IEEE Access (Jan 2024)

A Novel Approach to Address Random Hardware Failures for Automotive Application Within the ISO26262 and AUTOSAR Frameworks

  • Jacopo Sini,
  • Kiara Scialabba,
  • Massimo Violante,
  • Francesco Cosimi,
  • Antonio Arena

DOI
https://doi.org/10.1109/ACCESS.2024.3488897
Journal volume & issue
Vol. 12
pp. 165845 – 165860

Abstract

Read online

The current trends of the automotive industry, namely Automation, Connection, and Electrification, place novel challenges in product development. In particular, the industry needs to increase vehicle computational power availability, trying to keep the same costs as in the past. Of course, since automotive applications can affect people’s safety, there is also the need to keep the same reliability levels with fewer hardware components to limit costs. Another advantage is that considering the usage of Commercial-Off-The-Shelf chiplets featuring multiple cores with diverse levels of integrities, it allows the use of lower-integrity ones, increasing the overall computation capabilities for a given component. This paper proposes a novel approach based on Software-Implemented Hardware Fault Tolerance, such as Control Flow Checking and Data Hardening, to move forward in this direction, addressing mixed-criticality multi-core systems. The main focus is exploiting the computational power of lower-integrity cores or hardware accelerators to execute safety-critical tasks without increasing the risk level. The effectiveness of the proposed approach has been demonstrated by fault injection campaigns on a real, yet simplified, AUTOSAR-compliant automotive application. Considering the Control Flow Checking Algorithms, the approach moved the DC from around 10% (without multi-core timeout detection strategy) up to around 45% (with timeout detection). For the hybrid data hardening, the approach Diagnostic Coverage is around 15% for integer and floating point values. The absence of residual faults shows that the proposed solution can complement other functional safety strategies, even if insufficient to guarantee the metrics for an ASIL D application.

Keywords