Refine Your Search

Topic

Search Results

Video

ARAMiS - Taming Multicores for Safe Transportation

2012-05-17
Multicore processor are well established in classical and tablet personal computers for some year. Such processors use more then one central core for computation and allow to integrate more computational power with smaller costs. However more than 90% of all processors worldwide are not placed in classical IT but are empedded in bigger systems like in modern vehicles or airplanes. Such systems face a very high demand in terms of safety, security an reliability which hinders the use of multicores in such systems. The funded project ARAMiS faces these demands and has the goal to enable the usability of multicore systems in the domains automotive and avionics, as well as later also railway. ARAMiS is the basis for higher traffic safety, traffic efficiency and comfort.
Video

Advancing Aircraft Cyber Security - Potential New Architectures and Technologies

2012-03-16
Cyber security in the aviation industry, especially in relation to onboard aircraft systems, presents unique challenges in its implementation and management. The cyber threat model is constantly evolving and will continually present new and different challenges to the aircraft operator in responding to new cyber threats without either invoking a lengthy software update and re-certification process or limiting aircraft-to-ground communications to the threatened system or systems. This presentation discusses a number of system architectural options and developing technologies that could be considered to enhance the aircraft cyber protection and defensive capabilities of onboard systems as well as to minimize the effort associated with certification/re-certification. Some of these limit the aircraft?s vulnerabilities or in cyber terms, its ?threat surface?.
Video

Applying Critical-System Java to the Challenges of SMP Platforms

2012-03-21
In recent years, all major microprocessor manufacturers are transitioning towards the deploymenet of multiple processing cores on every chip. These multi-core architectures represent the industry consensus regarding the most effective utilization of available silicon resources to satisfy growing demands for processing and memory capacities. Porting off-the-shelf software capabilities to multi-core architectures often requires significant changes to data structures and algorithms. When developing new software capabilities specifically for deployment on SMP architectures, software engineers are required to address specific multi-core programming issues, and in the ideal, must do so in ways that are generic to many different multi-core target platforms. This talk provides an overview of the special considerations that must be addressed by software engineers targeting multi-core platforms and describes how the Java language facilitates solutions to these special challenges.
Video

Building Security In: The SPARK Approach to Software Development

2012-05-22
Software products in the automotive industry are by nature widely distributed and costly to update (recall), so high reliability is clearly of utmost importance. Just as clearly, the increasing reliance on remote access to such systems, for diagnostic and other purposes, has made security an essential requirement, and traditional techniques for software development are proving to be inadequate in dealing with these issues. Correctness by Construction is a software design and development methodology that builds reliability and security into the system from the start. It can be used to demonstrate, with mathematical rigor, a program's correctness properties while reducing the time spent during testing and debugging. This paper will discuss the use of Correctness by Construction, and its accompanying SPARK language technology, to improve automotive systems' security and reliability. (The approach can also account for safely issues, although that is not the focus of this paper.)
Video

Certification of Engine Health Management Systems: Guidelines for Selecting Software Assurance Levels

2012-03-16
The use of Engine Health Management (EHM) systems has been growing steadily in both the civilian and the military aerospace sectors. Barring a few notable exceptions (such as certain temperature and thrust margin monitoring) regulatory authorities around the world have not required these systems to be certified in any way. This is changing rapidly. New airframes and engines are increasingly being designed with the assumption that EHM will be an integral part of the way customers will operate these assets. This leads to a need for better guidelines on how such systems should be certified. The SAE E-32 committee on Propulsion System Health Monitoring is leading an industry-wide effort to develop a set of guidelines for certifying EHM systems.
Video

Data Driven Testing for HIL Systems

2011-12-05
The amount of software, computation and logic embedded into the vehicle systems is increasing. Testing of complex real time embedded systems using Hardware in Loop (HIL) simulations across different vehicle platforms has been a challenge. Data driven testing enables a qualitative approach to test these complex vehicle systems. It consists of a test framework wherein the test logic and data are independent of the HIL test environment. The data comprises variables used for both input values and output verification values. This data is maintained in a database or in the form of tables. Each row defines an independent test scenario. The entire test data is divided into three categories, High, Medium and Low. This feature gives the advantage of leveraging the same set of test data from Unit Level Testing phases to the Integration Test phase in the V-Cycle of software development. A data driven test approach helps the reuse of tests across vehicle platforms.
Video

Evolution of the Space Shuttle Primary Avionics Software and Avionics for Shuttle Derived Launch Vehicles

