Component-Level ASIL Decomposition for Automotive Architectures

Frigerio, Alessandro; Vermeulen, Bart; Goossens, Kees

doi:10.1109/dsn-w.2019.00021

Cited by 15 publications

(8 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To perform our quantitative evaluation, we extend the model of [3] (which considered only failure probability, cost, and cable length related to an application) by adding the functional load and the communication load to the application nodes, and the two-dimensional coordinates to the physical nodes. To calculate the failure probability and the cost of the system we use the algorithms presented in [4]. Fault tree analysis is used to calculate the system failure probability, where the failure rates of the hardware resources are related to their ASIL specification on a logarithmic scale, as seen in Table 1.…”

Section: Proposed Methodology a System Modelmentioning

confidence: 99%

“…The authors of [6] improve the technique by adding additional checking elements to prove that the original Functional Safety Requirements (FSRs) are met. These additional checks can be found also in [3] and [4], where we define splitter and merger functionality to manage the redundant parts of the application. A splitter replicates its input to multiple output ports that are connected to redundant parts of the application; a merger decides which of its inputs, connected to the redundant parts of the application, should be forwarded on its output port.…”

Section: Related Workmentioning

confidence: 99%

“…• We extend our safety analysis framework [3], [4] by adding additional parameters that can be calculated on a specific set of applications and hardware, allowing for a more complete evaluation of an automotive design. Moreover, we improve our model transformation tool that is used to introduce redundancy in a described system with effects on application and hardware resources layers.…”

Section: Introductionmentioning

confidence: 99%

“…Our framework supports the system designer to analyse different levels of redundancy by applying a component-based ASIL decomposition technique on selected application nodes. In [4] we define the rules for the transformation and its effect on the application layer, obtaining from a single application node a pattern as shown in Fig. 2.…”

Section: B Introducing Redundancy In the System Modelmentioning

confidence: 99%

See 3 more Smart Citations

Automotive Architecture Topologies: Analysis for Safety-Critical Autonomous Vehicle Applications

2021

Self Cite

View full text Add to dashboard Cite

Safety-critical systems such as Advanced Driving Assistance Systems and Autonomous Vehicles require redundancy to satisfy their safety requirements and to be classified as fail-operational. Introducing redundancy in a system with high data rates and processing requirements also has a great impact on architectural design decisions. The current self-driving vehicle prototypes do not use a standardized system architecture but base their design on existing vehicles and the available components. In this work, we provide a novel analysis framework that allows us to qualitatively and quantitatively evaluate an in-vehicle architecture topology and compare it with others. With this framework, we evaluate different variants of two common topologies: domain and zone-based architectures. Each topology is evaluated in terms of total cost, failure probability, total communication cable length, communication load distribution, and functional load distribution. We introduce redundancy in selected parts of the systems using our automated process provided in the framework, in a safety-oriented design process that enables the ISO26262 Automotive Safety Integrity Level decomposition technique. After every design step, the architecture is re-evaluated. The advantages and disadvantages of the different architecture variants are evaluated to guide the designer towards the choice of correct architecture, with a focus on the introduction of redundancy.

show abstract

Section: Proposed Methodology a System Modelmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: B Introducing Redundancy In the System Modelmentioning

confidence: 99%

See 2 more Smart Citations

Automotive Architecture Topologies: Analysis for Safety-Critical Autonomous Vehicle Applications

2021

Self Cite

View full text Add to dashboard Cite

show abstract

“…ISO 26262 abides to analyze dependent failures, portrayed in Figure 3, to show independence between software components used to implement independence requirements coming from ASIL decomposition at system level [26]. Thus, neither cascading failures nor common cause failures shall propagate among SWCs whether they are successive or placed in different paths, accordingly.…”

Section: Figure 3 Example Of Ffi Due To Information Exchange Interfementioning

confidence: 99%

ISO-26262 Compliant Safety-Critical Autonomous Driving Applications: Real-Time Interference-Aware Multicore Architectures

El-Bayoumi¹

2021

IJSSE

View full text Add to dashboard Cite

Over the decades, autonomous vehicles have been developed and qualified using variant single-core architectures. With the evolutionary trend of safety critical applications, innovative safety design methodologies have raised present requirements constraints and limitations to mitigate such design complexity deviations. The main objectives of this work are to investigate, evaluate and introduce an efficient safety-critical multi-cache multicore architecture, that is fully compliant with methods and principles of ISO 26262. Moreover, this paper presents new safety design choices applied to timing monitoring, temporal protection, runtime monitoring and services protection to overcome multicore processor challenges in runtime that eventually decay the worst case execution time and the interconnections (symmetric and asymmetric processors, critical timing, data coherency and synchronization predictability, core interconnects, etc.), as well as to tolerate real-time interference faults.

show abstract

High performance and EV power train system using C2000 MCU for functional safety

Ghotgalkar

Vanjari

Zhang

et al. 2022

2022 IEEE International Conference on Electronics, Computing and Communication Technologies (CONECCT)

View full text Add to dashboard Cite

Component-Level ASIL Decomposition for Automotive Architectures

Cited by 15 publications

References 12 publications

Automotive Architecture Topologies: Analysis for Safety-Critical Autonomous Vehicle Applications

Automotive Architecture Topologies: Analysis for Safety-Critical Autonomous Vehicle Applications

ISO-26262 Compliant Safety-Critical Autonomous Driving Applications: Real-Time Interference-Aware Multicore Architectures

High performance and EV power train system using C2000 MCU for functional safety

Contact Info

Product

Resources

About