Search Results

Today's automotive software integration is a static process. Hardware and software form a fixed package and thus hinder the integration of new electric and electronic features once the specification has been completed. Usually software components assigned to an ECU cannot be easily transferred to other devices after they have been deployed. The main reasons are high system configuration and integration complexity, although shifting functions from one to another ECU is a feature which is generally supported by AUTOSAR. The concept of a Virtual Functional Bus allows a strict separation between applications and infrastructure and avoids source code modifications. But still further tooling is needed to reconfigure the AUTOSAR Basic Software (BSW). Other challenges for AUTOSAR are mixed integrity, versioning and multi-core support. The upcoming BMW E/E-domain oriented architecture will require all these features to be scalable across all vehicle model ranges.

More and more high-level algorithms are emerging to improve the existing systems in a car. Often these algorithms only need a platform with a bus connection and some resources such as CPU time and memory space. These functions can easily be integrated into existing systems that have free resources. This paper describes some encapsulation techniques and mechanisms that can be used in the automotive domain. The discussion also takes into account the additional resources consumed on the microcontroller to meet these requirements and by the software to implement the encapsulation mechanisms. Overviews of some general concepts of software-architectures that provide encapsulation are also shown.

With the ever increasing amount of available software processing resources in a vehicle, more and more high-level algorithms are emerging to improve the existing systems in a car. Often these algorithms only need a platform with a bus connection and some resources such as processing power and memory space. These functions are predestined to be integrated into existing systems that have free resources. This paper will examine the role of time protection in these multi-algorithm systems and describe what timing protection means and why it is required. The processing time will be partitioned to the different processing levels like interrupts, services and tasks. The problems of timing protection will be illustrated as well as its limitations. The conflict between real-time requirements and timing protection will be shown. Finally Autosar will be examined with focus on timing protection and applicability in actual development projects.

a practice-oriented approach for an accelerated product development and product design process for mechatronic systems is presented. The handling of complex and versatile product data to perform this process is shown in the area of electrical drives and actuators in cars. It is discussed, how the coordination of all the necessary disciplines as development, design, testing field, specification and release management should be software supported and PDM integrated. The advantages and benefits of the presented methods are shown on particular examples. The necessary software modules are introduced, showing that the realized solution gives both opportunities - the integration into a PDM backbone and at the same time an independent communication within department and/or company. The practical way, to realize the expert-specific needs of the development department, which is not possible with a general PDM system is pointed out.

ISO 26262 is the actual standard for Functional Safety of automotive E/E (Electric/Electronic) systems. One of the challenges in the application of the standard is the distribution of safety related activities among the participants in the supply chain. In this paper, the concept of a Safety Element out of Context (SEooC) development will be analyzed showing its current problematic aspects and difficulties in implementing such an approach in a concrete typical automotive development flow with different participants (e.g. from OEM, tier 1 to semiconductor supplier) in the supply chain. The discussed aspects focus on the functional safety requirements of generic hardware and software development across the supply chain where the final integration of the developed element is not known at design time and therefore an assumption based mechanism shall be used.

The potential to reduce the cost of embedded software by standardizing the application behavior for Automotive Body and Comfort domain functions is explored in this paper. AUTOSAR, with its layered architecture and a standard definition of the interfaces for Body and Comfort application functions, has simplified the exchangeability of software components. A further step is to standardize the application behavior, by developing standard specifications for common Body and Comfort functions. The corresponding software components can be freely exchanged between different OEM/Tier-1 users, even if developed independently by multiple suppliers. In practice, individual OEM users may need to maintain some distinction in the functionality. A method of categorizing the specifications as ‘common’ and ‘unique’, and to configure them for individual applications is proposed. This allows feature variability by means of relatively simple adapter functions.

This paper presents an object-oriented method customized for a tool-assisted development of car software components. Tough market conditions motivate smart software development. ASCET SD is a tool to generate target code from graphic specifications, avoiding costly programming in C. But ASCET lacks guidelines on what to do, how to do it, in what order, like a fully equipped kitchen without a cooking book. Plans to employ the tool for BMW vehicle software sparked off demand for an adequate, object-oriented real-time methodology. We show how to scan the methodology market in order to adopt an already existing method for this purpose. The result of the adaptation of a chosen method to ASCET SD is a pragmatic version of ROOM, which we call BROOM. We present a modeling guidebook that includes process recommendations not only for the automotive sector, but for real-time software development in general.

Increasing demand for utilities like navigation systems or user-defined electronic phonebooks on one hand and sophisticated engine and gear controls on the other hand leads to growing bus load between distributed local control units. This paper shows the benefits and the characteristics of various state of the art data-compression algorithms and their impact on typical automotive multiplex dataclasses. The evaluation and optimization of promising algorithms can be done via a proposed “communications prototyping”-approach. The hardware/software components of such a rapid prototyping package are outlined. Finally, first performance results of suitable data-compression measures are presented.

The increased pressure for power, space, and cost reduction in automotive applications together with the availability of high performance, automotive qualified multicore microcontrollers has lead to the ability to engineer Domain Controller ECUs that can host several separate applications in parallel. The standard automotive constraints however still apply, such as use of AUTOSAR operating system, support for legacy code, hosting OEM supplied code and the ability to determine warranty issues and responsibilities between a group of Tier 1 and Tier 2 vendors who all provide Intellectual Property to the final production ECU. Requirements for safety relevant applications add even more complexity, which in most current approaches demand a reconfiguration of all basic software layers and a major effort to redesign parts of the application code to enable co-existence on the same hardware platform. This paper outlines the conflicting requirements of hosting multiple applications.

