Search Results

Multicore processor are well established in classical and tablet personal computers for some year. Such processors use more then one central core for computation and allow to integrate more computational power with smaller costs. However more than 90% of all processors worldwide are not placed in classical IT but are empedded in bigger systems like in modern vehicles or airplanes. Such systems face a very high demand in terms of safety, security an reliability which hinders the use of multicores in such systems. The funded project ARAMiS faces these demands and has the goal to enable the usability of multicore systems in the domains automotive and avionics, as well as later also railway. ARAMiS is the basis for higher traffic safety, traffic efficiency and comfort.

Position detection and control is necessary in modern automotive applications because of remotely controlled actuators, such as window lifters or windshield. In recent years, the demand for reliable actuators for safety critical systems, such as power steering systems, has also increased significantly. This creates a growing demand for fast, accurate and efficient servo motor systems that are increasingly smarter, smaller and cheaper. One interesting option is to use Giant Magneto Resistive (GMR) angle sensors to replace the resolvers, Hall, inductive and Anisotropic Magneto Resistive Effect (AMR) Sensors commonly used today for shaft-angle measurements. In principle, there are functional differences among various angle measurement technologies; thus, the effect of switching between them needs to be analyzed.

Electronic Control Units of safety critical systems require constant monitoring of the hardware to be able to bring the system to a safe state if any hardware defects or malfunctions are detected. This monitoring includes memory checking, peripheral checking as well as checking the main processor core. However, checking the processor core is difficult because it cannot be guaranteed that the error will be properly detected if the monitor function is running on a processing system which is malfunctioning. To circumvent this issue, several previously presented monitoring concepts (e.g. SAE#2006-01-0840) employ a second external microprocessor to communicate with the main processor to check its integrity. The addition of a second microcontroller and the associated support circuitry that is required adds to the overall costs of the ECU, increases the size and creates significant system complexity.

Electronic Control Units of safety critical systems require constant monitoring of the hardware to be able to bring the system to a safe state if any hardware defects or malfunctions are detected. This monitoring includes memory checking, peripheral checking as well as checking the main processor core. However, checking the processor core is difficult because it cannot be guaranteed that the error will be properly detected if the monitor function is running on a processing system which is malfunctioning. To circumvent this issue, several previously presented monitoring concepts (e.g. SAE#2006-01-0840) employ a second external microprocessor to communicate with the main processor to check its integrity. This paper will present a concept which maps the functions of the external monitoring unit into an internal second processing core which are frequently available on modern, 32bit, monolithic, dual-core microcontrollers.

More and more high-level algorithms are emerging to improve the existing systems in a car. Often these algorithms only need a platform with a bus connection and some resources such as CPU time and memory space. These functions can easily be integrated into existing systems that have free resources. This paper describes some encapsulation techniques and mechanisms that can be used in the automotive domain. The discussion also takes into account the additional resources consumed on the microcontroller to meet these requirements and by the software to implement the encapsulation mechanisms. Overviews of some general concepts of software-architectures that provide encapsulation are also shown.

Automotive applications classed as safety-related or safety-critical are now important differentiating technologies in the automotive industry. The emergence of safety standard ISO 26262 underlines the increasing importance of safety in automotive software. As well as functional requirements, hard real-time requirements are of crucial importance to safety-related software as there is a need to prove that the system functionality is fulfilled, even in worst-case scenarios. Measurement-based WCET (Worst-Case Execution Time) analysis combines on-target timing measurements with static analysis of program structure to calculate predicted worst-case paths and times. This is in contrast to traditional end-to-end timing measurements, which give no confidence that the worst-case path is actually tested and no insight into the location of any timing problems that do emerge.

The number of safety critical automotive applications employing high current brushless motors continues to increase (Steering, Braking, and Transmission etc.). There are many benefits when moving from traditional solutions to electrically actuated solutions. Some of these benefits can include increased fuel economy, simplified vehicle installation and packaging, increased feature set, improved safety and/or convenience, simplified unit assembly and modular testability prior as well as during vehicle manufacturing. The trend to implement brushless motors in these applications (which require electronically controlled commutation) has also brought with it the need for powerful inverters, which primarily consist of Power MOSFETs and MOSFET Driver ICs. This paper reviews the challenges associated with the design of safety critical electronic systems which combine sensing, control and actuation.

This paper will address the electronic development in the wireless industry and compare it to the electronic development in the automotive industry. The wireless industry is characterized by rapid, dramatic high tech changes with a less than two-year cycle time and an equivalent life cycle. The automotive electronics industry is working toward reducing the typical 2 to 3 year development cycle down 1 to 2 years but with a life cycle of 10 years or more. In addition to realizing the electronic development benefits seen in the wireless industry, the automotive industry places significantly more emphasis on the quality and reliability aspects of their designs as many of them are targeted toward, or interface with, safety critical applications. One of the lessons learned from the wireless industry is the development process; where the hardware selection process can be accomplished in a virtual environment in conjunction with concurrent software development.

To enable smooth and low-risk autonomous driving in the presence of other road users, such as cyclists and pedestrians, appropriate predictive safe speed control strategies relying on accurate and robust prediction models should be employed. However, difficulties related to driving scene understanding and a wide variety of features influencing decisions of other road users significantly complexifies prediction tasks and related controls. This paper proposes a hierarchical neural network (NN)-based prediction model of pedestrian crossing behavior, which is aimed to be applied within an autonomous vehicle (AV) safe speed control strategy. Additionally, different single-level prediction models are presented and analyzed as well, to serve as baseline approaches.

Increasing demands for safety, security, and certifiability of embedded automotive systems require additional development effort to generate the required evidences that the developed system can be trusted for the application and environment it is intended for. Safety standards such as ISO 26262 for road vehicles have been established to provide guidance during the development of safety-critical systems. The challenge in this context is to provide evidence of consistency, correctness, and completeness of system specifications over different work-products. One of these required work-products is the hardware-software interface (HSI) definition. This work-product is especially important since it defines the interfaces between different technologies. Model-based development (MBD) is a promising approach to support the description of the system under development in a more structured way, thus improving resulting consistency.

The performance of environment perceiving sensors such as e.g. lidar, radar, camera and ultrasonic sensors is safety critical for automated driving vehicles. Therefore, one has to assess the sensors’ performance to assure the automated driving system’s safety. The performance of these sensors is however to some degree sensitive towards adverse weather conditions. A challenge is to quantify the effect of adverse weather conditions on the sensor’s performance early in the development of an automated driving system. This challenge is addressed in this work for lidar sensors. The lidar equation was previously employed in this context to derive estimates of a lidar’s maximum range in different weather conditions. In this work, we present a stochastic simulation framework based on a probabilistic extension of the lidar equation, to quantify the effect of adverse rainfall conditions on a lidar’s raw detection performance.

The development of highly automated driving functions (AD) recently rises the demand for so called Fail-Operational systems for native driving functions like steering and braking of vehicles. Fail-Operational systems shall guarantee the availability of driving functions even in presence of failures. This can also mean a degradation of system performance or limiting a system’s remaining operating period. In either case, the goal is independency from a human driver as a permanently situation-aware safety fallback solution to provide a certain level of autonomy. In parallel, the connectivity of modern vehicles is increasing rapidly and especially in vehicles with highly automated functions, there is a high demand for connected functions, Infotainment (web conference, Internet, Shopping) and Entertainment (Streaming, Gaming) to entertain the passengers, who should no longer occupied with driving tasks.