High-Level Simulation with Complex Fault Models

High-level simulators are system simulator which simulate the behavior of a device with the precision of a clock cycle. They can be execution based, when the benchmark is directly executed, or trace based, when the simulation is carried out using a trace of execution previously generated. Fault Injection in Execution-Based Simulators

In these kind of simulators, a module for fault injection is integrated in the target design. The fault injection module can be integrated as dedicated module called saboteur. It is inactive during normal operation and can alter value or timing characteristics when active. Saboteurs can be inserted in series or parallel to the target design. Serial insertion, in its simplest form, consists of breaking up the signal path between a driver (output) and its corresponding receiver (input) and placing a saboteur in between. In its more complex form, it is possible to break up the signal paths between a set of drivers and its corresponding set of receivers and insert a saboteur. For parallel insertion, a saboteur is simply added as an additional driver for a resolved signal. The other approach of fault injection is using mutants which are inserted by modifying parts of the target circuit components. Those two approaches present the advantage of supporting all system abstraction levels: electrical, logical, functional, and architectural. Such approaches allow full reproduction of: singlebit flips, selected bit alterations, data corruptions, circuit rewiring, clock alteration and instruction swaps effects. However, theory require large development effort and cannot support fully randomisation and real-time features.

Existing availabletools are: MEFISTO-C [34], VERIFY [35], HEARTLESS [36], GSTF [37], FTI [38], Xception [39], FERRARI [40], SAFE [41], DOCTOR [42]. A detailed overview can be found in [43].

Selected Simulators

Xception [39] is a software implemented fault injection tool for dependability analysis. It provides an automated test suite that helps in injecting realistic faults. It injects faults without any intrusion on the target system. No software traps are inserted and hence program can be executed in normal speed. It uses the advanced debugging and performance monitoring features that exist in processors to inject realistic faults by software, and to monitor the activation of the faults in order to observe in detail their impacts on the behavior of the system [39]. Xception is a flexible and low-costly tool that could be used in a wide range of processors and machines (parallel and real-time systems). In addition, it enables the definition of a general and precise processor fault model with a large range of fault triggers and oriented to the internal processor functional units. Software Faults Emulation Tools

A few tools do exist to emulate the occurrence of faults in distributed applications. One of those tools is DOCTOR [42] (integrateD sOftware fault injeCTiOn enviRonment), that allows to inject faults in real-time systems. It supports faults in processor, memory and communication. The tool can inject permanent, transient, or intermittent faults. The fault scenarios that can be designed uses probabilistic model. While this suits small quantitative tests, repeatable fault injection capabilities are required for more complex fault scenarios.

SAFE [41] fault injection tool allows to automatically generate and execute fault injection tests. SAFE injects or detects software faults in C and C++ software, in order to force a software component failure, and to evaluate the robustness of the system as a whole. Injected faults are designed to realistically reproduce the real defects that hampers software systems, including issues affecting data initialization, control flow, and algorithms. Testing team can easily know how vulnerable the software is and fix it. The SAFE tool lets users customize which faults are injected. Fault Injection in Trace-Based Simulators

An example of fault injection tools exploiting trace-based simulations is the one of Miele [44]. The tool analyzes the system-level dependability of embedded systems. The workflow is organized in three main phases: preliminary characterization of the system, setup of the experimental campaign, and execution of experimental campaign followed by results’ post-processing. The designer specifies monitoring and classification actions at application and architecture levels. Debug-like mechanism allow to analyze the propagation of the errors in various functionalities of the executed application. The proposed approach is extremely suitable to reproduce the effects in simulation of single-bit flips, selected bit alterations, data corruptions and instruction swaps. Ferrari [40] (Fault-and-Error Automatic Real-Time Injection), developed at the University of Texas at Austin, uses software traps to inject CPU, memory, and bus faults. Ferrari consists of four components: the initializer and activator, the user information, the fault-and-error injector, and the data collector and analyzer. The fault-and-error injector uses software trap and trap handling routines. Software traps are triggered either by the program counter when it points to the desired program locations or by a timer. When the traps are triggered, the trap handling routines inject faults at the specific fault locations, typically by changing the content of selected registers or memory locations to emulate actual data corruptions. The faults injected can be those permanent or transient faults that result in an address line error, a data line error, and a condition bit error.

Jaca is a fault injection tool that is able to inject fault in object-oriented systems and can be adapted to any Java application without the need of its source code, but only few information about the application like the classes, methods, and attributes names [45]. Jaca has a graphical interface that permits the user to indicate the applications parameters under test in order to execute the fault injection [45]. Most of the fault injection tools are able to handle the injection of faults at low level of the software. Jaca differs from the other tools in the fact that it can perform both low-level fault injection, affecting Assembly language element (CPU registers, buses, etc.), and high-level fault injection affecting the attributes and methods of objects in a Java program.

The main advantage of using a trace-based simulator is the possibility of altering specific parts of the system without the need of altering the main structure of the system. Software-Based Simulators

Software fault injection is a special case of simulation-based fault injection where the target system is a large microprocessor-based machine that may include caches, memories, and devices, running a complex software. This technique is able to target applications and operating systems, which is not easy to do with the hardware fault injection.

Selected Simulators

LFI is a tool to make fault injection-based testing more efficient and accessible to developers and testers [46]. LFI injects faults at the boundary between shared libraries and target programs, which permits to verify if the programs are handling the failures exposed by the libraries correctly or not. More in detail, LFI permits to automatically identify the errors exposed by shared libraries, find potentially buggy error recovery code in program binaries, and produce corresponding injection scenarios. Fault injection was rarely used in software development. LFI was developed in response to this. It permits to reduce the dependence on human labor and correct documentation, because it automatically profiles fault behaviors of libraries via static analysis of their binaries. The tool aims to provide testers an easy, fast, and comprehensive method to see how much the program is robust to face failures exposed between shared libraries and the tested programs [46].

Byteman [47] is a byte code injection tool developed to support Java code testing using fault injection technique. It is also very useful for troubleshooting and tracing Java program execution. Byteman provides a functions librarywhich helps generating simple error conditions to complex error flows. Almost any Java code can be injected into the application in scope at the injection point. POJO (plain old java object) can be plugged in to replace built-in functions. Byteman works by modifying the bytecode of the application classes dynamically at runtime.

< Prev   CONTENTS   Source   Next >