Upload
others
View
5
Download
0
Embed Size (px)
Citation preview
Bitte decken Sie die schraffierte Fläche mit einem Bild ab.
Please cover the shaded area with a picture.
(24,4 x 11,0 cm)
Architecture concepts in Body Control Modules
Course 7
www.continental-corporation.com Interior Body and Security
Interior Body & Security 16.05.2018
2
Architecture concepts in Body Control Modules
Table Of Contents
Automotive Software Architecture1 3
Body Controller Modules2 9
Classic AUTOSAR3 10
Adaptive AUTOSAR4 13
Security & Privacy5 25
Safety6 28
7
Interior Body & Security
Architecture concepts in Body Control Modules
AUTOSAR – Automotive Open System Architecture
ECU – Electronic Control Unit
CAN – Controller Area Network
LIN – Local Area Network
ASIC – Application Specific Integrated Circuit
SBC – System Basis Chip
BCM – Body Controller Module
SPI – Serial Peripheral Interface
I2C – Inter-Integrated Circuit communication protocol
Interior Body & Security
Architecture concepts in Body Control ModulesAutomotive Software Architecture
16.05.2018
4
The accommodation of consumer electronics in the automotive industry is accelerating with every passing
year. The automotive electronics design not only provides a unified human machine interface but also
assists the automobile manufacturers to enhance the consistency of body electronics.
Vehicle Bus Communication
• Multimedia Bus Interface
• CAN, LIN, Ethernet
Infotainment and Telematics
• Hands free telephony
• Navigation, DVD player, Radio,
Storage devices
Light Control
• Adaptive Light Control
Power Train & Engine Management
• Diagnostic tests and interfaces
• Software & Hardware
development
Tire Guards
• Pressure monitoring
• Suspension monitoring
HEV / EV
• Vehicle energy
management
Body Electronics
• Power windows
• Mirror control
• Gateways module
• Remote keyless entry
• Sun roofs
• Automatic liftgates
Instrument Clusters
• Hardware architecture
• HMI components
• Touch display
Body Controller
Interior Body & Security
New Architectures in Body Control ModulesCentral Body Control Modules – Hidden But Essential For Every Car
16.05.2018
5
Central Body Control Modules (BCMs) are central elements of vehicle electronics.
They combine several functions in one housing and control practically all the
vehicle's electronic basis, comfort and security functions like:
Gateway modules
External lighting
Interior lighting
Windshield wipers
Windshield washer system
Central locking system
Climate control system
Seat adjustment
RF reception
Immobilizer
Remote Keyless Entry
Passive Start and Entry Systems
Tire Pressure Monitoring System
Energy Management
Thanks to their scalable architecture and AUTOSAR-compatible software modules, they can
be freely adapted and harmonize with a every specific type of vehicle.
Interior Body & Security
Architecture concepts in Body Control ModulesAutomotive Software Architecture
16.05.2018
6
Microcontroller
SBC/ASIC
LIN
transceiver
CAN
transceiver Power
regulator
EEPROM
CPU
Peripherals
Electronic Control Units (ECU) – Overview
Interior Body & Security
Architecture concepts in Body Control ModulesAutomotive Software Architecture
16.05.2018
7
Microcontroller
SBC/ASIC
LIN
transceiver
CAN
transceiver Power
regulator
EEPROM
CPU
Peripherals
SPI
I2C
Electronic Control Units (ECU) – Communication between components
Interior Body & Security
Architecture concepts in Body Control ModulesAutomotive Software Architecture
16.05.2018
8
Electronic Control Units (ECU) – Running Software
Microcontroller
SBC/ASIC
LIN
transceiver
CAN
transceiver Power
regulator
EEPROM
CPU
Peripherals
SPI
I2C
Software(AUTOSAR Compliant)
Interior Body & Security
Architecture concepts in Body Control ModulesAutomotive Software Architecture
16.05.2018
9
Electronic Control Units (ECU) – Running Software
Microcontroller
SBC/ASIC
LIN
transceiver
CAN
transceiver Power
regulator
EEPROM
CPU
Peripherals
Software(AUTOSAR Compliant)
SPI
I2C
Interior Body & Security
Architecture concepts in Body Control ModulesAutomotive Software Architecture
16.05.2018
10
Electronic Control Units (ECU) – Main Software Entities
Software Application
Software Bootloader
Interior Body & Security
Architecture concepts in Body Control ModulesAutomotive Software Architecture
16.05.2018
11
Electronic Control Units (ECU) – Main Software Entities
Software Application
Software Bootloader
• Main Application running on the ECU and implementing the
ECUs functionality;
• Consists of:
• Real Time OS;
• Basic Software modules (HW abstraction layer);
• Communication stack;
• Application modules;
• Bootloader is used for application SW updates;
• Consists of:
• Bootloader implementation modules;
• Subset of Basic Software modules (HW abstraction layer);
• Communication stack;
• Can have a Real Time OS *not mandatory.
