Haitao Zhang,Guoqiang Li,Xiaohong Li,Zhuo Cheng,Jinyun Xue,Shaoying Liu

DOI: https://doi.org/10.1145/3183440.3194945

2018-01-01

Abstract:OSEK/VDX standard [3] has now been widely adopted by many automotive manufacturers and research groups to develop a vehicle-mounted system. An OSEK/VDX vehicle-mounted system generally runs on several processors (e.g., the system shown in Figure 1 runs on two processor), and it consists of three components: OS, multi-tasking application and communication protocol. The OS locating at a processor manages an application and conducts tasks within the application to execute on a processor, especially a deterministic scheduler (static priority scheduling policy) is adopted by the OSEK/VDX OS to dispatch tasks. The applications are in charge of realizing functions and often interact with each other via the communication protocol such as controller area network (CAN). There are two complex execution characteristics in the OSEK/VDX vehicle-mounted systems: ( i ) tasks within an application concurrently execute on a processor under the scheduling of OSEK/VDX OS; ( ii ) applications simultaneously run on the different processors and communicate each other sometimes. Due to the concurrency of tasks and simultaneity between applications, how to exhaustively verify a developed OSEK/VDX distributed application system in which applications cooperatively complete a function based on the communication protocol has become a challenge for developers with the increasing development complexity.

Haitao Zhang,Zhuo Cheng,Cong Tian,Yonggang Lu,Guoqiang Li

DOI: https://doi.org/10.1109/icis.2016.7550826

2016-01-01

Abstract:OSEK/VDX, a standard of automobile OS, has been widely adopted by many manufacturers to design and implement a vehicle-mounted OS. Currently, with increasing functionalities in vehicles, more and more complex applications are developed based on the OSEK/VDX OS. However, how to ensure the reliability of developed applications is becoming a challenge for developers. Based on our previous work, in this paper we present an efficient approach to verify the developed OSEK/VDX applications. In the presented approach, SMT-based bounded model checking technique is used to carry out verification in order to handle complex applications. Moreover, a series of optimization strategies are proposed and employed to improve the checking capability of our approach. We have implemented a tool according to the proposed approach and conducted many experiments. The experiment results show that our approach is capable of checking the safety property of large-scale OSEK/VDX applications. We also compared our approach with existing checking method, the comparison results indicate that our approach is an efficient and powerful technique in verifying OSEK/VDX applications.

GAO Wen,LI Ji-Lai,LIANG Hua-Wei

DOI: https://doi.org/10.3969/j.issn.1003-3254.2010.04.036

2010-01-01

Abstract:This paper designs an embedded real-time operating system according to OSEK/VDX standard. It focuses on the design of task and resource management. Then it is verified on the automobile stability control hardware-in-loop simulation platform. The result of verification shows that developing on this OS can efficiently improve the real-time performance and stability of the system and it can also meet the requirements of automobile stability control system well.

Xiaoran Zhu,Min Zhang,Jian Guo

DOI: https://doi.org/10.48550/arXiv.1711.08853

2017-11-24

Software Engineering

Abstract:The automobile Real-Time Operating System (RTOS) is hard to design and implement due to its real time features and increasing complexity. Some automobile RTOS standards are released aiming at unifying the software architecture of vehicle systems. Most of the standards are presented informally in natural languages, which may lead to not only ambiguities in specifications but also difficulties in conformance verification. This paper proposes a rewriting-based approach for formalising the automobile RTOS standard. Taking the OSEK/VDX standard as an example, an executional formal semantics of the automobile RTOS kernel, which focuses on the real time features, is defined using $\mathbb{K}$, a rewriting-based framework. We also report some ambiguous definitions of the OSEK/VDX standard, which we find in the process of formalisation. The $\mathbb{K}$ semantics of the OSEK/VDX standard is applied to conformance verification, which is used to check the conformance of not only the automobile operating system kernel but the applications.

