CN106656663A - Bit flip fault injection method and system for CAN (Controller Area Network) bus data link layer - Google Patents

Bit flip fault injection method and system for CAN (Controller Area Network) bus data link layer Download PDF

Info

Publication number
CN106656663A
CN106656663A CN201611118484.5A CN201611118484A CN106656663A CN 106656663 A CN106656663 A CN 106656663A CN 201611118484 A CN201611118484 A CN 201611118484A CN 106656663 A CN106656663 A CN 106656663A
Authority
CN
China
Prior art keywords
fault
information frame
fault location
instruction
node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201611118484.5A
Other languages
Chinese (zh)
Inventor
谢浪雄
杨春晖
林军
吴蕾
陈彦彰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Electronic Product Reliability and Environmental Testing Research Institute
Original Assignee
China Electronic Product Reliability and Environmental Testing Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Electronic Product Reliability and Environmental Testing Research Institute filed Critical China Electronic Product Reliability and Environmental Testing Research Institute
Priority to CN201611118484.5A priority Critical patent/CN106656663A/en
Publication of CN106656663A publication Critical patent/CN106656663A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/50Testing arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L2012/40208Bus networks characterized by the use of a particular bus standard
    • H04L2012/40215Controller Area Network CAN

Abstract

The invention relates to a bit flip fault injection method and system for a CAN (Controller Area Network) bus data link layer. A fault injection interface is displayed and whether an information frame transmitted by a tested CAN node is received or not is detected in real time. If the information frame transmitted by the tested CAN node is detected, whether a fault injection instruction acting on the fault injection interface is received or not is judged; and if the fault injection instruction is received, a bit flip fault value is generated according to the fault injection instruction, the bit flip fault value is injected into the information frame, and the information frame into which the bit flip fault value is injected is output. Real hardware fault injection is replaced by software fault injection and a bit flip error caused by an electrical layer of the tested CAN node is simulated in a software fault injection mode, so the trouble of setting up a hardware fault injection simulation circuit is omitted to a great extent, the test cost is low and the test time and vigor of a test engineer are reduced.