Interior Body & Security
Architecture concepts in Body Control ModulesAutomotive Software Architecture
16.05.2018
12
Electronic Control Units (ECU) – Main Software Application
Software
Application
Interior Body & Security
Architecture concepts in Body Control ModulesAutomotive Software Architecture
16.05.2018
13
Electronic Control Units (ECU) – Main Software Application
Software
Application
Interior Body & Security
Architecture concepts in Body Control ModulesAutomotive Software Architecture
16.05.2018
14
Communication between ECUs – based on CAN, LIN or Ethernet
Interior Body & Security
Architecture concepts in Body Control ModulesAutomotive Software Architecture
16.05.2018
15
CAN High Wire \ LIN \ ETH Rx
CAN Low Wire \ GND \ ETH Tx
Car Left Mirror Car Right Mirror Inside Car Control Switch Mirrors
Communication between ECUs – based on CAN, LIN or Ethernet
Interior Body & Security
Architecture concepts in Body Control ModulesAutomotive Software Architecture
16.05.2018
16
CAN High Wire
CAN Low Wire
Car Left Mirror Car Right Mirror Inside Car Control Switch Mirrors
Button is switched and
pressed to control left mirror
and a CAN message is send.
Message received by the
left mirror electronic.
Mirror is
moving
Communication between ECUs
Interior Body & Security
Architecture concepts in Body Control ModulesAutomotive Software Architecture
16.05.2018
17
Inside a CAN message:
• Identifier (ID)
• Data length (DLC)
• Data
CAN message data:
• Split in signals of different
lengths, each one representing
a different information (i.e.
motor status, vehicle state,
current speed).
• All the ECUs in the car know
how to split these CAN
messages in signals or how
form a CAN message from a
set of signals so that the other
ECUs understand that message.
Interior Body & Security
Architecture concepts in Body Control ModulesClassic AUTOSAR
16.05.2018
18
AUTOSAR (Automotive Open System Architecture) is a standardization initiative of leading
automotive OEMs and suppliers and was founded in autumn 2003. The goal is to develop a
reference architecture for ECU software, which can overcome the growing complexity of
software in modern vehicles.
ECU classic architecture
design
ECU standardization
architecture design
Interior Body & Security
Architecture concepts in Body Control ModulesClassic AUTOSAR
16.05.2018
19
AUTOSAR objectives
• specify and standardize the central architectural elements across functional
domains, allowing industry to focus on implementation.
AUTOSAR content
• Architecture
• Methodology
• Application interfaces
AUTOSAR Process & Quality
• Establish a flexible work package structure
• Clear release and revision numbering scheme
• Life cycle plan for each release
• Ensure backward compatibility
• Continuous incorporation of new concepts
Interior Body & Security
Architecture concepts in Body Control ModulesAdaptive AUTOSAR
16.05.2018
21
Motivation for Adaptive AUTOSAR
New features/requirements introduced in Automotive industry nowadays
• Highly automated driving – environmental perception and behavior planning;
• High connectivity;
• Strict integrity and security requirements;
• External backend systems for vehicles;
• OTA SW updates over vehicles life-cycle.
The new cars become smart vehicles
Classic AUTOSAR
• Designed for deeply embedded ECUs with specific, static and real-time functionalities.
• Not enough for fulfilling the new Automotive industry development trend.
Interior Body & Security
Architecture concepts in Body Control ModulesAdaptive AUTOSAR
16.05.2018
22
Motivation for Adaptive AUTOSAR
New features/requirements introduced in Automotive industry nowadays
• Highly automated driving – environmental perception and behavior planning;
• High connectivity; SMART
• Strict integrity and security requirements; VEHICLES
• External backend systems for vehicles;
• OTA SW updates over vehicles life-cycle.
Classic AUTOSAR
• Designed for deeply embedded ECUs with specific, static and real-time functionalities.
• Not enough for fulfilling the new Automotive industry development trend.
Adaptive AUTOSAR Platform comes in to enable the future high
complexity Automotive requirements.
Main goal of Adaptive Platform - offer more flexible options for ECU
architecture, to establish a foundation for compute-intensive tasks
with large amounts of data.
