Modeling and Verification of AUTOSAR OS and EMS Application

Abstract

AUTOSAR, derived from OSEK/VDX, is the most popular industrial standard in the automotive electric development. It is challenging to manually verify or validate the correctness and safety of AUTOSAR Operating System (OS) as well as mission-critical or real-time applications built on it. In this paper, we adopt timed CSP to describe and reason about the Schedule Table, a new task scheduling mechanism in AUTOSAR. We also employ timed CSP to model AUTOSAR OS and a realtime application, i.e., the Engine Management System (EMS), based on the Schedule Table mechanism, and verify some safety properties. In addition, we simulate and verify our models in Process Analysis Toolkit (PAT). The result indicates that both AUTOSAR OS and EMS application conform to the specifications and requirements.