Open platform approach will foster innovation to enable highly dependable and scalable vehicle architectures for autonomous driving.
The automotive industry is reaching an inflection point as we move from advanced driver assistance to the level of truly autonomous vehicles. Until recently, the approach to greater autonomy has been to add additional functionality through distributed, yet connected, electronic control modules (ECUs). However, this is unlikely to be a viable solution moving forward and a different thought process is almost certainly going to be required.
In this article, we will explore the challenges within the automated driving space, including key aspects of dependability, and will then discuss the concept of an open platform systems approach and how this enables the connectivity, services, safety and security required for SAE level 3 to level 5 vehicles.
The world is on a clear path to truly autonomous driving and, while there is much debate about the timescales, there is general agreement that we will achieve this goal sooner or later. The path into the future has been mapped out by the Society of Automotive Engineers (SAE), which has defined six steps on the road to autonomy, with each stage delegating more of the driving task to the vehicle itself.
Some have compared this journey to climbing Mount Everest, requiring a number of technological advances to move through the six stages defined by the SAE. Among the factors that must be considered are: how sensing technologies and Artificial Intelligence (AI) will evolve to replace a human behind the wheel, and providing adequate security as vehicles become connected. Overriding all of this, customer expectations and safety concerns are a significant hurdle to be addressed at each stage.
While some of the traditional carmakers are understandably taking a 'vehicle first, computing second' approach, new entrants in this market including the major computing companies see things somewhat differently. As Autonomous Driving (AD) is predominantly a software challenge now they are advocating an approach whereby the computing systems is developed first and then the car is built around that, turning the traditional approach on its head.
Even though many cars will have the hardware, few will be SAE L4 capable
Challenges in AD
Today’s modern vehicles are already complex systems comprised of a significant number of sub-systems, or ECUs, each with 100’s or 1000’s of electronic and electromechanical components. It is estimated that the average high-end vehicle today has over 100 microcontroller/microprocessors acting as the “brain” for these ECUs. The amount of software running on these systems has already surpassed the newest state-of-the-art F-35 fighter plane. It is also a fact that in order to achieve the level of automation even for a Level 3 AD vehicle, the computing power required is significantly higher than today’s vehicles. On top of all that, the expectation from the market is that AD vehicles must be highly dependable before consumers feel comfortable and trust a machine to be in complete control of the driving task. In other words, AD vehicles will need to be fail-operational where faults are recognised and worked around enabling the journey to continue - even if it is with limited functionality.
The five facets of dependability must be addressed as a whole
To realize a fail-operational system, car makers will need to look at the whole vehicle architecture to ensure safety measures such as redundancy schemes are in place across the three functional blocks: Sense, Compute, and Actuate. Furthermore, all of the interactions (i.e.: connectivity) between these blocks and with the world outside the vehicle, such as other vehicles, the infrastructure, or the cloud, must all be timely and reliable. Connectivity is essential to AD, as it will deliver significant added-value services including remote diagnostics, software updates, traffic information, and toll control and payment among others. However, this capability does expose more attack surfaces requiring increased security to be implemented in vehicles.
Connected cars will present many more attack surfaces to the outside world
To address this security challenge, a multi-layered approach is needed. At the application level secure communication such as SSL or TLS will be implemented alongside application access control and assurance of data-in-motion trustworthiness. This will be especially important for features such as over-the-air (OTA) update, or services. Secondly, software platform security will need to include compartmentalization, intrusion prevention and ECU authorization. And finally, at the hardware level, CPU security, support for integrated Hardware Security Module (HSM), and an intrinsic ECU firewall will all create an effective security platform for the vehicle.
Open platform approach
The industry is rapidly moving towards a domain-based distributed computing architecture that will be organized around the key functions of the vehicle including Driving, ADAS/AD, Body & Comfort and Infotainment. This will deliver a far more streamlined approach to the rapid evolution and significantly more complex AD vehicles of the future.
Typical auto control architecture
Domain-based distributed computing is key to the future
The SAE Level 4+ autonomy would demand substantial enhancement in processing capability across the Sense, Compute, and Actuate functional blocks of the vehicle. The number of sub-systems and their complexity will increase exponentially in order to achieve the level of functionality and dependability required by these autonomous vehicles. These needs favour the concept of ‘Distributed Computing’ instead of ‘Distributed Control’ which is the basis of the current E/E architecture. Adding another sensor module within the current E/E architecture might be simple from Hardware standpoint, however it makes software integration a challenging task especially if abstraction layers are non-existent. This results in a platform which is not easy to implement. Over the past couple of years, many car makers and system suppliers are expanding their capabilities to tackle these challenges. Some are partnering with technology or service providers; while others are acquiring complete companies to bring the necessary technology and know-how in-house, especially in the areas of software. This is a clear indication that the industry recognizes the need for new technologies and methodologies, which in turn provides the opportunity for broader collaboration. At this inflection point, an open-platform / open-system approach can help accelerate this process by fostering innovation and enable the development of AD systems that are inter-operable, modular and scalable.
It is clear that in the future, modular and scalable software will sit firmly on top of a heterogeneous hardware architecture that will include all the low-level drivers, operating systems, middleware, and application framework. This is the area of the vehicle infrastructure that will become highly standardized for scalability while the applications that sit above this stack will be the point at which different carmakers differentiate their vehicles.
One interesting by-product of the standardization and APIs is that it is already beginning to spawn new business opportunities and business models. As cars become connected then new and existing businesses are able to offer new and value added services to drivers with the standardization, ensuring compatibility and inter-operability across industries.
While we still have some way to go to achieve full AD, it is clear that it will happen at some point in the not-too-distant-future. Managing the integration of these complex systems while achieving a highest level of dependability ever seen in the car industry is the primary challenge to be addressed, but more importantly, before we can achieve true AD the industry needs to develop standardized and scalable architectures - and recognize that much of the challenge that lies ahead will be solved by innovative software development.
As a leading supplier to the automotive industry, Infineon provides key technologies to help address these challenges and achieve the ultimate goal of fully autonomous driving. Besides innovating in a wide range of automotive-specific products such as advanced chipsets designed to meet and exceed the requirements of next generation radar system, or multi-core microcontroller devices supporting the highest level of safety compliance, Infineon continues to invest in development of complete system solutions, and partner with leading software providers.
-- This was co-authored by Nelson Quintana, senior technologist, automated driving, automotive innovation center at Infineon Technologies, and Ritesh Tyagi, head of Infineon's automotive innovation center.