E2E Protection in Automotive: Addressing Random & Systematic Faults - DConsulted

E2E Protection - What Delays Your Time-Out Could Miss

E2E protection, or end-to-end protection, is a vital aspect of ensuring the safety of vehicles on the road. It is a process of ensuring that safety-critical systems and components are designed, developed, and tested to meet the required safety standards and regulations. In the automotive industry, E2E protection can be seen as an Automotive Safety Integrity Level (ASIL) decomposition for both hardware and software, addressing both random and systematic faults. This is different from the ISO 26262 ASIL decomposition, which addresses only systematic faults.

It’s also pertinent to note that E2E protection allows the QM medium to not meet ASIL requirements for hardware random faults, whereas ISO 26262 ASIL decomposition does not have this flexibility. This means that E2E protection can provide a more cost-effective approach to ensuring the safety of vehicles on the road, as it allows manufacturers to use less expensive components without compromising safety.

Benefits of E2E Protection

One of the key benefits of E2E protection is that the Quality Managed (QM) medium does not need to meet ASIL requirements for hardware random faults. This means that any random fault would be captured by the E2E mechanism, assuming the appropriate mechanisms are used (such as the correct profile as per AUTOSAR). However, the risk of systematic faults remains and must be addressed.

Risks of Systematic Faults

Systematic faults are faults that occur due to a specific cause; they can happen repeatedly, unlike random faults. One of the key risks of systematic faults is undetected cumulative delays. A delay that is gradually added, for example, due to a growing buffer over time, would violate the safety throughput requirement. The time-out between two messages would always be within range. If each message arrives later and later by a constant time, there would be no way to know that the data is, for example, 200 ms old and increasing. This can lead to a dangerous situation in which the vehicle’s safety systems are not able to respond in time.

Mitigating Risks of Systematic Faults

To mitigate the risk of systematic faults, time sync is often used to compare throughput time and ensure it is within range. With network stacks and switches handling traffic on a FIFO (first in, first out) basis, this can mitigate the risk. However, a residual risk, which is systematic, could be that the software handling the safety data uses a separate buffer from that used for time sync. In this case, time sync would indicate the delay is okay but data would still be delayed. Moreover, if priority-based traffic is dynamic and suddenly causes safety traffic to be queued with cumulative delays, this can lead to a dangerous situation.

Secondly, changes in the hardware or software of the Quality Managed (QM) medium can affect the performance of the E2E safety mechanism, potentially causing it to fail. A complete assessment of the E2E safety mechanism is necessary to guarantee that it continues to function appropriately and provide the intended level of protection. This assessment may include evaluating the system’s ability to detect and respond to various types of faults, as well as ensuring compatibility with any updated hardware or software of the QM medium.

A safety-aware QM requirement to mitigate this may satisfy the residual risk allowance in most systems. However, if a message would go through 3rd-party networks, this residual risk may be a false assumption suddenly. This highlights the importance of testing and validating the safety-critical systems and components under real-world conditions, including different driving scenarios and environmental factors, to ensure that the vehicles are safe to operate in various situations.

Implementing Solutions

To address these risks, several solutions can be implemented including:

Risks of Systematic Faults: Risks of Systematic Faults can be used to ensure that QM(x) is used where x is the ASIL being decomposed for a safety-bag approach. A similar notation can be used for QM hardware and software that depends on safety.
Failure Analysis: Failure analysis to ensure freedom from interference (FFI) can be done to identify which E2E protection is needed and additional QM requirements.
Testing: Testing with fault injection and worst-case scenarios of the E2E mechanism can be done to ensure the safety of the system.
Complete Re-Testing: Any change in QM hardware or software would require complete re-testing as defined in the previous point.

E2E Protection With Experts

E2E protection is an important aspect of ensuring the safety of vehicles on the road. It addresses both random and systematic faults, and it is important to understand the risks associated with systematic faults, such as undetected cumulative delays. By implementing solutions such as ASIL decomposition, failure analysis, testing with fault injection, and re-testing with any changes in QM hardware or software, car manufacturers can ensure the safety of their vehicles on the road. Contact a DConsulted representative today to learn how.

