There is today more than 20 years of experience in automotive CAN applications, and CAN has certainly proven very successful as a robust, cost effective and all-around network technology. But the use of CAN in vehicles is evolving, in particular because of more complex and heterogeneous architectures with FlexRay or Ethernet networks, and because of recent needs like hybrid, electric propulsion or driver assistance that involves more stringent real-time constraints. Besides, there are other new requirements on CAN: more fine-grained ECU mode management for energy savings, multi-ECU splitted functions and huge software downloads. In parallel, safety issues request more and more mechanisms to protect against potential failures and provide end-to-end integrity. The development process is also evolving with the advent of multi-domain cooperation, Autosar, ISO2626-2 and the always shorter time-to-market requirements. In this landscape, CAN has now to be used at much higher bus load level than in the past, and there is less margin for error. What does it imply in terms of verification and validation? What are the characteristics of the communication stacks that should be paid attention to? This article is intended to shed some light and share our views on these issues.
Towards Computer-Aided, Iterative TSN-and Ethernet-based E/E Architecture DesignRealTime-at-Work (RTaW)
Typical design goals of next generation architectures are future extensibility and cost optimization of the lowest-end. We propose to introduce guidance to an otherwise standard Monte-Carlo simulation by providing certain fixed points (e.g., mandated connections of ECUs to certain bridges, complete re-use of ECUs) and “hot spots” in the topology (e.g., ECUs with the highest variability pressure) that are known in advance from BMW’s experience with their vehicles in the field. Several important practical considerations must be integrated in the generation of candidate architectures:
- Topological constraints: ECU proximity to sensors, daisy chain connections between ECUs to minimize cable length, number of switch ports in a certain ECU, etc.
- Security and reliability requirements: segregation between mixed-criticality streams, proxy ECUs, and redundant paths.
Our position statement explores the ability of algorithmic tools to synthesize Ethernet-based architectures based on a minimal fixed core TSN topology, design goals, design constraints, assumptions about next generation applications and data from past projects (capturing part of the OEM domain knowledge).
There has been a pivotal change in the design of E/E architectures, which is that we cannot assume anymore that the functions, and thus the communication requirements, are known in advance and fixed over time. It has become crucial for OEMs to be in the position to add further functions / services during the lifetime of the vehicle: OEMs need to design E/E architectures that are future-proof.
We show how design space exploration, by answering a series of design questions and proposing solutions to the designers, helps to improve an automotive E/E architecture in several dimensions.
We start by estimating the total "capacity" of a baseline architecture, then, by removing bottlenecks, we obtain an "enhanced capacity" architecture. The architecture is then further optimized in terms of costs and reliability.
The work is conducted on Volvo's prototype centralized E/E and domain-based E/E architectures.
Do We Really Need TSN in Next-Generation Helicopters? Insights From a Case-StudyRealTime-at-Work (RTaW)
As Ethernet rapidly replaces legacy networks as the core high-speed network in helicopter’s avionics and mission systems, we ask in this paper the question of the technical benefits of migrating to Ethernet Time-Sensitive-Networking (TSN). Indeed, TSN has become a rich toolbox of mechanisms and protocols to address Quality-of-Service (QoS) requirements pertaining to timing and reliability. TSN is quickly becoming the prominent technology for wired high-speed communications in a variety of application domains like automotive, industry 4.0 and telecom. In this context, this work explores the use of TSN timing QoS mechanisms for helicopter’s avionics and mission systems on a case-study representative of the communication requirements of next-generation systems. This study aims to provide quantified insights into what can be expected from TSN in terms of timing, memory usage and extensibility. Paper available at http://hdl.handle.net/10993/48093
Simulation-Based Fault Injection as a Verification Oracle for the Engineering...RealTime-at-Work (RTaW)
TTEthernet (TTE) is considered for use as high-speed backbone in the avionics of next-generation orbital space launchers. Given the key role of communication in launchers, the OEM must acquire a precise understanding of TTE’s functioning and its performances in nominal and error conditions. This holds especially true for the clock synchronization algorithm, the cornerstone of time-triggered communication in TTE, which involves complex distributed algorithms. In this study, we use both an experimental platform and fault-injection on a simulation model to gain quantified insights in these questions. We first describe a fine-grained simulation model of TTE model and discuss how it has been validated against communication traces recorded on the TTE platform. We then present experiments that evaluate the accuracy of the clock synchronization in TTE in the fault-free case as well as considering permanent link failure and transient transmission errors. Finally, we discuss what we have learned during the project in terms of development process and programming language support for complex simulation models used in the design of critical systems.
This work is about the design and configuration of service-oriented communication on top of Ethernet TSN. The first objective is to present takeaways from the design and implementation of the Renault E/E Service-Oriented Architecture (SOA) called FACE. In particular, we discuss technological, design and configuration choices made for the SOA, such as how to segment messages (UDP with multiple events, TCP, SOME/IP TP), and the technical possibilities to shape the transmission of the packets on the Ethernet network.
The second objective is to study how to ensure the Quality of Service (QoS) required by services. Indeed, services introduce specific challenges, be it only the sheer amount of traffic they generate and if there is a growing body of experiences in the use of TSN QoS mechanisms most of what has been learned so far is mostly about meeting the requirements of individual streams. Less is known for services that involve the transmission of several, possibly segmented, messages with more complex transmission patterns. We show on the FACE architecture how SOME/IP messages were mapped to TSN QoS mechanisms in a manual then automated manner so as to meet the individual requirements of the services in terms of timing, and the system’s requirements in terms of memory usage.
Insights into the performance and configuration of TCP in Automotive Ethernet...RealTime-at-Work (RTaW)
The idea of using TCP in cars has been around for some time, as the first specification of Autosar TCP/IP stack dates back from early 2013. However, TCP has not been popular yet in cars and there has not been much published works on using TCP for in-vehicle communications so far.
TCP – the Transmission Control Protocol – provides connection-oriented reliable transmission between network applications. TCP is the cornerstone of the Internet – a hugely successful protocol over the last 40 years – if it is certainly a fine piece of engineering but it is definitely a complex one.
The question we explore in this study is what can we expect from TCP for on-board in-vehicle communication in terms of latencies & throughput and how to best configure TCP in a context for which
it has not been conceived. In particular, we will show that TCP configuration on the ECU sides should consider the amount of memory available in the switches and that traffic shaping policy, as available in TSN, can provide a nice performance boost for TCP communication.
Timing verification of automotive communication architecture using quantile ...RealTime-at-Work (RTaW)
Slides of a paper at ERTSS'2014 co-authored by Nicolas NAVET (University of Luxembourg), Shehnaz LOUVART (Renault), Jose VILLANUEVA (Renault), Sergio CAMPOY-MARTINEZ (Renault) and Jörn MIGGE (RealTime-at-Work). Early stage timing verification on CAN traditionally relies on simulation and schedulability analysis, also known as worst-case response time (WCRT) analysis. Despite recent progresses, the latter technique remains pessimistic especially in complex networking architectures with gateways and heterogeneous communication stacks. Indeed, there are practical cases where no exact WCRT analysis is available, and merely upper bounds on the response times can be derived, on the basis of which unnecessary conservative design choices may be made. Simulation, on the other hand, does not provide anyguarantees per se and, in the context of critical networks, should only be used along with an adequate methodology. In this paper, we argue for the use of quantiles of the response time distribution as performance
metrics providing an adjustable trade-off between safety and resource usage optimization. We discuss how the exact value of the quantile to consider should be chosen with regard to the criticality of the frames, and illustrate the approach on two typical automotive use-cases.