2012-03-21
As a result of recommendation from the Augustine Panel, the direction for Human Space Flight has been altered from the original plan referred to as Constellation. NASA's Human Exploration Framework Team (HEFT) proposes the use of a Shuttle Derived Heavy Lift Launch Vehicle (SDLV) and an Orion derived spacecraft (salvaged from Constellation) to support a new flexible direction for space exploration. The SDLV must be developed within an environment of a constrained budget and a preferred fast development schedule. Thus, it has been proposed to utilize existing assets from the Shuttle Program to speed development at a lower cost. These existing assets should not only include structures such as external tanks or solid rockets, but also the Flight Software which has traditionally been a ?long pole? in new development efforts. The avionics and software for the Space Shuttle was primarily developed in the 70's and considered state of the art for that time.
Video

Experience with Using Hardware-in-the-Loop Simulation for Validation of OBD in Powertrain Electronics Software

2011-12-05
These advanced checks have resulted in development of many new diagnostic monitors, of varying types, and a whole new internal software infrastructure to handle tracking, reporting, and self-verification of OBD related items. Due to this amplified complexity and the consequences surrounding a shortfall in meeting regulatory requirements, efficient and thorough validation of the OBD system in the powertrain control software is critical. Hardware-in-the-Loop (HIL) simulation provides the environment in which the needed efficiency and thoroughness for validating the OBD system can be achieved. A HIL simulation environment consisting of engine, aftertreatment, and basic vehicle models can be employed, providing the ability for software developers, calibration engineers, OBD experts, and test engineers to examine and validate both facets of OBD software: diagnostic monitors and diagnostic infrastructure (i.e., fault memory management).
Video

Fault-Tree Generation for Embedded Software Implementing Dual-Path Checking

2011-11-17
Given the fast changing market demands, the growing complexity of features, the shorter time to market, and the design/development constraints, the need for efficient and effective verification and validation methods are becoming critical for vehicle manufacturers and suppliers. One such example is fault-tree analysis. While fault-tree analysis is an important hazard analysis/verification activity, the current process of translating design details (e.g., system level and software level) is manual. Current experience indicates that fault tree analysis involves both creative deductive thinking and more mechanical steps, which typically involve instantiating gates and events in fault trees following fixed patterns. Specifically for software fault tree analysis, a number of the development steps typically involve instantiating fixed patterns of gates and events based upon the structure of the code. In this work, we investigate a methodology to translate software programs to fault trees.
Video

GreenZone Driving for Plug In Hybrid Electric Vehicles

2012-05-29
Plugin Hybrid Electric Vehicles (PHEV) have a large battery which can be used for electric only powertrain operation. The control system in a PHEV must decide how to spend the energy stored in the battery. In this paper, we will present a prototype implementation of a PHEV control system which saves energy for electric operation in pre-defined geographic areas, so called Green Zones. The approach determines where the driver will be going and then compares the route to a database of predefined Green Zones. The control system then reserves enough energy to be able to drive the Green Zone sections in electric only mode. Finally, the powertrain operation is modified once the vehicle enters the Green Zone to ensure engine operation is limited. Data will be presented from a prototype implementation in a Ford Escape PHEV Presenter Johannes Kristinsson
Video

How to Address the Existing and Future Requirements of ASFC: The Safe and Secure Virtualization RTOS Approach

2012-03-21
With the increase of functions in the next generation of aircrafts, it has become very important to address reconfigurability. The bottom line is that space and weight available for critical computers in an aircraft remain mostly unchanged. These new functions imply more computation power and so more redundant elements for safety. CPU power has been increased but the latest evolution with the new multi-core CPU's introduces additional difficulties in terms of certification. IMA first generation was the first answer to address some of these problems by enabling the concentration of several certified critical functions in the same physical computer. However, up to now, such implementations were very static and did not scale very well with the increase of functions need for the next generation aircraft. That?s why the avionics industry is looking for improvement of existing solutions and must work on what would be the next generation of IMA (IMA-NG).
Video

Incorporating AFP Material Delivery Technology on Commercially Available Robot Machine Platforms

