Bitte decken Sie die schraffierte Fläche mit einem Bild ab. Please cover the shaded area with a picture. (24,4 x 11,0 cm) Course 7 www.continental-corporation.com Interior Body and Security
Table Of Contents 1 Automotive Software Architecture 3 2 Body Controller Modules 9 3 Classic AUTOSAR 10 4 Adaptive AUTOSAR 13 5 Security & Privacy 25 6 Safety 28 7 2
AUTOSAR Automotive Open System Architecture ECU Electronic Control Unit CAN Controller Area Network LIN Local Area Network ASIC Application Specific Integrated Circuit SBC System Basis Chip BCM Body Controller Module SPI Serial Peripheral Interface I2C Inter-Integrated Circuit communication protocol
Automotive Software Architecture The accommodation of consumer electronics in the automotive industry is accelerating with every passing year. The automotive electronics design not only provides a unified human machine interface but also assists the automobile manufacturers to enhance the consistency of body electronics. Instrument Clusters Hardware architecture HMI components Touch display Vehicle Bus Communication Multimedia Bus Interface CAN, LIN, Ethernet Body Controller Body Electronics Power windows Mirror control Gateways module Remote keyless entry Sun roofs Automatic liftgates Infotainment and Telematics Hands free telephony Navigation, DVD player, Radio, Storage devices HEV / EV Vehicle energy management Power Train & Engine Management Diagnostic tests and interfaces Software & Hardware development Tire Guards Pressure monitoring Suspension monitoring Light Control Adaptive Light Control 4
New Architectures in Body Control Modules Central Body Control Modules Hidden But Essential For Every Car Central Body Control Modules (BCMs) are central elements of vehicle electronics. They combine several functions in one housing and control practically all the vehicle's electronic basis, comfort and security functions like: Gateway modules External lighting Interior lighting Windshield wipers Windshield washer system Central locking system Climate control system Seat adjustment RF reception Immobilizer Remote Keyless Entry Passive Start and Entry Systems Tire Pressure Monitoring System Energy Management Thanks to their scalable architecture and AUTOSAR-compatible software modules, they can be freely adapted and harmonize with a every specific type of vehicle. 5
Automotive Software Architecture Electronic Control Units (ECU) Overview LIN transceiver SBC/ASIC CAN transceiver Power regulator Peripherals Microcontroller CPU EEPROM 6
Automotive Software Architecture Electronic Control Units (ECU) Communication between components LIN transceiver SBC/ASIC CAN transceiver Power regulator Peripherals Microcontroller CPU SPI EEPROM I2C 7
Automotive Software Architecture Electronic Control Units (ECU) Running Software LIN transceiver SBC/ASIC CAN transceiver Power regulator Software (AUTOSAR Compliant) Peripherals Microcontroller CPU SPI EEPROM I2C 8
Automotive Software Architecture Electronic Control Units (ECU) Running Software LIN transceiver SBC/ASIC CAN transceiver Power regulator Software (AUTOSAR Compliant) Peripherals Microcontroller CPU SPI EEPROM I2C 9
Automotive Software Architecture Electronic Control Units (ECU) Main Software Entities Software Application Software Bootloader 10
Automotive Software Architecture Electronic Control Units (ECU) Main Software Entities Software Application Main Application running on the ECU and implementing the ECUs functionality; Consists of: Real Time OS; Basic Software modules (HW abstraction layer); Communication stack; Application modules; Software Bootloader Bootloader is used for application SW updates; Consists of: Bootloader implementation modules; Subset of Basic Software modules (HW abstraction layer); Communication stack; Can have a Real Time OS *not mandatory. 11
Automotive Software Architecture Electronic Control Units (ECU) Main Software Application Software Application 12
Automotive Software Architecture Electronic Control Units (ECU) Main Software Application Software Application 13
Automotive Software Architecture Communication between ECUs based on CAN, LIN or Ethernet 14
Automotive Software Architecture Communication between ECUs based on CAN, LIN or Ethernet CAN High Wire \ LIN \ ETH Rx CAN Low Wire \ GND \ ETH Tx Car Left Mirror Car Right Mirror Inside Car Control Switch Mirrors 15
Automotive Software Architecture Communication between ECUs CAN High Wire Mirror is moving Message received by the left mirror electronic. CAN Low Wire Button is switched and pressed to control left mirror and a CAN message is send. Car Left Mirror Car Right Mirror Inside Car Control Switch Mirrors 16
Automotive Software Architecture Inside a CAN message: Identifier (ID) Data length (DLC) Data CAN message data: Split in signals of different lengths, each one representing a different information (i.e. motor status, vehicle state, current speed). All the ECUs in the car know how to split these CAN messages in signals or how form a CAN message from a set of signals so that the other ECUs understand that message. 17
Classic AUTOSAR AUTOSAR (Automotive Open System Architecture) is a standardization initiative of leading automotive OEMs and suppliers and was founded in autumn 2003. The goal is to develop a reference architecture for ECU software, which can overcome the growing complexity of software in modern vehicles. ECU classic architecture design ECU standardization architecture design 18