Insights on the configuration and performances of SOME/IP Service DiscoveryNicolas Navet
Scalable Service-Oriented Middleware on IP (SOME/IP) is a proposal aimed at providing service-oriented communication in vehicles. SOME/IP nodes are able to dynamically discover and subscribe to available services through the SOME/IP Service Discovery protocol (SOME/IP SD). In this context, a key performance criterion to achieve the required responsiveness is the subscription latency that is the time it takes for a client to subscribe to a service. In this paper we provide a recap of SOME/SD and list a number of assumptions based on what we can foresee about the use of SOME/IP in the automotive domain. Then, we identify the factors having an effect on the subscription latency, and, by sensitivity analysis, quantify their importance regarding the worst-case service subscription latency. The analysis and experiments in this study provide practical insights into how to best configure SOME/IP SD protocol.
Towards Computer-Aided, Iterative TSN-and Ethernet-based E/E Architecture DesignRealTime-at-Work (RTaW)
Typical design goals of next generation architectures are future extensibility and cost optimization of the lowest-end. We propose to introduce guidance to an otherwise standard Monte-Carlo simulation by providing certain fixed points (e.g., mandated connections of ECUs to certain bridges, complete re-use of ECUs) and “hot spots” in the topology (e.g., ECUs with the highest variability pressure) that are known in advance from BMW’s experience with their vehicles in the field. Several important practical considerations must be integrated in the generation of candidate architectures:
- Topological constraints: ECU proximity to sensors, daisy chain connections between ECUs to minimize cable length, number of switch ports in a certain ECU, etc.
- Security and reliability requirements: segregation between mixed-criticality streams, proxy ECUs, and redundant paths.
Our position statement explores the ability of algorithmic tools to synthesize Ethernet-based architectures based on a minimal fixed core TSN topology, design goals, design constraints, assumptions about next generation applications and data from past projects (capturing part of the OEM domain knowledge).
There has been a pivotal change in the design of E/E architectures, which is that we cannot assume anymore that the functions, and thus the communication requirements, are known in advance and fixed over time. It has become crucial for OEMs to be in the position to add further functions / services during the lifetime of the vehicle: OEMs need to design E/E architectures that are future-proof.
We show how design space exploration, by answering a series of design questions and proposing solutions to the designers, helps to improve an automotive E/E architecture in several dimensions.
We start by estimating the total "capacity" of a baseline architecture, then, by removing bottlenecks, we obtain an "enhanced capacity" architecture. The architecture is then further optimized in terms of costs and reliability.
The work is conducted on Volvo's prototype centralized E/E and domain-based E/E architectures.
Do We Really Need TSN in Next-Generation Helicopters? Insights From a Case-StudyRealTime-at-Work (RTaW)
As Ethernet rapidly replaces legacy networks as the core high-speed network in helicopter’s avionics and mission systems, we ask in this paper the question of the technical benefits of migrating to Ethernet Time-Sensitive-Networking (TSN). Indeed, TSN has become a rich toolbox of mechanisms and protocols to address Quality-of-Service (QoS) requirements pertaining to timing and reliability. TSN is quickly becoming the prominent technology for wired high-speed communications in a variety of application domains like automotive, industry 4.0 and telecom. In this context, this work explores the use of TSN timing QoS mechanisms for helicopter’s avionics and mission systems on a case-study representative of the communication requirements of next-generation systems. This study aims to provide quantified insights into what can be expected from TSN in terms of timing, memory usage and extensibility. Paper available at http://hdl.handle.net/10993/48093
Simulation-Based Fault Injection as a Verification Oracle for the Engineering...RealTime-at-Work (RTaW)
TTEthernet (TTE) is considered for use as high-speed backbone in the avionics of next-generation orbital space launchers. Given the key role of communication in launchers, the OEM must acquire a precise understanding of TTE’s functioning and its performances in nominal and error conditions. This holds especially true for the clock synchronization algorithm, the cornerstone of time-triggered communication in TTE, which involves complex distributed algorithms. In this study, we use both an experimental platform and fault-injection on a simulation model to gain quantified insights in these questions. We first describe a fine-grained simulation model of TTE model and discuss how it has been validated against communication traces recorded on the TTE platform. We then present experiments that evaluate the accuracy of the clock synchronization in TTE in the fault-free case as well as considering permanent link failure and transient transmission errors. Finally, we discuss what we have learned during the project in terms of development process and programming language support for complex simulation models used in the design of critical systems.
This work is about the design and configuration of service-oriented communication on top of Ethernet TSN. The first objective is to present takeaways from the design and implementation of the Renault E/E Service-Oriented Architecture (SOA) called FACE. In particular, we discuss technological, design and configuration choices made for the SOA, such as how to segment messages (UDP with multiple events, TCP, SOME/IP TP), and the technical possibilities to shape the transmission of the packets on the Ethernet network.
The second objective is to study how to ensure the Quality of Service (QoS) required by services. Indeed, services introduce specific challenges, be it only the sheer amount of traffic they generate and if there is a growing body of experiences in the use of TSN QoS mechanisms most of what has been learned so far is mostly about meeting the requirements of individual streams. Less is known for services that involve the transmission of several, possibly segmented, messages with more complex transmission patterns. We show on the FACE architecture how SOME/IP messages were mapped to TSN QoS mechanisms in a manual then automated manner so as to meet the individual requirements of the services in terms of timing, and the system’s requirements in terms of memory usage.
Insights into the performance and configuration of TCP in Automotive Ethernet...RealTime-at-Work (RTaW)
The idea of using TCP in cars has been around for some time, as the first specification of Autosar TCP/IP stack dates back from early 2013. However, TCP has not been popular yet in cars and there has not been much published works on using TCP for in-vehicle communications so far.
TCP – the Transmission Control Protocol – provides connection-oriented reliable transmission between network applications. TCP is the cornerstone of the Internet – a hugely successful protocol over the last 40 years – if it is certainly a fine piece of engineering but it is definitely a complex one.
The question we explore in this study is what can we expect from TCP for on-board in-vehicle communication in terms of latencies & throughput and how to best configure TCP in a context for which
it has not been conceived. In particular, we will show that TCP configuration on the ECU sides should consider the amount of memory available in the switches and that traffic shaping policy, as available in TSN, can provide a nice performance boost for TCP communication.
Timing verification of automotive communication architecture using quantile ...RealTime-at-Work (RTaW)
Slides of a paper at ERTSS'2014 co-authored by Nicolas NAVET (University of Luxembourg), Shehnaz LOUVART (Renault), Jose VILLANUEVA (Renault), Sergio CAMPOY-MARTINEZ (Renault) and Jörn MIGGE (RealTime-at-Work). Early stage timing verification on CAN traditionally relies on simulation and schedulability analysis, also known as worst-case response time (WCRT) analysis. Despite recent progresses, the latter technique remains pessimistic especially in complex networking architectures with gateways and heterogeneous communication stacks. Indeed, there are practical cases where no exact WCRT analysis is available, and merely upper bounds on the response times can be derived, on the basis of which unnecessary conservative design choices may be made. Simulation, on the other hand, does not provide anyguarantees per se and, in the context of critical networks, should only be used along with an adequate methodology. In this paper, we argue for the use of quantiles of the response time distribution as performance
metrics providing an adjustable trade-off between safety and resource usage optimization. We discuss how the exact value of the quantile to consider should be chosen with regard to the criticality of the frames, and illustrate the approach on two typical automotive use-cases.
Insights on the configuration and performances of SOME/IP Service DiscoveryNicolas Navet
Scalable Service-Oriented Middleware on IP (SOME/IP) is a proposal aimed at providing service-oriented communication in vehicles. SOME/IP nodes are able to dynamically discover and subscribe to available services through the SOME/IP Service Discovery protocol (SOME/IP SD). In this context, a key performance criterion to achieve the required responsiveness is the subscription latency that is the time it takes for a client to subscribe to a service. In this paper we provide a recap of SOME/SD and list a number of assumptions based on what we can foresee about the use of SOME/IP in the automotive domain. Then, we identify the factors having an effect on the subscription latency, and, by sensitivity analysis, quantify their importance regarding the worst-case service subscription latency. The analysis and experiments in this study provide practical insights into how to best configure SOME/IP SD protocol.
