A verifier for Simulink models has been developed that can automatically check that the Simulink models always behave correctly according to (functional) specifications. Combined with automatic code generation from models it is possible to ensure absence of many types of software defects. Although this tool can detect many types of defects in the software, these types of tools have limited scalability. In order to ensure reliability of large complex real-time systems, we have developed a fault-tolerant architecture and real-time scheduling algorithms to handle possible software faults, such as incorrect results from computation, runtime errors and deadline misses. The software architecture developed enables majority of the system functionality even if the main controller is defect. The system is therefore operable until next scheduled service break. Furthermore, this kind of architecture enables live upgrades of running systems.
Achieving high reliability of software is a challenging problem, which has not been generally solved for embedded systems. It is also increasingly important as more and more features in machines are implemented in software or have significant software components. This is especially relevant in embedded control systems, since faulty software can harm humans, the environment or expensive machinery
The verification tool is a proof-of-concept that these kinds of tools are becoming feasible for industrial use. The tool can check the absence of many types of defects in the software and thereby greatly increase its reliability. The fault tolerance mechanisms can be applied directly in industry, where there is a need for advanced real-time software for which the quality cannot be guaranteed.
Pontus Boström, Åbo Akademi University
Mikko Huova, Tampere University of Technology
Tero Peippola, VTT
Åbo Akademi University, Tampere University of Technology, VTT, Cargotec, Metso Automation, Norrhydro, Valmet, Wärtsilä