Refine Your Search

Topic

Search Results

Technical Paper

Timing Correctness in Safety-Related Automotive Software

2011-04-12
2011-01-0449
Automotive applications classed as safety-related or safety-critical are now important differentiating technologies in the automotive industry. The emergence of safety standard ISO 26262 underlines the increasing importance of safety in automotive software. As well as functional requirements, hard real-time requirements are of crucial importance to safety-related software as there is a need to prove that the system functionality is fulfilled, even in worst-case scenarios. Measurement-based WCET (Worst-Case Execution Time) analysis combines on-target timing measurements with static analysis of program structure to calculate predicted worst-case paths and times. This is in contrast to traditional end-to-end timing measurements, which give no confidence that the worst-case path is actually tested and no insight into the location of any timing problems that do emerge.
Technical Paper

Timing Analysis and Tracing Concepts for ECU Development

2014-04-01
2014-01-0190
Integration scenarios for ECU software become more complicated, as more constraints with regards to timing, safety and security need to be considered. Multi-core microcontrollers offer even more hardware potential for integration scenarios. To tackle the complexity, more and more model based approaches are used. Understanding the interaction between the different software components, not only from a functional but also from a timing view, is a key success factor for high integration scenarios. In particular for multi-core systems, an amazing amount of timing data can be generated. Usually a multi-core system handles more software functionality than a single-core system. Furthermore, there may be timing interference on the multicore systems, due to the shared usage of buses, memory banks or other hardware resources.
Technical Paper

Efficient Multi-Core Software Design Space Exploration for Hybrid Control Unit Integration

2014-04-01
2014-01-0260
Multi-core systems are adopted quickly in the automotive domain, Proof of concepts have been implemented for power train, body and chassis, involving hard real-time constraints. However, depending on the degree of integration, it can be costly, especially in those cases where existing single-core software has to be migrated over. Furthermore, there seems to be a high level of uncertainty, whether a found solution, with regards to partitioning, mapping and orchestration of software is close to an optimum solution. Some integrated solutions demonstrate considerably less performance, for instance due to communication overhead compared to execution on single-core systems. This paper discusses a methodology, as to how to effectively and efficiently investigate the software architecture design space for multi-core software development.
Technical Paper

Safety Element out of Context - A Practical Approach

2012-04-16
2012-01-0033
ISO 26262 is the actual standard for Functional Safety of automotive E/E (Electric/Electronic) systems. One of the challenges in the application of the standard is the distribution of safety related activities among the participants in the supply chain. In this paper, the concept of a Safety Element out of Context (SEooC) development will be analyzed showing its current problematic aspects and difficulties in implementing such an approach in a concrete typical automotive development flow with different participants (e.g. from OEM, tier 1 to semiconductor supplier) in the supply chain. The discussed aspects focus on the functional safety requirements of generic hardware and software development across the supply chain where the final integration of the developed element is not known at design time and therefore an assumption based mechanism shall be used.
Technical Paper

Implementing Mixed Criticality Software Integration on Multicore - A Cost Model and the Lessons Learned

2015-04-14
2015-01-0266
The German funded project ARAMiS included work on several demonstrators one of which was a multicore approach on large scale software integration (LSSI) for the automotive domain. Here BMW and Audi intentionally implemented two different integration platforms to gain both experience and real life data on a Hypervisor based concept on one side as well as using only native AUTOSAR-based methods on the other side for later comparison. The idea was to obtain figures on the added overhead both for multicore as well as safety, based on practical work and close-to-production implementations. During implementation and evaluation on one hand there were a lot of valuable lessons learned about multicore in conjunction with safety. On the other hand valuable information was gathered to make it finally possible to set up a cost model for estimation of potential overhead generated by different integration approaches for safety related software functions.
Journal Article

The Challenges of Devising Next Generation Automotive Benchmarks

2008-04-14
2008-01-0382
More than ever, microcontroller performance in cars has a direct impact on the driving experience, on compliance with improved safety, ever-stricter emissions regulations, and on fuel economy. The simple microcontrollers formerly used in automobiles are now being replaced by powerful number-crunchers with incredible levels of peripheral integration. As a result, performance can no longer be measured in MIPS (Millions of Instructions Per Second). A microcontroller's effectiveness is based on coherent partitioning between analog and digital, hardware and software, tools and methodology. To make an informed choice among the available devices, the designer needs benchmarks that are specific to automotive applications, and which provide a realistic representation of how the device will perform in the automotive environment.
Technical Paper

Cost Efficient Partitioning for New Generation of Automatic Transmission Gearbox Controllers

2006-04-03
2006-01-0403
This paper shall present advancements in electronic transmission control circuits addressing new challenges in the gearbox striving for improved vehicle efficiency and comfort of driving. Efficient chipset design, requires finding the optimal partitioning, that is the mapping of functionality to hardware or software and analog or digital circuit technology. The efficiency will be judged by minimal cost whilst achieving improved functionality and required scalability for a platform approach. Specific examples demonstrated are smart sensor architecture and new mapping of control strategies, realized with a novice integrated current control IC concept. Comparisons on system level are used to evaluate different function mappings as well as component partitioning. Details of the most optimized mapping and partitioning will be elaborated and first results of implementation in silicon components will be shown.
Technical Paper

