Matt SchroederExecutive Director, Vehicle Systems7th AUTOSAR Open Conference

Introduce new organization within General Motors focused on Vehicle Systems Engineering

The complexity of future E/E Systems drives the need for a holistic approach to vehicle design by OEMs

Look for AUTOSAR Development Cooperation to continue to meet the challenges of

• Managing the E/E complexity

• Integrating new technologies

Keynote Address: 7th AUTOSAR Open Conference

A new organization has been created at General Motors - Global Product Integrity, or GPI.

This team is accountable for system integration and oversight across the Vehicle and Powertrain functions to ensure delivery of award-winning vehicles with consistent safety and compliance performance.

Within GPI,

• The Global Vehicle Safety Organization was strengthened by establishing single point accountability.

• The Systems Engineering organization was created to increase focus on systems interactions.

Global Product Integrity Organization

Methodology: Systems Thinking

Global Product IntegritySystems Engineering

Vehicle–Level Requirements

Component & Subsystems

Vehicle EnvironmentDrive

Subsystem 2

Subsystem 3

Subsystem 1

System

Subsystem 4

Component1

Component3

Subsystem

Component2

GM believes that robust system engineering is foundational for execution of sophisticated, complex distributed control systems

• These are the dominant systems of the future – active safety, semi-autonomous, ….

• Functional safety requirements also drive the need for robust tools, process for system engineering

Importance of System engineering

Systems Engineering -> Features

C

C

C

C

C

C

C

C

C

C

C

C

C

C

C

SE Domains

SSTS

CTS

SSSub-System

FFeature

CComponent

FTS

SpecificationEntity

SSTS

SSTS

SSTS

CTSCTS

SSTSSDomain System STS

Feature Technical Specification

• Feature Functions

• Requirements for Feature

• Allocation of Feature to Domain Systems

System Technical Specification

• Allocation of Feature Requirements to SMT

¶ Subsystem

¶ Component where Subsystem does not exist

F

F

F

F

F

FTS

FTS

FTS

FTS

S

S

SSTS

STS

STS

FTS

S

S

STS

STS

OEM f

Exchangeabilitybetween suppliers’solutions

Exchangeabilitybetween vehicle platforms

Exchangeabilitybetween manufacturers’applications

Platform d.nPlatform d.2Platform d.1

Platform e.nPlatform e.2Platform e.1

Platform f.nPlatform f.2Platform f.1

Platform c.nPlatform c.2Platform c.1

Platform a.nPlatform a.2Platform a.1

OEM e

OEM a

Platform b.nPlatform b.2Platform b.1

OEM b

OEM d

OEM c

AUTOSAR Vision Supports GM’s Goals!

AUTOSAR aims to improve complexity management of integrated E/E architectures

through increased reuse and exchangeability of SW modules between OEMs and suppliers.

Supplier A

Chassis

Safety

Body/Comfort

Supplier B

Chassis

Safety

Telematics

Supplier C

Body/Comfort

Powertrain

Telematics

2013-087 AUTOSAR Guided Tour (Part 1)

Motivation and Principles

GM Current Position on AUTOSAR

AUTOSAR 4.x forms the cornerstone of our next global Electrical Architecture

We know that AUTOSAR can form the foundation of automotive systems that deliver the features our customers want – with high quality

We have a long (20 year) experience with internally developed SW and the importance of strong architectures, process and tools for robust system development

Complexity of GM Software Landscape

Safety SystemsSafety Systems

Systems (Communication,

Safety, Security, V2V, etc.)

• Due to our scale and global reach, we need to have a comprehensive solution across our internally/ externally developed software space.

• Stable, standardized interfaces to BSW (integrations with non- AUTOSAR systems) are key

Standardized Interactions

Deeply Embedded

GM Developed Application Software

(GM BSW)

GM Developed Application Software

(AUTOSAR BSW)

Externally Developed Application Software

(AUTOSAR BSW)

Lightly Embedded

GM Developed Application Software

(Infotainment-based BSW)

Externally Developed Application Software

(Infotainment-based BSW)

Challenges for the Auto IndustryDramatically increasing functional requirements – active safety, new fuel consumption / GreenHouseGas regulation –while maintaining an excellent value for our customers

Increased expectations for functional safety of embedded systems.

Potential ‘threats’ from hackers leading to new demands for cybersecurity

Speed of new feature deployment to customers accustomed to consumer electronics industry product cycle times

System Safety

Cybersecurity

Ethernet and Diagnostics

Automated Driving

Connected Vehicles

GM’s Priorities - Required Support from AUTOSAR

Upon definition, each feature will be examined for its influence on System Safety. If the feature contains safety hazards, a formal “System Safety Case” become part of the systems engineering deliverables for that feature

Feature Definition

System Definition

System Design

(Subsystem, Component)

Implemented System

Validated System

Concept Phase

Requirements Phase

Design Phase

Implementation Phase

Validation PhaseCalibrated System

Safety Confirmation

Safety Confirmation

Safety Confirmation

Safety Requirements

PHA, SEFA, SSC

Concept

System DFMEA

Design

Implementation

Systems Engineering System Safety

System Approved for Production

Fe

ed

ba

ck lo

op

Form

al

Co

mb

ine

d P

ee

r R

evi

ews

For

Ea

ch P

ha

se

SMT

System Engineering

Systems Engineering provides a framework to allow for the secure end to end design, development and testing of connected and critical vehicle systems.

Architecture Definition

Subsystem Definition

System Design

(Subsystem, Component)

Implemented System

Validated System

Architecture Threat

Modeling

Subsystem Threat Modeling

Component Security

Assessment

Component Security Testing

Cybersecurity TestingSecured End-to-End System

Cybersecurity Component Requirements

Component Security Testing Feedback

Cybersecurity Testing Feedback

Cybersecurity Subsystem Requirements

Cybersecurity Architecture Requirements

Architecture Concept

Subsystem Concept

Design

Implementation

Systems Engineering Cybersecurity

System Approved for Production

Fe

ed

ba

ck lo

op

Component Teams

Systems Engineering

Cybersecurity

Current State of the Industry• Typical subnets still designed around CAN or CAN-FD bandwidth capacity• Ethernet is of interest for specific applications requiring high capacity, high

speed, time sensitive networks (High End Infotainment and Active Safety)• Legacy “point-to-point” diagnostic strategies with off-board test tools• Vehicle Flash Programming data sizes measured in Megabytes

Ethernet - Future of Automotive Electrical Architecture?• Significant number of applications requiring high bandwidth, time sensitive,

and most importantly - secure networks• Flat, self-healing architectures with significant shared data and redundancy• “Big data” in the vehicle with multiple test tools and continuous monitoring• Vehicle Flash Programming data sizes measured in Gigabytes

Future Needs in Ethernet and Diagnostics

Defining standardized interfaces with non- AUTOSAR systems, AUTOSAR enables GM to stay focused on our system-engineering based approach

Maintaining AUTOSAR as a relevant, vital global standard is in the best interest of the global automotive industry

Finding ways to accelerate the pace of new technology introduction while preserving the stability of the standard

Key Challenges for AUTOSAR