Classic AUTOSAR AUTOSAR objectives specify and standardize the central architectural elements across functional domains, allowing industry to focus on implementation. AUTOSAR content Architecture Methodology Application interfaces AUTOSAR Process & Quality Establish a flexible work package structure Clear release and revision numbering scheme Life cycle plan for each release Ensure backward compatibility Continuous incorporation of new concepts 19
Classic AUTOSAR 20
Adaptive AUTOSAR Motivation for Adaptive AUTOSAR New features/requirements introduced in Automotive industry nowadays Highly automated driving environmental perception and behavior planning; High connectivity; Strict integrity and security requirements; External backend systems for vehicles; OTA SW updates over vehicles life-cycle. The new cars become smart vehicles Classic AUTOSAR Designed for deeply embedded ECUs with specific, static and real-time functionalities. Not enough for fulfilling the new Automotive industry development trend. 21
Adaptive AUTOSAR Motivation for Adaptive AUTOSAR New features/requirements introduced in Automotive industry nowadays Highly automated driving environmental perception and behavior planning; High connectivity; SMART Strict integrity and security requirements; VEHICLES External backend systems for vehicles; OTA SW updates over vehicles life-cycle. Classic AUTOSAR Designed for deeply embedded ECUs with specific, static and real-time functionalities. Not enough for fulfilling the new Automotive industry development trend. Adaptive AUTOSAR Platform comes in to enable the future high complexity Automotive requirements. Main goal of Adaptive Platform - offer more flexible options for ECU architecture, to establish a foundation for compute-intensive tasks with large amounts of data. 22
Adaptive AUTOSAR 23
Adaptive AUTOSAR The new Adaptive platform enables communication and interaction interfaces with general customer electronic devices that can be driven by general purpose operating systems. 24
Adaptive AUTOSAR What actually changes with Adaptive AUTOSAR Platform is Conventional way of thinking: Vehicle separated from customers daily digital experience New way of thinking: Vehicle integrated in customers digital experience 25
Adaptive AUTOSAR Enables car-makers to reduce complexity and improve upgradeability, reusability and portability of software applications by: dividing applications in single, self-contained software components; minimizing functional dependencies between software components; achieved by Service-oriented communication; Dynamic binding using service discovery and publish/subscribe; Uniform interfaces, stateless, separation of concerns; Forward and backward compatibility of interfaces. 26
Adaptive AUTOSAR Architectural Patterns for Automotive Networks Central Gateway Architecture Domain Controller Architecture Amount of software Software complexity 27
Adaptive AUTOSAR Common Software Framework Customer functions/basic services can be developed independently of platform and operating system; Common methodology and exchange formats; Common update and communication protocols. 28
Adaptive AUTOSAR - Releases 29
Security & Privacy in Product Life Cycle Innovation Quotation Concept Refinement Development Industrialization Product Validation Production Ramp-Up After Series Research for Industrial Leadership Security and Privacy Concept and Architecture LOOP Security and Privacy Support Prototype Planning and Specifications Realization Integration and Testing Incident Response Management Scurity and Privacy Work Packages 30
Analysis & Design Integration & Evaluation Security & Privacy in V-Model development cycle Security & Privacy Goals Security & Privacy Validation System Design Threat and Risk Analysis System Integration & Testing Security & Privacy Integration Testing Requirements Analysis & Specifications Security & Privacy Concept Requirements Verification Compliance Testing Architectural Design Integration & Testing Security & Privacy Architecture Functional Reviews & Analysis Implementation Proofs and Concepts Unit Design & Implementation Secure SW/HW Engineering Unit Testing Legend: Product development V-Modell Approach SCC Consulting/Support Implementation 31
Risk Communication and Consultation Risk Monitoring and Review Security Engineering approaches Top Down Context Establishment Access Control Isolation Threat Analysis Security Privacy Identification Risk Assessment Consider independent protection mechanisms for every platform layer Resource Sharing Risk Treatment Security and Privacy Requirements Flow Control Bottom Up 32
Safety Engineering approaches Safety on functionality area Memory Management Micro Controller Configuration Communication OS execution - RAM test - ROM/Flash test - Safe Storage - Register Monitoring - Safe SPI - End to end protection (CAN E2E) - Stack monitoring Software - ECC handler - CRC on communication lines - Watchdog system - HW Limp Mode Hardware 33
Bibliography Thank you for attending this course! Thank you for support materials: Vector Informatik - https://vector.com/ Elektrobit - https://www.elektrobit.com/ Continental - https://www.continental-automotive.com/ YouTube www.youtube.com 34