Early-stage topological and technological choices for TSN-based communication...RealTime-at-Work (RTaW)
A main issue in the design of automotive communication architectures is that the most important design choices pertaining to the topology of the networks and the technologies to use (protocols, data rate, hardware) have to be made at a time when the communication requirements are not entirely known. Indeed, many functions only becomes available along the development cycle, and vehicle platforms have to support incremental evolutions of the embedded system that may not be fully foreseeable at the time design choices are made. The problem is becoming even more difficult and crucial with the introduction of dynamically evolving communication requirements requiring network re-configuration at run-time.
We present how the use of synthetic data, that is data generated programmatically based on past vehicle projects and what can be foreseen for the current project, enables the designers to make such early stage choices based on quantified metrics. The proposals are applied to Groupe Renault's FACE service-oriented E/E architecture with the use of the “Topology Stress Test” feature implemented in RTaW-Pegase.
Insights on the Performance and Configuration of AVB and TSN in Automotive Ap...RealTime-at-Work (RTaW)
Switched Ethernet is profoundly reshaping in-car communications. To meet the diverse real-time requirements in automotive communications, Quality-of-Service protocols that go beyond the mere use of priorities are required. In this work, the basic questions that we investigate on a case-study with diverse and demanding communication requirements is what can we expect from the various protocols aimed at providing a better timing Quality of Service on top of Ethernet? And how to use them? Especially how to use them in a combined manner. We will focus on the Credit-Based Shaper of AVB, the Time-Aware Shaper of TSN and the use of priorities as defined in IEEE802.1Q. The performance metrics considered are the distributions of the communication latencies, obtained by simulation, as well as upper bounds on these quantities obtained by worst-case schedulability analysis. If there have been over the last 5 years numerous studies on the performance of AVB CBS, the literature on comparing AVB to TSN and other candidate protocols is still sparse. To the best of our knowledge, this empirical study is the first to consider most protocols currently considered in the automotive domain, with the aim to gain insights into the different technological, design and configurations alternatives. In particular, an objective of this study is to identify key problems that need to be solved in order to further automate network design and configuration.
Outine
1) Automotive E/E Systems: mastering complexity
2) Ecosystems of virtualization technologies
3) Automotive use-cases of virtualization
4) Limits of virtualization
Authors: N. Navet (RealTime-at-Work), B. Delord (PSA Peugeot-Citroen), M Baumeister (Freescale semiconductor)
Talk given at RTS Embedded System 2010 on March 31st 2010.
As the demand for computing power is quickly
increasing in the automotive domain, car manufactur-ers and tier-one suppliers are gradually introducing mul-ticore ECUs in their electronic architectures. Additionally, these multicore ECUs offer new features such as higher levels of parallelism which eases the respect of
the safety requirements introduced by the ISO 26262 and can be taken advantage of in various other automotive use-cases. These new features involve also more complexity in the design, development and verification of the software applications. Hence, OEMs and suppliers will require new tools and methodologies for deployment and
validation. In this paper, we present the main use cases
for multicore ECUs and then focus on one of them. Pre-
cisely, we address the problem of scheduling numerous
elementary software components (called runnables) on
a limited set of identical cores. In the context of an au-
tomotive design, we assume the use of the static task
partitioning scheme which provides simplicity and bet-
ter predictability for the ECU designers by comparison
with a global scheduling approach. We show how the
global scheduling problem can be addressed as two sub-
problems: partitioning the set of runnables and building
the schedule on each core. At that point, we prove that
each of the sub-problems cannot be solved optimally due
to their algorithmic complexity. We then present low com-
plexity heuristics to partition and build a schedule of the
runnable set on each core before discussing schedula-
bility verification methods. Finally, we assess the perfor-
mance of our approach on realistic case-studies.
Timing verification of real-time automotive Ethernet networks: what can we ex...RealTime-at-Work (RTaW)
Switched Ethernet is a technology that is profoundly reshaping automotive communication architectures as it did in other application domains such as avionics with the use of AFDX backbones. Early stage timing verification of critical embedded networks typically relies on simulation and worst-case schedulability analysis. When the modeling power of schedulability analysis is not sufficient, there are typically two options: either make pessimistic assumptions or ignore what cannot be modeled. Both options are unsatisfactory because they are either inefficient in terms of resource usage or potentially unsafe. To overcome those issues, we believe it is a good practice to use simulation models, which can be more realistic, along with schedulability analysis. The two basic questions that we aim to study here is what can we expect from simulation, and how to use it properly? This empirical study explores these questions on realistic case-studies and provides methodological guidelines for the use of simulation in the design of switched Ethernet networks. A broader objective of the study is to compare the outcomes of schedulability analyses and simulation, and conclude about the scope of usability of simulation in the desi gn of critical Ethernet networks
Modeling, Simulation and Timing Analysis for Controller Area Network (2.0A, 2.0B, FD, Arinc825) - RTaW-Sim is a timing-accurate simulator of CAN networks that enables the designer to come up quickly with the best design and configuration choices, and assess the performances and reliability of a system.
Autonomous driving requires safety considerations and the need of “fail operational” requires redundancy. In the networking portion of a car, this may mean separate networks, possibly of different technologies. Or it could mean a network topology and technology that supports scalable redundancy, like Ethernet TSN.
This presentation focuses on IEEE 802.1CB-2017, which is the TSN standard that supports data redundancy through the network. Various network topologies are examined. The relative costs of adding TSN redundancy for these topologies (including some, or all of, the end-stations/ECUs & bridges) are examined for various bandwidth utilizations, along with the expected packet loss. Each topology and bandwidth will be modeled under various bit-rate error values with the results discussed.
This presentation aims at providing a clear understanding of the TSN standards that support redundancy, and an understanding of the cost/benefit tradeoffs so proper engineering decisions can be made and proper expectations set.
Automotive embedded systems now include numerous software-intensive functions that are critical from a safety point of view (e.g., braking, assisted driving, etc). These functions are distributed on the Electronic Control Units and they need to exchange large amount of data with real-time constraints. In this context, the communication system plays a major role and it has to respect stringent dependability constraints. Security, especially with the widespread of wireless networks, is now becoming a serious matter of concern too. In this talk, we will review the main threats to dependability and security in automotive communication systems, the existing technical solutions to attain them, and, highlight areas where developments might be needed.
Frame latency evaluation: when simulation and analysis alone are not enoughRealTime-at-Work (RTaW)
This talk is about temporal verification in real-time communication systems. Early in the design cycle, the two main approaches for verifying timing constraints and dimensioning the networks are worst-case schedulability analysis and simulation. The aim of the talk is to demonstrate that both provide complementary results and that, most often, none of them alone is sufficient. In particular, it will be shown that response time distributions that can be derived from simulations cannot replace worst-case analysis. This will be done on automotive case-studies using RTaW analysis and simulation software tools.
Slides of a talk given at ERTS2008 in Toulouse. Abstract: with the increasing amount of electronics, making best usage of the bandwidth becomes of primary importance in automotive networks. One
solution that is being investigated by car manufacturers is to schedule the messages with offsets, which leads to a desynchronization of the message streams. As it will be shown, this “traffic shaping” strategy is very beneficial in terms of worst-case response times. In this slides, the problem of choosing the best offsets is addressed in the case of Controller Area Network, which is a de-facto standard in the automotive world. Comprehensive experiments shown give insight into the fundamental reasons why offsets are efficient, and demonstrate that offsets actually provide a major performance boost in terms of response times. These experimental results suggest that sound offset strategies may extend the lifespan of CAN further, and may defer the introduction of FlexRay and additional CAN networks.
