This content is not included in your SAE MOBILUS subscription, or you are not logged in.
An AUTOSAR-Compliant Automotive Platform for Meeting Reliability and Timing Constraints
ISSN: 0148-7191, e-ISSN: 2688-3627
Published April 12, 2011 by SAE International in United States
Annotation ability available
High demands on advanced safety and driving functions, such as active safety and lane departure warnings, increase a vehicle's dependency on automotive electrical/electronic architectures. Hard real-time requirements and high reliability constraints must be satisfied for the correct functioning of these safety-critical features, which can be achieved by using the AUTOSAR (Automotive Open System Architecture) standard. The AUTOSAR standard was introduced to simplify automotive system design while offering inter-operability, scalability, extensibility, and flexibility. The current version of AUTOSAR does not assist in the replication of tasks for recovering from task failures. Instead, the standard assumes that architecture designers will introduce custom extensions to meet such reliability needs. The introduction of affordable techniques with predictable properties for meeting reliability requirements will prove to be very valuable in future versions of AUTOSAR.
In this paper, we propose a new Software-Component (SW-C) allocation algorithm called R-FLOW (Reliable application-FLOW-aware SW-C partitioning algorithm) for fail-stop processors to support fault-tolerance with bounded recovery times, and we integrate the R-FLOW algorithm into AUTOSAR. R-FLOW leverages different types of replication schemes to satisfy reliability and timing constraints, while offering a high degree of resource utilization and flexibility. Specifically, R-FLOW classifies real-time periodic tasks into Hard Recovery tasks, Soft Recovery tasks, and Best-Effort Recovery tasks. Hot Standbys are used for recovering from failures of hard recovery tasks, whereas Cold Standbys are utilized for recovering from failures of soft recovery and best-effort recovery tasks. With this goal in mind, we design and implement our proposed architecture within the guidelines of the current AUTOSAR framework. We have built an at-scale prototyping platform, comprising of Freescale HCS12X processing boards, a dual-channel FlexRay bus, and a CAN network. Our proposed architecture is evaluated on this platform using reliability and timeliness metrics in the context of different fault scenarios.
CitationKim, J., Bhatia, G., Rajkumar, R., and Jochim, M., "An AUTOSAR-Compliant Automotive Platform for Meeting Reliability and Timing Constraints," SAE Technical Paper 2011-01-0448, 2011, https://doi.org/10.4271/2011-01-0448.
- Jurgen, R.K., “X-By-Wire Automotive Systems,” SAE International, Warrendale, PA, ISBN 978-0-7680-2100-4, 2009.
- “AUTOSAR,” Automotive Open System Architecture.
- Mei, T.X., Shafik, M., Lewis, R., Walilay, H., Whitley, M., and Baker, D., “Fault Tolerant Actuation for Steer-by-Wire Applications,” Automotive Electronics, 2007 3rd Institution of Engineering and Technology Conference on, 2007, pp. 1-8.
- Belschner, R., Berwanger, J., Ebner, C., Eisele, H., Fluhrer, S., Forest, T., Fuhrer, T., Hartwich, F., Hedenetz, B., and Hugel, R., “FlexRay Requirements Specification,” FlexRay Consortium, Internet: http://www.flexray.com, Version, vol. 2, 2002.
- Pradhan, D., Fault-tolerant computer system design, Prentice Hall PTR, 1996.
- AUTOSAR, “Glossary V2.2.0 R4.0 Rev 1,” 2009
- Freescale, “4310STARTERKIT Product Summary Page.”
- ETAS, “ETAS - RTA-OSEK - RTA Software Products - Software Products & Systems - Product Search - ETAS Products,” 25T12:36:14+02:00. 2007.
- Kim, J., Lakshmanan, K., Rajkumar, R., “R-BATCH: Task Partitioning for Fault-tolerant Multiprocessor Real-Time Systems,” Proceedings of 10th IEEE International Conference on Computer and Information Technology (CIT), 2010
- Lakshmanan, K., Bhatia, G. and Rajkumar, R., “Integrated End-to-End Timing Analysis of Networked AUTOSAR-Compliant Systems,” Proceedings of the Design, Automation, and Test in Europe (DATE), 2010
- Avizienis, A., Laprie, J., Randell, B., and Landwehr, C., “Basic Concepts and Taxonomy of Dependable and Secure Computing,” IEEE Transactions on Dependable and Secure Computing, pp. 11-33, 2004.
- “Progress report No.2 on the accident on 1 June 2009 to the Airbus A330-203 registered F-GZCP operated by Air France flight AF 447 Rio de Janeiro - Paris,” BEA (Bureau d'Enquêtes et d'Analyses pour la sécurité de l'aviation civile), 2009.
- Liu, C. L. and Layland, J. W., “Scheduling Algorithms for Multiprogramming in a Hard-Real-Time Environment,” J. ACM, vol. 20, no. 1, pp. 46-61, 1973.
- Hladik, P., Deplanche, A., Faucou, S., and Trinquet, Y., “Adequacy between AUTOSAR OS specification and real-time scheduling theory,” in International Symposium on Industrial Embedded Systems (SIES), 2007.
- Johnson, D. S., Demers, A., Ullman, J. D., Garey, M. R., and Graham, R. L., “Worst-Case Performance Bounds for Simple One-Dimensional Packing Algorithms,” SIAM Journal on Computing, vol. 3, no. 4, pp. 299-325, Dec. 1974.
- International Organization for Standardization, “ISO/DIS 26262 - Road vehicles - Functional safety,” ISO Publications, 2009
- Urmson, C. et al. “Autonomous driving in urban environments: Boss and the urban challenge,” In The DARPA Urban Challenge, pages 1-59. 2009
- de Niz, D., Bhatia, G., and Rajkumar, R., “Model-Based Development of Embedded Systems: The SysWeaver Approach”, Proceedings of the 12th IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS) 2006
- Audsley, N. C., Burns, A., Richardson, M. F., and Wellings, A. J., “Hard Real-Time Scheduling: The Deadline-Monotonic Approach”, Proceedings of the IEEE Workshop on Real-Time Operating Systems and Software, 1991
- International Electrotechnical Commission, IEC 61508, Functional Safety of Electrical/Electronic/Programmable Electronic Safety Related Systems, 65A/254/FDIS, IEC: 1999.