Critical Automotive applications: Robustness & Safety
On Robustness methods and development techniques for safety related automotive embedded systems and applications
7th edition of CARS in conjunction with
EDCC 2022, Zaragoza, Spain
September 12, 2022
Publication Chair : Matthieu ROY, LAAS-CNRS, Toulouse, France email@example.com
Towards Cyber Resilient Autonomous Vehicle Ecosystems: Pitfalls and Enablers
KAUST, CEMSE, RC3 (Resilient Computing and Cybersecurity Center), KSA
Currently, there is a substantial push towards autonomous systems in the market. Whilst cooperative autonomous systems, such as vehicles, have been using extensive fault-tolerance e.g., in x-by-wire functions, and are quite safe from an accidental faults perspective, they present a considerable threat surface to malicious faults activating defects almost impossible to reach accidentally. This pitfall has been very slowly recognized by car makers. We will discuss this threat surface in an analysis including the whole ecosystem, from in-car systems and networks, roadside infrastructures, to V2V and V2I communication networks, as a first step towards solutions.
The consequences of such attacks are likely to be severe, in particular because autonomous systems have kinetic behavior and many operate in close proximity to humans, and can thus cause physical damage, life-threatening included. For these reasons, we elect cyber resilience as an enabler of sustainable secure, safe and real-time operation of next-generation architectures for autonomous cooperative systems, in particular automotive.
Briefly, resilient computing techniques draw from the fusion between dependability, security and AI/ML: understanding the need to automatically and simultaneously fight against cyber-attacks, accidental faults, design errors, and unexpected operating conditions; learn and adapt to uncertain situations, whilst maintaining an acceptable degree of predictability. The ultimate goal of resilience is providing unattended and sustainable operation even in the presence of extremely adverse and/or unexpected situations.
This talk will discuss how the incorporation of resilience techniques can bring autonomous vehicle ecosystems to the desired level of safety and security, in an incremental, dynamic, and adaptive way. Finally, we will discuss a quite important pitfall originating from the use of inappropriate AI/ML techniques in certain autonomous vehicles, which have been the cause of serious accidents. We suggest paths to address this serious problem.
Paulo Esteves-Veríssimo is a professor at KAUST University (KSA) and Director of its Resilient Computing and Cybersecurity Center (https://rc3.kaust.edu.sa/), and research fellow of SnT at the Univ. of Luxembourg (UNILU). Previously, he has been a professor and FNR PEARL Chair at UNILU and Head of the CritiX lab (https://wwwen.uni.lu/snt/research/critix).
He was a member of the Sci &Tech. Comm. of ECSO EU Cyber Security Org., Chair of IFIP WG 10.4 on Dependable Comp. and F/T, and vice-Chair of the Steer. Comm. of the DSN conference. He is Fellow of IEEE and of ACM, and associate editor of the IEEE TETC journal, author of over 200 peer-refereed publications and co-author of 5 books. He is currently interested in resilient computing, in areas like: SDN-based infrastructures; autonomous vehicles; distributed control systems; digital health and genomics; or blockchain and cryptocurrencies.
Reconfigurable logic for automotive edge computing: from promises to dependability assessment challenges
Dept. DISCA, UPV, Spain
Reconfigurable logic devices have provided means to meet the requirements of evolution existing in parts of modern automotive embedded HW systems. The combination of hard (fast) and reconfigurable (flexible) logic, leads the promise of automotive-graded HW platforms enabling manufacturers to tailor accelerators to specific applications and models. In such a way, HW platforms can be customized attending to the needs of each embedded subsystem to provide higher levels of performance at lower levels of power consumption, and (re-)adjust parts of the logic attending to the set of safety requirements under consideration, existing threats, and their evolution along the time. Despite the high potential of this technology to produce more sophisticated automotive systems, its practical exploitation poses serious doubts in part due to the many challenges that must be addressed when assessing the robustness of the hardware running in the system reconfigurable logic. Although the ISO 26262 standard recommends the use of experimental fault injection for this type of assessment, the spatial and temporal complexity of the logic implementation and the various fault models to consider leads to very long injection campaigns that are unaffordable in practice. One solution is to decrease the level of detail of implementations and inject faults on high-level logic models. Another possibility consists in reducing the number of faults to inject to decrease the experimental time. Both solutions are largely used in the domain, but one must be aware about the existing implications on accuracy and representativity of results. This keynote speech explores this problem, identifying the challenges existing when dealing with experimental fault injection on reconfigurable logic and proposing some solutions to make this type of dependability assessment feasible.