Description

The bit flipping fault filling method of CAN data link layer and system
Technical field
The present invention relates to the direct fault location technical field of measurement and test of CAN node, more particularly to a kind of CAN data The bit flipping fault filling method of link layer and system.
Background technology
CAN (Controller Area Network, controller local area network) bus has that reliability is high, real-time is good, into The advantages of this is reasonable, obtains substantial amounts of answering in fields such as automobile, ship, space flight, medical treatment, industrial measurement and control and industrial automations With becoming one of the most widely used fieldbus of industrial quarters.In actual CAN running, can run into very Excitation under many abnormalities, and cannot expect CAN response and under extreme conditions its data transfer when it is steady It is qualitative.Therefore, in CAN development process, in order to verify the reliability of CAN, fault-tolerance and its failure as far as possible State, then need direct fault location thought to be incorporated in CAN test.
The fault filling method concern of traditional CAN is more the failure of electrical layer, such as short in CAN Resistance capacitance characteristic failures, differential resistor failure and bus termination in road failure, open circuit fault, short circuit failure, CAN nodes Resistance Fault etc..When the direct fault location for performing electrical layer is tested, need additionally to build controller controling circuit, relay driving Circuit and relay circuit improve the cost of test either directly or indirectly simulating the different faults of electrical layer.
The content of the invention
Based on this, it is necessary to for the problems referred to above, there is provided turn over a kind of position of the low CAN data link layer of testing cost Turn fault filling method and system.
A kind of bit flipping fault filling method of CAN data link layer, comprises the following steps:
Direct fault location interface is shown, and whether real-time detection receives the information frame of tested CAN node-node transmissions;
When the information frame of the tested CAN node-node transmissions is detected, judge whether to receive and act on failure note Enter the direct fault location instruction at interface;
If so, then according to direct fault location instruction generation bit flipping fault value;
The bit flipping fault value is injected into described information frame, and the information frame after fault value is overturn described in output injection.
A kind of bit flipping fault injection system of CAN data link layer, including:
Information frame detection module, for showing direct fault location interface, and whether real-time detection receives tested CAN nodes and passes Defeated information frame;
Injection instruction detection module, for when the information frame of the tested CAN node-node transmissions is detected, judging whether to connect Receive the direct fault location instruction for acting on the direct fault location interface;
Fault value generation module, for receive act on the direct fault location interface direct fault location instruct when, root Bit flipping fault value is generated according to direct fault location instruction;
Fault value injection module, for the bit flipping fault value to be injected into described information frame, and turns over described in output injection Turn the information frame after fault value.
The bit flipping fault filling method and system of above-mentioned CAN data link layer, display direct fault location interface, and in fact When detect whether to receive the information frame of tested CAN node-node transmissions.When the information frame of tested CAN node-node transmissions is detected, sentence It is disconnected whether to receive the direct fault location instruction for acting on the direct fault location interface;If so, then according to direct fault location instruction generation Bit flipping fault value, the information frame that bit flipping fault value is injected after information frame, and output injection upset fault value.Using software Direct fault location replaces real hardware fault injection, and by software fault injection mode tested CAN nodes electrical layer failure is simulated The bit flipping mistake for causing, can largely save and build the trouble that hardware fault injects analog circuit, and testing cost is low, Also reduce testing time and the energy of Test Engineer.
Description of the drawings
Fig. 1 is the flow chart of the bit flipping fault filling method of CAN data link layer in an embodiment;
Fig. 2 is the flow chart of the bit flipping fault filling method of CAN data link layer in another embodiment;
Fig. 3 is the structure chart of the bit flipping fault injection system of CAN data link layer in an embodiment;
Fig. 4 is the structure chart of the bit flipping fault injection system of CAN data link layer in another embodiment;
Fig. 5 is the designed holder composition of the data link layer bit flipping fault injection system for being used for CAN in an embodiment;
Fig. 6 is that the hardware of the data link layer bit flipping fault injection system for being used for CAN in an embodiment is implemented to show It is intended to;
Fig. 7 is the command line parameter frame for being used for CAN data link layer bit flipping fault injection system in an embodiment Composition.
Specific embodiment
In one embodiment, a kind of bit flipping fault filling method of CAN data link layer, as shown in figure 1, bag Include following steps:
Step S130:Direct fault location interface is shown, and whether real-time detection receives the information of tested CAN node-node transmissions Frame.
Direct fault location interface carries out bit flipping direct fault location operation for tester, by showing that direct fault location interface is opened Dynamic direct fault location pattern.Detect that the mode of the information frame of tested CAN node-node transmissions is not unique, in the present embodiment, real-time detection Whether the information frame of tested CAN node-node transmission is received, including:Reception buffering area is constantly checked by way of poll, is detected Whether the information frame that receive tested CAN node-node transmission is had.Specifically, two can be arranged or plural CAN passages enters The transmitting-receiving of row information frame, CAN0 passages are one of CAN passages, and CAN1 passages are another CAN passage.By the side of poll Formula is constantly gone to check CAN0 channel reception buffering areas, sees if there is and receive the information frame that tested CAN node-node transmissions come, keeps away Exempt from information omission occur, improve detection promptness.
Step S150:When the information frame of tested CAN node-node transmissions is detected, judge whether to receive act on failure note Enter the direct fault location instruction at interface.
Tester can be by the injection instruction of direct fault location interface input fault, it will be understood that the tool of direct fault location instruction Body type is not unique.When the information frame that tested CAN node-node transmissions come is detected the presence of, if receive direct fault location referring to Order, then carry out step S160, if it is not, then explanation need not carry out bit flipping direct fault location, what is received from CAN0 passages Frame directly sends from CAN1 passages.
Step S160:Bit flipping fault value is generated according to direct fault location instruction.
Different according to the direct fault location instruction for receiving, the type of the bit flipping fault value that correspondence is generated is also different.This In embodiment, after bit flipping fault value is generated, can be transmitted by way of global variable, enter line position as subsequent step and turn over Turn direct fault location.
In one embodiment, bit flipping fault value includes information frame data segment fault value, ID segment fault values, remote identification At least one in position segment fault value, extension flag segment fault value and information frame length section fault value.With bit flipping fault value Include simultaneously information frame data segment fault value, ID segment fault values, remote identification position segment fault value, extension flag segment fault value and As a example by information frame length section fault value, it is used separately as the information frame subsequently to receiving and performs correspondence protocol fields, such as information frame The direct fault location of data segment, ID sections, remote identification position section, extension flag section and information frame length section.Wherein, information frame data Section includes 8 bytes, and information frame data segment fault value includes the fault value of each byte.
