module consolidation: combining safety-critical automotive applications with non-critical...

#EEwebinar

#EEwebinar

Module Consolidation: Combining Safety-Critical Automation Applications With

Non-Critical Convenience Features

#EEwebinar

q  This webinar will be available afterwards at www.designworldonline.com & email

q  Q&A at the end of the presentation q  Hashtag for this webinar: #EEwebinar

Before We Start

#EEwebinar

Module Consolidation: Combining Safety-Critical Automation Applications With Non-Critical Convenience Features

Aimee Kalnoskas Editor

EE World Online

Patrick Shelly Senior Manager

Application Engineering Mentor Graphics Corp.

[email protected]

AndroidisatrademarkofGoogleInc.UseofthistrademarkissubjecttoGooglePermissions.LinuxistheregisteredtrademarkofLinusTorvaldsintheU.S.andothercountries.QtisaregisteredtrademarkofDigiaPlcand/oritssubsidiaries.AllothertrademarksmenConedinthisdocumentaretrademarksoftheirrespecCveowners.

mentor.com/automotive

Patrick Shelly Senior Manager, Application Engineering

Module Consolidation: Combining Safety-Critical Automotive Applications with Non-

Critical Convenience Features

Agenda n  Challenges experienced by vehicle OEMs today n  Current state of vehicle networks and E/E topology design n  Some contemporary practical examples n  Realization of a consolidated platform

Design World EE Network November 18, 2015 6

Addressing OEM Needs …

7

Reduce Cost / TCO

Performance & Quality

Re-Usability

Time to Market Safety

ISO 26262

Action Plan :

Consolidate ECUs

Use of complex SoCs

Reference Platforms

Open Source Software

Network Standards

Share Design Assets

AUTOSAR

Software Update Strategy

Network Architecture

Design World EE Network November 18, 2015

Increasing Vehicle Complexity

Up to 65 million lines of code, 30 million for the multimedia system

25 - 200 microprocessors

Recent high-end luxury car

ECU connections: 10 for FlexRay, 73 for CAN and 61 for LIN

Base vehicles employ 1,376 wires with a total length of 2,474 meters. A fully optioned vehicle requires 2,385 wires, with a total length of 4,293 meters (2.66 miles).

500 LEDs are deployed, no light bulbs

100 motors in the interior Source: The Hansen Report on Automotive Electronics, July/August 2013

8 Design World EE Network November 18, 2015

Physical Diversity has emerged n  Multiple network technologies have become established n  Hierarchies have emerged to handle complexity, interconnectivity

Gateway ECU Gateway ECU

BACKBONE : FLEXRAY OR ETHERNET

CAN ETHERNET

Infotainment

Driver Information

ADAS Surround Camera

CAN LIN


Physical Characteristics n  Some winners emerging…

BUS CAN CAN FD* LIN FLEXRAY ETHERNET

Speed Up to 1 Mbps Up to 8 Mbps Up to 19.2 Kbps 10 Mbps Up to 1 Gbps

Cable Type Twisted Pair 5V Twisted Pair 5V Single Wire 12V 2 or 4 Wires One or more Twisted Pair

Cost $$ $$ $ $$$ $$

Applications ABS, Powertrain, Engine Control

Higher data capacity CAN applications

Electric Seats, Mirror, Tailgate

Steering, Traction Control, Active Suspension

IP Cameras, Radar, Infotainment


Automotive Ethernet Applications (1 of 2) n  Ethernet as backbone

—  Faster communication amongst In-Vehicle controllers

—  Cheap alternative to FlexRay

n  Diagnostics and software

download —  Diagnostic tester attached to

ECU using Ethernet


Automotive Ethernet Applications (2 of 2) n  Audio/video bridging (AVB)

—  Cameras and radars connected to Head Unit

—  Advanced driver assistance systems (ADAS)

n  Car2X —  Car to car, car to

infrastructure, etc…

—  Wi-Fi and IP communication —  E.g.: collision avoidance


AUTOSAR : Independent of the Physical Network

SWC

RTE

MCAL

BSW

Hardware

OS

SWC - Software Component, describes The ECU Function

RTE - Run-Time Environment, generated automatically to interconnect all SWCs

BSW – Basic Software has all services that run On a standard scheduler (OS)

