Presentation is loading. Please wait.

Presentation is loading. Please wait.

RECOMP is made possible by funding from the ARTEMIS Joint Undertaking. Claus Stellwag (Elektrobit), Thorsten Rosenthal (Delphi), Swapnil Gandhi (Delphi)

Published byMichelle Pauley Modified over 10 years ago

Similar presentations

Presentation on theme: "RECOMP is made possible by funding from the ARTEMIS Joint Undertaking. Claus Stellwag (Elektrobit), Thorsten Rosenthal (Delphi), Swapnil Gandhi (Delphi)"— Presentation transcript:

1 RECOMP is made possible by funding from the ARTEMIS Joint Undertaking. Claus Stellwag (Elektrobit), Thorsten Rosenthal (Delphi), Swapnil Gandhi (Delphi) March 2013 – WICERT

2 Goal: Reduce costs of mixed-critical systems 3/22/2013 2

3 Source: http://www.recomp.eu/meridian/downloads/Meridian_Datasheet.pdf Hardware: Meridian Board Development board for the Trusted Computing Platform Supports all relevant bus systems (CAN, FlexRay, SPI, Ethernet) Lot of I/O pins Contains Multicore AURIX controller in FPGA External SRAM as flash emulation Debugging via JTEG or USB 3/22/2013 3

4 Source: http://www.infineon.com/dgdl/TriCore_Family-br-2013.pdf?folderId=db3a304412b407950112b409ae660342&fileId=db3a30431f848401011fc664882a7648 MCU Architecture: AURIX TC27x Note: Used FPGA based board has only 2 instead of 3 cores 3/22/2013 4

5 AUTOSAR Overview AUTOSAR = Basic Software + Methodology + Application Interfaces AUTOSAR R4.0 building blocks: Applications (SoftWare Components - SWC) OS Run-Time Environment (RTE) Basic SoftWare (BSW): System Services (e.g. Ecu Manager, Watchdog Manager) (Non-volatile-)Memory stack Communication stack Diagnostic modules Microcontroller abstraction layer (MCAL) Complex Device Drivers (CDD) 3/22/2013 5

6 MCU Core0 Core1 OS BSW RTE SWC AUTOSAR R4.0 + Multicore +Safety SWC CDD ASIL SW QM SW 3/22/2013 6

7 RECOMP: Automotive Cluster 3/22/2013 7

8 Delphi ASIL D Application: ESCL (Electrical Steering Column Lock) M 3/22/2013 8

9 ESCL: Safety Goals ESCL Risks Risk 1: Unintended locking while vehicle is in motion  ASIL D Risk 2: Moving from rest with locked ESCL  ASIL B ESCL safety goals Risk 1  Goal 1: Unintended locking while vehicle is in motion shall be prevented Risk 2  Goal 2: Starting and rolling of vehicle with locked ESCL shall be prevented ESCL Safe states Safe State 1 (for safety goal 1) ESCL is unlocked, not power supplied and locking functions is deactivated Safe State 2 (for safety goal 2) No engine start in case the SCL was not successfully unlocked Abort of start sequence / shut off of engine if ESCL power supply was not switched off after engine was started 3/22/2013 9

10 Building Blocks of ESCL ESCL Module 1: Power supply for ESCL if locking conditions fulfilled ESCL Module 2: Locking command to ESCL if locking conditions fulfilled Power Mode Manager (PMM): Takes care about power- off, sleep and other power related topics Driver Info: Supports info to driver of vehicle Other QM components 3/22/2013 10

11 MCU RTE Core0 OS Core1 ASIL SW QM SW BSW RTE ESCL2 PMMESCL1 Driver Info OS Approach 1 : Cross Monitoring C2C BSW 3/22/2013 11

12 MCU Core0 Core1 ASIL SW QM SW ESCL2 PMM ESCL1 Driver Info Approach 2: AUTOSAR MultiCore BSW OS RTE 3/22/2013 12

13 MCU RTE Core0 OS Core1 ASIL SW QM SW BSW RTE OS Approach 3 : Isolated ESCL ESCL2 PMM ESCL1 Driver Info SWC BSW C2C 3/22/2013 13

14 Details of Implementation Each core run its own application (with a separate ELF image). There is no hard reference between the SW This allows SW updates on the core running the legacy / QM parts without impact on the ASIL cores The hardware supports the approach by dedicated core local memory de-central access control to shared peripherals Core2Core Communication (C2C) allows exchange of data between cores. Special care has been taken that the C2C does not impact safety part (e.g. lock-free mechanism for communication buffers) 3/22/2013 14