Interior Body & Security
Architecture concepts in Body Control ModulesAdaptive AUTOSAR
16.05.2018
23
Interior Body & Security
Architecture concepts in Body Control ModulesAdaptive AUTOSAR
16.05.2018
24
The new Adaptive platform enables communication and interaction
interfaces with general customer electronic devices that can be
driven by general purpose operating systems.
Interior Body & Security
Architecture concepts in Body Control ModulesAdaptive AUTOSAR
16.05.2018
25
Conventional way of thinking:
Vehicle separated from customers
daily digital experience
New way of thinking:
Vehicle integrated in customers digital
experience
What actually changes with Adaptive AUTOSAR Platform is…
Interior Body & Security 16.05.2018
26
Enables car-makers to reduce complexity and improve upgradeability, reusability and
portability of software applications by:
• dividing applications in single, self-contained software components;
• minimizing functional dependencies between software components;
achieved by…
• Service-oriented communication;
• Dynamic binding using service
discovery and publish/subscribe;
• Uniform interfaces, stateless,
separation of concerns;
• Forward and backward
compatibility of interfaces.
Architecture concepts in Body Control ModulesAdaptive AUTOSAR
Interior Body & Security 16.05.2018
27
Domain Controller
Architecture Central Gateway
Architecture
Amount of software
Software complexity
Architectural Patterns for Automotive Networks
Architecture concepts in Body Control ModulesAdaptive AUTOSAR
Interior Body & Security 16.05.2018
28
• Customer functions/basic services can be developed independently of platform and operating
system;
• Common methodology and exchange formats;
• Common update and communication protocols.
Architecture concepts in Body Control ModulesAdaptive AUTOSAR – Common Software Framework
Interior Body & Security 16.05.2018
29
Architecture concepts in Body Control ModulesAdaptive AUTOSAR - Releases
Interior Body & Security
Security and
Privacy
Support
Security and
Privacy
Concept and
Architecture
Research for
Industrial
Leadership
Architecture concepts in Body Control ModulesSecurity & Privacy in Product Life Cycle
Innovation QuotationConcept
RefinementDevelopment Industrialization
Product
Validation
After
Series
Production
Ramp-Up
Scurity and
Privacy
Work
Packages
Incident
Response
Management
Prototype
Planning and
Specifications
RealizationIntegration
and Testing
LOOP
16.05.2018
30
Interior Body & Security
Architecture concepts in Body Control ModulesSecurity & Privacy in V-Model development cycle
31
Unit Design &
Implementation
System DesignSystem
Integration & Testing
Architectural Design
Requirements Analysis
& Specifications
Integration & Testing
Unit Testing
Requirements
Verification
Threat and Risk Analysis
Security & Privacy
Goals
Security & Privacy
Concept
Security & Privacy
Architecture
Functional
Reviews & Analysis
Security & Privacy
Integration Testing
Security & Privacy
Validation
Secure SW/HW
Engineering
Compliance Testing
An
aly
sis
& D
es
ign
Inte
gra
tio
n &
Eva
lua
tio
n
ImplementationProofs and Concepts
Legend:
Product development V-Modell Approach
SCC Consulting/Support
Implementation
16.05.2018
Interior Body & Security
Architecture concepts in Body Control ModulesSecurity – Engineering approaches
32
IsolationAccess Control
Identification
Resource Sharing
Flow Control
Context
Establishment
Ris
k M
on
ito
rin
g a
nd
Revie
w
Ris
k C
om
mu
nic
atio
n a
nd
Co
nsu
lta
tio
n
Threat Analysis
Risk Assessment
Risk Treatment
Security Privacy
Security and
Privacy
Requirements
Consider independent
protection mechanisms
for every platform layer
Top Down
Bottom Up
Interior Body & Security
Architecture concepts in Body Control ModulesSafety – Engineering approaches
16.05.2018
33
Safety on functionality area
Memory
ManagementMicro Controller
ConfigurationCommunication OS execution
- RAM test
- ROM/Flash test
- Safe Storage
- ECC handler
- Register
Monitoring
- Safe SPI
- End to end
protection
(CAN E2E)
- CRC on
communication
lines
- Stack
monitoring
- Watchdog
system
- HW Limp Mode
Software
Hardware
Interior Body & Security
Architecture concepts in Body Control ModulesBibliography
16.05.2018
34
› Thank you for attending this course!
› Thank you for support materials:
› Vector Informatik - https://vector.com/
› Elektrobit - https://www.elektrobit.com/
› Continental - https://www.continental-automotive.com/
› YouTube – www.youtube.com