Abstract
KEYWORDS – ISO 26262, functional safety, ASIL, AUTOSAR, software fault detection
ABSTRACT
As the importance of functional safety in electric/electronic (E/E) systems increased in the modern automotive industry, a global functional safety standard named ISO 26262 was proposed. ISO 26262 provides functional safety requirements for each E/E system in order to avoid unreasonable risks. The AUTOSAR (AUTomotive Open System Architecture) has been actively introducing safety mechanisms to satisfy such requirements but it still falls short of expectation. Particularly, the current safety mechanisms of AUTOSAR cannot completely deal with software faults that must be detected according to ISO 26262. In this paper, we propose two enhanced safety mechanisms for AUTOSAR so that AUTOSAR can detect all types of software faults listed in ISO 26262. We first propose an enhanced deadline supervision mechanism to detect the indefinite blocking of a task. We also introduce an end-to-end protection mechanism that can detect the delayed transmission of data. We implemented our solution on TriCoreTM Starter Kit and demonstrated that the proposed solution successfully detected faults as desired.