Model Checking the FlexRay Physical Layer Protocol
نویسندگان
چکیده
The FlexRay standard, developed by a cooperation of leading companies in the automotive industry, is a robust communication protocol for distributed components in modern vehicles. In this paper, we present the first timed automata model of its physical layer protocol, and we use automatic verification to prove fault tolerance under several error models and hardware assumptions. The key challenge in the analysis is that the correctness of the protocol relies on the interplay of the bit-clock alignment mechanism with the precise timing behavior of the underlying asynchronous hardware. We give a general hardware model that is parameterized in low-level timing details such as hold times and propagation delays. Instantiating this model for a realistic design from the Nangate Open Cell Library, and verifying the resulting model using the real-time model checker Uppaal, we show that the communication system meets, and in fact exceeds, the fault-tolerance guarantees claimed in the FlexRay specification.
منابع مشابه
FlexRay for Avionics: Automatic Verification with Parametric Physical Layers
The automotive FlexRay standard is increasingly attracting attention in the aeronautics industry. Upgrading existing physical layers, such as CAN-based systems, with FlexRay is attractive, especially given that inexpensive FlexRay hardware is available on the market. However, such a change of the application context requires a careful examination of the assumptions the protocol is based on. For...
متن کاملMaking the Right Cut in Model Checking Data-Intensive Timed Systems
The success of industrial-scale model checkers such as Uppaal [3] or NuSMV [12] relies on the efficiency of their respective symbolic state space representations. While difference bound matrices (DBMs) are effective for representing sets of clock values, binary decision diagrams (BDDs) can efficiently represent huge discrete state sets. In this paper, we introduce a simple general framework for...
متن کاملAn Automated Model Based Design Flow for the Design of Robust FlexRayTM Networks
The enormous increase of vehicle functions realized through electronic components significantly impacts the communication within the vehicle network. More functions are requesting higher bandwidth; safety applications require a deterministic communication scheme to ensure reliable system performance even under harsh real world conditions. The new FlexRay vehicle communication standard addresses...
متن کاملModel Checking the FlexRay Startup Phase
This report describes a discrete-time model of the startup phase of a FlexRay network. The startup behaviour of this network is analysed in the presence of several faults. It is shown that in certain cases a faulty node can prevent the network from communicating altogether. One previously unknown scenario is uncovered.
متن کاملDevelopment of the Physical Layer and Signal Integrity Analysis of FlexRayTM Design Systems
Future automotive applications, like high-speed control in power train or drive-by-wire systems, demand large bandwidth, deterministic communication behavior, and fault tolerance. FlexRay, a new standard communication system, is ideally suited to safety applications as well as applicable to the role of a central backbone in future ECU network architectures. The FlexRay physical layer specificat...
متن کامل