TTool brings safety, security and performance to embedded systems

What can the TTool platform you have developed do?

Ludovic Apvrille: It's a design aid for embedded systems, offering modeling and verification capabilities. On the one hand, it takes into account operational safety, i.e. the fact that systems do not cause human incidents, or have a strong economic impact. On the other hand, it ensures a cybersecurity dimension by making certain attacks impossible. The strength of this platform lies in its ability to provide both these dimensions, whereas industrial tools offer either one or the other.

How does TTool ensure system reliability?

LA: Embedded system designers want to know whether an error case is achievable or not. It is possible to make these error cases unreachable by deliberately degrading system operation when an error case has a high probability of occurring. The system is less efficient, but at least it doesn't endanger the user. This makes it possible to integrate safety features directly into the system itself. TTool makes it easy to implement these features. A developer models his system, enters the properties it needs to check, and simply presses a button. TTool does the rest: the platform analyzes the system and the possible error cases, then says whether or not safety is assured.

And is this dimension different from the cybersecurity aspect?

LA: Yes, cybersecurity is another matter. Embedded systems are vulnerable to various types of attack, particularly those involving reading or injecting data into the system's communication links. With TTool, we study the vulnerability of systems to this type of attack: TTool is capable of detecting this type of attack, then automatically adding the software and hardware building blocks needed to counter these attacks. These bricks ensure data confidentiality, prevent an attacker from impersonating a user, or indicate whether data has been altered by an attacker.

In concrete terms, how can manufacturers use a platform like TTool?

LA: A good example is the joint laboratory between Nokia Bell Labs and Télécom Paris, inaugurated on June 25. TTool is one of the tools Nokia uses to address its challenges. In this case, the platform's ability to rapidly analyze a system model gives the company an indication of expected performance. More specifically, we are interested in the latency associated with data processing. Nokia is working on 5G (de)coders, which are parts that encode and decode data packets transmitted by fifth-generation mobile technologies. TTool allows you to see how long it takes for a data sample to be encoded or decoded, depending on architectural choices.

How does TTool work?

LA: TTool is based on three modeling environments. The first is Diplodocus, which enables partitioning between software and hardware functions. In the case of Nokia, for example, signal processing is partly carried out by the base stations. If there are major changes in processing functions, the base stations can no longer provide this functionality. Equipment manufacturers therefore want to move part of the processing to the cloud. As this is a costly operation, they want to minimize the number of calculations. In this case, the functions performed by hardware and software need to be optimized. Secondly, TTool is based on the AVATAR environment, which focuses on the creation of embedded software: modeling, then verification, then code generation. And finally, there's the SysML-Sec environment, which helps the developer to add safety functions to the embedded system throughout the entire development cycle.

Which sectors benefit most from this platform?

LA: It's quite diverse. TTool is currently being used in the European H2020 AQUAS project on two case studies corresponding to critical systems for which a safety study has to be carried out in conjunction with operating safety and performance. One with Siemens, to add safety to industrial motors. The other is on railway systems for door automation - such as the Line 1 metro in Paris. The aim is to detect whether cyber-attacks could impact the moment at which doors open or close. In this way, TTool adapts to a wide range of embedded systems.

What are TTool's key strengths?

LA: TTool provides a safety net in the development phase of embedded systems. And it helps to move towards certification. So it's a platform that increases confidence in a product, right from the design phase. This doesn't mean that embedded systems don't have to undergo bench testing, but the chances of finding faults are reduced. TTool is also free and open source. This means that anyone can use the tools, and anyone can modify the code to suit their needs. The research team behind TTool steps in when there's a challenge to collaborate with companies to improve its capabilities.