Signal Age Fault Detection in Distributed Embedded Automotive Systems

More and more advanced features such as adaptive cruise control and collision avoidance are being adopted in road vehicles and these features are usually implemented as distributed systems across multiple ECU nodes that are connected by communication busses. In order to tolerate transient faults affecting a safety critical signal transmitted via bus in such distributed systems, the last used value or a default safe value for a safety critical signal is usually used among different ECU nodes on the bus for a pre-defined time interval before taking some other fault mitigation actions such as disabling a feature. Thus it becomes very important to monitor a signal's age and detect any signal age fault, where a signal age fault is defined as the use of an older or default signal value for longer than or equal to the pre-defined time interval. In this paper, we introduce a sequence number and an age counter for each safety critical signal and a Signal Sequence number and Age counter Manager (SSAM) to accurately compute the signal age in the presence of different possible faults in a distributed system, resulting in the detection of a signal age fault and corresponding timely fault mitigation actions. Possible implementation of the solution in AUTOSAR is also discussed.