Search Results

More and more advanced features such as adaptive cruise control and collision avoidance are being adopted in road vehicles and these features are usually implemented as distributed systems across multiple ECU nodes that are connected by communication busses. In order to tolerate transient faults affecting a safety critical signal transmitted via bus in such distributed systems, the last used value or a default safe value for a safety critical signal is usually used among different ECU nodes on the bus for a pre-defined time interval before taking some other fault mitigation actions such as disabling a feature. Thus it becomes very important to monitor a signal's age and detect any signal age fault, where a signal age fault is defined as the use of an older or default signal value for longer than or equal to the pre-defined time interval.

Automotive HW/SW architectures are becoming increasingly complex to support the deployment of new safety, comfort, and energy-efficiency features. Such architectures include several software tasks (100+), messages (1000+), computational and communication resources (70+ CPUs, 10+ buses), and (smart) sensors and actuators (20+). To cope with the increasing system complexity at lowest development and product costs, highest safety, and fastest time to market, model-based rapid-prototyping development processes are essential. The processes, coupled with optimization steps aimed at reducing the number of software and hardware resources while satisfying the safety requirements, enable reduction of the system complexity and ease downstream testing/validation efforts. This paper describes a novel model-based design exploration and optimization process for the deployment of a set of software tasks on a dual-processor control module implementing a fail-safe strategy.