How To Build A Race Car

Similar documents

Crucial Role of ICT for the Reinvention of the Car

The ecar in it s infrastructure smart grid -mobilityof thefuture?

A vehicle control platform as safety element out of context

Grenzenlos wissen Von der Region in die Welt. Automatisierung von Fahrzeugen

Safety and security related features in AUTOSAR

Vehicular On-board Security: EVITA Project

Customer Experience. Silicon. Support & Professional Eng. Services. Freescale Provided SW & Solutions

Safety compliance. Energy management. System architecture advisory services. Diagnostics. Network topologies. Physical and functional partitioning

Advanced Electronic Platform Technologies Supporting Development of Complicated Vehicle Control Software

Mixed-Criticality Systems Based on Time- Triggered Ethernet with Multiple Ring Topologies. University of Siegen Mohammed Abuteir, Roman Obermaisser

FlexRay A Communications Network for Automotive Control Systems

Challenges for the European Automotive Software Industry

In-Vehicle Networking

Vorlesung Kommunikationsnetze Fieldbus Systems

EB Automotive Driver Assistance EB Assist Solutions. Damian Barnett Director Automotive Software June 5, 2015

Ethernet-based and function-independent vehicle control-platform

How To Make A Car A Car Into A Car With A Car Stereo And A Car Monitor

AVL DISCAN Handheld-Scantool for multifunctional fields of application Faultcode-reader with integrated Informationsystem and Oscilloscope

Virtual Integration and Consistent Testing of Advanced Driver Assistance Functions

PikeOS: Multi-Core RTOS for IMA. Dr. Sergey Tverdyshev SYSGO AG , Moscow

NXP s Solution to ecall Brussels, October 19 th, 2010

Software in safety critical systems

Bluetooth in Automotive Applications Lars-Berno Fredriksson, KVASER AB

Presentation Overview. Istwaan Knijff EMC & Safety themadag - 03 oktober Sensata Technologies Almelo. What about EMC?

Safe-E. Safe-E Introduction. Coordination: Andreas ECKEL TTTech Computertechnik AG

INTEGRATED OPEN DEVELOPMENT PLATTFORM FÜR TEIL- UND VOLLAUTOMATISIERTE FAHRZEUGANTRIEBE

BMW Car IT GmbH. AUTOSAR - First Experiences and the Migration Strategy of the BMW Group

HIPEAC Segregation of Subsystems with Different Criticalities on Networked Multi-Core Chips in the DREAMS Architecture

Generic term for using the Ethernet standard in automation / industrial applications

SOME/IP SERVICE DISCOVERY THE NEED FOR SERVICE DISCOVERY IN THE VEHICLE

SCSK s Automotive Software Business

Bus Interconnect Evolution in embedded computing

Industrial Networks & Databases

PROFINET the Industrial Ethernet standard. Siemens AG Alle Rechte vorbehalten.

Security in Vehicle Networks

Using High Availability Technologies Lesson 12

Introduction to RACE FUELS Hans-Christian von der Wense Munich, Germany

Safety Issues in Automotive Software

Automotive Software Development Challenges Virtualisation and Embedded Security

Safety and Security Features in AUTOSAR

Automotive Software Engineering

Introduction CHAPTER 1

Siemens 2020 Our strategy and innovation focus Lecture at Koç University Unrestricted Siemens AG All rights reserved.

Service Oriented Architecture for Agricultural Vehicles

OSI Layers in Automotive Networks

Standardized software components will help in mastering the. software should be developed for FlexRay were presented at

Multiplexed Networks for Embedded Systems. CAN, LIN, FlexRay, Safe-by- Wire...

Do AUTOSAR and functional safety rule each other out?

AutoSAR Overview. FESA Workshop at KTH Prof. Jakob Axelsson Volvo Cars and Mälardalen University

Software Stacks for Mixed-critical Applications: Consolidating IEEE AVB and Time-triggered Ethernet in Next-generation Automotive Electronics

Workshop PROFINET in Process Automation. Intern / Siemens AG Alle Rechte vorbehalten.