Pre-Con Education: Recognizing Your Network's Key Performance Indicators Th...CA Technologies
Understanding key network metrics that impact end-user experience and how to leverage these key performance indicators is imperative for troubleshooting issues and restoring optimal network performance.
In this presentation, you will learn how to establish fundamental metrics for technology communications, gain an understanding of key concepts attributed to communication processes, gain an understanding of network performance metrics that actually impact end users, understand five sources of network latency and learn to use reference models as a troubleshooting tool.
For more information on DevOps solutions from CA Technologies, please visit: http://bit.ly/1wbjjqX
Early-stage topological and technological choices for TSN-based communication...RealTime-at-Work (RTaW)
A main issue in the design of automotive communication architectures is that the most important design choices pertaining to the topology of the networks and the technologies to use (protocols, data rate, hardware) have to be made at a time when the communication requirements are not entirely known. Indeed, many functions only becomes available along the development cycle, and vehicle platforms have to support incremental evolutions of the embedded system that may not be fully foreseeable at the time design choices are made. The problem is becoming even more difficult and crucial with the introduction of dynamically evolving communication requirements requiring network re-configuration at run-time.
We present how the use of synthetic data, that is data generated programmatically based on past vehicle projects and what can be foreseen for the current project, enables the designers to make such early stage choices based on quantified metrics. The proposals are applied to Groupe Renault's FACE service-oriented E/E architecture with the use of the “Topology Stress Test” feature implemented in RTaW-Pegase.
Insights on the Performance and Configuration of AVB and TSN in Automotive Ap...RealTime-at-Work (RTaW)
Switched Ethernet is profoundly reshaping in-car communications. To meet the diverse real-time requirements in automotive communications, Quality-of-Service protocols that go beyond the mere use of priorities are required. In this work, the basic questions that we investigate on a case-study with diverse and demanding communication requirements is what can we expect from the various protocols aimed at providing a better timing Quality of Service on top of Ethernet? And how to use them? Especially how to use them in a combined manner. We will focus on the Credit-Based Shaper of AVB, the Time-Aware Shaper of TSN and the use of priorities as defined in IEEE802.1Q. The performance metrics considered are the distributions of the communication latencies, obtained by simulation, as well as upper bounds on these quantities obtained by worst-case schedulability analysis. If there have been over the last 5 years numerous studies on the performance of AVB CBS, the literature on comparing AVB to TSN and other candidate protocols is still sparse. To the best of our knowledge, this empirical study is the first to consider most protocols currently considered in the automotive domain, with the aim to gain insights into the different technological, design and configurations alternatives. In particular, an objective of this study is to identify key problems that need to be solved in order to further automate network design and configuration.
Outine
1) Automotive E/E Systems: mastering complexity
2) Ecosystems of virtualization technologies
3) Automotive use-cases of virtualization
4) Limits of virtualization
Authors: N. Navet (RealTime-at-Work), B. Delord (PSA Peugeot-Citroen), M Baumeister (Freescale semiconductor)
Talk given at RTS Embedded System 2010 on March 31st 2010.
As the demand for computing power is quickly
increasing in the automotive domain, car manufactur-ers and tier-one suppliers are gradually introducing mul-ticore ECUs in their electronic architectures. Additionally, these multicore ECUs offer new features such as higher levels of parallelism which eases the respect of
the safety requirements introduced by the ISO 26262 and can be taken advantage of in various other automotive use-cases. These new features involve also more complexity in the design, development and verification of the software applications. Hence, OEMs and suppliers will require new tools and methodologies for deployment and
validation. In this paper, we present the main use cases
for multicore ECUs and then focus on one of them. Pre-
cisely, we address the problem of scheduling numerous
elementary software components (called runnables) on
a limited set of identical cores. In the context of an au-
tomotive design, we assume the use of the static task
partitioning scheme which provides simplicity and bet-
ter predictability for the ECU designers by comparison
with a global scheduling approach. We show how the
global scheduling problem can be addressed as two sub-
problems: partitioning the set of runnables and building
the schedule on each core. At that point, we prove that
each of the sub-problems cannot be solved optimally due
to their algorithmic complexity. We then present low com-
plexity heuristics to partition and build a schedule of the
runnable set on each core before discussing schedula-
bility verification methods. Finally, we assess the perfor-
mance of our approach on realistic case-studies.
Timing verification of real-time automotive Ethernet networks: what can we ex...RealTime-at-Work (RTaW)
Switched Ethernet is a technology that is profoundly reshaping automotive communication architectures as it did in other application domains such as avionics with the use of AFDX backbones. Early stage timing verification of critical embedded networks typically relies on simulation and worst-case schedulability analysis. When the modeling power of schedulability analysis is not sufficient, there are typically two options: either make pessimistic assumptions or ignore what cannot be modeled. Both options are unsatisfactory because they are either inefficient in terms of resource usage or potentially unsafe. To overcome those issues, we believe it is a good practice to use simulation models, which can be more realistic, along with schedulability analysis. The two basic questions that we aim to study here is what can we expect from simulation, and how to use it properly? This empirical study explores these questions on realistic case-studies and provides methodological guidelines for the use of simulation in the design of switched Ethernet networks. A broader objective of the study is to compare the outcomes of schedulability analyses and simulation, and conclude about the scope of usability of simulation in the desi gn of critical Ethernet networks
Modeling, Simulation and Timing Analysis for Controller Area Network (2.0A, 2.0B, FD, Arinc825) - RTaW-Sim is a timing-accurate simulator of CAN networks that enables the designer to come up quickly with the best design and configuration choices, and assess the performances and reliability of a system.
Autonomous driving requires safety considerations and the need of “fail operational” requires redundancy. In the networking portion of a car, this may mean separate networks, possibly of different technologies. Or it could mean a network topology and technology that supports scalable redundancy, like Ethernet TSN.
This presentation focuses on IEEE 802.1CB-2017, which is the TSN standard that supports data redundancy through the network. Various network topologies are examined. The relative costs of adding TSN redundancy for these topologies (including some, or all of, the end-stations/ECUs & bridges) are examined for various bandwidth utilizations, along with the expected packet loss. Each topology and bandwidth will be modeled under various bit-rate error values with the results discussed.
This presentation aims at providing a clear understanding of the TSN standards that support redundancy, and an understanding of the cost/benefit tradeoffs so proper engineering decisions can be made and proper expectations set.
Automotive embedded systems now include numerous software-intensive functions that are critical from a safety point of view (e.g., braking, assisted driving, etc). These functions are distributed on the Electronic Control Units and they need to exchange large amount of data with real-time constraints. In this context, the communication system plays a major role and it has to respect stringent dependability constraints. Security, especially with the widespread of wireless networks, is now becoming a serious matter of concern too. In this talk, we will review the main threats to dependability and security in automotive communication systems, the existing technical solutions to attain them, and, highlight areas where developments might be needed.
Frame latency evaluation: when simulation and analysis alone are not enoughRealTime-at-Work (RTaW)
This talk is about temporal verification in real-time communication systems. Early in the design cycle, the two main approaches for verifying timing constraints and dimensioning the networks are worst-case schedulability analysis and simulation. The aim of the talk is to demonstrate that both provide complementary results and that, most often, none of them alone is sufficient. In particular, it will be shown that response time distributions that can be derived from simulations cannot replace worst-case analysis. This will be done on automotive case-studies using RTaW analysis and simulation software tools.
