Scenario-Based Verification of Automotive Software Systems

Within the automotive industry, software engineering becomes more and more important. Especially component-based design is a popular approach in order to specify large, complex and reusable software systems. The reuse of software components has become a major challenge for the automotive software development. By reusing components, manufacturers and suppliers can (i) revert to already tested software modules, thus minimizing potential software hazards, (ii) save development efforts and (iii) transfer product line approaches more easily into the world of software development. Several approaches exist to specify the structure, including interface definitions, for such reusable software components. AUTOSAR is the most wellknown approach in the field of automotive software development. In order to specify automotive systems with the component-based approach it is necessary to specify some aspects of the behavior of the components as well. More precisely, the interface descriptions of the components have to be enhanced with additional information, mainly timing aspects1. Just when the interfaces fit together, a feasible component structure arises. After connecting the components, a large component structure may arise and therefore a very complex structure of connected behavior models emerges. This complexity may lead to several problems, because a wrong definition of the behavior models may invoke a not wanted behavior. At a specific degree of complexity, an engineer is not able to control the connected components and guarantee that no unwanted behavior will happen. So, some