Step S170:The information frame that bit flipping fault value is injected after information frame, and output injection upset fault value.
Corresponding information frame, and the bit flipping fault value that injection is specified are read, subsequently again the information frame after injection failure Send from CAN1 passages, in order to detect response condition of the CAN system after injection bit flipping failure.
In one embodiment, as shown in Fig. 2 after step S130, the method also includes step S140.
Step S140:After the command operating help command for acting on direct fault location interface is received, the event for prestoring is shown Barrier injection command operating information.
Step S140 specifically can be before step S150, also can be after the step s 150.Tester equally can be by event Barrier injection interface input instruction operation help command, when tester is not yet done or is ignorant of how operating trouble injection is instructed When, then the information of display can be checked by being input into help command, instruct or it for tester's inquiry direct fault location The specifically used mode that he instructs, improves test operation convenience.
In one embodiment, after step S170, the method also includes step S180.
Step S180:After the removing faulting instruction for acting on direct fault location interface is received, bit flipping fault value is removed.
Tester equally can remove faulting instruction by the input of direct fault location interface.When needs stop the letter to receiving When breath frame performs direct fault location, then can pass through the set bit flipping fault value of online removing.Remove bit flipping fault value it Afterwards, can from CAN0 channel receptions to information frame directly send from CAN1 passages, so as to realize trouble-free transmission Pattern.
By provide fault clearance function, tester can from direct fault location pattern switching to trouble-free transmission mode, Direct fault location instruction can also be re-entered to be configured bit flipping fault value again, test convenience is improve.
In one embodiment, with continued reference to Fig. 2, before step S130, the method also includes step S110 and step S120。
Step S110:Display parameters arrange interface, and receive the parameter setting instruction for acting on parameter setting interface.
Parameter setting interface carries out channel parameters and arranges operation for tester, arranges interface by display parameters and starts Parameter setting mode.Tester can arrange instruction by parameter setting interface |input paramete.It is appreciated that parameter setting instruction Type it is not unique, different types of parameter setting instruction be used for different parameter settings are carried out to CAN transmission channels.
Step S120:The configured transmission of CAN transmission channels is configured according to parameter setting instruction.
According to receive parameter setting instruction carry out channel transfer parameter setting, it is to avoid have influence on below thread to information frame Reception.The configured transmission of CAN transmission channels is configured, the baud rate of transmission channel, transmission channel is specifically may include Mode of operation, the filter patterns of transmission channel, the examination code of transmission channel receive information frame and transmission channel receive information frame The parameter such as mask off code be configured.
After step S120, the execution step after the injection way enabled instruction for acting on parameter setting interface is received S130, startup separator injection way.It is appreciated that in other embodiments, or completing the biography to CAN transmission channels Defeated parameter direct execution step S130 after being configured.
In one embodiment, display parameters are arranged after interface in step S110, and the method may also include step:Receive After acting on the system exit instruction at parameter setting interface, log off program.Tester can be defeated by parameter setting interface Enter system exit instruction, end is continuing with to systems soft ware.
In one embodiment, show that the method may also include step S190 after direct fault location interface in step S130.
Step S190:After the direct fault location exit instruction for acting on direct fault location interface is received, direct fault location is discharged Shared memory source simultaneously exits thread operation, and return parameters arrange interface.
Step S190 specifically can be before step S140, also can be after step s 140.Tester can be noted by failure Enter interface input fault injection exit instruction, main thread after direct fault location exit instruction is received, in the way of global variable Direct fault location exit instruction is passed to receiving thread, subsequent receiving thread just discharges the memory source shared by direct fault location, And thread operation is exited, the occupied resource of internal memory is reduced, while return parameters arrange interface, is easy to tester to set again Put channel transfer parameter.
Additionally, in one embodiment, the method may also include the instruction to receiving and carry out legitimate verification, and in checking The step of obstructed out-of-date output error information.
Specifically, can be according to default proof rule, to reception under parameter setting mode and direct fault location pattern Instruction carries out legitimate verification, including to parameter setting instruction, injection way enabled instruction, system exit instruction, command operating Help command, direct fault location instruction, removing faulting instruction, direct fault location exit instruction carry out legitimate verification.Work as command verification By rear, the step of correspondence is performed, corresponding miscue information is not exported by if if command verification, then return to original Mode of operation waits tester to continue input instruction.
The bit flipping fault filling method of above-mentioned CAN data link layer, is replaced real using software fault injection Hardware fault is injected, and by software fault injection mode the bit flipping mistake that tested CAN nodes electrical layer failure causes is simulated, can The trouble that hardware fault injects analog circuit is built largely to save, testing cost is low, also reduces Test Engineer Testing time and energy.
In one embodiment, a kind of bit flipping fault injection system of CAN data link layer, as shown in figure 3, bag Include information frame detection module 130, injection instruction detection module 150, fault value generation module 160 and fault value injection module 170.
Information frame detection module 130 is used to show direct fault location interface, and whether real-time detection receives tested CAN nodes The information frame of transmission.
Direct fault location interface carries out bit flipping direct fault location operation for tester, by showing that direct fault location interface is opened Dynamic direct fault location pattern.Detect that the mode of the information frame of tested CAN node-node transmissions is not unique, in the present embodiment, real-time detection Whether the information frame of tested CAN node-node transmission is received, including:Reception buffering area is constantly checked by way of poll, is detected Whether the information frame that receive tested CAN node-node transmission is had.Specifically, two can be arranged or plural CAN passages enters The transmitting-receiving of row information, CAN0 passages are one of CAN passages, and CAN1 passages are another CAN passage.By way of poll Constantly go to check CAN0 channel reception buffering areas, see if there is and receive the information frame that tested CAN node-node transmissions come, it is to avoid Appearance information is omitted, and improves detection promptness.
