The Low-Risk Path to Building Autonomous Car Architectures

Thomas Bloor, Automotive Business Development Manager,

QNX Software Systems

Bob Leigh, Director of Market Development, RTI

The Low-Risk Path to Building Autonomous Car Architectures

Moderator:

Curt Schwaderer, OpenSystems Media

Speakers:

Agenda

Housekeeping

Presentation

Questions and Answers

Wrap-up

The Low Risk Path to Developing Autonomous

Car Architectures

Thomas Bloor

Automotive Business Development

© 2016 BlackBerry. All Rights Reserved. 4

QNX : Automotive Market Leader


How Do You Architect an Autonomous Car?

Mapping + Sensor Data


How Do You Architect an Autonomous Car?

7 Confidential

Automated

Drive

Controller

Sensor Fusion

Sensor Fusion Architectures

Camera, Radar,

Ultrasonic and Lidar

sensors for 360⁰

coverage

Bus

• Perception

• Path Planning

• Decision Making

• Safety Monitor

• CAN Gateway

Bus Vehicle

Actuators +

Sensors

Sensors

• Data Fusion

• Localization

• Object Detection


The ECU Consolidation Challenge

• 60-100 ECUs

• 6-8 operating systems

• Isolated operations

• Increasing cost & complexity

• Minimal upgradability

TODAY

• 6-10 Consolidated-controllers

• Consolidated software system

• Coordinated operations

• Reduced weight, cost, & complexity

• Future-proof with built in upgradability

TOMORROW

Handful of other ECUs

Autonomous

Drive

Controller

Cockpit ControllerBlack Box

Controller

Powertrain

ControllerBody

Controller

Firewall & Comms

Controller

9 Confidential

Sensor Fusion Architectures

Multiple Radar

and Lidar

sensors for

360⁰ coverage

Multiple

Cameras

Vision system

Radar Interface

Sensor

Fusion

Software

Ethernet

QNX OS for Safety

Fusion ECU

Redundant modules for fail over

“fail operational”Redundant modules for fail over

“fail operational”

Automated Drive Controller ECU

Safety Micro

AUTOSAR

(Infineon AURIX, V850,

others)

• Perception

• Path Planning

• Decision Making

• LCLS

• AUTOSAR integration

• SOME/IP

• Safety Monitor

• CAN Gateway

CAN Bus

Actuators

AUTOSAR

Lidar Interface

Performance Processors

QNX OS for Safety

(Intel Denverton,

Renesas H3,

NVIDIA Parker)

10 Confidential

Architecture Evolution

Raw Data Input to

Sensor Fusion ECU

Vision system

Radar Interface

Sensor

Fusion

Software

Ethernet

QNX OS for Safety

Fusion ECU Automated Drive Controller ECU

Safety Micro

AUTOSAR

(Infineon AURIX, V850,

others) CAN Bus

Actuators

AUTOSAR

Lidar Interface

Performance Processors

QNX OS for Safety

(Intel Denverton,

Renesas H3,

NVIDIA Parker)