Review Methods Configuration, Administration and Network Monitoring in High-Rate Onboard Networking Standards

Basic Wireless Infrastructure and Topologies

Network Design. Yiannos Mylonas

Global Automotive Conference

CSMT Gestione Scarl -Centro di Competenza PROFIBUS e PROFINET

Optimizing Infrastructure Support For Storage Area Networks

Mixed-Criticality: Integration of Different Models of Computation. University of Siegen, Roman Obermaisser

The Temporal Firewall--A Standardized Interface in the Time-Triggered Architecture

Principles of a Vehicle Infotainment Platform

Networked Embedded Systems: Design Challenges

Optimizing Enterprise Network Bandwidth For Security Applications. Improving Performance Using Antaira s Management Features

Introduction to MPIO, MCS, Trunking, and LACP

Industrie 4.0 The path from research to practice Unrestricted Siemens AG All rights reserved

Dr. Alexander Walsch IN 2244 Part V WS 2013/14 Technische Universität München

The Problem: Automotive safety recalls, Control Systems Diagnostics, Stability Control, Traction Control, Anti-lock Braking, Adaptive Cruise Control

Simple and error-free startup of the communication cluster. as well as high system stability over long service life are

Tackling the Complexity of Timing-relevant Deployment Decisions in Multicore-based Embedded Automotive Software Systems Rolf Schneider, AUDI AG

Fibre Channel Overview of the Technology. Early History and Fibre Channel Standards Development

Data Center Design for 40/100G

Laboratory Course Industrial Automation. Experiment Nr. 6. Introduction to the FlexRay bus system. Brief User Guide IAS Demonstrator Go-Cart

Product Information Services for Embedded Software

Mentor Embedded Automotive Solutions

EVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications

524 Computer Networks

10G CWDM Conversion Technology

What s New in Mike Bailey LabVIEW Technical Evangelist. uk.ni.com

Consulting, Engineering & Managed Service Provider

SAN Conceptual and Design Basics

Setting Up the ZigBee Ethernet Gateway

OBD ll Vehicle Communications. OBD2training.com

imc BUSDAQ autonomous intelligent synchronized Field bus data acquisition - from stationary to mobile imc productive testing

SMB Direct for SQL Server and Private Cloud

DATA COMMUNICATION BETWEEN PROGRAMMABLE LOGIC CONTROLLERS IN THE INDUSTRIAL DISTRIBUTION APPLICATIONS

LIN (Local Interconnect Network):

Maximizing Server Storage Performance with PCI Express and Serial Attached SCSI. Article for InfoStor November 2003 Paul Griffith Adaptec, Inc.

AMP NETCONNECT Data Center Cabling Solutions

Storage Area Network

The demonstration will be performed in the INTA high speed ring to emulate highway geometry and driving conditions.

ARM mbed IoT Device Platform. November 3 rd, 2014

Introduction to Electronic Signals

KNX IP only A New Class of KNX Devices. WEINZIERL ENGINEERING GmbH. Dr.-Ing. Th. Weinzierl D Tyrlaching

ProSyst Software AG. for a smarter world. EuroCargo 2004 Joachim Ritter. Technical Consultant, ProSyst Software

Automotive Software Engineering at Hella KGaA. Software Engineering for Software Intensive Systems,

Smart ecar in its Infrastructure smart Traffic and smart Grid

Industrial Requirements for a Converged Network

Energy Storage System Performance Testing

Neue Fahrzeugkonzepte erfordern einen ganzheitlichen Ansatz in der Integrationsstrategie

Common platform for automated trucks and construction equipment

Embedding Trust into Cars Secure Software Delivery and Installation

Transcription:

TUM, Jan 2014 RACE ECAR Dr. Ludger Fiege, Siemens AG Siemens AG 2014. All rights reserved

Three independent development paths leading to the Smart ecar Function development ADAS* vertically integrated *Advanced Driver Assistant Systems ADAS horizontally integrated with strategy level Zero Accidents with intervening decision RACE platform development Smart ecar autonomous driving Photo: Nissan Electro mechanical integration E-Motor Brake Damping Steering New ergonomic concepts through mechatronic integr. Seite 1 Jan 2014 L. Fiege, Siemens AG

Robust and reliable Automotive Computing Environment for future ecars

Agenda Motivation RACE setup System Overview RACE Runtime Environment Seite 3 Jan 2014 L. Fiege, Siemens AG

Project RACE Robust and reliant Automotive Computing Environment for future ecars Funded by BMWi Project time: January 2012 December 2014 http://www. Project based on study Mehr Software (im) Wagen http://www.fortiss.org/ikt2030 gefördert durch: Seite 4 Jan 2014 L. Fiege, Siemens AG

To discover the full potential of electric vehicles a new E/E architecture is mandatory Symbolic pictures Lane Keeping Combi Tire guard Display ACC Navigation HVAC Radio Immobilizer AutoPark Access Doors/Roof MP3 / Phone Acc. Pedal Brake Pedal Steering Wheel ipad Passive safety Hybrid Controller Energy Mgmt. Sys. Transmission Brake ABS ESP Power Steering Suspension DC / DC WU WU WU WU Get rid of position oriented partitioning Well defined information flow Hierarchical decision making Less controller Likely less copper Less different connector Lane Detection sensor Distance sensor US sensors E-horizon data base Information Presentation (ergonomy) Situation Recognition (sensor fusion) Driver s Decisions Steering Wheel Pedal Smart sensors Pedal Strategy Generation Cinematic Execution Level BMS with cells AC / DC Inverter with E-Motor (1-,2- or 4-times) Brake Actuator Power Steering Actuator Suspension Actuator DC / DC Gear Box Smart actuators Seite 5 Jan 2014 L. Fiege, Siemens AG