Injection instruction detection module 150 is used for when the information frame of tested CAN node-node transmissions is detected, and judges whether to receive Instruct to the direct fault location for acting on direct fault location interface.
Tester can be by the injection instruction of direct fault location interface input fault, it will be understood that the tool of direct fault location instruction Body type is not unique.When the information frame that tested CAN node-node transmissions come is detected the presence of, if being not received by direct fault location Instruction, then explanation need not carry out bit flipping direct fault location, and the Frame received from CAN0 passages is directly led to from CAN1 Send in road.
Fault value generation module 160 is used for when the direct fault location instruction for acting on direct fault location interface is received, according to Direct fault location instruction generates bit flipping fault value.
Different according to the direct fault location instruction for receiving, the type of the bit flipping fault value that correspondence is generated is also different.This In embodiment, after bit flipping fault value is generated, can be transmitted by way of global variable, it is former as bit flipping is subsequently carried out Barrier injection.In one embodiment, bit flipping fault value includes information frame data segment fault value, ID segment fault values, remote identification At least one in position segment fault value, extension flag segment fault value and information frame length section fault value.
Fault value injection module 170 is used to bit flipping fault value is injected after information frame, and output injection upset fault value Information frame.
Corresponding information frame, and the bit flipping fault value that injection is specified are read, subsequently again the information frame after injection failure Send from CAN1 passages, in order to detect response condition of the CAN system after injection bit flipping failure.
In one embodiment, as shown in figure 4, the system also includes information display module 140.
Information display module 140 is used to detect whether that receiving tested CAN nodes passes in information frame detection module 130 After defeated information frame, after the command operating help command for acting on direct fault location interface is received, the failure for prestoring is shown Injection command operating information.
Tester equally can operate help command by direct fault location interface input instruction, when tester is not yet done or When being to be ignorant of how operating trouble injection instruction, then can pass through the information that input help command check display, for testing The specifically used mode that personnel inquiry direct fault location is instructed or other are instructed, improves test operation convenience.
In one embodiment, the system also includes that fault value removes module 180.
Fault value removes the information frame that module 180 is used for after the output injection of fault value injection module 170 overturns fault value Afterwards, after the removing faulting instruction for acting on direct fault location interface is received, bit flipping fault value is removed.
Tester equally can remove faulting instruction by the input of direct fault location interface.When needs stop the letter to receiving When breath frame performs direct fault location, then can pass through the set bit flipping fault value of online removing.Remove bit flipping fault value it Afterwards, from CAN0 channel receptions to information frame directly send from CAN1 passages, so as to realize trouble-free transmission mould Formula.
By provide fault clearance function, tester can from direct fault location pattern switching to trouble-free transmission mode, Direct fault location instruction can also be re-entered to be configured bit flipping fault value again, test convenience is improve.
In one embodiment, with continued reference to Fig. 4, the system also includes arranging command reception module 110 and channel parameters Setup module 120.
Arranging command reception module 110 is used to show direct fault location interface, and real-time detection in information frame detection module 130 Before whether receiving the information frame of tested CAN node-node transmissions, display parameters arrange interface, and reception acts on parameter setting circle The parameter setting instruction in face.
Parameter setting interface carries out channel parameters and arranges operation for tester, arranges interface by display parameters and starts Parameter setting mode.Tester can arrange instruction by parameter setting interface |input paramete.It is appreciated that parameter setting instruction Type it is not unique, different types of parameter setting instruction be used for different parameter settings are carried out to CAN transmission channels.
Channel parameters setup module 120 is used to set the configured transmission of CAN transmission channels according to parameter setting instruction Put.
According to receive parameter setting instruction carry out channel transfer parameter setting, it is to avoid have influence on below thread to information frame Reception.The configured transmission of CAN transmission channels is configured, the baud rate of transmission channel, transmission channel is specifically may include Mode of operation, the filter patterns of transmission channel, the examination code of transmission channel receive information frame and transmission channel receive information frame The parameter such as mask off code be configured.
After the configured transmission to CAN transmission channels is configured, channel parameters setup module 120 is receiving effect Control information frame detection module 130 shows direct fault location interface after the injection way enabled instruction at parameter setting interface, starts Direct fault location pattern.It is appreciated that in other embodiments, or completing to enter the configured transmission of CAN transmission channels Row directly initiates direct fault location pattern after arranging.
In one embodiment, the system also exits module including system, and system exits module for connecing in setting instruction Receive the display parameters of module 110 to arrange after interface, reception is acted on after the system exit instruction at parameter setting interface, is logged off Program.Tester can be by parameter setting interface input system exit instruction, and end is continuing with to systems soft ware.
In one embodiment, the system also exits module 190 including direct fault location.
After direct fault location exits module 190 for showing direct fault location interface in information frame detection module 130, work as reception To after the direct fault location exit instruction for acting on direct fault location interface, discharge the memory source shared by direct fault location and exit line Cheng Yunhang, return parameters arrange interface.
Tester can inject exit instruction by direct fault location interface input fault, and main thread is receiving direct fault location After exit instruction, direct fault location exit instruction is passed to receiving thread in the way of global variable, subsequent receiving thread is just released The memory source shared by direct fault location is put, and exits thread operation, the occupied resource of internal memory is reduced, while return parameters Interface is set, is easy to tester to reset channel transfer parameter.
Additionally, in one embodiment, the system may also include command verification module, and command verification module is used for receiving Instruction carry out legitimate verification, and verifying obstructed out-of-date output error information.
Specifically, can be according to default proof rule, to reception under parameter setting mode and direct fault location pattern Instruction carries out legitimate verification, including to parameter setting instruction, injection way enabled instruction, system exit instruction, command operating Help command, direct fault location instruction, removing faulting instruction, direct fault location exit instruction carry out legitimate verification.Work as command verification By rear, the step of correspondence is performed, corresponding miscue information is not exported by if if command verification, then return to original Mode of operation waits tester to continue input instruction.