Other Articles

The Growing Need for Reliable, Adaptive, Fault-Tolerant Systems

February 29, 2024

In a rapidly evolving technological landscape, the demand for systems that can not only withstand errors but also adapt to them is paramount. This article delves into the world of Fault-Tolerant (FT) systems, emphasizing their significance in maintaining the functionality and safety of critical operations across various sectors. It explores the latest advancements in FT technology, underscoring the importance of resilience and adaptability in ensuring uninterrupted service and safeguarding against potential failures.

Fuelling the Value of Multicast Addressing

February 6, 2024

Discover the transformative impact of Software-Defined Networking (SDN) and Multicast Addressing on automotive embedded systems. Explore how these technologies enhance communication efficiency, safety, and performance in the automotive industry, leading to cost-effective, scalable, and eco-friendly solutions. Dive into the technical advantages and practical applications for modern vehicles and infrastructure.

How ChatGPT Is Transforming the Landscape of Engineering

February 5, 2024

Discover how ChatGPT revolutionizes engineering with AI, accelerating learning, enhancing safety, and boosting productivity.

Feedback Loop

The Feedback Loop’s Role in Elevating Testing and Reducing Defects | DConsulted

December 8, 2023

Defect Escape Reduction Rate and feedback loop elevate testing. Learn more about them here.

Enhancing System Development: ASPICE and ISO26262 for Automotive Safety and Quality | DConsulted

November 27, 2023

ASPICE and ISO26262 frameworks improve system development in the automotive industry, ensuring safety, compliance, and high-quality standards.

Software Safety Analysis: Ensuring Reliable Safe Systems | DConsulted

November 6, 2023

Conducting software FMEA, FTA, and compliance with ISO 26262 helps developers create software that meets stringent safety requirements. Learn more about it here.

Dynamic Memory Allocation in Safety

Dynamic Memory Allocation in Critical Safety Software: Mitigating Failures and Ensuring Reliability | DConsulted

September 5, 2023

Explore the challenges of dynamic memory allocation in critical software, learn how to mitigate failures, and ensure the reliability of safety-critical systems. Real-life failures and practical solutions are discussed.

C++ Apply strong typing

Strong Typing in C++ for Functional Safety: Benefits and Guidelines | DConsulted

June 11, 2023

Strong types are a key concept in C++ programming for functional safety. Learn how strong types can reduce errors in critical systems with C++.

Effective Unit Testing

Effective Unit Testing – Why Your Unit Testing Fails to Deliver Results

April 21, 2023

Unit testing is an essential part of the software development process. Learn more about it here.

Categorizing Your Requirements – Requirement Type and Categories

Categorizing Your Requirements – Requirement Type and Categories

April 21, 2023

Learn about categorizing requirements, including functional, non-functional, performance, interface etc for effective system management and development.

Effective Requirements Writing – Avoiding Ambiguous Requirements

Effective Requirements Writing – Avoiding Ambiguous Requirements

April 21, 2023

Writing clear and unambiguous requirements for the automotive industry is important to avoid potential safety risks. Learn more about it here.

The Importance of Separating Requirements from Implementation in Software Engineering

Requirements Vs Implementation: Keep Them Apart

April 5, 2023

Separating requirements and implementation in software engineering enhances the quality and reduces rework.

End-To-End Protection Must Meet Freedom From Interference

March 27, 2023

Learn the complexities of achieving end-to-end protection in automotive systems including meeting freedom from interference and ASIL requirements.

Email

sales@dconsulted.com
dbernique@dconsulted.com

Address

Ontario, Canada

Social Media

Copyright @ DCONSULTED | Website Powered by 3iTeam International

Copyright @ DCONSULTED

Website by 3iTeam International