Volkswagen AG Business Unit Braunschweig
17
WERK Braunschweig Volkswagen AG Business Unit Braunschweig Software Timing Analysis for Steering Components Dr. Fabian Wolf, Dieter Brinkema
description
Volkswagen AG Business Unit Braunschweig. Software Timing Analysis for Steering Components Dr. Fabian Wolf, Dieter Brinkema. Agenda. 1 Introduction of the Electronics Development 2 The Architecture of APA-BS 3 Scenarios for Timing Analysis (Tool Usage) 4 Summary and Outlook. - PowerPoint PPT Presentation
Transcript of Volkswagen AG Business Unit Braunschweig
WERK Braunschweig
Volkswagen AG Business Unit BraunschweigSoftware Timing Analysis for Steering Components
Dr. Fabian Wolf, Dieter Brinkema
H – Dieter Brinkema – Tel.: 39312 – Stand: 18.09.2008 – 2WERK Braunschweig
Agenda
1 Introduction of the Electronics Development
2 The Architecture of APA-BS
3 Scenarios for Timing Analysis (Tool Usage)
4 Summary and Outlook
H – Dieter Brinkema – Tel.: 39312 – Stand: 18.09.2008 – 3WERK Braunschweig
Introduction of the Electronics Development
•Development of electromechanical steering (e.g. Volkswagen and Audi)
•APA-BS (Axially Parallel Actuation BraunSchweig) is being used for Tiguan and Passat
•The Safety Concept was developed according to ICE 61508 regulations
•Safety Concept ensures that the electromechanical steering acts safely at any time and provides maximum availability
•Conflict of objectives: maximum safety AND maximum availability
H – Dieter Brinkema – Tel.: 39312 – Stand: 18.09.2008 – 4WERK Braunschweig
APA-BS (Axially Parallel Actuation BraunSchweig)
Steering column
Steering Moment Sensor
Steering Pinion
Control Unit
Control Shaft
Synchronous Engine
Ballscrew
Belt
H – Dieter Brinkema – Tel.: 39312 – Stand: 18.09.2008 – 5WERK Braunschweig
Architecture Overview: Hardware
Two-computer system of the steering control unit
•Steering functions, motor control, and I/O handling are implemented on the main computer
•The second computer monitors the main computer
•Communication via digital interface
•Exchange of high-frequency question-answer-sequences
•Both computers have an independent clock and energy supply
H – Dieter Brinkema – Tel.: 39312 – Stand: 18.09.2008 – 6WERK Braunschweig
Architecture Overview: Hardware
Main Computer- 16 bit DSP- 60 MIPS- 60 MHz
Sensor
Engine
Steering functions
Monitoring Computer
- 8 bit µC
Monitoring functions
Question-answer-sequences
Clock1
Energy supply1
Clock2
Energy supply2
H – Dieter Brinkema – Tel.: 39312 – Stand: 18.09.2008 – 7WERK Braunschweig
Architecture Overview: Software
Considering the wide range of possible driving situations, the objectives are:
•Optimal adaption to the respective driving situation
•Maximum driving and steering comfort
•Standard equipment functions:
- Steering power support, speed dependent
- Active centering and dampening
- Straight-running function …
•Upgrade equipment functions (optional)
- Park assist
- Lane-keeping assist
- Customizable adaptivity - from sportive to an emphasis on comfort…
H – Dieter Brinkema – Tel.: 39312 – Stand: 18.09.2008 – 8WERK Braunschweig
Architecture Overview: Safety Concept
Basic elements of the safety concept:
•Redundant sensor signals for steering moment / motor position
•Two-computer concept
•Thermal protection for motor, electronic amplifier, and computer
•Voltage control for logic-module / power-module
•Validation of all system sensors and signals
•Cyclic memory test: RAM, ROM, EEPROM
•Isolated function deactivation
•Appropriate substitute measures
•Ensured dry-running operation in case of failure
H – Dieter Brinkema – Tel.: 39312 – Stand: 18.09.2008 – 9WERK Braunschweig
Monitoring the Real Time Correctness
Monitoring the real time correctness is part of the nominal/actual comparison; this means it is monitored whether the required software algorithms are calculated within their respective time intervals