The bit flipping fault injection system of above-mentioned CAN data link layer, is replaced real using software fault injection Hardware fault is injected, and by software fault injection mode the bit flipping mistake that tested CAN nodes electrical layer failure causes is simulated, can The trouble that hardware fault injects analog circuit is built largely to save, testing cost is low, also reduces Test Engineer Testing time and energy.
For ease of more fully understanding the bit flipping fault filling method of above-mentioned CAN data link layer and the enforcement of system Mode, with reference to specific software systems detailed explanation is carried out.
Being illustrated in figure 5 in an embodiment is used for the data link layer bit flipping fault injection system designed holder of CAN Composition, software system architecture, by three sub- module compositions, is respectively CAN channel parameters setup modules, CAN message frame direct fault location Module and system exit module.Two or plural CAN are needed based on the protocol layer fault injector of CAN to lead to Road, CAN0 passages refer to one of CAN passages, and CAN1 passages refer to its another CAN passage.
CAN communication parameter setting module is used to arrange the configured transmission of CAN transmission channels in direct fault location instrument, such as pass The baud rate of defeated passage, the mode of operation of transmission channel, the filter patterns of transmission channel, the examination of transmission channel receive information frame Mask off code of code and transmission channel receive information frame etc..The correctness that channel parameters are arranged can directly influence thread below Reception of the receiver module to information frame, therefore, it is necessary to pre-set transmission channel parameter.
System exits the effect of module and then logs off, and end is continuing with to systems soft ware.
It is divided into thread receiver module, command operating help module, direct fault location again under the direct fault location module of CAN message frame Module, removing malfunctioning module and direct fault location exit module.The function declaration of each concrete module is as follows:
Thread receiver module:Whether it is constantly to go to check CAN0 channel reception buffering areas by way of poll, see Have and receive the information frame that tested CAN node-node transmissions come, if it is present reading corresponding information frame, and inject what is specified Bit flipping failure, subsequently sends the information frame after injection failure from CAN1 passages again.It is noted that, thread connects The fault value for receiving module is that direct fault location module is passed over by way of global variable.
Command operating help module:When tester is not yet done or is ignorant of how operating trouble injection instruction, then may be used With by the way that most directly effectively help help command inquires about specifically making for direct fault location instruction or other instructions for tester Use mode.
Direct fault location module:It is the core of data link layer bit flipping fault injection system, and it is by arranging global change The mode of amount is communicated with thread receiver module, namely the fault value that direct fault location module is arranged is by way of global variable Pass to thread receiver module, thread receiver module just can perform correspondence protocol fields to the information frame that receives, such as ID sections, The direct fault location of remote identification position section, extension flag section, information frame length section and information frame data segment etc..
Remove malfunctioning module:When the information frame for needing to stop to receiving performs direct fault location, then can be by online Removing malfunctioning module is called to go to remove set fault value in direct fault location module.So, direct fault location instrument can from CAN0 channel receptions to information frame directly send from CAN1 passages, so as to realize trouble-free transmission mode.
Direct fault location exits module:When needing to reset channel transfer parameter, then can be by calling direct fault location Exit module and return parameter setting mode, with this simultaneously, direct fault location exit module can also the mode of global variable connect to thread Receive module and send instruction, go to discharge memory source shared in thread receiver module, and exit thread operation.
It is illustrated in figure 6 the specific hardware enforcement case of data link layer bit flipping fault injection system for CAN Example.CAN emulation module is used to emulate other network nodes of tested CAN nodes periphery, and emulation CAN nodes are tested with true Coupled together with hardware interface card between CAN nodes, so as to form the CAN communication network of an entirety.In hardware interface card and Between tested CAN nodes, access " for the data link layer bit flipping fault injection system of CAN ".By this access Mode, data link layer bit flipping fault injection system can intercept and capture the letter that tested CAN nodes send out from CAN0 passages Position information in breath frame, and rewritable information frame, what various electrical layer failures caused in the tested CAN nodes of simulation is arbitrating Bit flipping mistake in domain, control domain and data field, subsequently sends the information frame after injection failure from CAN1 passages again Go out, response condition of the CAN system after injection bit flipping failure may finally be detected.
The case of whole system software implements to be all based on the mode of operation of order line to be carried out, and causes to survey in this way Examination personnel can be with the more convenient test that direct fault location is performed using data link layer bit flipping fault injection system. Command parameter framework for the data link layer bit flipping fault injection system of CAN is as shown in Figure 7.
Data link layer bit flipping fault injection system for CAN can be operated in parameter setting mode and failure Under injection way, when systems soft ware is opened, system can be introduced into first parameter setting mode.Under parameter setting mode, can Have " config ", " faultinject " and " quit " for the control instruction that tester calls.
" config " instruction (i.e. parameter setting instruction) is used for setting CAN channel transfer parameters, thereafter by specified letter Mode arranging each specific channel transfer parameter, it is specific as follows:
1) transmission channel of setting needed for letter c is used to specify, ' 0 ' represents that passage 0, ' 1 ' represents that passage 1, ' 2 ' represents same When passage 0 and passage 1 are set.
2) letter b is used for setting the specific Transmission bit rate of CAN transmission channels, and ' 0 ' represents 5Kbps, and ' 1 ' represents 10Kbps, ' 2 ' represent 20Kbps, and ' 3 ' represent 40Kbps, and ' 4 ' represent 50Kbps, and ' 5 ' represent 80Kbps, and ' 6 ' represent 100Kbps, ' 7 ' represent 125Kbps, and ' 8 ' represent 200Kbps, and ' 9 ' represent 250Kbps, and ' 10 ' represent 400Kbps, and ' 11 ' represent 500Kbps, ' 12 ' represent 666Kbps, and ' 13 ' represent 800Kbps, and ' 14 ' represent 1000Kbps.
3) letter j is used for setting the specific working method of CAN transmission channels, and ' 0 ' expression CAN transmission channels are operated in normally Pattern, ' 1 ' expression CAN transmission channels are operated in the pattern that only listen.
4) letter f is used for setting the filtering mode of CAN transmission channels, and ' 0 ' represents CAN channels operations in double filtering modes, ' 1 ' represents CAN channels operations in single filtering mode.Only one of which length is the wave filter of 4 bytes under single filter patterns, is connect The message for receiving only needs to be compared to decide whether to be put in reception buffering area with this wave filter.In double filtering moulds Having the message of two short wave filters a, reception under formula will relatively decide whether to be put into reception buffering area with two wave filters In.At least there is a wave filter to be expressed as " reception ", the message of reception is just effectively.
5) letter m is used for setting the mask off code of CAN transmission channel receiving datas, and concrete mask off code code value is by the 16 of 8 0-f System character is constituted.
