|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Platform Software Verification Framework Solution for Safety Critical SystemsNirav S Patel and Rahul K Patel, eInfochips Abstract Aerospace and Automotive industries are growing rapidly, from mechanical controls to electronic controls. This has increased the complexity of software running on powerful airborne hardware/systems. Thus, the safety of these software relies heavily on the verification. Advancing aerospace and automotive technologies require complex designs of hardware and RTOS. So, verification of platform software per safety-critical standards (i.e. DO 178B/C[2]) is significant, involving more resources in terms of cost and time. Verification of platform software components needs a mixture of different approaches [1]. Here, in this paper, we shall discuss the challenges involved in various verification platform software framework solutions for ARINC-653-based operating system and how a single framework, PSW eIHTestCon can resolve these challenges. Introduction Over the last few decades, airborne safety-critical systems are heavily relying on electronics and software to overcome weight, cost, size, performance, feature enhancement of the products and time-to-market factor. This has also increased the complexity of platform software such as VxWorks 653 [5], Lynx OS-178 [6], Deos etc. and platform software components such as Core Board Support Package (BSP), Chip Support Package (CSP), Program-specific FPGAs (Network Engine, Graphics Engine, Hardware Monitor), Avionics Network Driver, USB etc. In few programs, we have come across architecture that has multiple operating systems running on a hypervisor. It is a proven technology in the other industries, however, as we often deal with exteremly safety-critical systems in aero / auto, it is more important to verify it robustly using different techniques. The verification of platform software and its component per DO-178B/C is costly and time-consuming as it involves following challenges:
To deal with these challenges, it is very important to have a common verification framework for platform software that provides an easy interface with following features:
A good solution of framework reduces time and cost of verification with significant increases in the quality of verification. eInfochips PSW eIHTestCon solution provides a capability to verify all level of platform software components with ease. In this paper, we will provide common platform verification framework solutions, their merits, demerits and understand details of PSW eIHTestCon design to overcome shortcomings of other solutions. Platform Software Verification Framework Solutions Platform Software components are much more diversified in implementation i.e. Boot loader, CSP, BSP, and Device Driver. So, in most of the case, platform software verification engineers make their own verification framework based on the need of platform software component. Mostly platform software is written in the C Programing Language. Here, we are presenting basics of different types of Platform Software Verification Framework Solutions to support C Language-based Platform Software and Platform Software Component Verification. [A] Config File-based PSW Verification Framework:
Description: This test approach is mainly used for verification of library where the requirements are API-based and user interfaces are clearly defined. The test config file defines the API, input parameter and expected result. The test framework uses this config file as an input to call interface level APIs of Module under test with given input parameter values. The actual outcome of APIs is compared against the expected value defined in the config file to generate the test result. Configuration files can be in CSV, Text or XML format. Pros:
Cons:
[B] Host Script-based PSW Verification Framework:
Description: This test approach is preferred for API based verification. The test framework resides on both target and host systems. The host test framework called as a server, interprets test procedure scripts, translates it into target commands, controls the execution of tests, compares actual v/s expected results and generates the result data. The target test framework called as a client interprets commands received from the host, translates the received commands to test APIs, executes test APIs and sends back the response to the host. Pros:
Cons:
[C] Debugger-based PSW Verification Framework:
Description: This test approach is used for boot up platform software components i.e. Bootloader, CSP, BSP. Verification is challenging as test framework cannot get the control over the execution of such platform software components. The test procedures load the debug symbol file, halt the execution at the function under test and alter the input parameters using debugger interface APIs. This approach requires the hardware debugger i.e. ICE, Lauterbach to be connected between the target and host system. The test procedure uses the test-harness APIs to compare actual vs expected value and capture the result data. Most of the debuggers are supporting GNU Debugger (GDB) and Python/TCL interfaces for automation. Pros:
Cons:
[D] C Language-based PSW Verification Framework:
Description: This test approach is usually used to verify the PSW Components developed in C. So, it is easy to develop and integrate test procedure in C. The test procedure is built with the test framework and operational software. The test procedure uses the test harness, Stub driver and Test driver to test the platform software components. The result logger is used to transfer the result to Host. The test procedures running in user space uses the Stub driver and Test driver to simulate the input condition and capture the kernel space data. Pros:
Cons:
PSW eIHTestCon Framework
PSW eIHTestCon stands for eInfochips Host Based Test Controller for Platform Software Verification. It is designed and developed to provide complete verification framework solution for all PSW components’ verification. The test procedures are developed in two parts, test procedure logic in C language and test configuration in an XML file. The test configuration file carries test setup information. The Host Test Controller cross compiles [3] the test procedure files. It generates an executable image with dynamically linked [4] to target image and transfers to Target. The Target Test Agent loads the received executable in predefined reserved memory and starts test execution. The Target Test Agent transfers the test result data back to Host Test Controller. And Host Test Controller generates the result file in the required format. The test procedures are developed using the test harness, stub driver, and test driver. Pros:
Conclusion: This paper has explained various platform software verification framework designs. The eIHTestCon design overcomes challenges of other frameworks. It also supports verification for all platform software components under one solution. The paper has also covered pros and cons of individual frameworks. The following table provides additional data points from safety critical standard perspective [2].
[A] Config file based PSW Verification framework Visit www.einfochips.com for more information References: [2] RTCA/DO178C, “Software Considerations in Airborne Systems and Equipment Certification” [3] https://linux.die.net/man/1/gcc [4] https://linux.die.net/man/1/ar [5] https://www.windriver.com/products/product-overviews/vxworks-653-product-overview/ If you wish to download a copy of this white paper, click here
|
Home | Feedback | Register | Site Map |
All material on this site Copyright © 2017 Design And Reuse S.A. All rights reserved. |