MCAL – Microcontroller Abstraction Layer provides interface to hardware devices

MCU/SOC – Microcontroller from the semiconductor provider

Provided by Tier 1 / OEM Mentor Solution

Provided by Semiconductor Vendor

Mentor


In the Past…

Application Software

Hardware

standardized

HW-specific

AUTOSAR OEM needs §  Adaptive Cruise Control §  Lane Departure

Warning §  Advanced Front

Lighting System §  Etc

Using standards §  Communication Stack §  OSEK §  Diagnostics §  CAN, FlexRay

Hardware

Software

AUTOSAR Principle

AUTOSAR Layered Architecture

Application Layer

Microcontroller

AUTOSAR Runtime Environment (RTE)

Service Layer

ECU Abstraction Layer

Microcontr. Abstraction Layer

Com

plex Device D

rivers

Boot- loader

LIN

System Services

Libs Memory

CRC

Com Services

WDG

Can

Fr

IOHWA

Eth

Fls

Eep

Can

Fr

Lin

GPT

Wdg

MC

U

Cor

e Ts

t

FlsT

st

Ram

Tst

Spi

Eth IC

U

AD

C

DIO

PWM

Port

E2E

CAL

BFX

EFX

IFL

MFL

MFX

IFX

ComM

EcuM WdgM

Ea

Fe e

MemIf

NvM

DEM

FIM

DET

IpduM

CanSM

CanNM CanT

P

CanIf CanTrc

v

FrNM

IoHwA

WdgIf

Lin SM

LinIf

FrTp

FrSM

FrTrcv

FrIf

XCP

Debug NM

NmIf DLT

CSM

StbM

BswM

EthSm

EthIf EthTrc

v

SoAd

UDPNM

DCM

LinTrcv

PduR

COM

IPv4 IPv6

OS

OS

OS

AUTOSAR Development Flow

ECU1 ECU2

SWC1

SWC2

SWC3

SystemDesign

SWC1

SWC2

SWC3

VFB

SWCDesign

VehicleView

EC

UView

ECU1

SWC1

SWC3

ECUConfiguraCon

RTE

BSW

ECU1

SWC1

SWC3

ECUExtract

CAN

Eth

AUTOSAR TCP/IP stack

AUTOSAR : Relationship with the 7-Layer ISO Model

n  AUTOSAR versions 4.2.x support Ethernet ECUs

Layer5..7

Layer4

Layer3

Layer2

Layer1

IEEE802.1ASgPTP

gptpd

UDP UDP/TCP

UDP-NM SOME/IPSOME/IP-SD

ICMP

ARP

DHCP

IP

IEEEEthernetMAC+VLAN(802.1Q-2011,incl.Qav,Qat)

AutomotiveEthernetPhysicalLayer,i.e.OABRorRGTPE IEEE802.3PhysicalLayer(Ethernet)

IEEE1722AVTP

Mediaframework

AVB Command&control

RTE


PRACTICAL EXAMPLES

18

Many new consumers of network bandwidth n  INFOTAINMENT SYSTEMS

—  Need high data-rate multi-media —  Communication with other devices in the vehicle —  Wi-Fi / Hotspot connectivity —  CE Device integration

n  ADAS —  Image transmission —  Status Messages

n  DRIVER INFORMATION —  Constant data updates from vehicle status —  Multiple network touch points

Source : Courtesy ABI research


IVI

IVI Head Units

•  Linux Platforms •  Advanced Audio and

Video •  Application Integration •  CE Device Integration

DRIVER INFO

Clusters (DIM)

•  Digital Displays •  Safety Certified •  High Performance •  Network Integration

ADAS

Driver Assistance

•  DSP/Image Processing •  Ethernet Networking •  Multi-Core SoC support •  AUTOSAR Interface

Characteristics of each domain

ECU

AUTOSAR / Legacy

•  Mixed Topology, CAN, LIN, FlexRay, Ethernet

•  ASIL and ISO 26262 support

•  Legacy and AUTOSAR •  Re-Use and mixed-

Vendor

MULTI-DOMAIN MULTI-TOPOLOGY CONNECTIVITY


DIM

Physical versus Logical separation

IHU

Comms Interface

ADAS

Comms Interface

Comms Interface

n  Current generation of designs uses physically separate ECUs

n  Perceived inherent security with physical separation

n  Individually support varying network connectivity (CAN, Ethernet, etc.)