RACE Platform Idea Main Project objectives: Aim 1: Reduction of complexity of ICT-Architecture by homogeneous and open basis platform Aim 2: Support if new complex functional vehicle features Aim 3: Plug & Play capability of ICT-Architecture Aim 4: Ability to certify the ICT-Architecture Aim 5: Show an migration path to the new architecture Main Principles: Centralized ICT-Architecture Central-Platform-Computer, mixed critical features Data-centric approach: All data about Sensors and Actuators is accessible everywhere Communication Switched Ethernet Publish/Subscribe communication pattern Fail-Operational vehicle features HM I Seite 6 Jan 2014 L. Fiege, Siemens AG

Agenda Motivation RACE setup System Overview RACE Runtime Environment Safety Aspects Outlook Seite 7 Jan 2014 L. Fiege, Siemens AG

Ethernet-based redundant communication as data backbone Sensor / Actuator connector Drivetrain Energy source Sensor / Actuator connector Vehicle Control Computer 1 Vehicle Control Computer 2 Entertainment Sensor / Actuator connector Gateway Sensor / Actuator connector Electric steering Electric braking Seite 8 Jan 2014 L. Fiege, Siemens AG

Realization of the Multipath Network Parallel redundant bus: Shared medium on each bus Two physically independent busses - High cabling effort - Slightly of specification failures possible Switched Ethernet alternative 1: redundant star architecture (AFDX) - High cabling effort + Physically independent disjoint paths Switched Ethernet alternative 2: ring topology (industry automation) + Disjoint paths + Low cabling effort - Physical independence of paths is lost additional effort Seite 9 Jan 2014 L. Fiege, Siemens AG

Ringtopologie Vorteile: unabhängige Pfade (Ringrichtungen links und rechts) keine gemeinsamen Geräte unabhängige Punkt zu Punkt Verbindungen (Switched Ethernet) Trennung auf logischer Ebene Mixed Criticality möglich vermeidet doppelte Verkabelung ermöglicht Vermaschung Nachteile Ringschluss Energieversorgung muss explizit berücksichtigt werden Babbling Idiot Szenario komplizierter Exotische Ethernetvariante Jeweils ein kurzer und ein langer Weg A B Seite 10 Jan 2014 L. Fiege, Siemens AG

Fail-tolerant architecture: N-Duplex core idea: pair of compute nodes monitor each other sensors and actuators don t need system know-how & are independent of scalability of platform core N-Duplex Platform: duplex unit guarantee integrity duo duplex fail-operational availability N-duplex scalability w.r.t. availability, mission time, performance Sender Compute node CPU lane a voting Eth-Sw CPU lane b voting Eth-Sw Receiver Compute node CPU CPU lane a lane b voting lane voting b Eth-Sw Eth-Sw Compute node: CPU, RAM plus communication-hw Seite 11 Jan 2014 L. Fiege, Siemens AG

Snapshot! Consistent Communication in the Platform DCC 1 DCC 2 DCC 3 CPU lane a CPU lane b CPU lane a CPU lane b CPU lane a CPU lane b voting lane voting b voting lane voting b monitoring monitoring Ethernet Switch Ethernet Switch Ethernet Switch coding a / coding b cwd/acwd direction Seite 12 Jan 2014 L. Fiege, Siemens AG

Agenda Motivation RACE setup System Overview RACE Runtime Environment Safety Aspects Outlook Seite 13 Jan 2014 L. Fiege, Siemens AG

Implementation concept detailing Basic information flow Perceive Analyze Act Act Data capture Data Fusion Function processing Arbitration Output Function Function Function Sensor raw data Vehicle Data Model Actuator Data Seite 14 Jan 2014 L. Fiege, Siemens AG

Simplex application development App App applications developed for single channel deployment without dealing with redundancy CPU lane a CPU lane b OS / MW function compare IO detect failures, identify fault containment region unanimously in distributed system Eth-Sw Eth-Sw duplex control computer platform failures detected (masked) in platform offers correct RTE Seite 16 Jan 2014 L. Fiege, Siemens AG

RTE: Data flow Sensor physical sensing. + processing DCC App Actuator Actuator control Signal data flow Fusion Arbitrierung RTE data flow Data Monitoring Data Demux Data Monitoring IO Management IO Management IO Management IO Management RACE Ethernet Seite 17 Jan 2014 L. Fiege, Siemens AG

