The design of secure and reliable cyber-physical systems has become increasingly challenging due to the growing complexity of their software and hardware, as well as the interactions among different systems and with the physical environment. Next-generation automotive systems are representative cyber-physical systems with such challenges. They are not only capable of conducting perception, planning, and control through complex software and hardware within the vehicle, but also able to communicate with other vehicles and roadside infrastructures for safety and efficiency applications. The design, analysis, and validation of vehicular applications (such as cooperative adaptive cruise control and intersection management) involve multiple layers: the application layer, the software layer, and the hardware layer. Furthermore, various metrics and stringent requirements, such as timing, safety, security, and fault-tolerance, makes the design, analysis, and validation even more challenging.
To cope with these challenges, we present CONVINCE, a cross-layer modeling, exploration, and validation framework for the design of next-generation automotive systems. CONVINCE is a holistic framework containing mathematical models, synthesis and validation algorithms, and simulation of both inter-vehicle and intra-vehicle behaviors. Various metrics are considered across multiple layers of the framework.
At the application and software layers, we consider cooperative adaptive cruise control and intelligent intersection management to address the challenges from communication delays and possible security attacks. We present a delay-tolerant protocol for intelligent intersection management and conduct modeling, simulation, and verification for analyzing the safety, liveness, and performance of the protocol. We also develop a codesign approach for addressing the trade-off between security and control performance with the consideration of implementation feasibility. At the software and hardware layers, we address the software to hardware mapping considering fault-tolerance and security. We conduct fault-tolerance design to improve system-level error recovery rate by applying soft error detection and recovery mechanisms with real-time constraints. We also present the security-aware mapping for both CAN-based and TDMA-based systems with limited resources and strict timing constraints. We have conducted experiments with industrial applications and synthetic examples for our cross-layer framework and demonstrated its effectiveness.