Vehicle Network


ECU Count in Cars : Its Stabilized

0%

5000%

10000%

15000%

2005 2010 2015 2020

■  Vehicle Safety ■  Driver Convenience ■  Performance ■  Emissions / Environment ■  Reliability

■  Exploit multi-core SoCs ■  Maintainability ■  Harness Costs ■  Manufacture and ■  Assembly Cost ■  Reliability


Future Designs : Single SoC option

Comms Interface

New Questions Arising : n  How is security maintained ? n  How to share SoC resources

—  CPU —  GPU

n  How to manage the inter-domain communication ?

n  What is the optimum multi-core architecture ?

Multi-Core SoC

Software Platform

Vehicle Network


Infotainment : What is in the stack?

Embedded Software Platform

SOC Choice

Applications

HMI OEM Control

Tier 1 & OEM Control

Tier 2 Supplier GENIVI OSS

BootLoader

Kernel

Middleware

Independent


Driver Information : Handling digital information safely

Secure

Multi-Core SOC

Kernel

A9 A9

Kernel

Complex Logic

Complex Graphics Render

Safe Logic

Safe Graphics Render

Safe Graphics Driver

Non-Secure

n  ASIL B logic and graphics survive in event of non-secure logic failure

n  Complex and non-certified applications separated from safety-critical data


Adding AUTOSAR Communication Stacks n  Option 1 : “Bare-Metal” n  AUTOSAR Communication Stack remains independent n  Interdomain IPC used

—  RPMsg —  VirtIO

n  Enables ECU to be AUTOSAR compliant

AUTOSAR

IHU / DIM / ADAS

A9 / A15 / Other M4


AOL – AUTOSAR on Linux n  Option 2 : AUTOSAR on Linux n  AUTOSAR stack makes use of Linux

Kernel for services n  Allow close coupling with ADAS/IHU

data requirements n  Boot-time and security trade-offs

AUTOSAR

IHU / DIM / ADAS

A9 / A15 / Other

Linux Kernel


Where to run AUTOSAR Comm Stack? VSTAR Stack

Advantage Disadvantage

On external MCU (e.g. V850)

•  Fast Start-Up •  Isolation

•  Less Integrated •  Additional component cost •  Not making use of available cores on

SoC

On Linux •  Easy integration / existing OS •  Ethernet support exists •  CAN can be ported onto Linux •  Open OS platform

•  Slower startup of AUTOSAR •  Linux kernel may need adapting to

timing needs (pre-emptive, deterministic scheduling)

On internal core (e.g. M3, M4)

•  Many heterogeneous SoCs have cores suitable for AUTOSAR

•  Tight hardware integration

•  Start up architecture / boot time. Special consideration needed

•  Not proven in production yet


Realization

29

AXSB – AUTOMOTIVE GRADE REFERENCE PLATFORM

n  Automotive Grade Reference Platform —  TI Jacinto 6 processor – 1 GHz , 760 Pin package —  2 GByte Dual 32 Bit DDR3L(1066) @ 533 MHz —  TI WiLink8TM connectivity module —  NXP Radio Tuner —  Support for APIX2 and FPD-Link III —  HDMI out for development

—  1 DIN mechanics —  8 Layer PCB —  Chassis cooling provisions

—  Automotive connectors —  Automotive layout rules —  Automotive-grade key components —  Automotive power-supply (motor start/stop) —  ESD protection for external interfaces

n  Rapid prototyping and development

n  Expansion modules for added functionality

n  Customizability and scalability through design reuse

n  HW & SW IP axsb.org


Example Consolidation…

31

IVI Linux FastBoot

AUTOSARBSW & CAN

Stack on V850 Hypervisor (2xA15)

CAN Vehicle Simulator

Cluster Display

CAN BUS Linux/RTOS FastBoot

Infotainment Display

USB 2CAN

Sourcery Analyzer

USB

NTSC Camera Port

FM/AM Radio

Ethernet

RearView Camera

XS Trace

Phone Connectivity

(CarPlay, AndroidAuto, MirrorLink)

Design World EE Network November 18, 2015

Demonstration

Design World EE Network November 18, 2015 32

#EEwebinar

Thank You q  This webinar will be available at

designworldonline.com & email

q  Tweet with hashtag #EEwebinar

q  Connect with Design World

q  Continue the discussion on our forums EDABoard.com

& ElectroTechOnline.com

#EEwebinar