matt schroeder · 2018. 1. 18. · matt schroeder executive director, vehicle systems 7th autosar...
TRANSCRIPT
Matt SchroederExecutive Director, Vehicle Systems7th AUTOSAR Open Conference
Introduce new organization within General Motors focused on Vehicle Systems Engineering
The complexity of future E/E Systems drives the need for a holistic approach to vehicle design by OEMs
Look for AUTOSAR Development Cooperation to continue to meet the challenges of
• Managing the E/E complexity
• Integrating new technologies
Keynote Address: 7th AUTOSAR Open Conference
A new organization has been created at General Motors - Global Product Integrity, or GPI.
This team is accountable for system integration and oversight across the Vehicle and Powertrain functions to ensure delivery of award-winning vehicles with consistent safety and compliance performance.
Within GPI,
• The Global Vehicle Safety Organization was strengthened by establishing single point accountability.
• The Systems Engineering organization was created to increase focus on systems interactions.
Global Product Integrity Organization
Methodology: Systems Thinking
Global Product IntegritySystems Engineering
Vehicle–Level Requirements
Component & Subsystems
Vehicle EnvironmentDrive
Subsystem 2
Subsystem 3
Subsystem 1
System
Subsystem 4
Component1
Component3
Subsystem
Component2
GM believes that robust system engineering is foundational for execution of sophisticated, complex distributed control systems
• These are the dominant systems of the future – active safety, semi-autonomous, ….
• Functional safety requirements also drive the need for robust tools, process for system engineering
Importance of System engineering
Systems Engineering -> Features
C
C
C
C
C
C
C
C
C
C
C
C
C
C
C
SE Domains
SSTS
CTS
SSSub-System
FFeature
CComponent
FTS
SpecificationEntity
SSTS
SSTS
SSTS
CTSCTS
SSTSSDomain System STS
Feature Technical Specification
• Feature Functions
• Requirements for Feature
• Allocation of Feature to Domain Systems
System Technical Specification
• Allocation of Feature Requirements to SMT
¶ Subsystem
¶ Component where Subsystem does not exist
F
F
F
F
F
FTS
FTS
FTS
FTS
S
S
SSTS
STS
STS
FTS
S
S
STS
STS
OEM f
Exchangeabilitybetween suppliers’solutions
Exchangeabilitybetween vehicle platforms
Exchangeabilitybetween manufacturers’applications
Platform d.nPlatform d.2Platform d.1
Platform e.nPlatform e.2Platform e.1
Platform f.nPlatform f.2Platform f.1
Platform c.nPlatform c.2Platform c.1
Platform a.nPlatform a.2Platform a.1
OEM e
OEM a
Platform b.nPlatform b.2Platform b.1
OEM b
OEM d
OEM c
AUTOSAR Vision Supports GM’s Goals!
AUTOSAR aims to improve complexity management of integrated E/E architectures
through increased reuse and exchangeability of SW modules between OEMs and suppliers.
Supplier A
Chassis
Safety
Body/Comfort
Supplier B
Chassis
Safety
Telematics
Supplier C
Body/Comfort
Powertrain
Telematics
2013-087 AUTOSAR Guided Tour (Part 1)
Motivation and Principles
GM Current Position on AUTOSAR
AUTOSAR 4.x forms the cornerstone of our next global Electrical Architecture
We know that AUTOSAR can form the foundation of automotive systems that deliver the features our customers want – with high quality
We have a long (20 year) experience with internally developed SW and the importance of strong architectures, process and tools for robust system development
Complexity of GM Software Landscape
Safety SystemsSafety Systems
Systems (Communication,
Safety, Security, V2V, etc.)
• Due to our scale and global reach, we need to have a comprehensive solution across our internally/ externally developed software space.
• Stable, standardized interfaces to BSW (integrations with non- AUTOSAR systems) are key
Standardized Interactions
Deeply Embedded
GM Developed Application Software
(GM BSW)
GM Developed Application Software
(AUTOSAR BSW)
Externally Developed Application Software
(AUTOSAR BSW)
Lightly Embedded
GM Developed Application Software
(Infotainment-based BSW)
Externally Developed Application Software
(Infotainment-based BSW)
Challenges for the Auto IndustryDramatically increasing functional requirements – active safety, new fuel consumption / GreenHouseGas regulation –while maintaining an excellent value for our customers
Increased expectations for functional safety of embedded systems.
Potential ‘threats’ from hackers leading to new demands for cybersecurity
Speed of new feature deployment to customers accustomed to consumer electronics industry product cycle times
System Safety
Cybersecurity
Ethernet and Diagnostics
Automated Driving
Connected Vehicles
GM’s Priorities - Required Support from AUTOSAR
Upon definition, each feature will be examined for its influence on System Safety. If the feature contains safety hazards, a formal “System Safety Case” become part of the systems engineering deliverables for that feature
Feature Definition
System Definition
System Design
(Subsystem, Component)
Implemented System
Validated System
Concept Phase
Requirements Phase
Design Phase
Implementation Phase
Validation PhaseCalibrated System
Safety Confirmation
Safety Confirmation
Safety Confirmation
Safety Requirements
PHA, SEFA, SSC
Concept
System DFMEA
Design
Implementation
Systems Engineering System Safety
System Approved for Production
Fe
ed
ba
ck lo
op
Form
al
Co
mb
ine
d P
ee
r R
evi
ews
For
Ea
ch P
ha
se
SMT
System Engineering
Systems Engineering provides a framework to allow for the secure end to end design, development and testing of connected and critical vehicle systems.
Architecture Definition
Subsystem Definition
System Design
(Subsystem, Component)
Implemented System
Validated System
Architecture Threat
Modeling
Subsystem Threat Modeling
Component Security
Assessment
Component Security Testing
Cybersecurity TestingSecured End-to-End System
Cybersecurity Component Requirements
Component Security Testing Feedback
Cybersecurity Testing Feedback
Cybersecurity Subsystem Requirements
Cybersecurity Architecture Requirements
Architecture Concept
Subsystem Concept
Design
Implementation
Systems Engineering Cybersecurity
System Approved for Production
Fe
ed
ba
ck lo
op
Component Teams
Systems Engineering
Cybersecurity
Current State of the Industry• Typical subnets still designed around CAN or CAN-FD bandwidth capacity• Ethernet is of interest for specific applications requiring high capacity, high
speed, time sensitive networks (High End Infotainment and Active Safety)• Legacy “point-to-point” diagnostic strategies with off-board test tools• Vehicle Flash Programming data sizes measured in Megabytes
Ethernet - Future of Automotive Electrical Architecture?• Significant number of applications requiring high bandwidth, time sensitive,
and most importantly - secure networks• Flat, self-healing architectures with significant shared data and redundancy• “Big data” in the vehicle with multiple test tools and continuous monitoring• Vehicle Flash Programming data sizes measured in Gigabytes
Future Needs in Ethernet and Diagnostics
Defining standardized interfaces with non- AUTOSAR systems, AUTOSAR enables GM to stay focused on our system-engineering based approach
Maintaining AUTOSAR as a relevant, vital global standard is in the best interest of the global automotive industry
Finding ways to accelerate the pace of new technology introduction while preserving the stability of the standard
Key Challenges for AUTOSAR