Slides of a talk given at ERTS2008 in Toulouse. Abstract: with the increasing amount of electronics, making best usage of the bandwidth becomes of primary importance in automotive networks. One
solution that is being investigated by car manufacturers is to schedule the messages with offsets, which leads to a desynchronization of the message streams. As it will be shown, this “traffic shaping” strategy is very beneficial in terms of worst-case response times. In this slides, the problem of choosing the best offsets is addressed in the case of Controller Area Network, which is a de-facto standard in the automotive world. Comprehensive experiments shown give insight into the fundamental reasons why offsets are efficient, and demonstrate that offsets actually provide a major performance boost in terms of response times. These experimental results suggest that sound offset strategies may extend the lifespan of CAN further, and may defer the introduction of FlexRay and additional CAN networks.
Pre-Con Education: Recognizing Your Network's Key Performance Indicators Th...CA Technologies
Understanding key network metrics that impact end-user experience and how to leverage these key performance indicators is imperative for troubleshooting issues and restoring optimal network performance.
In this presentation, you will learn how to establish fundamental metrics for technology communications, gain an understanding of key concepts attributed to communication processes, gain an understanding of network performance metrics that actually impact end users, understand five sources of network latency and learn to use reference models as a troubleshooting tool.
For more information on DevOps solutions from CA Technologies, please visit: http://bit.ly/1wbjjqX
E2M - Full 3D Black Box Navigation Application for AndroidTerry Kim
Product Introduction of Full 3D Black Box Application for Android. With E2M, your smart phone becomes Black Box Navigation.
-Automatic Video Recording functions for Car Accident and your Video can be shared through SNS(Facebook, Twitter, etc), SMS, Email
Not only accident but you can also record a nice driving/travel with your friend/ family!!
-Location Sharing with your friend: Current Location, Destination
-Voice Search, Word Completion
50 Highlights der 37. Auktion am 18. April 2015 - 50 Highlights of Scripophil...Matthias Schmitt
Catalogue with the 50 highlights for the 37th auction of old stocks and bonds (Scripophily, Historische Wertpapiere, Nonvaleurs). The auction takes place in Würzburg, Germany. Old stock and bond certificates are collected. Start now your own collection.
Graph databases come with enhanced connectivity of data and whiteboard friendly paradigm. Some, like Neo4j, also brings a gremlin in your code : it is one of the most powerful graph query langage. It brings a refreshing look at how we store web of data and search for it. Gremlin provides an abstract layer that make it easy to express your business logic without fighting with the code. It may even change your mind on object oriented programming.
Verdades y mentiras del Mercado de valores
En Youtube: Técnicas MBA con Numbers
Texto relacionado: Pedro N. Moreu Jalón, "Técnicas MBA con NUMBERS", i Books Store (Apple)
Pushing the limits of CAN - Scheduling frames with offsets provides a major p...Nicolas Navet
M. Grenier, L. Havet, N. Navet, "Pushing the limits of CAN - Scheduling frames with offsets provides a major performance boost", Proc. of the 4th European Congress Embedded Real Time Software (ERTS 2008), Toulouse, France, January 29 - February 1, 2008.
Virtualization in Automotive Embedded Systems : an OutlookNicolas Navet
N. Navet, B. Delord, M. Baumeister, "Virtualization in Automotive Embedded Systems : an Outlook", talk at RTS Embedded System 2010, Paris, France, March, 2010.
Signal-Oriented ECUs in a Centralized Service-Oriented Architecture: Scalabil...RealTime-at-Work (RTaW)
The industry is quickly moving away from a function/signal-oriented architecture towards Service-Oriented Architectures (SOA). To carry-over legacy signal-oriented ECUs during the transition phase, Volvo Cars has developed a layered software (SW) architecture based on the concepts of "device proxys" (i.e., one per legacy ECU), signal real-time database and service interface. This architecture, executing on the central computer on the TSN backbone, provides a clear separation of concerns between its components with a reduced additional complexity.
In this presentation, we will review the main challenges faced in the integration of signal-oriented ECUs into SOA, and present the solutions explored at Volvo with a focus on layered SW architecture in the centralized E/E architecture and its 3 core components:
o Device Proxies
o Signal DataBase
o Service Interface
We then report on the performances of this architecture in terms of latencies and conclude on the maximum number of signal-oriented frames and legacy ECUs that can be handled. The performance evaluation is conducted by simulation, with sensitivity analysis to identify the performance bottlenecks. The E/E architecture under study is a prototype TSN-based central computing architecture targeted at next-generation models.
The main questions that will be discussed throughout the presentation are 1) how to efficiently handle signal to service conversion? 2) The performance and the scalability of the SW architecture proposed and 3) the suitability of SOME/IP as the SOA protocol.
This presentation and demo show the hardware which consist of 5G UE’s, 5G radios, a fronthaul network and C-RAN with high density switches and servers, a transport network of 3 DWDM switches and a DC network of servers and high density switches. The basic software arrangement will be shown with emphasis on the structure of the orchestration and SDN controllers and the choice of virtualization components and logical networking. An eMBB slice will be brought up which will entail programming of the radios, the fronthaul, backhaul, a node B and the core. Its behavior will be noted through the test UE’s. An URRLC slice will be brought up and its nodeB and core will be demonstrated through its test UE’s showing extremely low latency. An MMTC slice will be brought up and a large number of test IOT devices will be demonstrated via the test UE’s. The eMBB slice will be augmented by programming a slice selection function that will create a ICN slice and an application (TBD) will be shown running over that ICN core (but with the eMBB slice). Spectrum will be reassigned from slice to slice and the changes noted as an optimizer recomputes the proper allocation of resources and executes it. Traffic will be increased and the changes in the backhaul over transport and core function placements will be noted. An additional demonstration will show creation of multiple 4G air interfaces using the same infrastructure network but with 4G radios and 4G UE’s using OAI software and ETTUS SDRs. A Skype session will be created between the two 4G slices. We will also try to show some of the EPC functions being moved while the UE sessions are not impacted.
Author : Peter Ashwood-Smith, Huawei Technologies
Presented at ITU-T Focus Group IMT-2020 Workshop and Demo Day, 7 December 2016.
More details on the event : http://www.itu.int/en/ITU-T/Workshops-and-Seminars/201612/Pages/Programme.aspx
Slides of a talk given at the Workshop on Specialized Networks held in Conjunction with ETFA 2009.
The use of networks for communications between the Electronic Control Units (ECU) of a vehicle in production cars dates from the beginning of the 90s. The specific requirements of the different car domains have led to the development of a large number of automotive networks such as LIN, J1850, CAN, FlexRay, MOST, etc..
This talk first introduces the context of in-vehicle embedded systems and, in particular, the requirements imposed on the communication systems. Then, we highlight future trends in the development of automotive communication systems.
In-Vehicle Networking : a Survey and Look ForwardNicolas Navet
N. Navet, "In-Vehicle Networking : a Survey and Look Forward", Workshop on Specialized Networks, in conjunction with ETFA 2009, Mallorca, Spain, September 26, 2009.
Strategies for End-to-End Timing Guarantees in a Centralized Software Defined...RealTime-at-Work (RTaW)
This presentation reports on design choices explored for next-generation zonal E/E architectures supporting mixed criticality traffic with strong timing constraints at the gateways between Ethernet and CAN:
• We present methods to validate strategies for packing/unpacking CAN frames to be transmitted over an Ethernet backbone
• We present a novel use-case for Time Aware Shaper (TAS), used to confine the traffic from Android applications into short, periodic transmission windows, shielding hence the rest of the traffic from their interference under any evolution scenario. System-level simulations are used to compare TAS with two alternative solutions based on priorities and Credit Based Shaper (CBS)
• This study exemplifies how the collaboration between an OEM, a Tier1 and a timing analysis tool vendor built a timing-accurate model of the SDV architecture to explore design alternatives, reduce the time for prototyping and to provide new inputs for the 802.1DG Automotive profile
The ubiquitous heavy-tailed distributions in the Internet im-plies an interesting feature of the Internet traffic: most (e.g. 80%) of the traffic is actually carried by only a small number of connections (elephants), while the remaining large amount of connections are very small in size or lifetime (mice). In a fair network environment, short connections expect rela-tively fast service than long connections. For these reasons, short TCP flows are generally more con-servative than long flows and thus tend to get less than their fair share when they compete for the bottleneck bandwidth. In this paper, we propose to give preferential treatment to short flows2 with help from an Active Queue Management (AQM) policy inside the network. We also rely on the pro-posed Differentiated Services (Diffserv) architecture [3] to classify flows into short and long at the edge of the network. More specifically, we maintain the length of each active flow (in packets3) at the edge routers and use it to classify incoming packets.
