Dr. rer. nat.

Weiß, Gereon

Filters

9 3
Reset filters

Settings
Now showing 1 - 10 of 12
No Thumbnail Available
Publication

Resumption of runtime verification monitors: Method, approach and application

2018 , Drabek, Christian , Weiß, Gereon , Bauer, Bernhard

Runtime verification checks if the behavior of a system under observation in a certain run satisfies a given correctness property. While a positive description of the system's behavior is often available from specification, it contains no information for the monitor how it should continue in case the system deviates from this behavior. If the monitor does not resume its operation in the right way, test coverage will be unnecessarily low or further observations are misclassified. To close this gap, we present a new method for extending state-based runtime monitors in an automated way, called resumption. Therefore, this paper examines how runtime verification monitors based on a positive behavior description can be resumed to find all detectable deviations instead of reporting only invalid traces. Moreover, we examine when resumption can be applied successfully and we present alternative resumption algorithms. Using an evaluation framework, their precision and recall for detecting different kinds of deviations are compared. While the algorithm seeking expected behavior for resumption works very well in all evaluated cases, the framework can also be used to find the best suited resumption extension for a specific application scenario. Further, two real world application scenarios are introduced where resumption has been successfully applied.

View
No Thumbnail Available
Publication

DANA - Description and Analysis of Networked Applications

2017 , Drabek, Christian , Weiß, Gereon

We introduce the DANA platform for specifying and analyzing networked applications. DANA was originally created targeting the automotive domain for the verification and validation of software interface behavior in new infotainment and advanced driver assistant systems that are integrated on a single hardware platform. The messages in these interfaces can contain complex data, e.g., playlists with images. Therefore, valid behavior is described as a layered reference model. The platform can use the model to generate test cases, code for simulation, and to verify a live or recorded trace. Exchangeable resumption algorithms enable DANA to resume runtime verification after a deviation using the original state machine without manual changes. A generic input model allows quick integration of new sources for messages. Therefore, DANA can easily be applied to other domains where interactive behavior can be observed. In this paper, we present the tool, its layered reference model, and show its application for runtime verification.

View
No Thumbnail Available
Publication

Ausfallsichere E/E-Architektur für hochautomatisierte Fahrfunktionen

2016 , Weiß, Gereon , Schleiß, Philipp , Drabek, Christian

Die Hochautomatisierung erfordert neue Ansätze zur Ausfallsicherheit von Fahrzeugbordnetzen: Wird der Fahrer künftig von der Überwachung des Fahrzeugs befreit, müssen die E/E-Architekturen eine höhere Ausfallsicherheit bereitstellen. Im Rahmen des EU Projekts SafeAdapt wird hierzu ein ganzheitlicher Ansatz vorgestellt.

View
No Thumbnail Available
Publication

Reducing the verification effort for interfaces of automotive infotainment software

2015 , Drabek, Christian , Paulic, Annette , Weiß, Gereon

We present a novel approach and effective tooling to reduce the effort for the interface verification of in-vehicle software components. Our models create different views of the system. Layered reference models separate the description of the structure and the behavior of the services' communication. This simplifies the behavior descriptions and facilitates the usage of different communication technologies, e.g., D-Bus or CAN. Since the reference models are executable specifications, they can be used to verify the communication of the modeled services. This can be tested live or from a trace. In case of required changes to an interface, regression testing can be performed automatically using only the model. We evaluate the benefits and implications of our approach and tool with a case study of an in-vehicle audio function.

View
No Thumbnail Available
Publication

Safe adaptation for reliable and energy-efficient E/E architectures

2017 , Weiß, Gereon , Schleiß, Philipp , Drabek, Christian , Ruiz, Alejandra , Radermacher, Ansgar

The upcoming changing mobility paradigms request more and more services and features to be included in future cars. Electric mobility and highly automated driving lead to new requirements and demands on vehicle information and communication (ICT) architectures. For example, in the case of highly automated driving, future drivers no longer need to monitor and control the vehicle all the time. This calls for new fault-tolerant approaches of automotive E/E architectures. In addition, the electrification of vehicles requires a flexible underlying E/E architecture which facilitates enhanced energy management. Within the EU-funded SafeAdapt project, a new E/E architecture for future vehicles has been developed in which adaptive systems ensure safe, reliable, and cost-effective mobility. The holistic approach provides the necessary foundation for future invehicle systems and its evaluation shows the great potential of such reliable and energy-efficient E/E architectures.