Haitao Zhang,Zhuo Cheng,Guoqiang Li,Shaoying Liu

DOI: https://doi.org/10.1007/s11432-016-9039-4

2017-01-01

Science China Information Sciences

Abstract:The OSEK/VDX automotive OS standard has been widely adopted by many automobile manufacturers, such as BMW and TOYOTA, as the basis for designing and implementing a vehicle-mounted OS. With the increasing functionalities in vehicles, more and more multi-task applications are developed based on the OSEK/VDX OS. Currently, ensuring the reliability of the developed applications is becoming a challenge for developers. As to ensure the reliability of OSEK/VDX applications, model checking as a potential solution has attracted great attention in the automotive industry. However, existing model checkers are often unable to verify a large-scale OSEK/VDX application that consists of many tasks, since the corresponding application model too complex. To make existing model checkers more scalable in verifying large-scale OSEK/VDX applications, we describe a software tool named auto C to tackle this problem by automatically translating a multi-task OSEK/VDX application into an equivalent sequential model. We conducted a series of experiments to evaluate the efficiency of auto C. The experimental results show that auto C is not only capable of efficiently sequentializing OSEK/VDX applications, but also of improving the scalability and efficiency of existing model checkers in verifying large-scale OSEK/VDX applications.

Haitao Zhang,Guoqiang Li,Zhuo Cheng,Jinyun Xue

DOI: https://doi.org/10.1002/stvr.1662

2018-01-01

Software Testing Verification and Reliability

Abstract:SummaryOSEK/VDX, a development standard for automobiles, has now been widely adopted by automotive manufacturers for developing a vehicle‐mounted system. The ever increasing complexity of the system has created a challenge for ensuring the reliability of the developed OSEK/VDX applications in exhaustive way. Model checking as an exhaustive verification technique has attracted much attention in the automotive industry. To check OSEK/VDX applications by using model checking verification techniques, we have proposed a method based on SMT‐based bounded model checking. However, the method performs a poor efficiency in checking the OSEK/VDX applications that hold many loops, especially it is unable to deal with interruptions. In this paper, to apply model checking verification techniques to check a practical OSEK/VDX application, we develop and investigate an alterative approach based on the well‐known model checker Spin. In our Spin‐based approach, interruptions are taken into account, and moreover, 2 optimization strategies are used to boost the scalability and efficiency of the approach by reducing state space and accelerating bug detection. We have investigated the Spin‐based approach based on a series of experiments. The experimental results show that the approach is an impactful technique to verify the developed OSEK/VDX applications that hold a number of loops and interruptions.

Junhua Song,Junxi Wang,Xiaojian Mao,Bin Zhuo

2008-01-01

Abstract:OSEK/VDX is the common software interface in the area of automotive electronics. It is necessary to build a real time operating system in order to achieve the real time control of hybrid electric vehicle control system. Real-time operating system can improve the response rate of control system and is easy to implement design modularity. The structure of HEV system, hardware of system and embedded software design were introduced. Design of real-time operating system kernel and methods of task were divided base on the data flow and main state machine, and CAN communication program was presented. A real-time operating system has been built based on the interface OSEK/VDX.

GQ Yang,MD Zhao,L Wang,ZH Wu

DOI: https://doi.org/10.1109/icess.2005.70

2005-01-01

Abstract:Model-based approaches are gradually applied in embedded system design with Unified Modeling Language (UML) and its profiles, but in terms of automotive electronics domain, few developers adopt UML to design system models because of inadequate tools that support the domain-specific modeling. This paper puts forward a model-based approach for automobile electronics software design and verification with a dependable platform compliant with OSEK/VDX standard. In addition, a case study is presented to demonstrate the application of the approach. The contribution of the approach is threefold. First, the approach applies the theory of model-based design with OSEK/VDX standard in automotive electronics domain. Second, the approach solves the transformation between UML models and OSEK/VDX models through an efficient method. Third, the approach simulates the system models and provides the designer with the results to optimize the design at design-level.

Xiaomin Luo,TU Shi-liang,Zhiqiang Tang,Liangyao Yu,Ming Hua

2012-01-01

Abstract:Based on some thorough analysis of OSEK/VDX specification,this paper presents how to design an 8 bit OSEK/VDX-based Real-time Operating System(RTOS)——FDOSEK from the task schedule,resource management and event mechanism,and then realizes its kernel on the MC9S08DZ60 chip of Freescale.It tests the task schedule time and storage requirements.Test results show that FDOSEK is suitable for automotive electronics industry with a strong real-time capability and low storage requirements.

