Search Results

Today's automotive software integration is a static process. Hardware and software form a fixed package and thus hinder the integration of new electric and electronic features once the specification has been completed. Usually software components assigned to an ECU cannot be easily transferred to other devices after they have been deployed. The main reasons are high system configuration and integration complexity, although shifting functions from one to another ECU is a feature which is generally supported by AUTOSAR. The concept of a Virtual Functional Bus allows a strict separation between applications and infrastructure and avoids source code modifications. But still further tooling is needed to reconfigure the AUTOSAR Basic Software (BSW). Other challenges for AUTOSAR are mixed integrity, versioning and multi-core support. The upcoming BMW E/E-domain oriented architecture will require all these features to be scalable across all vehicle model ranges.

This paper presents a commercial off-the-shelf (COTS) approach to the automated generation of safety critical software for a distributed control system. The tool suite presented supports Honeywell's next generation Modular Aerospace Controls (MAC) architecture that facilitates fault tolerant distributed engine control utilizing intelligent components connected with TTP/C. This paper describes the integration of tool chains from two commercial vendors, the BEACON™ tool chain from Applied Dynamics International (ADI) and the TTP support tool chain from Time Triggered Technology (TTTech). The integration of these tool chains yields a powerful end-to-end systems-to-software environment that enables a fully automated approach to the development of distributed embedded software and its verification data.

The automakers that comprise MOST® describe the reasons for this decision. First, they present the automobile industry's needs relative to multimedia networks in vehicles. Then, they present the different aspects of the MOST® technology. Multimedia networks are used in the electronics market, but they do not meet the technical and industrial constraints of the automobile electronics, which is why six automakers are working on most technology under the aegis of ""Most Cooperation.'' The transmission rate is a decisive aspect in the selection of a multimedia network. The rate of sound and video applications require fiber optics. The multimedia network rate must be adequate for a vehicle equipped with the maximum number of options, but the maximum rate is limited by the number of passengers.

Over the last couple decades, there has been a growing interest in incorporating commercial off-the-shelf (COTS) technologies and open standards in the design of human-rated spacecraft. This approach is intended to reduce development and upgrade costs, lower the need for new design work, eliminate reliance on individual suppliers, and minimize schedule risk. However, it has not traditionally been possible for COTS solutions to meet the high reliability and fault tolerance requirements of systems implementing critical spacecraft functions. Byzantine faults are considered particularly dangerous to such systems because of their ability to escape traditional means of fault containment and disrupt consensus between system components. In this paper, we discuss the design of a voting protocol using Time-Triggered Ethernet capable of achieving data integrity in the presence of a single Byzantine fault.

Cybersecurity attacks exploit vulnerabilities related to the increased complexity and connectivity of critical infrastructure systems. This paper investigates the context and use of key security technologies, processes, challenges and use cases for the design of advanced integrated architectures with security, safety, and real-time performance considerations. In such architectures, deterministic Ethernet standards are used as a baseline for system integration in closed embedded systems or open mixed criticality systems. Security-informed safety development processes for integrated architectures are required to prevent catastrophic failures caused by environmental and cyber threats, due to expanding number of security vulnerabilities in complex and increasingly open systems. State-of-art safety/security processes for integrated systems in cross-industry environments are considered and similarities examined, for different types of integrated architectures.

The potential to reduce the cost of embedded software by standardizing the application behavior for Automotive Body and Comfort domain functions is explored in this paper. AUTOSAR, with its layered architecture and a standard definition of the interfaces for Body and Comfort application functions, has simplified the exchangeability of software components. A further step is to standardize the application behavior, by developing standard specifications for common Body and Comfort functions. The corresponding software components can be freely exchanged between different OEM/Tier-1 users, even if developed independently by multiple suppliers. In practice, individual OEM users may need to maintain some distinction in the functionality. A method of categorizing the specifications as ‘common’ and ‘unique’, and to configure them for individual applications is proposed. This allows feature variability by means of relatively simple adapter functions.