Juan-Carlos Ruiz-Garcia is Assistant Professor at UPV (Universitat Politècnica de València, Spain). He is member of the Fault-Tolerant Systems Research Group (GSTF) of ITACA, a UPV research institute. He is also member of the Department of Computer Engineering (DISCA) of the UPV. He teaches computer engineering and mobile programming in the UPV School of Computer Science (ETSINF), where he also acts as Vice-Dean for International Relations.
He has a long experience on, although his research is not limited to, the verification of safety-critical embedded systems through fault injection. He regularly contributes as Program Committee, Organization Committee or Conference Chair to the most important international scientific conferences related to dependability, such as the European Dependable Computing Conference and the IFIP/IEEE Dependable Systems and Networks Conference. He is author of more than 60 scientific papers published in relevant journals and conferences. He is member of IFIP SIG 10.4 on Dependability Benchmarking.
The increasing complexity of automotive applications, the challenges posed by autonomous vehicles, the need to master production costs using off-the-shelf components, the coexistence of critical and non-critical applications, and the emergence of new architectural paradigms (Cloud, AI) may have a strong effect on dependability of automotive embedded systems. This situation requires design and validation methods, but also tools to improve automotive systems robustness and their safety and security properties.
The evolution of automotive systems is supported by standards (like AUTOSAR, ISO26262) that respectively advocate a software architecture but also recommend development approaches to improve system robustness and safety. The fast evolution of both standards is a reality to incorporate novel features, more flexibility while improving robustness, security and safety.
The goal of the workshop is to bring together researchers and practitioners interested in the construction of critical automotive applications and systems. It will place the emphasis on dependability issues, software engineering for robustness, security and safety issues, real time embedded systems technologies, architectural software and hardware solutions, development processes for dependable automotive embedded systems.
In particular, CARS aims at promoting and fostering discussion on novel ideas and techniques, possibly controversial approaches, it is a forum for on-going work exchange, a place where researchers and developers can share both real problems and innovative solutions.
Topics of interest for the workshop include (but are not limited to):
· Safety in the development processes and safety management.
· Combined approaches for safety and security
· Safety of the Intended Functionality (SOTIF)
· Autonomous systems, car-to-X, ADAS and safety
· Hardware and software support for dependable automotive systems.
· Middleware and tool support for dependable embedded automotive systems.
· Open source approaches and integration of SEooC (Safety Elements out of Context).
· Real-time operating systems, WCET estimation, schedulability analysis.
· Modelling and code generation techniques.
· Software safety analysis and formal verification techniques for automotive systems.
· Coordination, communication, networking and distributed control architectures.
· Diagnosis approaches, failure data, practical experience reports of critical applications.
· Validation by fault injection during the V life cycle according to ISO 26262.
· Cloud-based automotive applications and IA
· Cyber-security and connected cars
Application areas of interest to the workshop focus on the automotive domain but methods and techniques in other transport domains (e.g. aerospace, railways) are also welcome.
The workshop is complementary to the EDCC main track as it focuses on dependability in automotive embedded systems.
The anticipated format for this one-day workshop is as follows:
· A first opening session with a keynote speech, related to industrial experience or to challenges.
· A set of regular sessions devoted to the presentation of short papers on a given topic (architecture, development, evaluation, etc.) with space for discussions:
The CARS workshop is organized since 2010 and attached to a big event, mainly EDCC (European Conference on Dependable Computing). Its format proved to be very successful since the first issue of the CARS workshop at EDCC2010 in Valencia, Spain. The second issue in 2013 was attached to SAFECOMP 2013 (International Conference on Computer Safety, Reliability and Security, Toulouse, France). It was then organized several times in conjunction with EDCC
A keynote speaker is always invited (see previous invited speakers in former CARS workshop editions that are available on-line).
To contribute to the workshop, authors are invited to submit (i) an extended position paper of 4 pages (IEEE format) or (ii) an abstract (1 page IEEE format).
The program committee will carefully review submitted papers. The review will focus not only on the paper's quality, but also on its ability to engender fruitful discussions.
All authors of accepted papers are invited to attend the workshop.
The accepted papers will be published on line on HAL.
Submission of papers is open on easychair CARS2022 submission site.
June 13th, 2022 (extended deadline)
July 2nd, 2022
The Program Committee for the CARS workshop is, as usual, voluntarily balanced between academia and industry. All members who joined the PC in the past are renowned leaders, scientists and practitioners.
Matthieu Roy, LAAS-CNRS, France
Version date: July 23, 2022.