Professional Documents
Culture Documents
COMET K2 Forschungsprogramm
eine Förderinitiative
eine Förderinitiative
Gefördert
Gefördert
mit Mitteln
des Bundesministeriums
mit Mitteln
des Bundesministeriums
des FFG,des
des
FFG,
Landes
für Verkehr,
des Landes
Steiermark
für Verkehr,
Innovation
Steiermark
und derund
Innovation
Stadt
und Technologie
derGraz
Stadt
und Technologie
und
Graz
derund
(BMVIT)(BMVIT)
steirischen
der steirischen
Wirtschaftsförderung
Wirtschaftsförderung
(SFG) (SFG)
Eine Förderinitiative des Bundesministeriums für Verkehr, Innovation und Technologie (BMVIT) und dem
Bundesministerium für Wirtschaft und Arbeit BMWA).
PROJECT
Gefördert mit Mitteln der FFG, des Landes Steiermark und der steirischen Wirtschaftsförderung (SFG) PARTNER
Electronics in car
Shareholder:
40%
19%
19%
12%
10%
Vehicles nowadays
Up to a few hundreds of computing
devices per vehicle
Multiple networks per vehicle
Advantage
Safety-critical embedded systems have
been key innovation drivers
E.g. by-wire systems
Disadvantage
Enormous complexity is challenging
industry (automotive, aerospace, rail,
Source: AVL List automation)
Increasing costs
Affected product quality safety-
PAST TODAY FUTURE ? critical
Wide requirements
Low cost for non safety-critical Source: Volkswagen Beetle, 1960
systems (e.g. LIN, CAN)
High bandwidth for infotainment
(e.g. MOST)
Dependability for safety-critical
applications (e.g. FlexRay)
Event-triggered architecture
System activity triggered by an event
Priority based communication (CAN)
ID 1
Communication jitter
Constructive integration
ID 3 Redundancy
ID 5 Architecture flexibility
Bandwidth use (sporadic events)
highest
priority transmission delayed
ID 1 ID 3 ID 5
Time-triggered architecture
Action derived from progression of time
Static, periodic, a-priori known schedule
Global notion of time
ID 5 Communication jitter
ID 3
Constructive integration
Redundancy, Agreement
ID 1 Architecture flexibility
Bandwidth use (sporadic events)
transmission slot
a-priori known
ID 1 ID 3 ID 5
Event-based communication
A communication is triggered for each new event – i.e. major
state change (e.g. temperature increase of +5 degree)
Each event (communication) has to be detected and processed
in the same time order it arrived
Optimal use of the bandwidth
Not robust – lost of message might lead to system
inconsistencies
Status-based communication
Periodic communication for updating system state
(e.g. temperature is currently 55 degree)
Events (communication elements) might be missed or processed
in different time order than reception time
Worse-case use of the bandwidth
Robustness: lost of message only induce additional processing
delays – no system inconsistencies
Cycle
n-1 Cycle n Cycle n+1 Cycle n+2
minislot
Motivation
Wake-up the network and provide initial synchronization
Fault tolerant (network operation relies on start-up)
Fast operation (fault recovery)
Three phases
Wakeup: to wake-up the network (active stars, nodes) if it
is still asleep
Startup: to begin communication (initialize schedule) when
the nodes are awake
Reintegration: to integrate single nodes within a running
cluster
[FIBEX - Field Bus Exchange Format, Version 3.0 ASAM AE, 2008, Fig 10-1]
2010-06-01 TU Wien, HW-SW Co-Design 18
Integration issues within the software architecture
Operating system
Event-triggered Time-triggered
(interrupts driven) (schedule)
Priority based communication Static communication scheme
Event- + Flexibility, average response supported by the application
Communication system
Automotive electronics
Cars are forming complex distributed systems, evolving in harsh
environments; however their reliability requirements increase
Time-triggered architectures aim at improving the system reliability
and support system development and integration
Some challenges
System level: transmission scheme
ECU level: integration within software architecture (control)
Design process: handling of the configuration information
