Safety for Next-Gen Automotive

The smart machine era will be the most disruptive in the history of IT-- Gartner 2015

The IIoT Disruption

The real value is a common architecture that connects sensor to cloud, interoperates between vendors, and spans industries

Common technology that spans industries brings bold new approaches and enables fast change

A New Freedom: Cars -> Robot on Wheels

• Faster, safer, cheaper, farther, easier• DoT: Prevent >32,000 deaths /yr.• 30% of all US jobs will end or change– Trucking, delivery, traffic control, urban

transport, child & elder care, roadside hotels, restaurants, insurance, auto body, law, real estate, leisure

• 50% of OEM brands may fail

RTI’s Experience• ~1000 Projects

– Healthcare– Transportation– Communications– Energy– Industrial– Defense

• 15+ Standards & Consortia Efforts– Interoperability– Multi-vendor ecosystems

RTI’s Deep Expertise in Autonomy• Founders from Stanford

Aerospace Robotics Lab• RTI middleware powers

unmanned systems on land, sea, air, and space

• RTI led the US UAS ground station architecture

• RTI-based system will soon allow drones in class-A National Air Space

• RTI Connext DDS was developed for advanced reactive vehicles

Enable UAS Flight in National Air Space

• The Ground Based Sense and Avoid system allows autonomous planes in US National Air Space– Repositioning– Training & testing– Disaster relief– Forest monitoring and fire

suppression• DO178C safety certified• Operational with RTI Connext

DDS in 2016 Management: US Army UAS Project OfficeSystem integrator: SRC, Inc.

©2015 Real-Time Innovations, Inc. Status Feb 2016

©2015 Real-Time Innovations, Inc. Status Feb 2016

Integrate Intelligence• ADAS (level 2)

– The VW Driver Assistance and Integrated Safety system combines radars, proximity sensors, and video to assist safe operation

– It helps avoid obstacles, detect lane departures, track eye activity, and safely negotiate bends

• Autonomy (level 4)– The V-Charge program demoed an

auto-charging and parking vehicle in 2014

http://www.youtube.com/watch?v=7xQfKTAtyNU

DDS Data-Centric Middleware

DDS is Different!

Data-Centric

DDS

Shared Data Model

DataBus

Point-to-Point

TCP Sockets

Client/Server

MQTTXMPPOPCCORBA

BrokeredESB

Daemon

Publish/Subscribe

FieldbusCANbusZeroMQJMS

Queuing

AMQPActive MQ

The Importance of Data Centricity

Data centricity enables interoperation, scale, & integration

Unstructured filesDatabase

Data Centricity Data at Rest

Messaging middleware

DataBus

Data Centricity Data in Motion

Cloud ServicesDDS Integrates All Components

Sensing

Planning

Radar, LIDAR Vehicle Platform Navigation

Error Management

Visualization

Situation AnalysisSituation Awareness

Vision FusionCameras, LIDAR,

Radar …

Data Fusion

LoggingVehicle Control

Localization

DDS Bus

Traffic Maps

DDS Bus

Why Choose DDS?

• Reliability: Severe consequences if offline for 5 minutes?• Performance/scale:

– Measure in ms or µs? – Or scale > 20+ applications or 10+ teams? – Or 10k+ data values?

• Architecture: System lifecycle >3 yrs?

2 or 3 Checks?

How Does RTI Help Autonomy Development?

• Ensure reliable data availability• Guarantee real-time response• Manage complex data flow and state• Ease system integration• Build security in from the start• Make deployment flexible• Ease safety certification

Ensure Reliable Data Availability

• What: Continuous availability >> 99.999%• How: Easy redundancy, no servers

Guarantee Real-Time Response

• What: response < 100us, even with load, complex data types, many flows• How: peer-to-peer, multicast, data path optimization

QoS Control

• Handles any link– From data and video switches to low-

bandwidth, lossy space communications

• Implements tunable reliability– Balance throughput and latency

• Enforces timing– Priority, deadlines, nanosecond timestamps

Build Security In from the Start

• Dataflow-Level Security– Control r,w access to each data item for

each function– Ensures proper dataflow operation

• Complete Protection– Discovery authentication– Data-centric access control– Cryptography– Tagging & logging– Non-repudiation– Secure multicast

• No code changes!• Plugin architecture for advanced uses

CBM AnalysisPMU Control Operator

State Alarms SetPoint

Topic Security model:• PMU: State(w)• CBM: State(r); Alarms(w)• Control: State(r), SetPoint(w)• Operator: *(r), Setpoint(w)

Ease Safety Certification

• Safety certifiable connectivity platform– Stringent SWaP requirements– Complete certification evidence– Full interoperability with DDS implementations

• DO-178C Level A– Flight management systems

• ISO 26262– Road vehicle functional safety

• IEC 60601 class 3– Medical devices

Available

Soon

Soon

Certified Middleware Greatly Eases Safety Cert

• Provides non-stop availability– Decentralized architecture– No single point of failure– Support for redundant networks– Automatic failover between redundant publishers– Dynamic upgrades

• No central server or services• Version-independent interoperability protocol

• Supports subsystem isolation and incremental certification• Controls real-time Quality of Service• Makes missed deadlines and presence visible• Proven in thousands of mission critical systems

22

Connext DDS Cert

• Limits size of distributed system– Suits most onboard systems– Reduces ELOC

• Predictable– No dynamic memory allocation– Applications preconfigured– Integrates with Full Connext DDS non-

certified components05/03/2023 23

Summary

• An autonomous car is a robot on wheels• The system needs reliable, flexible, real-time,

secure connectivity• DDS supports development, deployment evolution

– Location transparency– Integration with existing protocols– Test and debug

• Proven, standard middleware eases debugging, development and deployment

• Separation middleware makes certification easier and cheaper