This reference design helps organizations design and configure a small to midsize data center (be¬tween 2 and 60 server racks) at headquarters or a server room at a remote site. You will learn how to configure the data center core, aggregation and access switches for connectivity to the servers and the campus network.
The Avaya Fabric Connect data center design supports high-speed 10 Gbps Ethernet connect-ed servers. The design can easily scale server bandwidth with link aggregation and servers can be connected to one or more switches in order to provide the level of availability required for the services delivered by the host. The design also supports legacy and low traffic servers that need 1 Gbps Ethernet connectivity,
The reference design presented in this guide is based on common network requirements and pro¬vides a tested starting point for network engineers to design and deploy an Avaya data center net¬work. This guide does not document every possible option and feature used to design and deploy networks but instead presents the tested and recommended options that will meet the majority of customer needs.
This design uses Avaya Fabric Connect in order to provide benefits over traditional data center design.
IT departments face several challenges in today’s data center:
· Data center traffic flow is not the same as campus traffic flow. Over 80% of the traffic is east-west, server-to-server, vs. north-south, client-to-server, like in a campus.
· Server virtualization allows a virtual machine or workload to be located anywhere in the physi¬cal data center. Data center networks can make it difficult to extend virtual local area networks (VLANs) and subnets anywhere in the data center.
· Server virtualization means that new services can be brought online in minutes or migrated in real time. Reconfiguring the network to support this is difficult because it can interrupt other services.
· Server virtualization means that the load on a physical box is much higher. Physical servers regularly host 10-50 workloads, driving network utilization well past 1 Gbps.
What are the relevant differences between Asynchronous (ATS) and Credit Based...RealTime-at-Work (RTaW)
The effects of CBS and ATS shapers (IEEE Std 802.1Q-2022, Annex L and V) are basically identical for a single flow in the highest priority Traffic Class. But the number of CBS instances is intrinsically limited by the number of TCs, while ATS instances can be numerous and are organized into Scheduler-Groups. We discuss how selecting ingress-flows for ATS instances can create different behavior from CBS. How does the ATS grouping-rule affect shaper performance? What benefit can shaping of lower priority TCs have? How are other non-shaped TCs affected by ATS vs. CBS?
t has been more than 10 years since the inception of the Time-Sensitive Networking Task Group (TG) in IEEE802.1. Since then, TSN has become a rich toolbox of mechanisms and protocols to address Quality-of-Service (QoS) requirements pertaining to timing and reliability. While IEEE 802.1CB, AS and Qci are natural choices for dependability, the designer has much more possibilities when it comes to timing QoS. The selection and configuration of a suitable TSN scheduling solution is not straightforward, as many mechanisms are available (priorities, preemption, CBS, TAS, CQF, ATS), most of them being complex to configure, and they can be used in a combined manner to meet the needs of applications comprising mixed types of traffic. In this talk, based on the academic literature and the observation of industrial practices, we review the well-understood and the emerging use-cases of the different timing QoS mechanisms and what we have learned in terms of their configuration. Ultimately, this talk aims at shedding new light on what to expect from TSN QoS mechanisms and how to introduce the least complexity needed to meet the application's timing requirements.
Time-Predictable Communication in Service-Oriented Architecture - What are th...RealTime-at-Work (RTaW)
Software defined vehicle puts the challenges not only on the computing systems in the vehicle but also on the network. To design a system that can exhibit the required level of determinism for a set of distributed control applications, it is not enough to have a network that is predictable from the timing perspective, one also needs proper real-time scheduling mechanisms in the operating system and in the communication stack, i.e. the interface between the application and the network. In this contribution, we present:
- Overall concept, or what do we mean with a time-predictable system,
- State of the art in deterministic real-time Ethernet communication,
- The real-time scheduling mechanisms commonly used in Automotive,
- Examples of challenging issues and practical use cases that OEMs need to address toward timing predictability in the system.
Insights on the Configuration and Performances of SOME/IP Service DiscoveryRealTime-at-Work (RTaW)
Scalable Service-Oriented Middleware on IP (SOME/IP) is a proposal aimed at providing service-oriented communication in vehicles. SOME/IP nodes are able to dynamically discover and subscribe to available services through the SOME/IP Service Discovery protocol (SOME/IP SD). In this context, a key performance criterion to achieve the required responsiveness is the subscription latency that is the time it takes for a client to subscribe to a service. In this paper we provide a recap of SOME/SD and list a number of assumptions based on what we can foresee about the use of SOME/IP in the automotive domain. Then, we identify the factors having an effect on the subscription latency, and, by sensitivity analysis, quantify their importance regarding the worst-case service subscription latency. The analysis and experiments in this study provide practical insights into how to best configure SOME/IP SD protocol.
This presentation focus on advances on Model Based System Engineering that fUML [1] brings. fUML, better known has Executable UML, provide a formalization of a subset of UML. UML, and with some extensions and adaptations SysML, can now be analysed in a formal way. That was main grief made by researchers.
First part of the presentation illustrates what is now possible by picking ideas from existing tools, notably Alloy [1] and OWL [3]. Following this path will enlighten what still must be done from researchers. It also points out how UML/SysML editors and tools can be enhanced. Indeed in current tools you can modelize activities that are not executable, you can describe Class/Block that cannot be instantiated, and so on.
The second part is about current implementation of previous ideas. It starts with a panorama of tools that can be combined, reused or adapted for the new desired features. For instance, it is possible to generate random instances of a model. Doing so helps to be confident in the model constraints. Moreover details will be given on how Topcased ease or not the integration of such a tool in its suite. For instance, it will be shown how Acceleo and ATL are used, but further details will also be given on how it integrates deeply with Topcased Editors for warnings, quick-fixes and so on.
AUTOSAR OS est amené à devenir le nouveau standard pour les systèmes d’exploitation d’exploitation dans l’embarqué automobile, Un des objectifs premiers du projet AUTOSAR est de permettre à des applications provenant de différentes sources de s’exécuter sur un même calculateur. Ce document fait un tour d'horizon des mécanismes de protection, par exemple protection mémoire et temporelle, qui permettent à des applications multi-sources de s'exécuter sur un même calculateur avec une sûreté de fonctionnement importante. Slides d'une conférence donnée au salon RTS'2009 à Paris.
RTaW SysML Companion transforms SysML models into VHDL/AMS so that it becomes possible to simulate SysML models. SysML Companion enables to perform virtual prototyping and derive tests very early in the design phase directly from SysML specification. To the best of our knowledge, SysML Companion is the first tool of its kind.
Une rapide introduction au développement dirigé par les modèles (MDA/MDD) et à ses bénéfices. Présentation de l'approche implémentée par le logiciel RTaW-Generator.
Learn why monitoring your Mercedes' Exhaust Back Pressure (EBP) sensor is crucial. Understand its role in engine performance and emission reduction. Discover five warning signs of EBP sensor failure, from loss of power to increased emissions. Take action promptly to avoid costly repairs and maintain your Mercedes' reliability and efficiency.