6) letter i is to check and accept code for setting CAN transmission channels receiving data, and specific code code value of checking and accepting is by 8 0-f's 16 system characters are constituted.
" quit " instruction (i.e. system exit instruction) be for logging off, stop to fault injection system continue make With.
" faultinject " instruction (i.e. injection way enabled instruction) can cause software systems to enter into direct fault location mould Formula, under direct fault location pattern, the instruction that can be performed has " help ", " fault ", " clearfault ", " quit ".
When tester is when being ignorant of or forgetting how operating trouble injection instruction, " help " help command (is instructed Operation help command) directly can effectively help tester quickly grasp direct fault location instruction or other instruction it is concrete Occupation mode;
When tester need perform direct fault location operation when, then can by call " fault " instruction (i.e. failure note Enter instruction) performing, followed by alphabetical a, b, c, d, e, f, g, h, i, r, x, l be to be respectively intended to specify to inject fault value Specific protocol fields.It is specific as follows:
1) letter a is used for the fault value of the 1st byte for setting data segment in CAN protocol Frame, specific DTC It is made up of the 16 system characters of 2 0-f.
2) letter b is used for the fault value of the 2nd byte for setting data segment in CAN protocol Frame, specific DTC It is made up of the 16 system characters of 2 0-f.
3) letter c is used for the fault value of the 3rd byte for setting data segment in CAN protocol Frame, specific DTC It is made up of the 16 system characters of 2 0-f.
4) letter d is used for the fault value of the 4th byte for setting data segment in CAN protocol Frame, specific DTC It is made up of the 16 system characters of 2 0-f.
5) letter e is used for the fault value of the 5th byte for setting data segment in CAN protocol Frame, specific DTC It is made up of the 16 system characters of 2 0-f.
6) letter f is used for the fault value of the 6th byte for setting data segment in CAN protocol Frame, specific DTC It is made up of the 16 system characters of 2 0-f.
7) letter g is used for the fault value of the 7th byte for setting data segment in CAN protocol Frame, specific DTC It is made up of the 16 system characters of 2 0-f.
8) letter h is used for the fault value of the 8th byte for setting data segment in CAN protocol Frame, specific DTC It is made up of the 16 system characters of 2 0-f.
9) letter i is used for setting the fault value of ID sections in CAN protocol, specific DTC by 8 0-f 16 system characters Constitute.
10) letter r is used for setting the fault value of CAN protocol medium-long range flag section, wherein 0 represents remote frame, 1 represents number According to frame, other are then invalid data.
11) letter x is used for setting the fault value that flag section is extended in CAN protocol, wherein 0 represents standard frame, 1 represents expansion Exhibition frame, other are then invalid data.
12) letter l is used for setting the fault value of data frame length section in CAN protocol, and specific DTC is by 1 0-9's 10 system characters are constituted.
When tester needs to remove the fault value for above setting, then instructed (i.e. by calling " clearfault " Remove faulting instruction) completing, can so cause the data link layer bit flipping fault injection system for CAN Into trouble-free injection way, namely fault injection system can be the Frame received from CAN0 passages directly from CAN1 Send in passage.
When tester needs to reset the configured transmission of CAN passages, then can be referred to by calling " quit " online Make (direct fault location exit instruction) to exit current direct fault location pattern, return to parameter setting mode.Without by again Channel transfer parameter is reset into the mode of system.
It is as follows for the specific implementation flow process of CAN protocol layer bit flipping fault injection system:
Systems soft ware is opened, the parameter setting mode that system can be entered simultaneously waits tester's input instruction, tester The instruction that can be called under this interface has " config ", " quit " and " faultinject " etc.." config " is instructed for matching somebody with somebody Put the design parameter of CAN channel transfers, such as the baud rate of channel transfer, the mask off code of channel reception information frame and check and accept code Deng;When tester needs to log off, then can be logged off by calling " quit " instruction, stop the continuation to system Use;In addition, when tester calls " faultinject " to instruct, system can start first a receiving thread, this line Journey can constantly go the information frame for reading CAN0 passages to receive buffering area by way of poll, check whether to have received information Frame, due to the now also unimplanted specific fault value of direct fault location module, therefore, thread receiver module can be from CAN0 passages The Frame for receiving directly sends from CAN1 passages.With this simultaneously, software systems can enter into direct fault location pattern Inferior personnel to be tested are input into specific direct fault location instruction.
Under direct fault location pattern, the instruction that tester can call has " help ", " fault ", " clearfault " " quit "." help " help command directly can effectively help tester quickly to grasp specifically making for direct fault location instruction Use mode;The concrete protocol fields that " fault " instruction can then be arranged it, such as the ID sections of CAN message frame, information frame length Section, information frame data segment etc., fault value thread receiver module, thread receiver module meeting are passed to by way of global variable The fault value that global variable is passed over be injected into from CAN0 channel receptions to information frame in, subsequently again after injection failure Information frame send from CAN1 passages;When tester needs to remove setting fault value, it is only necessary to call " clearfault " is instructed, you can the fault value that removing is above arranged, and in this case, thread receiver module can be from CAN0 Channel reception to information frame directly transmit away from CAN1 passages so that data link layer fault injector enters fault-free Injection way;When tester wishes the design parameter for resetting transmission channel, then can be by calling online " quit " Instruct to exit current direct fault location pattern, it is noted that, before direct fault location pattern is exited, fault injector meeting An instruction for exiting thread is sent to thread receiver module by way of global variable, thread receiver module receives this and refers to The memory source shared by release is understood after order and continuing to run with for thread can be terminated, subsequently just can return to parameter setting mould Formula, continues the setting of transmission channel parameter.
In addition, either in parameter setting mode still in direct fault location pattern, for the data link of CAN Layer bit flipping fault injection system all can carry out legitimacy detection to the command value of tester's input, if command value is reasonable Within the scope of, system may proceed to perform, and otherwise, systems soft ware can give one miscue of tester, and return to original Mode of operation waits user to continue input instruction.
Each technical characteristic of embodiment described above can be combined arbitrarily, to make description succinct, not to above-mentioned reality Apply all possible combination of each technical characteristic in example to be all described, as long as however, the combination of these technical characteristics is not deposited In contradiction, the scope of this specification record is all considered to be.
Embodiment described above only expresses the several embodiments of the present invention, and its description is more concrete and detailed, but and Can not therefore be construed as limiting the scope of the patent.It should be pointed out that for one of ordinary skill in the art comes Say, without departing from the inventive concept of the premise, some deformations and improvement can also be made, these belong to the protection of the present invention Scope.Therefore, the protection domain of patent of the present invention should be defined by claims.