This paper describes the first results from the AutoMoDe project (Automotive Model-based Development), where an integrated methodology for model-based development of automotive control software is being developed. The results presented include a number of problem-oriented graphical notations, based on a formally defined operational model, which are associated with system views for various degrees of abstraction. It is shown how the approach can be used for partitioning comprehensive system designs for subsequent implementation-related tasks. Recent experiences from a case study of an engine management system, specific issues related to reengineering, and the current status of CASE-tool support are also presented.

Multicore-based ECUs are increasingly used in embedded automotive software systems to allow more demanding automotive applications at moderate cost and energy consumption. Using a high number of parallel processors together with a high number of executed software components results in a practically unmanageable number of deployment alternatives to choose from. However correct deployment is one important step for reaching timing goals and acceptable latency, both also a must to reach safety goals of safety-relevant automotive applications. In this paper we focus at reducing the complexity of deployment decisions during the phases of allocation and scheduling. We tackle this complexity of deployment decisions by a mixed constructive and analytic approach.

The increasing complexity of automotive functions which are necessary for improved driving assistance systems and automated driving require a change of common vehicle architectures. This includes new concepts for E/E architectures such as a domain-oriented vehicle network based on powerful Domain Control Units (DCUs). These highly integrated controllers consolidate several applications on different safety levels on the same ECU. Hence, the functions depend on a strictly separated and isolated implementation to guarantee a correct behavior. This requires middleware layers which guarantee task isolation and Quality of Service (QoS) communication have to provide several new features, depending on the domain the corresponding control unit is used for. In a first step we identify requirements for a middleware in automotive DCUs. Our goal is to reuse legacy AUTOSAR based code in a multicore domain controller.

Increasing demand for dynamically controlled safety features, passenger comfort, and operational convenience in upper class automobiles requires an intensive use of electronic control units including software portions. Modeling, simulation, rapid prototyping, and verification of the software need new technologies to guarantee passenger security and to accelerate the time-to-market of new products. This paper presents the state-of-the-art of the design methods for the development of electronic control unit software at BMW. These design methods cover both discrete and continuous system parts, smoothly integrating the respective methods not merely on the code level, but on the documentation, simulation, and design level. In addition, we demonstrate two modeling and prototyping tools for discrete and continuous systems, namely Statemate and MatrixX, and discuss their advantages and drawbacks with respect to necessary prototyping demands.

How can car manufacturers, which are primary mechanical engineers, become software specialists? This is a question of prime importance for car electronics in the future. Modern vehicles offer a large number of electronic and software based functions to achieve a high level of safety, fuel economy, comfort, entertainment and security which are developed under pressure of regulations, of consumers needs and of competitive time to market aspects. This contribution draws a picture, what could be important in future for in car communication and information system in terms of development process, HW & SW architectures, partnerships in automotive industry and security of industrial properties. For this purpose the automotive development is reviewed and actual examples of system designs are given.

This paper presents the challenges in automotive electronics. Considering the deficiencies of the current ECU (electronic control unit) design process, a new design process is outlined. This design process mainly focuses on the independence of the ECU hardware architecture development and the software function development.

The German funded project ARAMiS included work on several demonstrators one of which was a multicore approach on large scale software integration (LSSI) for the automotive domain. Here BMW and Audi intentionally implemented two different integration platforms to gain both experience and real life data on a Hypervisor based concept on one side as well as using only native AUTOSAR-based methods on the other side for later comparison. The idea was to obtain figures on the added overhead both for multicore as well as safety, based on practical work and close-to-production implementations. During implementation and evaluation on one hand there were a lot of valuable lessons learned about multicore in conjunction with safety. On the other hand valuable information was gathered to make it finally possible to set up a cost model for estimation of potential overhead generated by different integration approaches for safety related software functions.

In the context of the ARAMiS project, AUDI AG contributed the development of a multi-core demonstrator based on car functions already in production. For this demonstrator, these legacy car functions were ported from single-core platforms to a multi-core platform to gain real world close-to-production experience while utilizing the new technology. For complex functions with high demands for computational resources, it may be necessary to distribute computation over several cores. In this context, we investigated the parallelization of a legacy sequential AUTOSAR function. A main contribution of this work is an analysis of mechanisms provided by AUTOSAR, their limitations and, possible remedy. This paper will point out observations and experiences during the development of this demonstrator and show practical solutions for parallelization in an AUTOSAR environment.

The trend towards even more sophisticated driver assistance systems and growing automation of driving sets new requirements for the robustness and availability of the involved automotive systems. In case of an error, today it is still sufficient that safety related systems just fail safe or silent to prevent safety related influence of the driving stability resulting in a functional deactivation. But the reliance on passive mechanical fallbacks in which the human driver taking over control, being inevitable in such a scenario, is expected to get more and more insufficient along with a rising degree of driving automation as the driver will be given longer reaction time. The advantage of highly or even fully automated driving is that the driver can focus on other tasks than controlling the car and monitoring it’s behavior and environment.

This paper describes how a safety-oriented software development could look like as soon as an appropriate standard exists which is applicable for the automotive industry. Such a standard is currently being developed which is a tailoring of the safety standard IEC61508. The IEC61508 is generic and not specific for any industry. It allows tailoring of the complete safety lifecycle for specific domains. This paper focuses mainly on the software lifecycle of the evolving standard for the automotive industry. With regard to the development process the objectives of each phase are explained and it is described how these can be achieved by using certain techniques and measures.