Why Is Your BMW X3 Hood Not Responding To Release CommandsDart Auto
Experiencing difficulty opening your BMW X3's hood? This guide explores potential issues like mechanical obstruction, hood release mechanism failure, electrical problems, and emergency release malfunctions. Troubleshooting tips include basic checks, clearing obstructions, applying pressure, and using the emergency release.
Your VW's camshaft position sensor is crucial for engine performance. Signs of failure include engine misfires, difficulty starting, stalling at low speeds, reduced fuel efficiency, and the check engine light. Prompt inspection and replacement can prevent further damage and keep your VW running smoothly.
Symptoms like intermittent starting and key recognition errors signal potential problems with your Mercedes’ EIS. Use diagnostic steps like error code checks and spare key tests. Professional diagnosis and solutions like EIS replacement ensure safe driving. Consult a qualified technician for accurate diagnosis and repair.
Comprehensive program for Agricultural Finance, the Automotive Sector, and Empowerment . We will define the full scope and provide a detailed two-week plan for identifying strategic partners in each area within Limpopo, including target areas.:
1. Agricultural : Supporting Primary and Secondary Agriculture
• Scope: Provide support solutions to enhance agricultural productivity and sustainability.
• Target Areas: Polokwane, Tzaneen, Thohoyandou, Makhado, and Giyani.
2. Automotive Sector: Partnerships with Mechanics and Panel Beater Shops
• Scope: Develop collaborations with automotive service providers to improve service quality and business operations.
• Target Areas: Polokwane, Lephalale, Mokopane, Phalaborwa, and Bela-Bela.
3. Empowerment : Focusing on Women Empowerment
• Scope: Provide business support support and training to women-owned businesses, promoting economic inclusion.
• Target Areas: Polokwane, Thohoyandou, Musina, Burgersfort, and Louis Trichardt.
We will also prioritize Industrial Economic Zone areas and their priorities.
Sign up on https://profilesmes.online/welcome/
To be eligible:
1. You must have a registered business and operate in Limpopo
2. Generate revenue
3. Sectors : Agriculture ( primary and secondary) and Automative
Women and Youth are encouraged to apply even if you don't fall in those sectors.
Things to remember while upgrading the brakes of your carjennifermiller8137
Upgrading the brakes of your car? Keep these things in mind before doing so. Additionally, start using an OBD 2 GPS tracker so that you never miss a vehicle maintenance appointment. On top of this, a car GPS tracker will also let you master good driving habits that will let you increase the operational life of your car’s brakes.
𝘼𝙣𝙩𝙞𝙦𝙪𝙚 𝙋𝙡𝙖𝙨𝙩𝙞𝙘 𝙏𝙧𝙖𝙙𝙚𝙧𝙨 𝙞𝙨 𝙫𝙚𝙧𝙮 𝙛𝙖𝙢𝙤𝙪𝙨 𝙛𝙤𝙧 𝙢𝙖𝙣𝙪𝙛𝙖𝙘𝙩𝙪𝙧𝙞𝙣𝙜 𝙩𝙝𝙚𝙞𝙧 𝙥𝙧𝙤𝙙𝙪𝙘𝙩𝙨. 𝙒𝙚 𝙝𝙖𝙫𝙚 𝙖𝙡𝙡 𝙩𝙝𝙚 𝙥𝙡𝙖𝙨𝙩𝙞𝙘 𝙜𝙧𝙖𝙣𝙪𝙡𝙚𝙨 𝙪𝙨𝙚𝙙 𝙞𝙣 𝙖𝙪𝙩𝙤𝙢𝙤𝙩𝙞𝙫𝙚 𝙖𝙣𝙙 𝙖𝙪𝙩𝙤 𝙥𝙖𝙧𝙩𝙨 𝙖𝙣𝙙 𝙖𝙡𝙡 𝙩𝙝𝙚 𝙛𝙖𝙢𝙤𝙪𝙨 𝙘𝙤𝙢𝙥𝙖𝙣𝙞𝙚𝙨 𝙗𝙪𝙮 𝙩𝙝𝙚 𝙜𝙧𝙖𝙣𝙪𝙡𝙚𝙨 𝙛𝙧𝙤𝙢 𝙪𝙨.
Over the 10 years, we have gained a strong foothold in the market due to our range's high quality, competitive prices, and time-lined delivery schedules.
Ever been troubled by the blinking sign and didn’t know what to do?
Here’s a handy guide to dashboard symbols so that you’ll never be confused again!
Save them for later and save the trouble!
"Trans Failsafe Prog" on your BMW X5 indicates potential transmission issues requiring immediate action. This safety feature activates in response to abnormalities like low fluid levels, leaks, faulty sensors, electrical or mechanical failures, and overheating.
The Octavia range embodies the design trend of the Škoda brand: a fusion of
aesthetics, safety and practicality. Whether you see the car as a whole or step
closer and explore its unique features, the Octavia range radiates with the
harmony of functionality and emotion
What Does the PARKTRONIC Inoperative, See Owner's Manual Message Mean for You...Autohaus Service and Sales
Learn what "PARKTRONIC Inoperative, See Owner's Manual" means for your Mercedes-Benz. This message indicates a malfunction in the parking assistance system, potentially due to sensor issues or electrical faults. Prompt attention is crucial to ensure safety and functionality. Follow steps outlined for diagnosis and repair in the owner's manual.
What Does the PARKTRONIC Inoperative, See Owner's Manual Message Mean for You...
CAN in Automotive Applications: a Look Forward
1. CAN in Automotive Applications:
a Look Forward
Nicolas NAVET (INRIA/RTaW), Hervé PERRAULT (PSA)
13th International CAN Conference
Hambach Castle, March 5-6 2012.
March, 5 2012
2. Automotive CAN: the early days (1/2)
Priority Sender node DLC Period (ms)
1 Engine Controller 8 10
2 Wheel angle sensor 3 14
3 Engine Controller 3 20
4 AGB 2 15
5 ABS 5 20
6 stations, 12 frames,
6 ABS 5 40 21% load
7 ABS 4 15
8 Body gateway 5 50
9 undisclosed 4 20
10 Engine Controller 7 100
11 AGB 5 50
12 ABS 1 100
Early CAN project at PSA (1996, see [1])
250kbit/s
05/03/2012 - 2
3. Automotive CAN: the early days (2/2)
Worst-case latencies (=response times) are less than 5.5 ms
NETCAR-Analyzer screenshot
05/03/2012 - 3
4. Proliferation of ECUs and buses
45
40
35
30 CAN LAS
info-div
LIN
25
CAN CAR
CAN CONF
20 CAN I/S
15
Up to 5 CAN
10
interconnected
5 by gateways
0
X4-2000 X4-2003 D2 2004 D2 TG D25 X3 X6-2005 X7-2007 W2
PF3
# ECUs and buses in some PSA projects
between 2000 and 2010 [2]
5. Today’s set of messages
• Size : Up to 20 nodes and 100 frames
“easy” integration
• Bus-rate : 250 or 500kbits for the OEM till
35-40% - precise
• Load : > 50%, sometimes 60% or more … performance
evaluation
• Max latencies : 5ms or less needed beyond
• Gateways : CAN/CAN or CAN/FLEXRAY induce
delays and bursty traffic.
• Aperiodic traffic (eg, Autosar mixed transmission mode)
NETCARBENCH is a GPL licensed software to generate “realistic” and non
confidential CAN message sets according to a set of user-defined parameters.