Design process: network technology abstraction for SW functions
Motivation
Method for the system architecture description (ADL: Architecture
Description Language)
Provide traceability of the product
Approach
Template for how engineering information is organized and
represented (UML profile such as SysML, EAST-ADL, AADL)
Include different views such as architecture, requirements, safety
analysis as well as link between these views
IDE
architecture modeling
(AUTOSAR)
2010-06-01 TU Wien, HW-SW Co-Design 27
Safety methods and development process
Safety
Freedom from unacceptable risk
Risk: combination between probability and severity of a failure
COMET K2 Forschungsprogramm
eine Förderinitiative
eine Förderinitiative
Gefördert
Gefördert
mit Mitteln
des Bundesministeriums
mit Mitteln
des Bundesministeriums
des FFG,des
des
FFG,
Landes
für Verkehr,
des Landes
Steiermark
für Verkehr,
Innovation
Steiermark
und derund
Innovation
Stadt
und Technologie
derGraz
Stadt
und Technologie
und
Graz
derund
(BMVIT)(BMVIT)
steirischen
der steirischen
Wirtschaftsförderung
Wirtschaftsförderung
(SFG) (SFG)
Eine Förderinitiative des Bundesministeriums für Verkehr, Innovation und Technologie (BMVIT) und dem
Bundesministerium für Wirtschaft und Arbeit BMWA).
PROJECT
Gefördert mit Mitteln der FFG, des Landes Steiermark und der steirischen Wirtschaftsförderung (SFG) PARTNER
Integration of SW components:
AUTOSAR-like
Ports/Runnables/Server-Client/
Sender-Receiver/…
Function B
(e.g. vibration reduction)
Function C
(e.g. infotainment)
Discrete optimization
Allocation
Scheduling
Priorities
Bus config.
Partners: Magna Powertrain, AUCOTEC
2010-06-01 TU Wien, HW-SW Co-Design 34
TEODACS / ADACS: Methods for advanced analysis and
evaluation of the network
Goal:
Building ecosystem for development environments for safety-critical real-time embedded
systems supporting avionics, automotive, rail, and space.
Lead partners: AVL, Airbus, EADS, see www.cesarproject.eu
2010-06-01 TU Wien, HW-SW Co-Design 37
Interoperability Concept
TCP / IP RTP
ToolNet TCP / IP RTP
ToolNet
TCP / IP RTP
ToolNet TCP / IP RTP
ToolNet
DB Tool DB Tool DB
Adapter Adapter Transformation Model Check Process
Service Service Engine
ModelBus
RTP
Speak from the same things Transformation
Services
Semantic Transformation - map elements
with the same meaning (test cases, software architecture elements…)
Manage links between different elements (e.g. requirements to software
architecture blocks)
Usually mapping of tool elements to meta-model elements provided by
platform
Supported by meta models building an meta model layer scheme
Done by transformation services which are part of the platform
Process definition
Definition of the development stages
EAST-ADL2, ISO 26262, AUTOSAR Requirement
&Specification
(system
Interface definition features)
System validation
SW Qualification
different development tools Abstract
functional
architecture Verification
level and validation
Continuous validation
Integration of requirements
Detailed
System validation at different Design Level
stages (architecture)
Evaluation Implementation
level
Quality of the resulting system AUTOSAR
Output:
Analysis 3
Integration of
Behavior and
Selection of system model
modeling language High-level system Refined, multi-view,
(e.g. EAST-ADL) Definition of
model V1 high-level system
further steps
(Structure, model V2
Output: according to
Dependencies, …) Error Model
Analysis 2 results
Output: (MiL, SiL, PiL
Analysis 1 Multi-view /
cross domain test integration,
Traceability etc.)
check
Consistency
Input Input
checks
Improve quality of
modeling approach
for future projects
….
System Requirements Behavioral model V1 Behavioral model V2
specification
Simulink Simulink t
Lead Project
2010-06-01 TU Wien, HW-SW Co-Design 42
Conclusion
www.v2c2.at
K2 / K plus Competence Center - Initiated by the Federal Ministry of Transport, Innovation and
Technology (BMVIT). Funded by FFG, Land Steiermark and Steirische Wirtschaftsförderung (SFG)