August 24: Novi, MI
2:00 – 2:10 pm | Vivek Jaikamal, Director of Engineering, ETAS Inc. | Welcome
2:10 – 2:40 pm | Oliver Korasiak, Senior Manager, Embedded Software Services, ETAS Inc. | AUTOSAR-compatible hypervisors and their impact on functional safety compliance
Although AUTOSAR already supports partitioning concepts in the software architecture, these have their limits in terms of functional safety, security as well as IP protection. The technical requirements on new systems such as domain controllers as well as increasingly complex collaboration models are leading to an examination of how partitioning concepts can be extended to support future requirements. This presentation describes the application of hypervisors as an extension of the AUTOSAR methodology. Various use cases are discussed including the optimization of cross organizational and cross company workflows, IP protection, partial updates and improved safety and security. A hypervisor technology is presented that can be applied to deeply embedded microcontrollers as are typically used in realtime automotive control systems. It is discussed how this approach can be used to fill a gap between the current generation of hypervisors and the requirements of real-time control systems and how the technology can be integrated into the AUTOSAR architecture and methodology. The presentation will also discuss how the hypervisor approach can be used to support future AUTOSAR concepts and the adaptive platform approach by integrating instances of POSIX and AUTOSAR based operating systems on one device.
With the movement to connected vehicles, large scale ADAS systems and autonomous vehicles, automotive developers are looking to use complex multi-core processors as domain controllers and vehicle computers to help cope with the huge increase in software content and connectivity. This paper will discuss software technology that will help with the migration of software systems from microcontrollers to microprocessors, with multiple systems running on a single system on chip (SoC), without compromising safety, security and real-time properties that are required for safety-critical automotive systems. The Separation Kernel technology was designed to offer secure isolated domains on a single microprocessor or SoC that cannot see or compromise software running in the other domains, and protects critical software functions either from fault conditions or malicious threats, even though they are running on the same processor. Each domain can host either virtualized guest operating systems or bare-metal applications, allowing developers to carefully configure and host the right real-time environment for each application.
This presentation is divided into two parts: Part I introduces the challenges and solutions for the test of sensor ECUs in Advanced Driver Assistance Systems (ADAS). Due to the interaction of ADAS with a non-deterministic environment, testing becomes highly complex and validation cannot be realized using a single testing approach. Open-loop tests are for well controlled regression tests, closed-loop tests allow for a limitless number of system interactions. The presentation will focus on how these tests can be performed during the different stages of product development (MiL, SiL, HiL) and introduces the techniques for data injection into relevant HW and SW layers of a sensor ECU to expand testing scope options. Part II discusses testing of Battery Management Systems (BMS). A BMS is an electronic control unit that is heavily used in electric and hybrid vehicles. It has to ensure efficient, reliable, and safe control of the battery packs even under the most adverse conditions. Testing BMS on real battery packs is extremely time-consuming and presents many potentially critical safety concerns, especially if packs are driven out of their desired operating states. The presentation will focus on the specific challenges involved with the cell- and signal-level tests of BMS, e.g. testing of active and passive balancing, state-of-charge estimation functions, or isolation faults, and show how these challenges can be overcome with a high precision battery cell simulator.
The demonstration will show how to simultaneously measure and align real-time data generated by ADAS controllers with data from video cameras, and with continuous-time electric signals from other sensors (intro to demonstration following during break).
4:05 – 4:35 pm | Vivek Jaikamal, Director of Engineering, ETAS Inc. | A new approach to managing today’s complex embedded software –Modern ECU software development ecosystem based on Eclipse
Embedded software continues to grow by 20-50% every year depending upon the application domain. Increasing complexity can lead to a rise in defects and cost. Most companies have responded by adopting model-based engineering approaches that facilitate early validation of systems designs, but do not adequately address critical software implementation issues such as defect prevention and removal, safety of the implemented code, hardware abstraction, variant management and complexity management throughout the life cycle. This presentation will show a new paradigm in embedded software design via state-of-the-art Eclipse-based tools and application examples.
Embedded computing faces increasing demands for data communications that strain – and even exceed – the capabilities of traditional automotive network technologies. New applications not only require greater quantities of data, but impose criteria with qualitative differences as well: high-bandwidth communications, synchronized execution, dynamic architectures, data integrity, security, and more. Automotive Ethernet offers an array of technological solutions to address the needs of the complex world of network communications. This presentation will discuss the benefits and challenges of implementing and testing Automotive Ethernet networks.
Vehicles are rapidly increasing their connectedness with the world. While great for entertainment, these connections drastically increase the risk to safety and security. A modern vehicle can now have up to 90 ECU’s controlling everything from braking and seatbelts, to air conditioners and TV screens. It is critical that these systems be secured, not only from malicious attackers, but also to protect intellectual property and validate warrantee conditions. CycurHSM is a hardware based security module that fulfills GM Global B and FCA security requirements for encryption, authentication, and integrity. This talk will explore how vehicle modules communicate, methods of attack, and then an overview of how CycurHSM can defeat those attacks.
Time for questions and networking. Refreshments will be served.