By Rolland Dudemaine, Vice President of Engineering, eSOL Europe
The priorities driving the development of the electrical architecture of electric vehicles differ significantly from those governing conventional Internal Combustion Engine (ICE) vehicles, and will be achieved through fundamental hardware and software changes. Consumer adoption of electric vehicles is expected to increase, driven by factors such as growing concerns about climate change, the entry into the market of new and improved models, and proposed legislation to ban the sale of new ICE vehicles in the future.
The arrival of the EV ushers in a step in the otherwise curved electrification trend that spans established feature categories: body/chassis, comfort, safety, powertrain and infotainment. With no onboard combustion engine to power subsystems such as cabin heating, or to drive an alternator, the EV's electrical infrastructure differs significantly from that of conventional vehicles.
Changing priorities of the electrical infrastructure of the software
New priorities are gaining importance in electric vehicle infrastructures, including safe battery management and efficient use of electric power everywhere to extend driving range. When it comes to the battery, more attention should be paid to battery health monitoring and stabilizing aspects, such as internal temperature and cell balance, to maximize performance and longevity. Meanwhile, electric vehicle battery voltages are generally higher than conventional vehicle 12V lead-acid batteries, which means extra safety precautions are required.
Powertrain electrification, in combination with other trends such as the infusion of V2X (vehicle-to-everything) connectivity and higher-level autonomous driving capabilities, is a catalyst for more centralized vehicle electrical infrastructures. The incorporation and integration of multiple domains, currently managed by a large number of individual ECUs (electronic control units) distributed throughout the vehicle, allow vehicles to be defined by means of app software and help improve quality, cost, and overall performance. Importantly for EVs in particular, the addition also helps to reduce wiring weight and complexity, as well as save valuable battery power, all of which contribute to increased driving range.
The trend to centralize control of demanding vehicle functionalities is driving the demand for high performance computing with minimal power requirement, leading to the development of highly efficient and heterogeneous multi-core processors to handle these diverse loads. worked.
At the same time, there is a clear need for flexibility and scalability in the electrical infrastructure. OEMs need this to cost-effectively create differentiated product lines by implementing different applications and features on different models, using different hardware platforms of varying cost and complexity across their product lines, and offering new models within of difficult time-to-market targets. They also need to deploy and enable new functionality after physical, Over-The-Air (OTA) delivery.
Meanwhile, new concerns around security and cybersecurity are emerging. With ever more widespread connectivity and increasing levels of autonomy, there is a clear potential for malicious hacking to threaten individual security and even national security. When it comes to functional safety, established standards like ISO 26262 might not be enough for new use cases like autonomous driving. More recent standards, such as SOTIF – Safety of the Intended Functionality and UL4600, are being developed to address these applications. Original equipment manufacturers and Tier 1 manufacturers need hardware and software architectures they can trust as part of the solution to these challenges.
Changing Faces of Hardware and Software
To give the best chance of success, it makes sense to consider the software platform as well as the hardware and, in particular, the operating system (OS) architecture that brings together these rapidly developing computing elements.
Figure 1. The software platform of the future must support security, scalability, and real-time determinism.
Figure 1 shows an automotive software platform that incorporates the AUTOSAR Adaptive Platform (AUTOSAR AP). It addresses the demands of the vehicles of the future and is intended for use in systems certified up to ISO 26262 ASIL-D. AUTOSAR AP standardizes the base layer software and enables planned dynamics, allowing for adaptability without compromising the handling of safety-critical processes. The planned dynamic is achieved by various measures, such as ensuring that all processes are registered during system integration and restricting privileges to start processes. In addition, AUTOSAR AP manages the communication between application processes and external entities according to strict policies established during system integration.
The platform shown is based on SOA – Service Oriented Architecture, which is well suited to future centralized and zonal EV architectures and provides flexibility and transparency in terms of application and mapping: the The location of the server providing the service is independent of its usage, which is essential for distributed computing. In addition, transparency provides a good basis for the FFI initiative – Freedom From Interference, which is one of the core concepts of functional safety. On the other hand, a physical mechanism such as the MMU – Memory Management Unit of the processor is needed to ensure the security of FFI. The operating system virtualizes this mechanism in the form of "operating system processes," which are the physical instances of services and applications.
In the architecture illustrated in Figure 1, many components run as processes. There needs to be frequent interaction between processes, for example if an application process needs to use a service running as another process. Historically, functional safety has been based on protecting processes from each other. AUTOSAR AP now introduces the dependency on interprocess communication as a feature of the operating system, which can be much more costly in performance than interprocess communication; it can also evolve into a major system performance issue when all software is integrated.
OS for multicore processing
With the demand for unimpeded communication between processes in software, as well as a large number of intercommunicating processor cores in multicore CPUs at the heart of the emerging centralized hardware architecture, it is increasingly likely that operating systems traditional systems fall short in their ability to service all parts of the system adequately to maintain performance.
By contrast, a microkernel distributed operating system is inherently well-suited to serving a large number of interrelated kernels and processes. It allows a fast and deterministic response, which is particularly important to ensure proper management of real-time control applications in domains such as powertrain. A distributed microkernel operating system is not like typical microkernel operating systems. Without the need for cross-kernel kernel locks to prevent concurrent access, which can hurt performance, the architecture ensures that parallelism is maintained.
eSOL has developed such a microkernel distributed operating system, eMCOS, to meet the future needs of the automotive industry, including requirements for scalability, security, and real-time determinism. eMCOS can scale in multiple ways to handle small or large feature sets. Applications can connect between microkernels, and users can customize the adaptation layer to fit their intended purpose. Ideally suited to the latest generation multi-core processors, eMCOS supports inter-cluster message passing, thus enabling dynamic AUTOSAR AP and static AUTOSAR CP (Classic Platform) to operate on the same chip. A layered scheduling mechanism enables hard determinism in real time and enables high performance computing combined with load balancing. Standard support is available for the POSIX and AUTOSAR multithreaded programming interfaces, and there are special-purpose APIs for functions like DSM – Distributed Shared Memory, fast messaging, NUMA memory management, thread-pooling, and others.
Conclusion
The demands placed on vehicle electrical infrastructures continue to intensify and are exacerbated by the transition to an all-electric powertrain. The centralization and incorporation of functions previously performed by different ECUs is driving initiatives to adopt multiple CPUs to achieve the right mix of computing performance, energy efficiency, and low power consumption. However, these do not benefit from conventional operating systems. Therefore, designers must understand the effects of operating system selection and, in particular, consider a distributed microkernel operating system to maximize the benefits gained by adopting multiple cores to meet the needs of future vehicles.
