Error Resilience design for Automotive Control Systems

In the context of modern automotive systems, the increasing complexity and integration of electronic components have made reliability and safety critical design concerns. Among the most insidious threats to system integrity are bit flips, unintended changes in the state of a memory bit, caused by phenomena such as cosmic radiation, electromagnetic interference, or manufacturing defects. These transient faults, though seemingly minor, can lead to catastrophic consequences in safety-critical applications, including unintended behavior of control systems, data corruption, or even complete system failure. Real-world incidents, such as unexpected airbag deployments or engine control malfunctions, have been traced back to such low-level hardware faults, underscoring the urgent need for robust error resilience strategies. This thesis addresses the challenge of bit-flip resilience in the context of automotive Control Status Registers (CSRs), key components in embedded control systems responsible for storing and managing the state of hardware modules. Given the stringent safety requirements of the automotive domain, particularly under standards such as ISO 26262, ensuring the integrity of CSRs is paramount. The work presented herein proposes a protection architecture specifically designed to detect and, in some cases, correct bit-flip errors in CSRs, thereby enhancing the overall fault tolerance of the system. A primary objective of the proposed design is to increase the protection level of the CSR against random bit flips while maintaining backward compatibility with existing architectures. This constraint ensures that the new protection mechanisms can be integrated into current automotive platforms without requiring significant redesign of surrounding systems. The core of this research is the development and comparative analysis of five distinct protection modules, each implementing a different error detection or correction strategy. Starting from a baseline CSR architecture (referred to as CSR2), each module extends the original design with additional logic to support one of the following techniques: Simple Parity Bit 1D Parity 2D Parity Hamming Code Extended Hamming Code Each module was implemented and integrated into the CSR2 architecture, with careful consideration given to hardware overhead, latency, and compatibility with existing automotive microcontroller environments. The thesis provides a detailed architectural description of each module, including logic diagrams, encoding/decoding mechanisms, and fault injection scenarios used for validation. The final outcome of this work is a set of five distinct protection modules, each with unique characteristics and operational trade-offs. The thesis concludes with a comparative analysis that identifies the most suitable protection scheme based on specific application parameters such as: Frequency of memory access, Size and bit-width of the CSR, Required level of fault tolerance, Hardware resource constraints. This analysis highlights that no single solution is universally optimal. Instead, each module is best suited to a particular use case, allowing system designers to make informed decisions based on the operational profile of the CSR in question. In summary, this work contributes a modular, scalable, and application-aware approach to enhancing the error resilience of automotive control systems. By systematically exploring and evaluating multiple protection architectures, it lays the groundwork for more robust and reliable embedded systems.