Publication

With the introduction of the automotive functional safety standard ISO 26262, several challenges related to the representation of dependability information has emerged. This paper addresses how safety requirements can be formalized; which is mandatory for high-integrity requirements. Particular focus is given to asymmetric failures. Such a failure can be caused by a communication fault, and implies that data in a distributed system will be inconsistent among system outputs or within the system (incorrect, corrupt or omitted, etc.). We investigate along two lines; 1) The EAST-ADL automotive architecture description language is extended with a capability to represent asymmetric faults and failures. 2) The Compute-Distribute Results (CDR) pattern is introduced to assist reasoning about distributed systems, in particular potential inconsistencies. We show how this can support architectural decisions regarding selection of communication topology and communication technology for a given distributed system. A brake-by-wire application and FlexRay bus are analysed to illustrate the concepts.