Search Results

Software complexity of vehicles is constantly growing especially with additional autonomous driving features being introduced. This increases the risk for bugs in the system, when the car is delivered. According to a car manufacturer, more than 90% of availability problems corresponding to Electronic Control Unit (ECU) functionality are either caused by software bugs or they can be resolved by applying software updates to overcome hardware issues. The main concern are sporadic errors which are not caught during the development phase since their trigger condition is too unlikely to occur or is not covered by the tests. For such systems, there is a need of safe and secure infield diagnosis. In this paper we present a tool software architecture with remote access, which facilitates standard read/write access, an efficient channel interface for communication and file I/O, and continuous trace.

Classical decentralized architectures based on large networks of microprocessor-based Electronic Control Units (ECU), namely those used in self-driving cars and other highly-automated applications used in the automotive industry, are becoming more and more complex. These new, high computational power demand applications are constrained by limits on energy consumption, weight, and size of the embedded components. The adoption of new embedded centralized electrical/electronic (E/E) architectures based on dynamically reconfigurable hardware represents a new possibility to tackle these challenges. However, they also raise concerns and questions about their safety. Hence, an appropriate evaluation must be performed to guarantee that safety requirements resulting from an Automotive Safety Integrity Level (ASIL) according to the standard ISO 26262 are met. In this paper, a methodology for the evaluation of dynamically reconfigurable systems based on centralized architectures is presented.

A main challenge when developing next generation architectures for automated driving ECUs is to guarantee reliable functionality. Today’s fail safe systems will not be able to handle electronic failures due to the missing “mechanical” fallback or the intervening driver. This means, fail operational based on redundancy is an essential part for improving the functional safety, especially in safety-related braking and steering systems. The 2-out-of-2 Diagnostic Fail Safe (2oo2DFS) system is a promising approach to realize redundancy with manageable costs. In this contribution, we evaluate the reliability of this concept for a symmetric and an asymmetric Electronic Power Steering (EPS) ECU. For this, we use a Markov chain model as a typical method for analyzing the reliability and Mean Time To Failure (MTTF) in majority redundancy approaches. As a basis, the failure rates of the used components and the microcontroller are considered.

The increasing complexity of automotive functions which are necessary for improved driving assistance systems and automated driving require a change of common vehicle architectures. This includes new concepts for E/E architectures such as a domain-oriented vehicle network based on powerful Domain Control Units (DCUs). These highly integrated controllers consolidate several applications on different safety levels on the same ECU. Hence, the functions depend on a strictly separated and isolated implementation to guarantee a correct behavior. This requires middleware layers which guarantee task isolation and Quality of Service (QoS) communication have to provide several new features, depending on the domain the corresponding control unit is used for. In a first step we identify requirements for a middleware in automotive DCUs. Our goal is to reuse legacy AUTOSAR based code in a multicore domain controller.

Reductions of hardware costs as well as implementations of new innovative functions are the main drivers of today's automotive electronics. Indeed more and more resources are spent on adapting existing solutions to different environments. At the same time, due to the increasing number of networked components, a level of complexity has been reached which is difficult to handle using traditional development processes. The automotive industry addresses this problem through a paradigm shift from a hardware-, component-driven to a requirement- and function-driven development process, and a stringent standardization of infrastructure elements. One central standardization initiative is the AUTomotive Open System ARchitecture (AUTOSAR). AUTOSAR was founded in 2003 by major OEMs and Tier1 suppliers and now includes a large number of automotive, electronics, semiconductor, hard- and software companies.

The paper will introduce the concept of intelligent automotive system services as an essential pattern for forthcoming Electric/Electronic (E/E) architectures. System services are infrastructure-related, having vehicle-wide functionalities with one central part (master) and optionally several peripheral parts (clients) as counterparts in every ECU. System services support the reliable operation, efficient administration and maintenance of car functions over the entire life cycle. System services constitute vehicle-wide, distributed functionalities. Therefore, a consistent, interoperable and scalable implementation and integration strategy is outlined. In addition, synergies to the standard core as well as to the AUTOSAR concept will be described.

This article focuses on model based development of electronic control units (ECUs) in the automotive domain. The use of model-based approaches solves requirements for the fast-growing integration of formerly isolated logical functions in complex distributed networks of heavily interacting ECUs. One fundamental property of such an approach is the existence of an adequate modeling notation tailored to the specific needs of the application domain together with a precise definition of its syntax and its semantics. However, although these constituents are necessary, they are not sufficient for guaranteeing an efficient development process of ECU networks. In addition, methodical support which guides the application of the modeling notation must be an integral part of a model-based approach.