View
No Thumbnail Available
Publication

Absicherung vernetzter IoT-Funktionen mit selbstlernenden Modellen

2017 , Weiß, Gereon , Drabek, Christian

Mit dem Internet-of-Things (IoT) wird die Verknüpfung diverser Systeme von eingebetteten Steuerungen über Cloud-Services und diverse Frameworks sowie Plattformen möglich. Für den Nachrichtenaustausch der beteiligten Komponenten existiert bereits heute eine Vielzahl von grundlegenden Kommunikationsprotokollen. Die darauf aufbauenden Anwendungsprotokolle sind jedoch in der Regel spezifisch für einzelne Applikationen definiert und umgesetzt. Um auch das korrekte Funktionieren einer vernetzten Anwendung sicherzustellen, muss deren Interaktion mit anderen Komponenten abgesichert und verifiziert werden. Damit dies effizient möglich ist, sind neue Verfahren zur automatisierten Absicherung notwendig, so dass die korrekte Interaktion solcher verteilter Anwendungen sichergestellt werden kann. Hierfür wird ein modellgetriebenes Verfahren vorgestellt, welches es erlaubt Fehler automatisiert anhand des Kommunikationsverhaltens festzustellen. Um den Aufwand hierfür gering zu halten und auch neue, zunächst unbekannte Anwendungen absichern zu können, wird ein selbstlernendes Verfahren eingesetzt. Das kann teilautomatisiert Modelle aus Anwendungsprotokollen erzeugen, die dann wiederum überprüft und weiterverwendet werden können. So können diese Modelle auch wieder zur automatisierten Absicherung der Anwendungen genutzt werden. Das Verfahren wurde in verschiedenen Projekten und Anwendungsszenarios, wie am Beispiel einer Modell-Produktionsanlage, bereits erfolgreich erprobt.

View
No Thumbnail Available
Publication

Absicherung von komplexen Software-Komponenten vernetzter Fahrzeuge

2016 , Weiß, Gereon , Drabek, Christian

Die Menge an Software in Fahrzeugen nimmt nicht nur stetig zu, sondern übernimmt auch immer komplexere und kritischere Funktionen. Hiermit steigt auch die Komplexität der Schnittstellen und Funktionsinteraktionen stark an. Gute Beispiele hierfür sind die Hochintegration oder auch Fahrzeugumweltvernetzung. Damit diese Funktionen zukünftig in hoher Qualität realisiert und abgesichert werden können, sind neue Entwicklungs- und Absicherungskonzepte sowie Methoden unerlässlich. Im Beitrag werden die Herausforderungen zukünftiger vernetzter Fahrzeugsysteme diskutiert. Darüber hinaus wird eine modellbasierte Methodik vorgestellt, die eine Absicherung von komplexen Software-Schnittstellen ermöglicht, wie sie für Ethernet oder V2X-basierte Funktionen notwendig sind.

View
No Thumbnail Available
Publication

Method for automatic resumption of runtime verification monitors

2017 , Drabek, Christian , Weiß, Gereon , Bauer, Bernhard

In networked embedded systems created with parts from different suppliers, deviations from the expected communication behavior often cause integration problems. Therefore, runtime verification monitors are used to detect if observed communication behavior fulfills defined correctness properties. However, in order to resume verification if unspecified behavior is observed, the runtime monitor needs a definition of the resumption. Otherwise, further deviations may be overlooked. We present a method for extending state-based runtime monitors with resumption in an automated way. This enables continuous monitoring without interruption. The method may exploit diverse resumption algorithms. In an evaluation, we show how to find the best suited resumption extension for a specific application scenario and compare the algorithms.

View
No Thumbnail Available
Publication

Generic management of availability in fail-operational automotive systems

2017 , Schleiß, Philipp , Drabek, Christian , Weiß, Gereon , Bauer, Bernhard

The availability of functionality is a crucial aspect of mission- and safety-critical systems. This is for instance demonstrated by the pursuit to automate road transportation. Here, the driver is not obligated to be part of the control loop, thereby requiring the underlying system to remain operational even after a critical component failure. Advances in the field of mixed-criticality research have allowed to address this topic of fail-operational system behaviour more efficiently. For instance, general purpose computing platforms may relinquish the need for dedicated backup units, as their purpose can be redefined at runtime. Based on this, a deterministic and resource-efficient reconfiguration mechanism is developed, in order to address safety concerns with respect to availability in a generic manner. To find a configuration for this mechanism that can ensure all availability-related safety properties, a design-time method to automatically generate schedules for different modes of operations from declaratively defined requirements is established. To cope with the inherent computational complexity, heuristics are developed to effectively narrow the problem space. Subsequently, this method's applicability and scalability are respectively evaluated qualitatively within an automotive case study and quantitatively by means of a tool performance analysis.

View
No Thumbnail Available
Publication

Towards flexible and dependable E/E-architectures for future vehicles

2016 , Weiß, Gereon , Schleiß, Philipp , Drabek, Christian

Future vehicles are expected to evolve towards enabling fully electric and autonomous driving. However, technically this evolution requires fundamental changes of traditional automotive engineering principles. Specifically, challenges arise for the Electric/Electronic (E/E) vehicle architectures as underlying basis for almost all car functionalities. Higher demands on vehicle system's flexibility and dependability have to be incorporated. We present a novel approach for such future E/E-architectures which considers these requirements as first principles by exploiting runtime adaptation capabilities. Based on use cases, a generic hardware and software architecture is presented which enables technology-independent realization of the provided concepts. Additionally, the incorporated generic failure management and design support are introduced. The approach has been evaluated in different prototype demonstrators, including an e-vehicle prototype compromising enhanced driving functionality. Thereby, the advantages of the concepts for future vehicle E/E-architectural development could be highlighted.

View