Neutral Network Object

Detection

Deep Learning in the

Cloud

Distribution of Functionality

11


The Low Risk Path to Developing Autonomous Car

Architectures

Modular Design Flexibility

Code Portability

Common Operating System Framework

Flexible, Predictable Communications Bus


Safety Requirements Challenge

Front-View

Camera System

ASIL B

Rear-View

Camera System

ASIL B

Instrument

Cluster

ASIL BSensor

Fusion

ASIL D

77 GHz

Radar ACC

ASIL C

Drive

Controller

ASIL D

Driving Lights

ASIL B

Braking and

Stability Systems

ASIL D

Black Box

Functionality

ASIL A

Airbag System

ASIL D

Safety

Watchdog

ASIL D

Brake Lights

ASIL B

Functions compiled into a Single

Consolidated Controller May Have

Different Safety Requirements

Requires Separation, Isolation, and

Full Security when different adjacent

functions and OSs are integrated into

a single Consolidated-Controller

Secure and Safety Certified

Type-1 Hypervisor Is the

Solution


TRUST ANCHOR

MANAGED PKI

Built in Security features to

prevent unauthorized access

and prevent attacks

SECURE OPERATING SYSTEM

Certificate management for

telematics, IVI, ECUs, domain

controllers, V2X, OTA &

anything that connects

Root of trust and certificate

chain to secure networked

ECUs & domain controllers

Security For the Autonomous Car

Secures manufacturing

supply chain to prevent

cloning and inject security

keys

ASSET MANAGEMENT SYSTEM

14


The Trusted Solution Foundation

SAFE SECURE RELIABLE ADAPTABLE

QNX Certified

Hypervisor

QNXOther

Guests

DEPENDABLE

Automotive

Engineering Services

100% SOP success rate

World-class automotive

expertise

Powering your brand for the future


QNX Software Development Platform 7.0

QNX

Operating System

• Maximize design flexibility

• Accelerate development cycles

• Build in quality

• Optimize system resources

• Mission critical reliability

• Advanced security

• Scalable and standards conforming

• Support for a wide range of 64-bit ARM

and x86 hardware

QNX

Momentics IDE

16 Proprietary

ISO 26262 Certified RTOS

• First real-time operating system certified for use in

ISO 26262 ASIL D items

• Certified by TUV Rheinland (certificate stored in

TUV public repository)

• Scope of certification includes:

• QNX Neutrino kernel with multicore and adaptive

partitioning

• Tool chain and libc

– C compiler, linker, and assembler classified as

Tools Confidence Level 3 according to ISO 26262

http://fs-products.tuvasi.com/certificates?filter_prod=1&filter_apps=1&keywords=QNX&productcategory_id=1&x=75&y=26


Infotainment /

3rd party apps

Informational

ADAS

Digital

Instrument

Cluster

Firewall

• Type-1 Hypervisor

• Foundation for ECU consolidation

• Complete separation and isolation

of guests

• Hardware device assignment or

controlled device sharing

• Temporal separation with

guaranteed CPU budget

• Spatial separation of memory,

cores, hardware devices

• ISO 26262 ASIL D certification

• Full ARM and x86 integration

QNX Certified Hypervisor

Hardware(ARMv7, ARMv8, x86_64)

QNX Hypervisor

…


QNX Platform for ADAS

• Improve time to market for camera based

ADAS systems

• Pre-integrated reference implementation

including:

• Low latency camera input with

support for a variety of camera

types

• Support for hardware accelerated

vision processing systems

• 3rd party ADAS algorithms

• AUTOSAR integration and

communication for automated drive

domain controllers

Foundation for ADAS, active safety systems

and automated driving applications, built

upon an ISO 26262 safety certified operating

system

19


Summary – Lowering Risk

Design for Flexibility & Portability

Build Secure Code

Common Operating System Framework

Flexible, Predictable Communications Bus

The Secret to Low-Risk Architecture in Autonomous Cars

Bob Leigh, Director of Market Development

The Future is Intelligent Distributed Machines

©2016 Real-Time Innovations, Inc.

RTI’s Experience• ~1000 Projects

– Healthcare– Transportation– Communications– Energy– Industrial– Defense

• 15+ Standards & Consortia Efforts– Interoperability– Multi-vendor ecosystems


RTI’s Deep Expertise in Autonomy

• Founders from Stanford Aerospace Robotics Lab

• RTI middleware powers unmanned systems on land, sea, air, and space

• RTI led the US UAS ground station architecture

• RTI-based system will soon allow drones in class-A National Air Space

• RTI Connext DDS was developed for advanced reactive vehicles


The IIoT Disruption

The real value is a common architecture that

connects sensor to cloud, interoperates

between vendors, and spans industries

Common technology that spans industries brings bold new approaches and enables fast change


©2016 Real-Time Innovations, Inc. Status Feb 2016

Data Considerations

Security

Safety

Scale

• Ensure reliable data availability

• Guarantee real-time response

• Manage complex data flow and state

• Ease system integration

• Build security in from the start

• Make deployment flexible

• Ease safety certification

How Does DDS Help Autonomy Development?


The DDS Databus is Different!


Data-Centric

DDS

Shared Data Model

DataBus

Point-to-Point

TCP Sockets

Client/Server

MQTTXMPPOPCCORBA

BrokeredESB

Daemon

Publish/Subscribe

FieldbusCANbusZeroMQJMS

Queuing

AMQPActive MQ

Systems are About the Data

Data Centricity Definition a) The interface is the data. b) The infrastructure understands that data. c) The system manages the data and imposes

rules on how applications exchange data.


