Diploma and Master Theses (authored and supervised):
"Fault Injection for Diagnosis and Maintenance in the Time-Triggered Architecture";
Supervisor: H. Kopetz, P. Peti;
Institut für Technische Informatik,
final examination: 2005.
In the automotive industry more and more electronics is used to improve passenger comfort, vehicle safety, and fuel economy. The electronic components are distributed all over the vehicle and interconnected with heterogeneous networks supporting various physical layers, bandwidth, and dependability requirements making diagnosis complex. However, the development of diagnostic systems has stayed behind the recent increase of electronic systems in modern cars. The automotive industry is about to deploy computer systems not only for safetyrelated and comfort functionality, but also for safety-critical by-wire systems. The Time-Triggered Architecture (TTA) offers the high dependability required to built such safety-critical systems by a priori definition of communication schedules, a global time-base, and error containment. These core features also facilitate new diagnostic maintenance strategies to tackle prevalent maintenance problems such as the Trouble-Not-Identified phenomenon. The implemented diagnostic architecture provides such diagnostic maintenance strategies and consists of the following three parts: error detection at the linking interfaces of the components, dissemination of diagnostic information on a dedicated virtual network to establish a holistic view over the system, and analysis in order to assess the health state of the system. A fault injection framework is designed and realized in order to examine the diagnostic architecture and to investigate the effects of physical faults on a Time- Triggered Communication Protocol (TTP) cluster interconnected in a bus topology. Automated execution of test runs allows repetition of experiments at a number sufficient for meaningful statistical analysis. An embedded application synchronizes the fault injection with TTP. Three fault injection campaigns are conducted to challenge hypotheses regarding the diagnosability of the TTA based on the maintenance-oriented fault model. In these campaigns a spatially separated node and the bus are exposed to radiated Electromagnetic Interference (EMI). Moreover, short and open circuits are imposed on the bus. The restart rate is confirmed as a suitable indicator whether a temporary external or an intermittent internal fault has occurred. Component internal and borderline failures can be discriminated with high accuracy by the frame status. The location of failures on the bus can generally not be determined, which seems to be a general limitation of bus topologies.
Created from the Publication Database of the Vienna University of Technology.