Fully electric vehicles have a very special set of requirements, in particular with respect to safety. As an example, in vehicles with electric wheel-hub drive, no clutch can separate the transmission from the engine. In order to safely stop the vehicle, the software for controlling the drive train must ensure that the specified behaviour is adhered to even in case of failure.
SafeAdapt will establish a so-called Safe Adaption Platform Core, combining different existing platforms with adaptive data communication in order to achieve the ambitious goal of cost-effective redundancy in safety-critical systems. This approach allows the tailored adaptation of redundancy concepts based on reconfiguration capabilities. This is achieved through the intelligent use of available CPU resources and fault tolerant, time-triggered networks. Through this, so-called fail-operational behaviour of the E/E architecture can be realised efficiently, e.g. graceful failure handling.
Furthermore, problem handling takes considerable effort in system development and also diminishes the reusability of software components since problem resolution currently depends on the underlying hardware platform. This is why software is always designed for a specific vehicle model in today’s environment. This results in too little reuse of the vehicle software components or architectures. The generic failure and adaptation handling used in the SafeAdapt approach should result in significantly better software reusability.
SafeAdapt Provides Design and System Architecture
For safe runtime adaptation, the specific system behaviour in different modes and configurations has to be known and validated at runtime. The adaptation specification encompasses the definition of diverse configurations, adaptations, as well as requirements to be met, such as maximum switching delays between configurations. Safe adaptation is modelled during the design process of the system architecture, which can be based on existing modelling languages such as UML, EAST-ADL and AUTOSAR. This enables early verification and validation of a system's non-functional requirements such as adaptability. Based on the system model, valid configurations taking into account all failure scenarios can be generated automatically. This is compliant to the AUTOSAR standard, faciliating a deployment to diverse Electronic Control Units (ECUs) and off-the-shelf toolchains. Thereby, SafeAdapt provides a technologyneutral solution for enabling safe adaption of future vehicle ICT systems.
Reuse of Software Components by Modular Certification
Another step in designing today’s E/E systems is the assessment process for each new vehicle model according to the functional safety standard ISO26262. SafeAdapt addresses this issue by identifying and using respective concepts from the ISO26262, e.g. its Safety-Element-out-of-
Context (SEooC). Through the latter, software components can be integrated as reusable components in different vehicles, without the need to recertify them in every single system to be developed. For example, the developed Safe Adaption Platform Core is considered as SEooC, which can be verified once and reused within different platforms.
Proof-of-Concept Using Full-Scale Prototype E-Vehicle
The SafeAdapt approach is designed to:
- reduce the complexity and the hardware cost of safety-critical systems
- handle failures in safety-critical systems through adaptation/reconfiguration
- reduce development, testing and certification costs
In order to conduct a realistic evaluation, SafeAdapt will integrate the resulting E/E architecture concept, as well as the hardware and software developed within the project, into an existing e-vehicle prototype platform. Moreover, the approach will be validated and evaluated in a car simulation environment.
Support and Services
Fraunhofer ESK offers its long-standing experience in the area of concepts for future E/E architectures to enable customers to incorporate such enhanced fail-operational behaviour into their own products. This may start from initial evaluation studies over design, tool implementations and prototypes. Contact us to discuss potential collaborations suiting your needs.