The Challenges of Next Generation Automotive Benchmarks

2007-04-16
2007-01-0512
More than ever, microcontroller performance in cars has a direct impact on the driving experience, on compliance with improved safety, ever-stricter emissions regulations, and on fuel economy. The simple microcontrollers formerly used in automobiles are now being replaced by powerful number-crunchers whose performance can no longer be measured in MIPS. Instead, their effectiveness is based on a coherent partitioning between analog and digital, hardware and software, tools and methodology. To make an informed choice among the available devices, what the designer needs are benchmarks that are specific to automotive applications, and which provide a realistic representation of how the device will perform in the automotive environment. This presentation will explore the role of new benchmarks in the development of complex automotive applications.
Technical Paper

MultiCore Benefits & Challenges for Automotive Applications

2008-04-14
2008-01-0989
This paper will give an overview of multicore in automotive applications, covering the trends, benefits, challenges, and implementation scenarios. The automotive silicon industry has been building multicore and multiprocessor systems for a long time. The reasons for this choice have been: increased performance, safety redundancy, increased I/O & peripheral, access to multiple architectures (performance type e.g. DSP) and technologies. In the past, multiprocessors have been mainly considered as multi-die, multi-package with simple interconnection such as serial or parallel busses with possible shared memories. The new challenge is to implement a multicore, micro-processor that combines two or more independent processors into a single package, often a single integrated circuit (IC). The multicores allow a computing device to exhibit some form of thread-level parallelism (TLP).
Technical Paper

Advanced Gasoline Engine Management Platform for Euro IV & CHN IV Emission Regulation

2008-06-23
2008-01-1704
The increasingly stringent requirements in relation to emission reduction and onboard diagnostics are pushing the Chinese automotive industry toward more innovative solutions and a rapid increase in electronic control performance. To manage the system complexity the architecture will require being well structure on hardware and software level. The paper introduces GEMS-K1 (Gasoline Engine Management System - Kit 1). GEMS-K1 is a platform being compliant with Euro IV emission regulation for gasoline engines. The application software is developed using modeling language, the code is automatically generated from the model. The driver software has a well defined structure including microcontroller abstraction layer and ECU abstraction layer. The hardware is following design rules to be robust, 100% testable and easy to manufacture. The electronic components use the latest innovation in terms of architecture and technologies.
Journal Article

Smart Power Semiconductors - Repetitive Short Circuit Operation

2008-04-14
2008-01-0719
In addition to basic switching functionality, smart power switches mainly provide diagnostic and protection functions, e.g. for short circuits to the load, which makes it all the more surprising that short circuit protected smart switches have been used for years in automotive applications without there being a precise definition of a short circuit. This article describes what Infineon has done to fill this gap. It was first necessary to define the kind of short circuits likely to occur in automotive applications and to specify the use and operating points of the smart switches. The next logical step was the standardization of the test circuit and application conditions in the AEC (Automotive Electronics Council) to allow an industry-wide comparison of the test results.
Technical Paper

Single-Edge Nibble Transmission: Challenges and Evolutions

2009-04-20
2009-01-0125
Single Edge Nibble Transmission (SENT) is a promising low-cost solution for communication between off-ECU sensors and a microcontroller. First, this paper analyses the advantages of digital sensors with a special focus on position sensors. The possible integration of SENT in other application fields (such as pressure sensors) is also discussed. Secondly, it describes possible solutions for handling SENT communication on microcontrollers and it gives practical examples based on Infineon's TriCore and XC2000 families. It discusses the constraints and limitations on software level and how they could be solved by dedicated hardware implementations. Finally, this paper presents the Short PWM Code (SPC) protocol, which is a further extension of the SENT protocol. SPC aims at increasing the performance of the communication link and reducing system costs at the same time. By allowing bidirectional communication, SPC opens the way to new system relevant functionalities.
Technical Paper

Microsecond Bus (μSB): The New Open-Market Peripheral Serial Communication Standard

2005-04-11
2005-01-0057
For the past approximately 20 years, the Serial Peripheral Interface (SPI) has been the established standard for serial communication between a host or central microprocessor and peripheral devices. This standard has been used extensively in control modules covering the entire spectrum of automotive applications, as well as non-automotive applications. As the complexity of engine control modules grows, with the number of vehicle actuators being controlled and monitored increasing, the number of loads the central microprocessor has to manage is growing accordingly. These loads are typically controlled using discrete and pulse-width modulated (PWM) outputs from the microcontroller when real-time operation is essential or via SPI when real-time response is not critical. The increase of already high pin-count on microcontrollers, the associated routing effort and demand for connected power stages is a concern of cost and reliability for future ECU designs.
Technical Paper