Missed deadlines are interpreted as exceptions
The system has to be kept in a safe state
Reasons:
•Real error (e.g. defective component)
•Insufficient computing performance
H – Dieter Brinkema – Tel.: 39312 – Stand: 18.09.2008 – 10WERK Braunschweig
Verifying the Availability with Scheduling AnalysisRequirements
•The OEM requires analytical proof that functions are not deactivated due to insufficient computing performance at maximum load
•ICE 61508 requires meeting the reaction times in case of error
Solution
•Through SymTA/S scheduling analysis, the Electronics Development of VW Braunschweig can assure that no timing problems occur
H – Dieter Brinkema – Tel.: 39312 – Stand: 18.09.2008 – 11WERK Braunschweig
Availability verification through Scheduling Analysis
Designated hardware
SymTA/SSymTA/S
Scheduling Analysis
Test, measurement
Core execution times
System model
Environment model
Import
Time requirements Comparison ReportExport
Response times
Input
Input
H – Dieter Brinkema – Tel.: 39312 – Stand: 18.09.2008 – 12WERK Braunschweig
Selection of new Hardware
Conflicting objectives
•Sufficient resource availability at any time
•Avoid unnecessary over-dimensioning of computing resources
Easy: Determination of the required memory
Difficult: Determination of the required computing performance under worst-case conditions
H – Dieter Brinkema – Tel.: 39312 – Stand: 18.09.2008 – 13WERK Braunschweig
Selection of new Hardware for Tiguan
Starting basis
•Available SymTA/S model from predecessor
Approach
•Reusability of the model (ensured via analysis)
•Adoption of the model without major changes
•Calculation of computing time for new functions based on prototypes
Result
•Verification of availability and optimum dimensioning on virtual level
•Sensitivity analysis for the determination of reserves
H – Dieter Brinkema – Tel.: 39312 – Stand: 18.09.2008 – 14WERK Braunschweig
Extension of Software
Challenge: in case of new system requirements – e.g. for model upgrading – it has to be analyzed if the available computing performance is sufficient to fulfill the new AND the already existing requirements
Solution:
•Display of the available execution time per task via sensitivity analysis
•Analysis of alternatives in case modifications are necessary (e.g. moving routines into other tasks)
Advantages: the analysis results can be displayed and traced transparently and plausibly.
H – Dieter Brinkema – Tel.: 39312 – Stand: 18.09.2008 – 15WERK Braunschweig
Usage of SymTA/S
2. Auswahl neuer Hardware
3. Bewertung der Erweiterbarkeit der Software
1. Absicherung der Verf ügbarkeit2. Selecting new hardware
3. Validating the expandability of the software
1. Availability verification
Reuse of the first generation model
Sensitivity analysis
(What if?)
2. Auswahl neuer Hardware
3. Bewertung der Erweiterbarkeit der Software
1. Absicherung der Verf ügbarkeit2. Selecting new hardware
3. Validating the expandability of the software
1. Availability verification
Reuse of the first generation model
Sensitivity analysis
(What if?)
H – Dieter Brinkema – Tel.: 39312 – Stand: 18.09.2008 – 16WERK Braunschweig
Summary
The Electronics Development uses SymTA/S to verify the availability of steering functions for the OEM
Further applications are the selection and dimensioning of new hardware as well as the estimation of extensibility for new functions
Advantages of SymTA/S:
•Easy to use
•Fast calculation of results
•Results and approach are well-established at OEM
H – Dieter Brinkema – Tel.: 39312 – Stand: 18.09.2008 – 17WERK Braunschweig
Outlook
Model optimization through new SymTA/S features
•Task chaining
•FlexRay library
Model-based run-time maintenance
Application in further projects of the Electronics Development at Business Unit Braunschweig
