Time Determinism and Semantics Preservation in the Implementation of Distributed Functions over FlexRay 2010-01-0452
Future automobiles are required to support an increasing number of complex, distributed functions such as active safety and X-by-wire. Because of safety concerns and the need to deliver correct designs in a short time, system properties should be verified in advance on function models, by simulation or model checking. To ensure that the properties still hold for the final deployed system, the implementation of the models into tasks and communication messages should preserve properties of the model, or in general, its semantics. FlexRay offers the possibility of deterministic communication and can be used to define distributed implementations that are provably equivalent to synchronous reactive models like those created from Simulink. However, the low level communication layers and the FlexRay schedule must be carefully designed to ensure the preservation of communication flows and functional outputs. In this paper, we provide a discussion and an analysis of the aforementioned issues and we present possible solutions to the problem of defining FlexRay schedulers that support deterministic communication delays. The aforementioned scheduling options are applied to an X-by-wire case study to highlight tradeoffs between schedulability and additional functional delays in the controls.