autosar safety solutions for multicore ecus and adas ...€¦ · autosar safety solutions for...
TRANSCRIPT
AUTOSAR Safety Solutions
for Multicore ECUs and
ADAS Systems
Robert Leibinger
5th June 2015
Agenda
© Elektrobit (EB), 2015 2
Architecture requirements for ADAS ECU
Overview of different architecture approaches
Compare and contrast each architecture
Questions & Answers
Agenda
© Elektrobit (EB), 2015 3
Architecture requirements for ADAS ECU
Overview of different architecture approaches
Compare and contrast each architecture
Questions & Answers
AUTOSAR Safety Solutions for Multicore ECUs and ADAS Systems
Architecture requirements for ADAS ECUs
© Elektrobit (EB) 2015 4
Dependability:
Functional Safety (ASIL-D)
Safety Microcontroller
Security, Reliability, Availability, Maintainability
Performance:
Advanced ADAS Algorithms
AUTOSAR SWC
Realtime Requirements
High Performance Multi-Core Microcontroller
Multi-Microcontroller ECUs
Support for hardware acceleration (e.g. OpenCL)
Compatibility:
Software Features
Can, Flexray, Ethernet support
Standard Diagnostic capabilities (e.g. OBD)
Network Management (e.g. Partial Network)
Development Process
Use of standard AUTOSAR formats
e.g. ECU Extract, Diagnostic Extract
?
Agenda
© Elektrobit (EB), 2015 5
Architecture requirements for ADAS ECU
Overview of different architecture approaches
Compare and contrast each architecture
Questions & Answers
AUTOSAR Safety Solutions for Multicore ECUs and ADAS Systems
Overview of different architecture approaches
© Elektrobit (EB) 2015 6
?
Core
1
Core
2
Core
3
Autosar
SW-C
Autosar
SW-CADASADAS
RTERTESafety OS,BSWSafety OS,BSW
Full AUTOSAR
Micro1 Micro2
Autosar
SW-C
Autosar
SW-CADASADAS
RTERTE
Safety OS,BSWSafety OS,BSWLinux/QNX/
AUTOSAR…
Linux/QNX/
AUTOSAR… ComCom
Microcontroller
Partitioning
Core1 Core2 Core3
Autosar
SW-C
Autosar
SW-CADASADAS
RTERTE
Safety OS,BSWSafety OS,BSWLinux/QNX/
AUTOSAR…
Linux/QNX/
AUTOSAR… COMCOM
Core
Partitioning
Core1 Core2 Core3
Autosar
SW-C
Autosar
SW-C
Linux/QNX/…Linux/QNX/…
ADASADAS
RTERTEBSWBSW
Hypervisor
HypervisorHypervisor
AUTOSAR Safety Solutions for Multicore ECUs and ADAS Systems
Full AUTOSAR architecture
© Elektrobit (EB) 2015 7
Core1 Core2 Core3
Autosar
SW-C
Autosar
SW-C
ADAS Application
SW-C
ADAS Application
SW-C
RTERTE
Safety OS,BSWSafety OS,BSW
• Safety Microcontroller
• AUTOSAR Multi-Core Safety OS
• ADAS algorithms as SWC
• Advanced hardware drivers integration as
Complex Device Drivers
‒ e.g. OpenCL, AVB
‒ Proprietary video bus systems
Pro Con
Easy integration into OEM/T1 AUTOSAR
process
Advanced hardware support needs
AUTOSAR complex device drivers
One System High Performance Safety Microcontoller
necessary
AUTOSAR Safety Solutions for Multicore ECUs and ADAS Systems
Full AUTOSAR architecture
© Elektrobit (EB) 2015 8
Core1 Core2 Core3
BSWBSW
SWCSWCSWCSWC SWCSWC
Complex
Device Driver
Complex
Device Driver
ADAS
SWC
ADAS
SWCADAS SWCADAS SWC
Safety OS MulticoreSafety OS Multicore
RTE PartitioningRTE Partitioning
AUTOSAR Safety Solutions for Multicore ECUs and ADAS Systems