Database Databus

Data centric storage and search of old data

Data centric sharing and filtering of future data

Application

Application

Message centricRemote ObjectsSOAs

Application

Application

Data

IDL 3.5 IDL 4.0I

2014

RPC over DDS 2014

DDSSecurity

2015

DDSImplementation

Network / TCP / UDP / IP

DDS Spec 2004

DDS X-Types

2010

AppDDS-API-C++DDS-API-JAVA

2012

DDS-WEB

2013

DDSI-RTPS-TCP 2015

DDSI-RTPSWire Protocol 2006

DDS Specification Family


• Replaces TCP with 1-to-many QoS-controlled type-aware datagram stream

• Layers 4-5 of ISO Network Model (facilities layer)

• Transport independent• Architecture or industry

defines the data model

Why a Databus?

• Reduce risk– Proven, reusable, powerful, 100% standard

• Build elegant architecture– Data-centric design eliminates coupling & speeds development– QoS control simplifies integration– Sensor-to-cloud connectivity builds systems

• Tap advanced capability– Transport, OS, language transparency– Enterprise scalability & performance– Extreme reliability– Practical, facile security


Shared Data Model

DataBus

Cloud Services

DDS Integrates All Components


Sensing

Planning

Radar, LIDAR Vehicle Platform Navigation

Error Management

Visualization

Situation AnalysisSituation Awareness

Vision FusionCameras, LIDAR,

Radar …

Data Fusion

LoggingVehicle Control

Localization

DDS Bus

Traffic Maps

DDS Bus

QoS: Quality of Service

©2016 Real-Time Innovations, Inc. Permission to distribute unmodified

granted.

Vo

lati

lity

User Q

oS

Del

iver

y

Presen

tation

Red

un

dan

cy

Infr

astr

uct

ure

Transp

ort

Take it to Massive Scale


Unit DataBusUnit DataBus

Cloud DataBus

Site DataBus

Unit DataBus

Sense Act

Think HMI

Machine DataBus

• Each level of the hierarchy has– Data model

– Discovery

– Security domain

• System-of-systems require– Subsystem export control

– Data model translation

– Discovery controlIntelligentMachines

IntelligentSystems

IntelligentIndustrial Internet

IntelligentSystem of Systems

Security Must Protect Dataflow

System

Transport

Unit

Data©2016 Real-Time Innovations, Inc.

DDS Secure

• OMG Security DDS standard

• Requires trivial or no change to existing DDS apps and adapters

• Plugin architecture

• Runs over any transport

• Completely decentralized

Secure DDSlibrary

Authentication

Access Control

Encryption

Data Tagging

Logging

Application

Any Transport(e.g., TCP, UDP, multicast,

shared memory, )


Tenets Of Safety-Critical Software

• Reduce code size

• Consider testability in design

• Design code to be deterministic


Certification Evidence Ships!

©2015 Real-Time Innovations, Inc. Confidential.

Certification Evidence Ships!

©2015 Real-Time Innovations, Inc. Confidential.

Reduced Application CodeMessage Centric Data Centric (DDS)

Message Centric Middleware

Application

Application Logic

Message Parsing and Filtering

Message Caching

Send/Receive Packets

Addressing, Marshaling

Data Centric Middleware (DDS)

Send/Receive Packets

Discovery, Presence Marshaling, 32/64

Message Caching & State Management

Message Parsing and Filtering

Application

Application Logic

Savi

ngs


Certified Middleware Greatly Eases Safety Cert

• Provides non-stop availability– Decentralized architecture– No single point of failure– Support for redundant networks– Automatic failover between redundant publishers– Dynamic upgrades

• No central server or services• Version-independent interoperability protocol

• Supports subsystem isolation and incremental certification• Controls real-time Quality of Service• Makes missed deadlines and presence visible• Proven in thousands of mission critical systems


Use CerticomEncryption

with Plug-ins!

DDS Standards: Layered View

Hardware(ARMv7, ARMv8, x86_64)

QNX Hypervisor

Infotainment / 3rd

party appsInformational ADASDigital Instrument

Cluster

Firewall

…

Works with QNX


DDS DataBus

Build the Right Future


Audience Q & AThomas Bloor,

Automotive Business Development Manager,

QNX Software Systems

Bob Leigh,

Director of Market Development,

RTI

Thanks for joining us

Event archive available at:

http://ecast.opensystemsmedia.com/

E-mail us at: [email protected]

http://ecast.opensystemsmedia.com/

mailto:[email protected]