Guoqing Yang,Minde Zhao,Hong Li,Zhaohui Wu

DOI: https://doi.org/10.1109/ICARCV.2006.345052

2006-01-01

Abstract:Electronic Control Units (ECUs) are widely used to improve the comfort and reliability of vehicles. Due to the increasing degree of distribution and interaction of ECUs, many approaches are adopted to design the in-vehicle networks to ensure the stability and reliability of the holistic network, but none of them support the synchronous development of in-vehicle networks and software in ECUs. This paper put forward a model-based approach to design the in-vehicle networks and the software in ECUs with presenting a dependable platform compliant with OSEK/VDX specifications. The paper presents a tool-chain that covers the entire system development life-cycle including system modeling, model transformation, model analysis, network simulation, code generation, document generation and runtime instrumentation. In addition, a case study is presented to demonstrate the application of the approach. The contribution of the approach is threefold. First, the approach applies the theory of model-based design with OSEK/VDX standard in automotive electronics domain, and implements the transformation between SysML models and OSEK/VDX models through an efficient method. Second, the approach presents a method of software co-design among distributed ECUs. Third, the approach bring forward a simulation model for the system models with in-vehicle networks and provides the designeriAth the simulation results to, optimize the design at the early time of the development.

Minde Zhao,Zhaohui Wu,Guoqing Yang,Lei Wang,Wei Chen

DOI: https://doi.org/10.1007/11535409_63

2005-01-01

Abstract:This paper puts forward SmartOSEK, a dependable platform for automobile electronics, which consists of an operating system compliant with OSEK/VDX specifications and an integrated development environment (IDE) that consists of many convenient tools, such as visual designer, system generator, time analyst, scheduling analyst, and running tracer. In the operating system, SmartOSEK OS and SmartOSEK COM are presented. In the IDE, we apply the graphic design, automatic code generation and time analysis to help developers devote their mind to the modeling of the applications. A design example of automated transmission system based on SmartOSEK platform is given, and good results are achieved.

Xiaomin Sun

2006-01-01

Abstract:The distributed applications,which compliant with OSEK/VDX and CAN standards,are becoming the first choice for automotive electronics.So a developing platform which can be used for run-time diagnosing and performance evaluating in distributed control systems has been in high demand.It will be discussed how to construct such a platform which can serve as an opened developing and diagnosing tool for distributed OSEK-compliant automotive electronics,and support run-time diagnosing and modifying.

Yun Xia,Zhu Miaoliang,Yuan Shuhong

DOI: https://doi.org/10.3969/j.issn.1000-386X.2007.01.017

2007-01-01

Abstract:In the development of embedded realtime application,the software will always collapse or reset for some unknown reasons due to the lack of experiences and skills of the programmer.There are many reasons of this such as stack overflow,memory leakage,dead loop task,invalid pointer etc.If it happens,there are many unknown errors which are always different and very difficult to debug for developer.This article will tell readers some ways to debug and detect faults for embedded realtime software development base on VxWorks.

Yulun Wu,Bohua Zhan,Bican Xia

2024-03-20

Abstract:We present the design and implementation of a tool for semi-automatic verification of functional specifications of operating system modules. Such verification tasks are traditionally done in interactive theorem provers, where the functionalities of the module are specified at abstract and concrete levels using data such as structures, algebraic datatypes, arrays, maps and so on. In this work, we provide encodings to SMT for these commonly occurring data types. This allows verification conditions to be reduced into a form suitable for SMT solvers. The use of SMT solvers combined with a tactic language allows semi-automatic verification of the specification. We apply the tool to verify functional specification for key parts of the uC-OS/II operating system, based on earlier work giving full verification of the system in Coq. We demonstrate a large reduction in the amount of human effort due to increased level of automation.

Symbolic Computation,Logic in Computer Science

Feng Xiaotian,Chen Xianglan,Li Xi

DOI: https://doi.org/10.3969/j.issn.1000-386X.2009.09.015

2009-01-01

Abstract:OSEK/VDX standard is widely used in automotive electronics area,the standard only defines the system behaviours and corresponding function interfaces of OSEK operation system,but the specific implementation of OSEK operation system is not addressed,so it has the significance to research the structure and design method of the embedded operation system based on OSEK standard.In this paper we elaborately analyzed OSEK operation system standard,and then introduced the structure of OSEKernel based on it which is the kernel of on-board embedded operation system.This paper also introduces the conformance class design methods of task scheduling,alarm and counter,ISR2 of ECC2 and BCC2 in OSEKernel,and the way to optimise task stack for limiting RAM usage.Finally we implemented the prototype of OSEKernl on x86 platform.