Claims (10)

1. a kind of bit flipping fault filling method of CAN data link layer, it is characterised in that comprise the following steps:
Direct fault location interface is shown, and whether real-time detection receives the information frame of tested CAN node-node transmissions;
When the information frame of the tested CAN node-node transmissions is detected, judge whether to receive and act on direct fault location circle The direct fault location instruction in face;
If so, then according to direct fault location instruction generation bit flipping fault value;
The bit flipping fault value is injected into described information frame, and the information frame after fault value is overturn described in output injection.
2. the bit flipping fault filling method of CAN data link layer according to claim 1, it is characterised in that institute Rheme upset fault value includes information frame data segment fault value, ID segment fault values, remote identification position segment fault value, extension flag At least one in segment fault value and information frame length section fault value.
3. the bit flipping fault filling method of CAN data link layer according to claim 1, it is characterised in that institute The information frame whether real-time detection receives tested CAN node-node transmissions is stated, including:Constantly check that reception is slow by way of poll Area is rushed, the information frame for receiving tested CAN node-node transmissions is detected whether.
4. the bit flipping fault filling method of CAN data link layer according to claim 1, it is characterised in that will After the step of information frame that the bit flipping fault value is injected after described information frame, and upset fault value described in output injection, It is further comprising the steps of:
After the removing faulting instruction for acting on the direct fault location interface is received, the bit flipping fault value is removed.
5. the bit flipping fault filling method of CAN data link layer according to claim 1, it is characterised in that institute State display direct fault location interface, and after whether real-time detection is the step of receive the information frame of tested CAN node-node transmissions, also wrap Include following steps:
After the command operating help command for acting on the direct fault location interface is received, the direct fault location instruction for prestoring is shown Operation prompt information.
6. the bit flipping fault filling method of CAN data link layer according to claim 1, it is characterised in that institute State display direct fault location interface, and before whether real-time detection is the step of receive the information frame of tested CAN node-node transmissions, also wrap Include following steps:
Display parameters arrange interface, and receive the parameter setting instruction for acting on the parameter setting interface;
The configured transmission of CAN transmission channels is configured according to the parameter setting instruction.
7. the bit flipping fault filling method of CAN data link layer according to claim 6, it is characterised in that institute It is further comprising the steps of after stating display direct fault location interface:
After the direct fault location exit instruction for acting on the direct fault location interface is received, discharge interior shared by direct fault location Deposit resource and exit thread operation, return to the parameter setting interface.
8. a kind of bit flipping fault injection system of CAN data link layer, it is characterised in that include:
Information frame detection module, for showing direct fault location interface, and whether real-time detection receives tested CAN node-node transmissions Information frame;
Injection instruction detection module, for when the information frame of the tested CAN node-node transmissions is detected, judging whether to receive Act on the direct fault location instruction at the direct fault location interface;
Fault value generation module, for when the direct fault location for acting on direct fault location interface instruction is received, according to institute State direct fault location instruction and generate bit flipping fault value;
Fault value injection module, for the bit flipping fault value to be injected into described information frame, and overturns event described in output injection Information frame after barrier value.
9. the bit flipping fault injection system of CAN data link layer according to claim 8, it is characterised in that also Including:
Command reception module is set, and for showing direct fault location interface in described information frame detection module, and whether real-time detection Before receiving the information frame of tested CAN node-node transmissions, display parameters arrange interface, and reception acts on parameter setting circle The parameter setting instruction in face;
Channel parameters setup module, for being configured to the configured transmission of CAN transmission channels according to the parameter setting instruction.
10. the bit flipping fault injection system of CAN data link layer according to claim 9, it is characterised in that also Including:
Direct fault location exits module, after showing direct fault location interface in information frame detection module, acts on when receiving After the direct fault location exit instruction at the direct fault location interface, discharge the memory source shared by direct fault location and exit thread fortune OK, the parameter setting interface is returned to.
CN201611118484.5A 2016-12-07 2016-12-07 Bit flip fault injection method and system for CAN (Controller Area Network) bus data link layer Pending CN106656663A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611118484.5A CN106656663A (en) 2016-12-07 2016-12-07 Bit flip fault injection method and system for CAN (Controller Area Network) bus data link layer

