- works with most C and C++ compilers and runs on Microsoft Windows (XP, 2000, Vista, 7) and Linux.
RapiCoverAuto is specifically designed to meet the challenges of verifying automotive software written in C and C++ for critical embedded systems. The tool collects structural coverage measurements from software tests run on host computers, simulators or the embedded target itself.
By integrating seamlessly with your native build system, RapiCoverAuto lets you collect verification data automatically, for example in continuous build environments. Compared to similar tools on the market, RapiCoverAuto has extremely low overheads, so coverage data can be collected in fewer test runs.
RapiCoverAuto meets the needs of ISO 26262 certification by collecting statement, branch and modified condition/decision coverage data; see the table below. The high-quality qualification kits available for RapiCoverAuto provide the evidence needed to qualify the tool for ISO 26262 projects.
RapiTimeAuto is designed to meet the challenges of verifying automotive software written in C and C++ for critical embedded systems. It collects execution time measurements from software tests run on host computers, simulators or the embedded target itself and reduces the cost and effort needed to analyze execution time behavior, optimize software and update legacy systems.
By integrating seamlessly with your native build system, RapiTimeAuto lets you collect verification data automatically, for example in continuous build environments. Compared to similar tools on the market, RapiTimeAuto has extremely low overheads, so you can collect verification data in fewer test runs.
RapiTaskAuto helps embedded automotive engineers understand the scheduling behavior of their C and C++ software. The tool collects data on task-level scheduling behavior when software tests are run on host computers, simulators or the embedded target itself, and provides a variety of displays, charts and graphs to help you analyze the data.
By integrating seamlessly with your native build system, RapiTaskAuto lets you collect task-level scheduling data automatically, for example in continuous build environments.
The information reported by RapiTaskAuto provides evidence to meet ISO 26262 requirements, for example:
-
ISO 26262-6: 7.4.3 table 3 item 1frequires "Appropriate scheduling properties", which you can determine using the response time and periodicity metrics produced by RapiTaskAuto. -
ISO 26262-6: 7.4.11 software partitioning + annex D: d)– you can support verification of your software's partitioning by using RapiTaskAuto to visualize the scheduling behavior of your code, and using the response time and separation metrics it produces. -
ISO 26262-6: 9.4.3f + table 10 row 1d, 10.4.3e + table 13 row 1d, resource usage testcan be supported with CPU utilization and response time metrics produced by RapiTaskAuto.