Automotive Body Control Unit According to AUTOSAR

More and more electronics ensures comfort and safety in modern vehicles. So today, every automobile is a complex network of sensors and actuators that need to be controlled in realtime from automotive ECUs.

For a particularly innovative control unit, redlogix has realized considerable parts of the embedded software. The device was developed according to the AUTOSAR standard and in addition to its actual control tasks, it offers CAN / LIN gateway functionality. Data of the vehicle bus can thus be both routed and processed.

Automotive Network

Among other functions, the device takes care of the following tasks:

  • Control of safety relevant gear like headlights, direction indicator windscreen wiper, power door locks, etc.
  • Control of comfort features like heating unit, electric window lift, interior light, etc.
  • Measurement, processing and monitoring of various inputs like power supply, ignition, temperature sensors, wear sensors, filling level sensor, etc.
  • Routing of CAN and LIN messages among the different connected CAN and LIN bus systems.

Based on the customer’s requirements, redlogix was responsible for conception and development of major parts of the device’s basis software and application level functionality. A major challenge was the reliable processing and cyclic allocation (3-10 ms) of all analog input signals (350+) without stressing the CPU. Parts of this functionality needed to be operative even when the processor (a Bolero from Freescale) was in energy saving mode.

 

Technologies Employed

  • UML, Object Oriented Design
  • C++
  • AUTOSAR OS
  • PowerPC, Dual Core
  • AD converter with external multiplexers
  • DMA
  • SBC (System Basis Chip)
  • Receivers for radio transmitter keys
  • CAN
  • LIN
  • ODIS
  • CANoe, CANape, vector CAN Tools

Services by redlogix

  • Requirements analysis in close cooperation with the customer
  • Development of concepts in order to acquire multiple analog signals without stressing the CPU (complex DMA concept)
  • Signal provision according to AUTOSAR standard
  • Development of various drivers for the device’s basis software
  • Concept development and implementation of a complex watchdog mechanism in with a System Basis Chip (SBC)
  • Communication with the customer’s client in order to define the radio transmitter key messages, message decryption and processing
  • Design and development of components for function safety according to IS 26262
  • Integration and system testing
  • Software development for end-of-line tests and in order to test the module configuration at the end of the manufacturing process

Watchdog Concept with System Basis Chip (SBC)

The device uses a System Basic Chip (SBC), a tiny additional controller that supervises the functionality of a device’s main controller. It is its job to restart or completely deactivate the main processor when an error situation is detected. redlogix developed the concepts and implementation of a complex watchdog strategy on the main processor. With this concept, depending on the error situation, the interaction between main processor and SBC causes an adequate recovery action to be set in motion. This is done with the purpose to minimize the impact of the detected error on the normal device’s operation as far as possible. The recovery actions vary from software or hardware reset to complete deactivation of the main processor by switching off its supply voltage in order to let a discrete hardware circuitry take over a limited emergency operation.

Apart from the low level driver for SPI communication with the SBC, an abstraction layer was developed, so the watchdog concept can be used from application level. Based on this layer, parts of the watchdog logic for safety monitoring on application level was implemented and tested.

Object Oriented Development

The development was done with object oriented methods. For the object oriented UML design, the tool Enterprise Architect was used. The implementation was done completely in C++.

Portability

The software works on the target on top of an AUTOSAR operating system. By having separated the software components in basis software and application software, it is possible to reuse the developed software modules in other projects and port them easily to other hardware platforms. The separation of the hardware drivers in a hardware-independent high-level part and a hardware-dependent low-level part supports this basic approach.

Other tasks

The software was integrated in multiple iterations on the target hardware and tested there. In order to support this, test simulators with the vector CAN tools CANoe and CANape were developed. Apart from that, redlogix contributed to the development of automated hardware tests for the ECU with CANoe.