QIAN Zhen-jiang,LIU Wei,HUANG Hao

DOI: https://doi.org/10.3969/j.issn.1000-3428.2012.11.072

2012-01-01

Abstract:This paper introduces the concepts of formal design and verification for the Operating System(OS),and elaborates the framework and foundational methods of formal design and verification.It compares and analyzes the monolithic kernel and micro kernel architectures of the OS.Meanwhile,it investigates multiple design and verification projects in depth,focusing on the verification objectives,the methodology,the advantages and limitations,and the progression.It summarizes the state of the art,analyzes and outlooks the trends of the formal design and verification for the OS.What is more,from the aspects of model design,verification tools,code implementation and verification reuse,it advances the ideas of formal design and verification.

Chengjiong Wei,Min Yao,Pan Lu,Qi Hu,Nenggan Zheng

DOI: https://doi.org/10.1109/icess.2009.64

2009-01-01

Abstract:The rapid growth in complexity of the automotive ECU (Electronic Control Unit) networks has posed challenges in real-time network management, which collects network information for fault diagnostic systems. This paper proposes a dynamic network management framework based on the OSEK Network Management protocols, which can automatically adapt to the unstable network load. A method to calculate appropriate network load thresholds is also presented. Empirical study shows that this framework can satisfy the requirements of collecting necessary network information without sacrificing the performance of automotive ECU networks.

CHEN Hai-lan,LUO Xiao-min,TU Shi-liang,TANG Zhi-qiang,SHEN Hao

DOI: https://doi.org/10.3969/j.issn.1000-3428.2012.20.003

2012-01-01

Abstract:Aiming at promoting the reusability and integratability of automotive software,this paper refers to the automotive open system architecture standard AUTOSAR Operating System(OS) specification which is a standard for automotive industry,discusses the design approach of function modules such as schedule table,OS-application and timing protection on the basis of OSEK/VDX OS.It implements it on MC9S08DZ60,which is a freescale 8-bit microprocessor chip.It tests storage demand and real-time performance of the system,the result of which shows the system meets the requirements of embedded real-time OS.

Toshiaki Aoki,Aritoshi Hata,Kazusato Kanamori,Satoshi Tanaka,Yuta Kawamoto,Yasuhiro Tanase,Masumi Imai,Fumiya Shigemitsu,Masaki Gondo,Tomoji Kishi

2023-10-02

Abstract:While vehicles have primarily been controlled through mechanical means in years past, an increasing number of embedded control systems are being installed and used, keeping pace with advances in electronic control technology and performance. Automotive systems consist of multiple components developed by a range of vendors. To accelerate developments in embedded control systems, industrial standards such as AUTOSAR are being defined for automotive systems, including the design of operating system and middleware technologies. Crucial to ensuring the safety of automotive systems, the operating system is foundational software on which many automotive applications are executed. In this paper, we propose an integrated model-based method for verifying automotive operating systems; our method is called Model-Checking in the Loop Model-Based Testing (MCIL-MBT). In MCIL-MBT, we create a model that formalizes specifications of automotive operating systems and verifies the specifications via model-checking. Next, we conduct model-based testing with the verified model to ensure that a specific operating system implementation conforms to the model. These verification and testing stages are iterated over until no flaws are detected. Our method has already been introduced to an automotive system supplier and an operating system vendor. Through our approach, we successfully identified flaws that were not detected by conventional review and testing methods.

Software Engineering

Zhenjiang Qian,Hao Huang,Fangmin Song

DOI: https://doi.org/10.1007/978-3-319-02726-5_2

2013-01-01

Abstract:The correctness of the operating systems is difficult to be described with the quantitative methods, because of the complexity. Using the rigorous formal methods to verify the correctness of the operating systems is a recognized method. The existing projects of formal design and verification focus on the validation of code level. In this paper, we present a \"light-weight\" formal method of design and verification for OS. We propose an OS state automaton model (OSSA) as a link between the system design and verification, and describe the correctness specifications of the system based on this model. We implement the trusted operating system (verified trusted operating system, VTOS) as a prototype, to illustrate the method of consistency verification of system design and safety requirements with formalized theorem prover Isabelle/HOL. The result shows that this approach is feasible.