Skip to Main content Skip to Navigation

Systèmes résilients pour l'automobile: d'une approche à composants à une approche à objets de la tolérance aux fautes adaptatives sur ROS

Matthieu Amy 1
1 LAAS-TSF - Équipe Tolérance aux fautes et Sûreté de Fonctionnement informatique
LAAS - Laboratoire d'analyse et d'architecture des systèmes
Abstract : Just like the cell phone evolving into a smartphone, the car has gradually become a smartcar. Driving aids, infotainment and vehicle customization are the key points of attractiveness to consumers. The emergence of connected cars has enabled manufacturers to remotely update on-board software, making it easier to maintain and add new features later on. In this context, the AUTOSAR consortium, a group of major car manufacturers, has designed a new software platform that facilitates remote updating and online modification of these in-vehicle systems. However, with increasing complexity in these software systems, it has become essential to be able to ensure safe operation despite unexpected changes. Thus, dependability mechanisms must also adapt and be updated to ensure system resilience, i.e., persistence of dependability in the face of changes. Fault Tolerance Mechanisms (FTMs) ensuring a nominal or degraded service in the presence of faults must also adapt to a change in the application context (change in the fault model, application characteristics or available resources). This ability to adapt FTMs is called Adaptive Fault Tolerance (AFT). It is in this context of evolution and adaptability that our thesis work is situated. In this thesis, we present approaches to develop fail-safe systems whose FTMs can be adapted at runtime by more or less fine-grained modifications to minimize the impact on the application's execution. We propose a first solution based on a substitutable components approach, we decompose our FTMs according to a Before-Proceed-After design scheme gathering respectively the dependability actions executing before an application action, the communication with the application and those executing after an application action. We implement this approach on ROS (Robot Operating System), a middleware for robotics allowing to create applications in the form of component graphs. We then propose a second solution in which we refine the granularity of the components of our FTMs and we categorize, in a first step, the dependability actions they contain. This allows us to substitute not a component but an elementary action. Thus, we overcome a resource problem that appeared in the substitutable components approach. As a component is projected on a process, our FTMs use unnecessarily limited resources on embedded platforms. To address this problem, we propose a solution based on a schedulable object approach. FTMs move from a component graph design to an object graph design. The safety actions are projected on objects that are scheduled inside the FTM. This second solution is also implemented on ROS. Finally, we critically analyze the two automotive software execution media, namely, AUTOSAR Classic Plateform, and AUTOSAR Adaptive Platform, which is still under development. In a final step, we examine the compatibility between these two frameworks and our approaches to designing resilient embedded systems based on adaptive fault tolerance.
Document type :
Complete list of metadata
Contributor : Laas Hal-Laas <>
Submitted on : Thursday, July 29, 2021 - 4:59:03 PM
Last modification on : Friday, July 30, 2021 - 4:04:50 AM


Files produced by the author(s)


  • HAL Id : tel-03307919, version 1


Matthieu Amy. Systèmes résilients pour l'automobile: d'une approche à composants à une approche à objets de la tolérance aux fautes adaptatives sur ROS. Systèmes embarqués. Institut National Polytechnique de Toulouse, 2020. Français. ⟨tel-03307919⟩



Record views


Files downloads