200 likes | 455 Views
Volkswagen AG Business Unit Braunschweig. Software Timing Analysis for Steering Components Dr. Fabian Wolf, Dieter Brinkema. Agenda. 1 Introduction of the Electronics Development 2 The Architecture of APA-BS 3 Scenarios for Timing Analysis (Tool Usage) 4 Summary and Outlook.
E N D
Volkswagen AG Business Unit Braunschweig Software Timing Analysis for Steering Components Dr. Fabian Wolf, Dieter Brinkema
Agenda • 1 Introduction of the Electronics Development • 2 The Architecture of APA-BS • 3 Scenarios for Timing Analysis (Tool Usage) • 4 Summary and Outlook
Introduction of the Electronics Development • Development of electromechanical steering (e.g. Volkswagen and Audi) • APA-BS (Axially Parallel Actuation BraunSchweig) is being used for Tiguan and Passat • The Safety Concept was developed according to ICE 61508 regulations • Safety Concept ensures that the electromechanical steering acts safely at any time and provides maximum availability • Conflict of objectives: maximum safety AND maximum availability
APA-BS (Axially Parallel Actuation BraunSchweig) Steering column Steering Moment Sensor Control Shaft Ballscrew Steering Pinion Belt Control Unit Synchronous Engine
Architecture Overview: Hardware • Two-computer system of the steering control unit • Steering functions, motor control, and I/O handling are implemented on the main computer • The second computer monitors the main computer • Communication via digital interface • Exchange of high-frequency question-answer-sequences • Both computers have an independent clock and energy supply
Architecture Overview: Hardware Clock1 Clock2 Energy supply1 Energy supply2 • Main Computer • 16 bit DSP • 60 MIPS • 60 MHz Question- answer- sequences • Monitoring Computer • 8 bit µC Sensor Engine Steering functions Monitoring functions
Architecture Overview: Software • Considering the wide range of possible driving situations, the objectives are: • Optimal adaption to the respective driving situation • Maximum driving and steering comfort • Standard equipment functions: • - Steering power support, speed dependent • - Active centering and dampening • - Straight-running function … • Upgrade equipment functions (optional) • - Park assist • - Lane-keeping assist • - Customizable adaptivity - from sportive to an emphasis on comfort…
Architecture Overview: Safety Concept • Basic elements of the safety concept: • Redundant sensor signals for steering moment / motor position • Two-computer concept • Thermal protection for motor, electronic amplifier, and computer • Voltage control for logic-module / power-module • Validation of all system sensors and signals • Cyclic memory test: RAM, ROM, EEPROM • Isolated function deactivation • Appropriate substitute measures • Ensured dry-running operation in case of failure
Monitoring the Real Time Correctness • Monitoring the real time correctness is part of the nominal/actual comparison; this means it is monitored whether the required software algorithms are calculated within their respective time intervals • Missed deadlines are interpreted as exceptions • The system has to be kept in a safe state • Reasons: • Real error (e.g. defective component) • Insufficient computing performance
Verifying the Availability with Scheduling Analysis • Requirements • The OEM requires analytical proof that functions are not deactivated due to insufficient computing performance at maximum load • ICE 61508 requires meeting the reaction times in case of error • Solution • Through SymTA/S scheduling analysis, the Electronics Development of VW Braunschweig can assure that no timing problems occur
Availability verification through Scheduling Analysis Core execution times Designated hardware Test, measurement Import System model SymTA/S Scheduling Analysis Input Environment model Response times Input Export Comparison Time requirements Report
Selection of new Hardware • Conflicting objectives • Sufficient resource availability at any time • Avoid unnecessary over-dimensioning of computing resources • Easy: Determination of the required memory • Difficult: Determination of the required computing performance under worst-case conditions
Selection of new Hardware for Tiguan • Starting basis • Available SymTA/S model from predecessor • Approach • Reusability of the model (ensured via analysis) • Adoption of the model without major changes • Calculation of computing time for new functions based on prototypes • Result • Verification of availability and optimum dimensioning on virtual level • Sensitivity analysis for the determination of reserves
Extension of Software • Challenge: in case of new system requirements – e.g. for model upgrading – it has to be analyzed if the available computing performance is sufficient to fulfill the new AND the already existing requirements • Solution: • Display of the available execution time per task via sensitivity analysis • Analysis of alternatives in case modifications are necessary (e.g. moving routines into other tasks) • Advantages: the analysis results can be displayed and traced transparently and plausibly.
Summary • The Electronics Development uses SymTA/S to verify the availability of steering functions for the OEM • Further applications are the selection and dimensioning of new hardware as well as the estimation of extensibility for new functions • Advantages of SymTA/S: • Easy to use • Fast calculation of results • Results and approach are well-established at OEM
Outlook • Model optimization through new SymTA/S features • Task chaining • FlexRay library • Model-based run-time maintenance • Application in further projects of the Electronics Development at Business Unit Braunschweig