Using Models to Improve the Availability of Automotive Software Architectures

This paper presents an initial model for evaluating and improving the availability of a software architecture design. The model is implemented as a reasoning framework in the ArchE architecture expert system developed jointly with the Software Engineering Institute. To ensure continuous availability many automotive electronic control units (ECUs) employ an external watchdog running on a separate CPU to monitor the software running on the ECU. If the ECU has a failure that causes interruption of its functionality, the watchdog can detect this and reset the ECU to restore correct operation. The availability model can automatically evaluate the effectiveness of a watchdog design in the software architecture and can propose improvements to achieve better availability before implementation decisions are made. The model enables a quantitative analysis of system availability that can better guide software architecture and dependability design decisions and potentially reduce implementation and testing effort.