## Design of Fault Injection System Based on Hardware-In-the-Loop Simulation Jian Ren, Zheng Wang Qingdao Branch of Naval Aeronautical Engineering Academy Qingdao, China w\_zheng@public.qd.sd.cn Abstract- The Hardware and software system of fault injection based on the hardware in the loop simulation was designed, and it was used to testability verification of aircraft fuel control system; Based on the hardware in the loop simulation and testability analysis technology, the system design of fault injection and its application were studied mainly. The experimental verification shows that the designed system can inject fault to aircraft fuel control system quickly and effectively. The designed system can also give the quantification result. Keywords- Hardware-In-the-Loop Simulation; testability verification; fault injection; aircraft fuel system ## I. INTRODUCTION Aircraft fuel system is one of the important systems which affect the flight safety, and it is very important to ensure this system operating Safety and stability. The key technology research of fault injection for testability verification aim at engineering needs of new equipment testability and verification. aircraft fuel system as the research object, to rapidly improve the new type of equipment support ability construction as the goal, in-depth analysis and research of new type equipment testability analysis and verification technology, on these basis, the hardware-in-the-loop simulation technology was used, the fault injector based on prototype technology was developed, the testability verification analysis of equipment typical combination was realized. ## II. FAULT INJECTION TECHNOLOGY ## A. Fault injection Fault injection is a technique to accelerate system failure by introducing faults manually to objective system. The reliability of the system is evaluated by observing the reaction behavior of the system in the event of a failure. Fault injection experiment can not only obtain the some parameters such as coverage rate and delay needed by analytic model, but also independently applied to reliability evaluation of fault-tolerance system, and obtain the measure index.<sup>[4]</sup> ## B. Fault injection method At present, from technical implementation points, Fault injection can be divided into hardware fault injection and software fault injection. Generally speaking, at some fault injection point, if fixed high and low permanent fault needing be injected, the hardware fault injection method can be employed; when some data storage needing be injected, software fault injection method can be employed; some other fault can be injected by two methods. In this paper, fault injection technology based on hardware in the loop simulation was combined with the advantages of the two methods. Design of Fault injection system for aircraft fuel system was implemented. #### III. HARDWARE-IN-THE-LOOP SIMULATION TECHNOLOGY Hardware-in-the-loop simulation is the real-time simulation system with the part of assemblies in the simulation loop<sup>[1-2]</sup>. The accurate meaning of "Hardware In the Loop Simulation (HWILS)" is the simulation with hardware in the loop. Compared with other types of simulation methods, HWILS has higher possibility of truth; it is the highest degree of confidence method in simulation technologies. From the system view, some entities are allowed to join in the system, it means that some entities can be investigated, the parts were inspected under the condition of meeting the system performance index, so this method being the necessary mean to improve system reliability and development quality. The hardware-in-the-loop simulation technology develop speedily along with development of automatically arm system and computer<sup>[3]</sup>. Especially, the cost of arm entity experiment is very high, and the hardware-in —the-loop simulation technology can provide the optimal method. By this method, the integration testing can be implemented without the entity system running. The period of experiment can be shortened and a lot of money can be saved. The workflow shown in Figure 1. ## IV. TESTING AND ANALYTICAL TECHNOLOGY As the change of technology and equipment testability design requirements, the testability measure is faced with new challenges, the current measures are also put forward new requirements for testability. # A. Testability metrics should be geared to the needs of equipment maintenance Testability design metrics should be considered with the process of the actual fault diagnosis ability in the process of equipment diagnosis and maintenance, the targets should be consistent, it can not been known as an independent abstract design rules. Therefore, test design indexes need be considered with the use of equipment<sup>[4]</sup>. ## B. Several aspects should be weigh in testability metrics Testability index should be considered with several factors, also need total evaluation. Four testability design rules were constructed, there were introduced as follow: Fig. 1 Workflow of hardware-In-the-Loop Simulation ## (1) Fault detection rate(FDR) Generally, in the certain time, the ratio between right fault number detected by BIT and External Test Equipment and total fault number is defined as FDR. [5] The calculation method of non-weighted FDR as: $$FDR = \frac{N_D}{N_T} 100\%$$ $N_T$ is the total fault numbers in the time of system operation; $N_D$ is the detected fault numbers. The calculation method of weighted FDR is denoted as: $$FDR_{W} = \frac{\sum_{i=1}^{L_{D}} \lambda_{i}}{\sum_{i=1}^{M-1} \lambda_{i}} 100\%$$ #### (2) Fault isolation rate Generally, the rate between number of fault which can be rightly isolated to specific quantity LRUs by BIT/ETE and the total detected fault number in the same time is defined as FIR. It is denoted by percent. The calculation method of non-weighted FDR is denoted as: $$FIR = \frac{N_L}{N_D} 100\%$$ $N_L$ is the number of fault which is right isolated to littler the number of LRU less than or equal L in the specific condition and method. $N_D$ is detected fault numbers. The calculation method of weighted-FDR is: $$FIR_{W} = \frac{\sum_{i=1}^{L_{I}} \lambda_{i}}{\sum_{i=1}^{L_{D}} \lambda_{i}} 100\%$$ ## (3) Mean fault detection time(MFDT) The average time of fault detection and indication by BIT/ETE is defined as MFDT. Its mathematical mode is denoted as: $$MFDT = \frac{\sum t_{Di}}{N_D}$$ $t_{Di}$ is the time of detection and indication the i-th fault by BIT/ETE; $N_D$ is the total number detected by BIT/ETE. ## (4) Mean fault detection cost(MFDC) MFDC is that the average cost when a fault being detected and dictated by BIT/ ETE , its model can be denoted as: $$MFDC = \frac{\sum C_{Di}}{N_D}$$ $C_{Di}$ is the cost of i-th detected fault by BIT/ ETE; $N_D$ is the total fault numbers detected by BIT/ ETE. #### V. SYSTEM HARDWARE DESIGN The fault injection system was composing of kernel control board and 4 fault injection boards. The kernel control board employed combination of FPGA and RS422, which achieves the upper machine controlling signal of signal conversion board. according to the function, the fault injection system can be divided into host, self-checking circuit, information acquisition circuit and fault injection unit. #### A. Host The system software was installed in the host, by friendly human-computer interaction interface; the user can send commands or parameters to the fault injection unit to control the fault injection process. ## B. Information acquisition circuit The circuit is mainly used to collect the state of fault characteristic signal which injected into tested object, through online monitoring, traversing the information about the effectiveness of fault injection to the host real-time. ## C. Self-checking circuit In order to guarantee the normal work of the circuit and detecting system fault in time, the self-inspection was designed in the system. The function of self-inspection circuit included observations of the device working state, environmental compensation, protection components whether failure, correction parameters, etc. In the software, the function of self-inspection also include program whether being normal execution, setting of initial parameters automatically, and cooperate with artificial features such as determined by the system status display. Finally test pass/not pass were given as output signal. ## D. Fault injection unit The method employed in this design was injecting fault at bus. When validating the testability verification, by injecting equivalent fault swatch at bus, the needed fault type can be easily injected to arrive at the aim of evaluation the testability index. According to size, purpose and application situation, the bus can be divided into chip bus (from chip internal link to external), system bus and external bus. Accordingly, the type of signal can be divided into two categories, analog signals and digital signals. #### VI. SYSTEM SOFTWARE DESIGN System structure show as figure 2, the system was composed of controller, fault database, fault injector, data collector and analyzer. Figure 2. Connection diagram of fault injection system test The function of each module was different. By mutual coordination work between them, the fault injection experimental of target system can be implemented, then giving the fault-tolerance performance evaluation of target system. The fault injection system need to complete functions as follow: producing fault according to certain fault model; injecting fault into target system; collecting information about fault effecting the target system; analyzing results, all of these functions realized by every modules cooperating with each other. The function of each module was introduced as follow. ## A. Controller The controller is the manage program of the whole system, which is used to control the experimental process. The controller can run at the target system or another computer. It provide Interface between user and fault injection system. By this interface, the user can select fault type injection method injection address fault duration and so on. These fault properties can be produced randomly. The controller also controls that the fault injector selecting fault and injecting into the application program running at the target system. In addition, the data collector acquiring data at fault-free and fault running of target system were also under control of the controller. #### B. Fault database Fault database integrates fault-tolerance mechanism for every fault type of target system, which all designed according to target system. The failure of fault tolerant computer system may be internal or external, hardware or software, and so on. The establishments of the fault database need to get the detail fault information of target system. ## C. Fault injector Fault injector is one of components to inject fault in fault injection tool, which is the kernel of the overall system. So-called injection, it is introducing fault into the original failure-free operation system to make it run with faults. Its main task is that injecting fault into target system, and the some information about injected fault, such as type and position, can be hold on. The fault injector should include some software or hardware logic to ensure injecting fault at the right position and at the right time. #### D. Data collector Data collector tracks the workload execution, and acquiring data on-line at the appropriate moment. The data acquired will be used to evaluate fault-tolerance ability of system. Under the control of controller, data collector acquire data on line, which not only acquire normal data as standard, but also acquire fault data when system running with fault. ## E. Analyzer Analyzer was used to process and analyze the data which acquired by data collector. The analyzer usually works off-line. By analyzing calculate, the fault-tolerant ability and fault-tolerant mechanism performance of the objective system can be evaluated, some evidence can be provided to improve the objective system. ## VII. CONCLUSION The fault injection system based on hardware in the loop was designed. Focus on design of the aircraft fuel control system; the testability and reliability of this system were improved effectively. The fault injection system designed in this paper is good testability verification equipment with more efficiency. By this system, the efficiency of equipment design is increased. Because of modular design being employed, it can lay the foundation for the improvement design and development of hardware in the loop simulation system in the future. ## REFERENCES Gao Fengqi, Lian Guangyao, Huang Kaoli, Chen Jianhui, Design and Realization of Fault Injection System for Circuit Board Based on HILS COMPUTER MEASUREMENT & CONTROL. 2009.17(2): 275-278. - [2] Sun Junchao. Research of fault-tolerance mechanism assessment technology based on fault injection [D]. Harbin: Harbin industry university, 1999. - [3] Kan Fengju. Modern Simulation Technology and its application[M]. Beijing; National Defence Industry Press, 2001. - [4] Tian Zhong Research on Testability Allocation Method[J] JOURNAL OF BEIJING University of Aeronautics and Astronautics, 1999,25(5):607-610. - [5] Shi Junyou. Testability Analysis and Simulation Validation [M]. Beijing: National Defence Industry Press. 2011.