2012-03-23
: Fiber Placement equipment has historically been very large and very expensive. Therefore, the AFP process has been mostly exclusive to the larger aerospace companies of the world. In order to achieve more widespread use of the AFP process, a wider variety of machine configurations must be offered and cost of the equipment must be decreased. Commercially available, articulated robotic arms have been identified as an attractive, low cost option for AFP machine platforms. However, incorporating AFP material delivery technology with robotic arms has many challenges. These challenges relate to both hardware and software issues. This presentation will address the technical challenges of using robots as a machine platform for the AFP process and review the current status of this composites lamination equipment technology. Presenter Frederic Challois, Coriolis Composites
Video

Integrating Formal Model Checking with the RTEdge™ AADL Microkernel

2012-03-21
Edgewater Computer Systems Inc. product RTEdge Platform 1.2 is a software toolset supporting proof based engineering, implementation and deployment of software components, built using the RTEdge AADL Microkernel modeling subset. This is a small subset of the AADL component model and execution semantics, covering threads and thread-groups communicating solely through asynchronous event ports and through explicitly shared data ports. Threads behavior is expressed as state machines and dispatch run time semantics is encoded in a Run-time Executive, enforcing pre-emptive priority dispatch based on statically assigned event priorities, with ceiling priority protocol access to shared data. This simple AADL microkernel semantic core can support all dispatch policies, communication and synchronization mechanisms of a fully fledged AADL run time environment, permitting the systematic use of the RTEdge static analysis tools for AADL compliant software components.
Video

New Particulate Matter Sensor for On Board Diagnosis

2012-02-16
The presentation describes technology developments and the integration of these technologies into new emission control systems. As in other years, the reader will find a wide range of topics from various parts of the world. This is reflective of the worldwide scope and effort to reduce diesel exhaust emissions. Topics include the integration of various diesel particulate matter (PM) and Nitrogen Oxide (NOx) technologies as well as sensors and other emissions related developments. Presenter Atsuo Kondo, NGK Insulators, Ltd.
Video

On-Road Evaluation of an Integrated SCR and Continuously Regenerating Trap Exhaust System

2012-06-18
Four-way, integrated, diesel emission control systems that combine selective catalytic reduction for NOx control with a continuously regenerating trap to remove diesel particulate matter were evaluated under real-world, on-road conditions. Tests were conducted using a semi-tractor with an emissions year 2000, 6-cylinder, 12 L, Volvo engine rated at 287 kW at 1800 rpm and 1964 N-m. The emission control system was certified for retrofit application on-highway trucks, model years 1994 through 2002, with 4-stroke, 186-373 kW (250-500 hp) heavy-duty diesel engines without exhaust gas recirculation. The evaluations were unique because the mobile laboratory platform enabled evaluation under real-world exhaust plume dilution conditions as opposed to laboratory dilution conditions. Real-time plume measurements for NOx, particle number concentration and size distribution were made and emission control performance was evaluated on-road.
Video

SAE Eye on Engineering: Cybersecurity in Cars

2018-08-20
What can hackers do with a car? Well, just about anything they want to do. In this episode of SAE Eye on Engineering, Editor-in-Chief Lindsay Brooke looks at cybersecurity concerns in cars. SAE Eye on Engineering also airs Monday mornings on WJR 760 AM Detroit's Paul W. Smith Show.
Video

Safety Critical Uses of Java

2012-03-21
The Java language is now the most popular programming language for the creation of new software capabilities. Its popularity has resulted in signficant economies of scale, with Java adopted as the primary language of instructional within many university curriculums, an abundance of reusable Java software components and Java software development tools available both from commercial suppliers and as open source technology, a large pool of competent Java developers from which to recruit staff, and a general willingness by senior staff software engineers to invest the effort required to learn this new programming language and technology. This talk describes the special approaches recommended for the use of Java in safety-critical deployments. The talk surveys the current state of the draft JSR-302 Safety Critical Java Specification and describes related experiences with commercially available technologies based on the constraints of early JSR-302 design discussions.
Video

Safety Element out of Context - A Practical Approach

2012-05-22
ISO 26262 is the actual standard for Functional Safety of automotive E/E (Electric/Electronic) systems. One of the challenges in the application of the standard is the distribution of safety related activities among the participants in the supply chain. In this paper, the concept of a Safety Element out of Context (SEooC) development will be analyzed showing its current problematic aspects and difficulties in implementing such an approach in a concrete typical automotive development flow with different participants (e.g. from OEM, tier 1 to semiconductor supplier) in the supply chain. The discussed aspects focus on the functional safety requirements of generic hardware and software development across the supply chain where the final integration of the developed element is not known at design time and therefore an assumption based mechanism shall be used.
X