15 Summary: Pros & Cons Pro Clear isolation simplifies design (safety is concentrated on dedicated core(s) – freedom from interference can be easier shown) Divide and conquer principle eases handling of growing complexity Legacy code needs less adoption (constraints from single core are preserved) Less interaction between cores; No additional SW layers needed  better utilization of existing multicore performance Contra Requires more memory Requires specific hardware features of the microcontroller 3/22/2013 15

16 Questions ? 3/22/2013 16

17 Backup 3/22/2013 17

18 ISO 26262 lifecycle and RECOMP activities 3/22/2013 18

19 RECOMP Demonstrator Comparison of a ESCL system before and after RECOMP Before RECOMP After RECOMP ….is it still “ safe” for the end user? Yes, it´s technical feasible, but…… Development according the ISO 26262 automotive Standard must be applied Starti ng point 3/22/2013 19

Download ppt "RECOMP is made possible by funding from the ARTEMIS Joint Undertaking. Claus Stellwag (Elektrobit), Thorsten Rosenthal (Delphi), Swapnil Gandhi (Delphi)"

Similar presentations

Automotive Embedded System Development in AUTOSAR

Automotive Embedded System Development in AUTOSAR
COMPUTERS: TOOLS FOR AN INFORMATION AGE Chapter 3 Operating Systems.

COMPUTERS: TOOLS FOR AN INFORMATION AGE Chapter 3 Operating Systems.
Nios Multi Processor Ethernet Embedded Platform Final Presentation

Nios Multi Processor Ethernet Embedded Platform Final Presentation
(Systems Analysis INTerface Board)

(Systems Analysis INTerface Board)
Hao wang and Jyh-Charn (Steve) Liu

Hao wang and Jyh-Charn (Steve) Liu
Mafijul Islam, PhD Software Systems, Electrical and Embedded Systems Advanced Technology & Research Research Issues in Computing Systems: An Automotive.

Mafijul Islam, PhD Software Systems, Electrical and Embedded Systems Advanced Technology & Research Research Issues in Computing Systems: An Automotive.
Using MapuSoft Instead of OS Vendor’s Simulators.

Using MapuSoft Instead of OS Vendor’s Simulators.
Sundanc e High-tech DSP solutions. Giving you the freedom to design Multiprocessor Technology Ltd SOFTWARE UTILITY TOOLS.

Sundanc e High-tech DSP solutions. Giving you the freedom to design Multiprocessor Technology Ltd SOFTWARE UTILITY TOOLS.
Operating Systems Manage system resources –CPU scheduling –Process management –Memory management –Input/Output device management –Storage device management.

Operating Systems Manage system resources –CPU scheduling –Process management –Memory management –Input/Output device management –Storage device management.
Where Do the 7 layers “fit”? 1 2 3 4 5 6 7 Or, where is the dividing line between hdw & s/w? ? ?

Where Do the 7 layers “fit”? Or, where is the dividing line between hdw & s/w? ? ?
Operating Systems High Level View Chapter 1,2. Who is the User? End Users Application Programmers System Programmers Administrators.

Operating Systems High Level View Chapter 1,2. Who is the User? End Users Application Programmers System Programmers Administrators.
Networked HVAC Controller Bradley University Department of Electrical & Computer Engineering By: Ed Siok Advisor: Dr. Malinowski.

Networked HVAC Controller Bradley University Department of Electrical & Computer Engineering By: Ed Siok Advisor: Dr. Malinowski.
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.

1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
Chapter 13 Embedded Systems

Chapter 13 Embedded Systems
INTEGRATION OF EPICS ASYN INTO NON EPICS ENVIRONMENT PRERANA KANKIYA Brookhaven National Laboratory, New York EPICS COLLABORATION MEETING, 2014.

INTEGRATION OF EPICS ASYN INTO NON EPICS ENVIRONMENT PRERANA KANKIYA Brookhaven National Laboratory, New York EPICS COLLABORATION MEETING, 2014.
Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.

Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.
Using FPGAs with Embedded Processors for Complete Hardware and Software Systems Jonah Weber May 2, 2006.

Using FPGAs with Embedded Processors for Complete Hardware and Software Systems Jonah Weber May 2, 2006.
Professor Michael J. Losacco CIS 1150 – Introduction to Computer Information Systems System Software Chapter 4.

Professor Michael J. Losacco CIS 1150 – Introduction to Computer Information Systems System Software Chapter 4.
Microcontroller: Introduction

Microcontroller: Introduction
Fundamental of Microcontrollers

Fundamental of Microcontrollers

Similar presentations

Ads by Google