Multicore-based ECUs are increasingly used in embedded automotive software systems to allow more demanding automotive applications at moderate cost and energy consumption. Using a high number of parallel processors together with a high number of executed software components results in a practically unmanageable number of deployment alternatives to choose from. However correct deployment is one important step for reaching timing goals and acceptable latency, both also a must to reach safety goals of safety-relevant automotive applications. In this paper we focus at reducing the complexity of deployment decisions during the phases of allocation and scheduling. We tackle this complexity of deployment decisions by a mixed constructive and analytic approach.

Timing evaluation methods help to design a robust and extendible E/E architecture (electric/electronic). BMW has introduced the systematic application of such methods in the E/E design process within the last three years. Meanwhile, most of the architectural changes are now verified by a tool-based, automatic real-time analysis. This has increased the accuracy of the network planning and productivity of the BMW network department. In this paper, we give an overview of the actual status of timing evaluations in BMW's E/E architecture design. We discuss acceptance criteria, analysis metrics, and design rules, as far as these are related to timing. We look specifically at automation options, as these improve the productivity further. We will see that timing analysis has matured and should be mandatory for application in mass production E/E architecture development. At the same time, there is room for future improvements.

How can car manufacturers, which are primary mechanical engineers, become software specialists? This is a question of prime importance for car electronics in the future. Modern vehicles offer a large number of electronic and software based functions to achieve a high level of safety, fuel economy, comfort, entertainment and security which are developed under pressure of regulations, of consumers needs and of competitive time to market aspects. This contribution draws a picture, what could be important in future for in car communication and information system in terms of development process, HW & SW architectures, partnerships in automotive industry and security of industrial properties. For this purpose the automotive development is reviewed and actual examples of system designs are given.

The new generation of drive-by-wire systems currently under development has demanding requirements on the electronic architecture. Functions such as brake-by-wire or steer-by-wire require continued operation even in the presence of component failures. The electronic architecture must therefore provide fault-tolerance and real-time response. This in turn requires the operating system and the communication layer to be predictable, dependable and composable. It is well known that this properties are best supported by a time-triggered approach. A consortium consisting of German and French car manufacturers and suppliers, which aims at becoming a working group within the OSEK/VDX initiative, the OSEKtime consortium, is currently defining a specification for a time-triggered operating system and a fault-tolerant communication layer.1 The operating system and the communication layer are based on applicable interfaces of the OSEK/VDX standard.

This paper presents the challenges in automotive electronics. Considering the deficiencies of the current ECU (electronic control unit) design process, a new design process is outlined. This design process mainly focuses on the independence of the ECU hardware architecture development and the software function development.

Autonomous driving systems and connected mobility are the next big developments for the car manufacturers and their suppliers during the next decade. To achieve the high computing power needs and fulfill new upcoming requirements due to functional safety and security, heterogeneous processor architectures with a mixture of different core architectures and hardware accelerators are necessary. To tackle this new type of hardware complexity and nevertheless stay within monetary constraints, high performance computers, inspired by state of the art data center hardware, could be adapted in order to fulfill automotive quality requirements. The European Processor Initiative (EPI) research project tries to come along with that challenge for next generation semiconductors. To be as close as possible to series development needs for the next upcoming car generations, we present a hybrid semiconductor system-on-chip architecture for automotive.

MOSA (Modular Open System Approach) provides a framework for efficient and sustainable design of complex integrated systems. In domain of embedded technology, the MOSA as-is does a good job in identifying modular software and hardware frameworks required to establish a common baseline for generic open architecture. On the other hand, it does not cover physical aircraft integration, integration methodology and other constituent elements essential for design of robust interfaces and integrated embedded systems, which are owned by OEMs and their suppliers. The definition of open interfaces is a key constituent in definition of MOSA-compliant architectures. An efficient system integration lifecycle requires unambiguous interfacing among hosted functions. Open interfaces and Ethernet are core system integration technologies and should be integrated and configured with other software/hardware framework elements, to enable hard RT, real-time and soft-time application hosting.