Microcontroller partitioning architecture
© Elektrobit (EB) 2015 9
Core 1 Core 1
Autosar
SW-C
Autosar
SW-C
ADAS
Application
ADAS
Application
RTERTE
Safety OS,BSWSafety OS,BSWLinux/QNX/
AUTOSAR…
Linux/QNX/
AUTOSAR… ComCom
• Partitioning in Safety and
Performance Microcontroller
• Separated applications treated as
different ECUs during development
• Private Network for communication
Pro Con
Scalable
(combine two or more Microcontoller)
Additional hardware costs
Suitable Micocontroller already available Need for private communication link
Complex Flashloader and Startup
Safety
Micro
Performance
Micro
AUTOSAR Safety Solutions for Multicore ECUs and ADAS Systems
Core partitioning architecture
© Elektrobit (EB) 2015 10
Performance
Core1
Performance
Core2
Safety Core
Autosar
SW-C
Autosar
SW-C
ApplicationApplication
RTERTE
Safety OS,BSWSafety OS,BSWLinux/QNX/ AUTOSAR…Linux/QNX/ AUTOSAR…
COMCOM
• One Microcontroller with
several performance cores and
one safety core (typically Lockstep)
Pro Con
No need for private network hardware No suitable Microcontroller available
today
Performance and Safety in one Micro
AUTOSAR Safety Solutions for Multicore ECUs and ADAS Systems
Hypervisor architecture
© Elektrobit (EB) 2015 11
Core1 Core2 Core3
Autosar
SW-C
Autosar
SW-C
Linux/QNX/…Linux/QNX/…
ApplicationApplication
RTERTE
BSWBSW
HypervisorHypervisor
Pro Con
Hypervisor as Gateway between different
OS
Limited realtime capabilites
Hypervisor as Security Gateway between
car and cloud
Limited Performance
• Host OS with AUTOSAR guest system
on one Microcontroller
• Hypervisor could be part of Guest OS
Agenda
© Elektrobit (EB), 2015 12
Architecture requirements for ADAS ECU
Overview of different architecture approaches
Compare and contrast each architecture
Questions & Answers
AUTOSAR Safety Solutions for Multicore ECUs and ADAS Systems
Compare and contrast each architecture
© Elektrobit (EB) 2015 13
Core1 Core2 Core3
Autosar
SW-C
Autosar
SW-C
ApplicationApplication
RTERTE
Safety OS,BSWSafety OS,BSWLinux/QNX/
AUTOSAR…
Linux/QNX/
AUTOSAR… COMCOM
Core
Partitioning
Safety & Performance
optimized
Micro1 Micro2
Autosar
SW-C
Autosar
SW-C
Applicat
ion
Applicat
ion
RTERTE
Safety OS,BSWSafety OS,BSWLinux/QNX/
AUTOSAR…
Linux/QNX/
AUTOSAR… ComCom
Microcontroller
Partitioning
Safety & Performance
Core
1
Core
2
Core
3
Autosar
SW-C
Autosar
SW-C
Applicatio
n
SW-C
Applicatio
n
SW-C
RTERTESafety OS,BSWSafety OS,BSW
Full AUTOSAR
Safety or Performance
Software Architectures define next generation Microcontroller Architectures
AUTOSAR is part of each architecture as a common standard for
- Basic Software, Safety and Security in ECUs
- Synchronized development process between OEM and T1
HypervisorHypervisor
Core1 Core2 Core3
Autosar
SW-C
Autosar
SW-C
Linux/QNX/…Linux/QNX/…
ApplicationApplication
RTERTEBSWBSW
Hypervisor
Security Architecture
HypervisorHypervisor
Agenda
© Elektrobit (EB), 2015 14
Architecture requirements for ADAS ECU
Overview of different architecture approaches
Compare and contrast each architecture
Questions & Answers