Design Process Changes Enabling Rapid Development

2004-10-18
2004-21-0085
This paper will address the electronic development in the wireless industry and compare it to the electronic development in the automotive industry. The wireless industry is characterized by rapid, dramatic high tech changes with a less than two-year cycle time and an equivalent life cycle. The automotive electronics industry is working toward reducing the typical 2 to 3 year development cycle down 1 to 2 years but with a life cycle of 10 years or more. In addition to realizing the electronic development benefits seen in the wireless industry, the automotive industry places significantly more emphasis on the quality and reliability aspects of their designs as many of them are targeted toward, or interface with, safety critical applications. One of the lessons learned from the wireless industry is the development process; where the hardware selection process can be accomplished in a virtual environment in conjunction with concurrent software development.
Technical Paper

Cost Efficient Integration for Decentralized Automotive ECU

2004-03-08
2004-01-0717
As the demand for enhanced comfort, safety and differentiation with new features continues to grow and as electronics and software enable most of these, the number of electronic units or components within automobiles will continue to increase. This will increase the overall system complexity, specifically with respect to the number of controller actuators such as e-motors. However, hard constraints on cost and on physical boundaries such as maximum power dissipation per unit and pin-count per unit/connector require new solutions to alternative system partitioning. Vehicle manufacturers, as well as system and semiconductor suppliers are striving for increased scalability and modularity to allow for most cost optimal high volume configurations while featuring platform reuse and feature differentiation. This paper presents new semiconductor based approaches with respect to technologies, technology mapping and assembly technologies.
Technical Paper

In-vehicle Network Verification from Application to Physical Layer

2004-03-08
2004-01-0208
The verification of an in-vehicle network often requires to look at more than one level of abstraction at a time. At the moment, this is not addressed by existing methods, which are dedicated either to physical or application layer, but not both. This paper fills this gap by introducing a methodology to insert the protocol related software execution as well as the motor behavior into the physical layer mixed-signal (i.e. analog/digital) simulation. Electronics and mechanics are covered by the hardware description language VHDL-AMS, while the software is given in C.
Technical Paper

Automotive Sensors & Sensor Interfaces

2004-03-08
2004-01-0210
The increasing legal requirements for safety, emission reduction, fuel economy and onboard diagnosis systems push the market for more innovative solutions with rapidly increasing complexity. Hence, the embedded systems that will have to control the automobiles have been developed at such an extent that they are now equivalent in scale and complexity to the most sophisticated avionics systems. This paper will demonstrate the key elements to provide a powerful, scalable and configurable solution that offers a migration pass to evolution and even revolution of automotive Sensors and Sensor interfaces. The document will explore different architectures and partitioning. Sensor technologies such as magnetic field sensors based on the hall effect as well as bulk and surface silicon micro machined sensors will be mapped to automotive applications by examples. Functions such as self-test, self-calibration and self-repair will be developed.
Technical Paper

Architectural Concepts for Fail-Operational Automotive Systems

2016-04-05
2016-01-0131
The trend towards even more sophisticated driver assistance systems and growing automation of driving sets new requirements for the robustness and availability of the involved automotive systems. In case of an error, today it is still sufficient that safety related systems just fail safe or silent to prevent safety related influence of the driving stability resulting in a functional deactivation. But the reliance on passive mechanical fallbacks in which the human driver taking over control, being inevitable in such a scenario, is expected to get more and more insufficient along with a rising degree of driving automation as the driver will be given longer reaction time. The advantage of highly or even fully automated driving is that the driver can focus on other tasks than controlling the car and monitoring it’s behavior and environment.
Technical Paper

Feasibility Study for a Secure and Seamless Integration of Over the Air Software Update Capability in an Advanced Board Net Architecture

2016-04-05
2016-01-0056
Vehicle manufacturers are challenged by rising costs for vehicle recalls. A major part of the costs are caused by software updates. This paper describes a feasibility study on how to implement software update over the air (SOTA) in light vehicles. The differences and special challenges in the automotive environment in comparison to the cellular industry will be explained. Three key requirements focus on the drivers’ acceptance and thus are crucial for the vehicle manufacturers: SOTA must be protected against malicious attacks. SOTA shall interfere as little as possible with the availability of a vehicle. Long update processes with long vehicle downtimes or even complete fails must be avoided. The functional safety of the vehicle during operation may not be limited in any way The study gives options how those objectives can be achieved. It considers the necessary security measures and describes the required adaptations of the board-net architectures both on software and hardware level.
Technical Paper

Hardware and Software Constraints for Automotive Firewall Systems?

2016-04-05
2016-01-0063
Introduction The introduction of Ethernet and Gigabit Ethernet [2] as the main invehicle network infrastructure is the technical foundation for different new functionalities such as piloted driving, minimizing the CO2- footprint and others. The high data rate of such systems influences also the used microcontrollers due the fact that a big amount of data has to be transferred, encrypted, etc. Figure 1 Motivation - Vehicles will become connected to uncontrolled networks The usage of Ethernet as the in-vehicle-network enables the possibility that future road vehicles are going to be connected with other vehicles and information systems to improve system functionality. These previously closed automotive systems will be opened up for external access (see Figure 1). This can be Car2X connectivity or connection to personal devices. Allowing vehicle systems to communicate with other systems that are not within their physical boundaries impose a previously non-existing security problem.
X