SafeAdapt enables fail-operational automotive E/E systems: Page 4 of 4

March 10, 2016 //By Gereon Weiss, Fraunhofer ESK
SafeAdapt enables fail-operational automotive E/E systems
Electromobility and highly automated driving are placing completely new demands on vehicle information and communication (ICT) architectures. The EU-funded SafeAdapt project, which was created to address this challenge, aims to develop a new E/E architecture for future vehicles in which adaptive systems ensure safe, reliable and cost-effective mobility.

Furthermore, the Dynacar driving simulator from Tecnalia will serve as a virtual test environment. That means the SafeAdapt technologies will also be integrated into the simulator in order to demonstrate an energy efficiency application. If less battery capacity is available after a certain distance for instance, the system can independently deactivate non-safety critical functions such as comfort and convenience features. The driver-in-the-loop simulator can also be used to evaluate the impact of adaptive safety mechanisms on the handling characteristics of the vehicle. This has an impact on issues such as the maximum duration of the steer-by-wire adaptation so that the driver can keep the vehicle under control.

Fraunhofer ESK is researching how the SafeAdapt approach can be used in an E/E architecture with conventional AUTOSAR platforms. Using a model vehicle, researchers are examining the fail-operational capability of critical driving functions in an AUTOSAR system.

The SafeAdapt project not only involves the design of a new E/E vehicle architecture. The project team is also looking at design and validation methods for such an architecture in order to enable development in line with the ISO26262 functional safety standard. This norm describes what must be done during the development of automobile components and systems to ensure the functional safety of the system. This standard can already be used to develop simple fail-operation functions through adaptation. In particular, the modular qualification approach of the standard, the so-called Safety-Element-out-of-Context concept, is used in order to utilize the SAPC as a reusable safety component in various platforms.

These functions, plus the architecture, must be specified before developing the vehicle functions. The system design must correspond to the safety concept, so that the appropriate measures are taken in the identified error situations. In these instances, the system architect can indicate which functions have to be available in the system and their fail-operational behavior.

The project also uses descriptions in the EAST-ADL and AUTOSAR architecture description languages. The SafeAdapt tool chain can be used to generate robust fault-tolerant system configurations, which automatically take into account all of the required characteristics, such as redundant standby versions of critical functions. This automated process makes it possible to generate configurations for every type of error condition, which would be near impossible to carry out manually given the numerous potential scenarios. This also makes it possible to guarantee that only valid system configurations are utilized. That means all requirements, such as the timely execution of functional chains, will be fulfilled.

The configurations can then be further used in the system design model or for real applications. This allows developers to generate AUTOSAR ARXML-compliant configurations and source code that can be incorporated into the ECU software directly during development. Together with automatically-generated information that can be used as a basis for the SAPC, system-wide error handling can be implemented. This approach can be used in ECUs with conventional AUTOSAR operating systems, as well as with more powerful real-time operating systems in future adaptive platforms.

SafeAdapt is a three-year project that will conclude in mid-2016. Apart from Fraunhofer ESK, the project partners include CEA LIST (France), Delphi (Germany), DuraCar (Netherlands), Fico Mirrors (Spain), Tecnalia Research & Innovation (Spain), Pininfarina (Italy), Siemens (Germany) and TTTech Computertechnik (Austria).

About the Author:

Dr Gereon Weiss is Group Manager and Deputy Manager of the Automotive business unit at Fraunhofer Institute for Embedded Systems and Communication Technologies ESK.

Having joined Fraunhofer ESK in 2007, Weiss was appointed head of the Automotive Software research group in 2011. From 2014 on, he also holds the position of deputy manager of Fraunhofer ESK’s Automotive business unit. In addition, he is responsible for the core competencies Dependable Software and Adaptive Systems.

Gereon Weiss studied computer science at the University of Karlsruhe with focus on of embedded systems design and telematics in which he graduated in 2006. Since then he has been active in the applied research field of model-driven engineering for distributed embedded systems, both as author of numerous publications and as reviewer. In 2014 he gained his PhD at the University of Augsburg in the area of designing self-adaptation in distributed embedded systems.

He can be reached via gereon.weiss(at)

Design category: 

Vous êtes certain ?

Si vous désactivez les cookies, vous ne pouvez plus naviguer sur le site.

Vous allez être rediriger vers Google.