Data-oriented communication Sensor physical sensing. + processing DCC App Actuator Actuator control Signal data flow Fusion Arbitrierung Security Check / Audit RTE data flow Data Monitoring Data Demux DB Data Monitoring Testserver IO Management IO Management IO Management RACE Ethernet Seite 18 Jan 2014 L. Fiege, Siemens AG

cyclic execution 10ms cyclic execution local control loop local control loop 10ms cyclic read / write long-running, event-triggered Seite 19 Jan 2014 L. Fiege, Siemens AG not considered here

Partitioning in RACE separate applications from each other and RTE Partition Services (Muxa, Montitoring, ) Error handling RTE DB Applications Applications I/O Mgmt. RTE Adaptor RTE Adaptor RTE Adaptor PSSW CAN Ethernet File I/O Bootloader PikeOS (Separation Kernel) PSP Hardware Seite 20 Jan 2014 L. Fiege, Siemens AG

Time Partitioning using PikeOS scheduling (ARINC 653 + priority based) I/O Mgmt. A1 A2 A3 A5 PAF RTE DB Local Scheduler RTE Scheduler RTE Adaptor RTE Adaptor RTE Adaptor Time Partition1 TP2 TP3 TP4 TP3 TP N high priority fault handling tasks best effort background tasks long running background tasks are always active Seite 21 Jan 2014 L. Fiege, Siemens AG

inter partition communication (RTE App) RTE Partition Services (Muxa, Montitoring, ) Error handlng DB Anwendungen I/O Mgmt. RTE Adaptor shared mem separated shared mem segment for each partition facilitates: access control, auditability Seite 22 Jan 2014 L. Fiege, Siemens AG

Agenda Motivation RACE setup System Overview RACE Runtime Environment Safety Aspects Outlook Seite 23 Jan 2014 L. Fiege, Siemens AG

Application of the ISO within RACE Probability hazard & risk (H&R) assessment Acc. To TÜV SGS - documents Severity ASIL A yes no development acc. to standardprocess additional risk-reduction measures have to be applied measures to avoid systematic faults measures to manage systematic and probabilitsic faults safety-management and supporting processes technical measures (functionality, system, subsystem, hw, sw) Seite 24 Jan 2014 L. Fiege, Siemens AG

Application of the ISO within RACE Acc. To TÜV SGS - documents Probability hazard & risk (H&R) assessment Severity ASIL A ye s n o Adressed in RACE development acc. to standardprocess additional risk-reduction measures have to be applied measures to avoid systematic faults measures to manage systematic and probabilistic faults safety-management and supporting processes technical measures (functionality, system, subsystem, hw, sw) Seite 25 Jan 2014 L. Fiege, Siemens AG

Example New ICT as safety-element out of context (SEooC) Assumed requirements on central platform: Req.: Execute any driver assistance functionality up to automated driving Relation to SEooC (ISO 26262-10, Figure 17) Assumed requirements SEooC requirements Assumptions on design external to SEooC SEooC design RunTime Environment to manage execution of vehicle functions Central Platform Computer communication network Failure ooc Scenario E C S ASIL Safe state Fault-tolerance time (loss / invalid) Uncontrolled command-output (incl. no output) Highway E4 C3 S3 D None 50ms / 10ms Secondary road D None 50ms / 10ms Country road D None 50ms / 10ms Seite 26 Jan 2014 L. Fiege, Siemens AG

Agenda Motivation RACE setup System Overview RACE Runtime Environment Safety Aspects Outlook Seite 27 Jan 2014 L. Fiege, Siemens AG

The vision of the future ICT system platform The future ICT system platform facilitates fully automated driving and dynamic extensibility in field. The concept is based on an enlarged modularisation *) concept that leads to less endto-end interface complexity. RACE project AutoSAR + Vehicle Controlcomputers Generic safety up to fail-operational + + Plug & Play = future ICT system platform *) to further reduce the dependancy from automotive functions to HW, topology, communication links but also to SW-functionality ensuring non-functional qualities. Seite 28 Jan 2014 L. Fiege, Siemens AG

the road ahead not mentioned, but part of the project network protocols and Ethernet AVB Gen2 prototype ECU board design and low-level drivers test framework automotive functions R&D topics not addressed currently sensor fusion (how to boil data down) scale IO and processing bandwith car2x BYOD Join and make it happen! Seite 29 Jan 2014 L. Fiege, Siemens AG

Questions? Ludger Fiege ludger.fiege@siemens.com Seite 30 Jan 2014 L. Fiege, Siemens AG