Automotive System and

Software Architecture
Yanja Dajsuren

2IW80 Software specification and architecture

March 25, 2014
 Which one has more software?

Chevrolet Volt, an example

modern day car

Boeing 787, the most electronic airliner

~8,000,000 LOC ~40,000,000 LOC

25-3-2014 PAGE 1
Why more software?

Image source: http://www.thetruthaboutcars.com

25-3-2014 PAGE 2
Automotive supply chain software integration

Adapted from http://www.edibasics.hu/edi-resources/edi-by-industry/automotive.htm

Document-centric: Architecture-driven:
• Manual • (Partially) Automated
• Error prone • Early detection of errors
• Costly to change • Less effort/cost to change
 Automotive architecture modeling

• Top-down system development i.o. bottom up

• Separation of concerns in different architectural models/views
• Model-driven i.o. document-centric approach
• Improved design quality by detecting errors early
• …
/ Department of Mathematics and Computer Science 25-3-2014 PAGE 4
 Automotive companies and ADLs

• Automotive Modeling Language (AML)

• COmponent Language (COLA)

• EAST-ADL
• Timing Augmented Description Language
(TADL)

• The ICT MAENAD project EAST-ADL2

/ Department of Mathematics and Computer Science 25-3-2014 PAGE 5

 EAST-ADL

• EAST-ADL
• Advancing Traffic Efficiency and Safety through Software
Technology 2 (ATESST) project
• Refined EAST-ADL2 language, profile, methodology, tools
• It provides means to represent the embedded system in several
abstraction levels.
• Main source: http://www.east-adl.info/

/ Department of Mathematics and Computer Science 25-3-2014 PAGE 6

 EAST-ADL and AUTOSAR

http://maenad.eu/
25-3-2014 PAGE 7
 EAST-ADL Abstraction Levels

/ Department of Mathematics and Computer Science 25-3-2014 PAGE 9

 EAST-ADL Abstraction Levels

/ Department of Mathematics and Computer Science 25-3-2014 PAGE 10

 Example of function-to-component Mapping

/ Department of Mathematics and Computer Science 25-3-2014 PAGE 11

 EAST-ADL Metamodel Structure

/ Department of Mathematics and Computer Science 25-3-2014 PAGE 12

/ Department of Mathematics and Computer Science 25-3-2014 PAGE 13
25-3-2014 PAGE 14
 EAST-ADL Summary

• Defines several abstraction levels and mapping between them

• Extensions to traditional ADLs:
• Requirements
• Variability
• Timing
• Dependability
• Safety (alignment with ISO26262)
• Environment modeling
• Not well applied yet in automotive industry

/ Department of Mathematics and Computer Science 25-3-2014 PAGE 15

SysML and UML

25-3-2014 PAGE 16
 SysML Diagram Taxonomy

SysML Diagram

Behavior Requirement Structure

Diagram Diagram Diagram

Activity Sequence State Machine Use Case Block Definition Internal Block
Package Diagram
Diagram Diagram Diagram Diagram Diagram Diagram

Same as UML 2 Parametric

Diagram
Modified from UML 2

New diagram type

25-3-2014 PAGE 17
Blocks are Basic Structural Elements

• Provides a unifying concept to describe the structure of an element

or system
• System «block» Compartment
• Hardware BrakeModulator Label
• Software
allocatedFrom
• Data «activity»Modulate
• Procedure BrakingForce
• Facility
• Person values
DutyCycle: Percentage

• Multiple standard compartments can describe the block

characteristics
• Properties (parts, references, values, ports)
• Operations
• Constraints
• Allocations from/to other model elements (e.g. activities)
• Requirements the block satisfies
• User defined compartments
18
Using Blocks

• Based on UML Class from UML Composite Structure

• Supports unique features (e.g., flow ports, value
properties)
• Block definition diagram describes the relationship
among blocks (e.g., composition, association,
specialization)
• Internal block diagram describes the internal
structure of a block in terms of its properties and
connectors
• Behavior can be allocated to blocks

Blocks Used to Specify Hierarchies and Interconnection

19
Block Definition vs. Usage

Block Definition Diagram Internal Block Diagram

Definition Usage
• Block is a definition/type – Part is the usage of a block
• Captures properties, etc. in the context of a
composing block
• Reused in multiple contexts
– Also known as a role

20
 Internal Block Diagram (ibd)
Blocks, Parts, Ports, Connectors & Flows

Enclosing
Block

Connector

Item Flow

Port Part

Internal Block Diagram Specifies Interconnection of Parts

21
Reference Property Explained

•S1 is a reference part*

•Shown in dashed outline box

*Actual name is reference property

22
SysML Ports
• Specifies interaction points on blocks and parts
• Integrates behavior with structure
• portName:TypeName
• Kinds of ports
• Standard (UML) Port
− Specifies a set of required or provided operations
and/or signals
− Typed by a UML interface
• Flow Port
− Specifies what can flow in or out of block/part
− Typed by a block, value type, or flow specification
− Atomic, non-atomic, and conjugate variations
Standard Port and Flow Port
Support Different Interface Concepts 23
Port Notation

provided interface
(provides the operations)