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611118484.5A CN106656663A (en) 2016-12-07 2016-12-07 Bit flip fault injection method and system for CAN (Controller Area Network) bus data link layer

Publications (1)

Publication Number Publication Date
CN106656663A true CN106656663A (en) 2017-05-10

Family

ID=58819748

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611118484.5A Pending CN106656663A (en) 2016-12-07 2016-12-07 Bit flip fault injection method and system for CAN (Controller Area Network) bus data link layer

Country Status (1)

Country Link
CN (1) CN106656663A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108766501A (en) * 2018-05-31 2018-11-06 西安微电子技术研究所 A kind of the storage failure injection design and verification method fault-tolerant with EDAC
CN111865744A (en) * 2020-07-08 2020-10-30 北京软安科技有限公司 Vehicle CAN bus data classification method and device
CN112256000A (en) * 2020-11-20 2021-01-22 耕宇牧星(北京)空间科技有限公司 Spacecraft space environment fault simulation system
CN112380081A (en) * 2020-12-04 2021-02-19 哈尔滨工业大学 Commercial vehicle-mounted CAN bus fuzzy test method based on field weight
US10936512B2 (en) 2019-03-13 2021-03-02 International Business Machines Corporation Accurate can-based distributed control system simulations
CN112468209A (en) * 2020-10-29 2021-03-09 西安空间无线电技术研究所 On-orbit high-speed injection system and method based on SpaceWire bus
US11356293B2 (en) 2017-06-21 2022-06-07 Byd Company Limited Canopen-based train network data transmission method, system and apparatus

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105974905A (en) * 2016-05-10 2016-09-28 中国民航大学 Simulated test system and method for single-particle overturn fault of aviation data bus

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105974905A (en) * 2016-05-10 2016-09-28 中国民航大学 Simulated test system and method for single-particle overturn fault of aviation data bus

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11356293B2 (en) 2017-06-21 2022-06-07 Byd Company Limited Canopen-based train network data transmission method, system and apparatus
CN108766501A (en) * 2018-05-31 2018-11-06 西安微电子技术研究所 A kind of the storage failure injection design and verification method fault-tolerant with EDAC
CN108766501B (en) * 2018-05-31 2020-06-30 西安微电子技术研究所 Design and verification method for fault injection of storage with EDAC fault tolerance
US10936512B2 (en) 2019-03-13 2021-03-02 International Business Machines Corporation Accurate can-based distributed control system simulations
CN111865744A (en) * 2020-07-08 2020-10-30 北京软安科技有限公司 Vehicle CAN bus data classification method and device
CN111865744B (en) * 2020-07-08 2021-12-31 北京软安科技有限公司 Vehicle CAN bus data classification method and device
CN112468209A (en) * 2020-10-29 2021-03-09 西安空间无线电技术研究所 On-orbit high-speed injection system and method based on SpaceWire bus
CN112468209B (en) * 2020-10-29 2022-06-03 西安空间无线电技术研究所 On-orbit high-speed injection system and method based on SpaceWire bus
CN112256000A (en) * 2020-11-20 2021-01-22 耕宇牧星(北京)空间科技有限公司 Spacecraft space environment fault simulation system
CN112380081A (en) * 2020-12-04 2021-02-19 哈尔滨工业大学 Commercial vehicle-mounted CAN bus fuzzy test method based on field weight

Similar Documents

Publication Publication Date Title
CN106656663A (en) Bit flip fault injection method and system for CAN (Controller Area Network) bus data link layer
Smith The car hacker's handbook: a guide for the penetration tester
CN108121326A (en) A kind of fault diagnosis method and system
Fowler et al. A method for constructing automotive cybersecurity tests, a CAN fuzz testing example
CN110995547A (en) Vehicle-mounted high-speed network testing system and method
CN113626343B (en) Router reusable verification platform based on UVM
CN114137937B (en) Automatic diagnosis function test method and system
CN109726061B (en) SoC chip verification method
CN106357462A (en) Fault injection method, chip and equipment
CN108632246A (en) Communication system
CN104834591B (en) Test the method for testing and system of AUTOSAR component softwares
US10613963B2 (en) Intelligent packet analyzer circuits, systems, and methods
CN109618363B (en) Mobile gateway test system and method
CN110768871B (en) Test method and system for automatically counting data transmission correctness of DCS (distributed control system)
CN108885435A (en) A kind of control method, host, slave, mobile terminal and control system
CN115657646B (en) Test method and device of CAN controller
CN106789449A (en) A kind of CAN exploitation and method of testing and system
CN116224963A (en) Automatic testing device of remote vehicle control system and construction method thereof
CN102075370A (en) Calibration and verification system of engine control model (ECM) communication based on virtual network and virtual node
CN111596570B (en) Vehicle CAN bus simulation and attack system and method
CN115150300A (en) Management system and method for vehicle safety attack and defense
CN114756008A (en) Fault injection system, automatic test system and method for automobile hybrid bus integrated rack
CN115118588A (en) Analog simulation system of vehicle-mounted TBOX (tunnel boring machine) and communication method, device and storage medium thereof
CN114296436A (en) Train control simulation test system and test method
Ishak et al. Vehicle Sensors Programming Based On Controller Area Network (CAN) Bus Using Canoe

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170510