Available at www.netcarbench.org
05/03/2012 - 5
6. RTaW : help designers build truly safe and
optimized systems
– Services and Software for : architecture design,
ECU and network configuration, formal and
temporal verification (simulation, analysis, trace-inspection)
– Communications systems : CAN, FlexRay, AFDX,
industrial Ethernet, TTP, etc …
– CAN customers: PSA and Renault
− Most software tools are downloadable
at www.realtimeatwork.com / we provide
R&D, support and custom extensions
− No black box software: we publish all
algorithms that are implemented
(ongoing)
RTaW-Sim CAN simulator
05/03/2012 - 6
8. Automotive CAN communication stack :
a simplified view
ECU
Middleware
1
Waiting queue:
5ms Frame-packing task
1 - FIFO
- Highest Priority First
1
- OEM specific
2000
CAN Controller
9 6 8
buffer Tx
CAN Bus
9. Optimizing CAN : meeting performance and robustness
constraints at higher load
An industrial requirement
• Reduce architecture complexity, HW costs & weight,
consumption and emission
• Avoid industrial risks and costs of new technologies
• Incremental design / better performances
How ?
1. Keep amount of data transmitted minimum! → better
identification and traceability of timing constraints
2. Synchronize producing tasks with communication tasks
3. Desynchronize frames by using offsets [3,4]
4. Assign priorities according to deadlines
5. Re-consider frame packing [12]
6. Optimize communication stacks so as to remove all
“distortions” to the ideal CAN behavior
-9
10. Scheduling frames with offsets ?!
Principle: desynchronize transmissions to avoid load peaks
0 10 15 Periods
0 5 5 20 ms
0 0 5 15 ms
10 ms
0 10 20 30 40 50 60 70 80 90 100 110
5 5
2,5 2,5 Periods
0 0
20 ms
15 ms
10 ms
0 10 20 30 40 50 60 70 80 90 100 110
11. Offsets algorithm applied on a typical body
network
least-loaded algorithm [3]
65 ms
32
21
17
Worst-case latencies on a 125 kbit/s body network
12. Let’s assume frame waiting queue is FIFO on ECU1, the OEM does
not know it or software cannot handle it …
Many high-priority frames are delayed here because
a single ECU (out of 15) has a FIFO queue … could
propagate through gateways
Up to recently [5,6], no response analysis on CAN was published …
13. Our work : bridging the gap between (analytic)
models and reality
Higher load → less margin
→ more accurate models
1 Hardware models
2
Error bursts
Software models (producer, sender,
receiver, device drivers, etc)
3 Error models (reboot,errors) Interarrival
times Individual errors
4
Aperiodic traces
Traffic models incl.
aperiodic
- 13
15. Departure from ideal CAN (1/2)
ECU Middleware
1
5ms Frame-packing task
1
1
2000
1 Non-HPF waiting queues [5,6]
CAN Controller
2 Frame queuing not done
in priority order by 9 6 8
communication task
buffer Tx
CAN B
16. Analyzing communication traces : priority
inversion
Priority inversion here (probably)
because frames are not queued in the
order of priority
RTaW-TraceInspector : check comm. stack implementation,
periods, offsets, aperiodic traffic, clock drifts, etc ..
05/03/2012 - 16
17. Departure from ideal CAN (2/2)
ECU
Middleware
5ms Frame-packing task
2
3 Non abortable transmission requests
[9] 1
4 Not enough transmission buffers
[8,10] CAN Controller
5 Delays in refilling the buffers [11] 9 6 8
… buffer Tx
CAN Bu
18. Higher load level calls for
1. More constraining specifications / or conservative
assumptions → a single node can jeopardize the system
2. Thorough use of Validation & Verification techniques:
− simulation, analysis and trace inspection
− none of them alone is sufficient !
Know-how, embedded software, verification
techniques, and tool support have progressed
to a point where highly loaded CAN networks -
yet safe are possible
05/03/2012 - 18
20. [1] N. Navet, Y-Q. Song, F. Simonot, “Worst-Case Deadline Failure Probability in Real-Time Applications
Distributed over CAN (Controller Area Network)“, Journal of Systems Architecture, Elsevier Science, vol.
46, n°7, 2000. Available at www.realtimeatwork.com
[2] N. Navet, B. Delord (PSA), M. Baumeister (Freescale), “Virtualization in Automotive Embedded Systems :
an Outlook”, talk at RTS Embedded Systems 2010, Paris, France, March, 2010. Available at
References www.realtimeatwork.com
[3] M. Grenier, L. Havet, N. Navet, “Pushing the limits of CAN – Scheduling frames with offsets provides a
major performance boost“, Proc. of the 4th European Congress Embedded Real Time Software (ERTS
2008), Toulouse, France, January 29 – February 1, 2008. Available at www.realtimeatwork.com
[4] P. Meumeu-Yomsi, D. Bertrand, N. Navet, R. Davis, "Controller Area Network (CAN): Response Time
Analysis with Offsets", to appear in Proc. of the 9th IEEE International Workshop on Factory
Communication System (WFCS 2012), May 21-24, 2012, Lemgo/Detmold, Germany.
[5] R.I. Davis, S. Kollmann, V. Pollex, F. Slomka, "Controller Area Network (CAN) Schedulability
Analysis with FIFO queues”. In proceedings 23rd Euromicro Conference on Real-Time Systems
(ECRTS), pages 45-56, July 2011.
[6] R. Davis, N. Navet, "Controller Area Network (CAN) Schedulability Analysis for Messages with Arbitrary
Deadlines in FIFO and Work-Conserving Queues", to appear in Proc. of the 9th IEEE International
Workshop on Factory Communication System (WFCS 2012), May 21-24, 2012, Lemgo/Detmold,
Germany.
[7] R. Davis, A. Burn, R. Bril, and J. Lukkien, “Controller Area Network (CAN) schedulability analysis: Refuted,
revisited and revised”, Real-Time Systems, vol. 35, pp. 239–272, 2007.
[8] M. D. Natale, “Evaluating message transmission times in Controller Area Networks without buffer
preemption”, in 8th Brazilian Workshop on Real-Time Systems, 2006.
[9] D. Khan, R. Davis, N. Navet, “Schedulability analysis of CAN with non-abortable transmission requests“,
16th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA 2011),
Toulouse, France, September 2011. Available at www.realtimeatwork.com
[10] U. Keskin, R. Bril, and J. Lukkien, “Evaluating message transmission times in Controller Area Network
(CAN) without buffer preemption revisited”, to appear in Proc. of the 9th IEEE International Workshop on
Factory Communication System (WFCS 2012), May 21-24, 2012, Lemgo/Detmold, Germany.
[11] D. Khan, R. Bril, N. Navet, “Integrating Hardware Limitations in CAN Schedulability Analysis”, WiP at the
8th IEEE International Workshop on Factory Communication Systems (WFCS 2010), Nancy, France,
May 2010. Available at www.realtimeatwork.com
[12] R. Saket, N. Navet, “Frame Packing Algorithms for Automotive Applications“, Journal of Embedded
Computing, vol. 2, n° 1, pp93-102, 2006. Available at www.realtimeatwork.com
[13] N. Navet, H. Perrault, “CAN in Automotive Applications: a look forward”, 13th International CAN
Conference, Hambach Castle, March 5-6, 2012. Available at www.realtimeatwork.com
05/03/2012 - 20
21. Software used in this study
NETCARBENCH, automotive benchmark generator, freely available at
http://www.netcarbench.org
RTaW-Sim, Fine-grained simulation of CAN based communication
systems with fault injection capabilities”, downloadable at
http://www.realtimeatwork.com/software/rtaw-sim/
NETCAR-Analyzer, Timing analysis and resource usage optimization for
CAN based communication systems, downloadable at
http://www.realtimeatwork.com/software/netcar-analyzer/
RTaW-TraceInspector, Analyze communication traces and check
communication stack implementation and specification compliance, see
http://www.realtimeatwork.com/software/rtaw-traceinspector/
05/03/2012 - 21