Standard
Port part1: part2:

required interface
(calls the operations)

Flow Port

Flow part1: part2:

Port
item flow

24
State Machines

• Typically used to represent the life cycle of a block

• Support event-based behavior (generally
asynchronous)
• Transition with trigger, guard, action
• State with entry, exit, and do-activity
• Can include nested sequential or concurrent states
• Can send/receive signals to communicate between
blocks during state transitions, etc.
• Event types
• Change event
• Time event
• Signal event

25
Operational States (Drive)

stm HSUVOperationalStates

Off keyOff/

start[in neutral]/start engine shutOff/stop engine Nominal

states only

Operate
Transition notation:
trigger[guard]/action
Idle

accelerate/
when (speed = 0)

releaseBrake/

Accelerating/
Braking
Cruising

engageBrake/

26
 DEMO

/ Department of Mathematics and Computer Science 25-3-2014 PAGE 27

25-3-2014 PAGE 28
 Adaptive Cruise Control (ACC) in SysML

Image: http://www.extremetech.com/

Modeling the ACC system for an E-truck with a top-

down approach in SysML

/ Department of Mathematics and Computer Science 25-3-2014 PAGE 29

Requirements Diagram

25-3-2014 PAGE 30
Source: Artisan Software Tools
 Use Case diagram
• Provides means for
describing basic
functionality in terms of
usages of system by
actors
• Generally elaborated via
other behavioral
representations to
describe detailed
scenarios

Source: Artisan Software Tools

/ Department of Mathematics and Computer Science 25-3-2014 PAGE 31

System architecture

25-3-2014 PAGE 32
 System integration

• Software
• Hardware
25-3-2014 PAGE 33
Running ACC_UI on Freescale board

25-3-2014 PAGE 34
 SysML summary

• SysML provides a general purpose modeling language to support specification,

analysis, design and verification of complex systems
• Subset of UML 2 with extensions
• 4 Pillars of SysML include modeling of requirements, behavior, structure, and parametrics

• Intended to improve communications, tool interoperability, and design quality

• Multiple tools available

• IBM –Rhapsody
• Sparx Systems -Enterprise Architect
• Atego –Artisan Studio etc.

/ Department of Mathematics and Computer Science 25-3-2014 PAGE 35

 Automotive supply chain software integration

Electronic Control Unit

(ECU)

ECU

Adapted from http://www.edibasics.hu/edi-resources/edi-by-industry/automotive.htm

• Hardware dependent SW
• Not efficient software reuse and exchange
ECU • Costly integration
AUTOSAR (AUTomotive Open System
Architecture)
• An open and standardized automotive
software architecture

• Architecture
• Methodology
• Application Interfaces
 AUTOSAR Milestones

http://autosar.org/

/ Department of Mathematics and Computer Science 25-3-2014 PAGE 38

AUTOSAR Layered Architecture

http://autosar.org/
AUTOSAR Methodology

http://autosar.org/
AUTOSAR Application Interface

http://autosar.org/

25-3-2014 PAGE 41
AUTOSAR Use Case

http://autosar.org/
AUTOSAR Benefits

http://autosar.org/

25-3-2014 PAGE 43
Automotive Standards

• ISO 26262:
• Absence of unreasonable risk due to hazards caused by
malfunctioning behavior of E/E systems
• IEC 61508:
• Part of the overall safety related to the equipment under
control (EUC) that depends on the correct functioning of
the safety-related system.
• MISRA C:
• Software development standard
25-3-2014 PAGE 44
 ISO 26262

KoenLeekens, ISO-26262 introduction, 2012

/ Department of Mathematics and Computer Science 25-3-2014 PAGE 45

 Safety in V cycle

/ Department of Mathematics and Computer Science 25-3-2014 PAGE 46

Safety Analysis in ISO 26262

25-3-2014 PAGE 47
KoenLeekens, ISO-26262 introduction, 2012
 MISRA C

• MISRA C is a software development standard for the

C programming language developed by MISRA
(Motor Industry Software Reliability Association).
• Its aims are to facilitate code safety, portability and
reliability in the context of embedded systems,
specifically those systems programmed in ISO C
• As with many standards the MISRA C guideline
documents are not free to users or developers

/ Department of Mathematics and Computer Science 25-3-2014 PAGE 48

 Summary

• In the automotive industry, more and more software

and electronics system require system and software
architecture methods.

• Automotive specific and generic purpose ADLs are

being developed and applied.

• Many stakeholders, functionalities, safety and

environment requirements require automotive
specific standards.

/ Department of Mathematics and Computer Science 25-3-2014 PAGE 49

Contact for comments and questions:

Tel: +31(0)402475052
Email: [email protected]
Address:
MF 7.123, Eindhoven University of Technology
5612 AZ Eindhoven, The Netherlands
 Automotive Modeling Exercise

Design a PowerWindow System of a vehicle:

A. Elicit requirements
B. PowerWindow system architecture (decompose the
system into software and hardware components)

/ Department of Mathematics and Computer Science 25-3-2014 PAGE 52

 Required Software Tools

IBM Rational Rhapsody 8.0.5 Matlab R2011b

/ Department of Mathematics and Computer Science 25-3-2014 PAGE 53