As the automotive industry embraces a new technological shift, advanced functional safety features will be absolutely critical to many aspects of the vehicle. By Tom Conway
From the rapid conversion to electric drives to new driver assistance features, the automotive industry is currently undergoing one of the biggest technological transformations in its history. As cyber innovation accelerates, so does the industry’s rigorous commitment to system-level vehicle safety. Safety is often discussed in the context of the high-profile, high-touch technology required for driverless vehicles, but what is sometimes overlooked is the role and importance of the smaller computing elements prevalent in modern vehicles today.
Functional safety is an essential component for any application implemented within current and future vehicles. The capability detects, diagnoses and mitigates the occurrence of any faults in a wide variety of automotive applications, preventing harm to people and the environment. However, achieving optimal functional safety within the complex computational constraints of low power and low cost in today’s modern vehicles while adopting the new E/E architecture remains an ongoing challenge. This is why the automotive industry requires a broad range of information technologies that meet various power, cost, area, software and functional safety needs, as well as meeting robust external safety standards.
The Big Picture: The Basic Computing Components
As OEMs invest in new vehicle EE architectures, there are three major computing components that require different levels of performance and power. Central high-performance computing for ADAS enables increased driver range and vehicle infotainment functions. Multiple zone controllers act as hubs for power distribution and data connection, as well as supporting various real-time automotive functions. And finally, there are many low-power microcontrollers (MCUs) integrated into electronic control units (ECUs) to support single-function automotive applications, including sensors, actuation, and hardware control.
Security: invisible but critical
The shortage of chips in the automotive industry has revealed how reliant drivers have become on safety features in and around their vehicle. While invisible to the driver, what powers so many of these applications are MCUs, and they are increasingly important to driver and passenger safety. To put the importance of MCUs into perspective, a modern vehicle today might be considered level 2/3 in ADAS functionality and typically requires a minimum of six cameras, five radars and ten ultrasonic sensors. Level 3/4 doubles those figures, and only goes up from there to levels 4 and beyond.
Achieving optimal functional safety within the complex computational constraints of low power and low cost in today’s modern vehicles by adopting the new E/E architecture remains an ongoing challenge
Even low-power single-purpose automotive applications require advanced functional safety capabilities. For example, ultrasonic parking sensors, tire pressure sensors, rain sensors, and LED controllers are all single-function applications in the vehicle that will be better served by low-power MCUs, but still require high levels of safety at because of the critical measurement and actuation that is taking place. This means that any MCU must now adopt functional safety features.
The inclusion of functional safety features in low-power MCUs also speeds time to market for engineering when implementing safety-critical applications. Engineering time and effort can be further reduced by ensuring that all functional safety features are designed to meet safety objectives before being evaluated by external safety certifications, such as ASIL B and ASIL D, for a safety documentation of full support. This robust and rigorous approach minimizes the risk of systematic errors occurring.
The overall goal is to have secure cyber capabilities available throughout the vehicle. This availability will therefore allow for the flexible development and implementation of functional safety features across different system-on-chip (SoC) and different functions within the vehicle.
ASIL D for the highest level of risk
ASIL D represents the highest level of potential risk and requires the most rigorous approach to fault management. For example, brake systems, battery management systems, electric vehicle (EV) on-board charging, and airbag systems are classified as ASIL D, as failures in these systems can have serious consequences. However, higher levels of risk mean higher levels of computing performance which can impact area and cost. All of these ASIL D applications require DCLS (dual-core lockstep), a feature where two identical processors run the same application in lockstep with a known time delay between them. This helps detect any failures as part of the goal of achieving ASIL D hardware metrics at the processor level.
ASIL B for lower risk levels
ASIL B systems have a lower level of risk but still need to have mechanisms in place to ensure that various failures are addressed. For example, applications such as body control, lighting and engine control functions, when faulty, increase the likelihood of a hazard occurring. ASIL B also requires 90% single point fault detection and transient fault detection. However, the challenge with transient faults is that they can be difficult to detect.
DCLS is an approach that automotive Tier 1s and system integrators can take to achieve ASIL B, but duplicating cores will also double power and area, which can be problematic for applications where cost and l area are the most important considerations. This is where cost effective transient fault protection may be more appropriate.
Software Compatibility
Many software applications run on the safety-critical functions of vehicle control such as the transmission, anti-lock braking systems (ABS), adaptive cruise control (ACC), radar and LiDAR. As a result, there is a need for embedded software to meet increased reliability and security while still providing performance and a reasonable memory footprint.
Software development teams have a significant challenge in delivering high quality, safe and secure software. This goes hand-in-hand with growing pressures for shorter development times and time-to-market. As a result, having a robust software development and validation strategy supported by the right development tools is critical. This ensures that security development activities are carried out efficiently and meet product and delivery commitments.
No one size fits all solution
As the automotive industry embraces a new technological shift in vehicles, advanced functional safety features will be absolutely critical to many aspects of the modern vehicle, from tiny low-power single-function automotive applications all the way up to large multi-function controllers. Focusing on the needs of each application on a case-by-case basis, such as required use cases, computing power, ASIL security levels, or software integration levels, will be the best way to identify the most appropriate technology solutions. A single IT solution is not possible for the variety of different applications in the vehicle, which is why access to a large and scalable portfolio of IT technologies will help achieve optimal functional safety.
About the author: Tom Conway is Senior Automotive Product Director at Arm
#Functional #Safety #Drives #Evolution #Automotive #Computing #Automotive #world
Image Source : www.automotiveworld.com