Printer Friendly

Consider These Factors when Developing Automotive Body Control Applications: SAFETY, CONNECTIVITY, SECURITY HEAD THE LIST OF CONCERNS FOR VEHICLES.

Automotive body control applications require the design engineer to consider a number of factors, ranging from safety to development. These factors cover the vehicle from bumper to bumper and span from the beginning to end of vehicle lifecycles. The eight considerations outlined here are shared by all body control applications and include the best designs that employ technologies to satisfy all eight.


The slogan "Safety First" should apply to all automotive electronics. While safety is not a matter of life-and-death for body control applications, safety should always be the primary consideration for everything automotive.

ISO standard 26262 for Road Vehicles-Functional Safety specifies a methodology for ensuring adequate safety from product development through production. Body control applications should meet, at a minimum, the Automotive Safety Integrity Level (ASIL) "B" standard.

Additional provisions that help ensure safety through operational integrity include the use of Memory Protection and Peripheral Protection Units (MPUs/PPUs), Error-Correcting Code for memories, watchdog(s), and self-testing of both memory and CPUs.


As long ago as the 1980s, Sun Microsystems made the claim, "The computer is the network," to emphasize the importance of network connectivity in all computing applications, including for both businesses and the Internet. Now, vehicles require their own interconnected networks to function. Interoperable connectivity with external sensors, controls, and other systems is best assured by supporting industry standards like the Controller Area Network Flexible Data-rate (CAN FD), legacy CAN, the Local Interconnect Network (LIN), and the Clock extension Peripheral Interface (CXPI), as well as emerging standards like Ethernet Audio Video Bridging (AVB). Figure 1 shows some of the interfaces required for body control units.

Connectivity is also required internally within embedded control systems using standards like the Serial Peripheral Interface (SPI), Quad SPI, and Octal SPI. To prevent both external and internal connectivity from becoming a bottleneck for some applications, it is important to support applicable standards and protocols at sufficiently high data rates; for example, at a minimum of 100 Mbps and, ideally, 1 Gbps for Ethernet.


Security has become its own separate and special consideration for ensuring safety in applications that require extensive connectivity where every system, sensor, control, gateway, and network creates a potential vulnerability.

Without adequate security, malware infecting a seemingly innocuous system like HVAC could spread to other systems, and threaten safe operation of Advanced Driver Assist Systems or other critical functions.

Threats to security can come via both wired and wireless connections, including On-Board Diagnostic (OBD), other physical ports, and all wireless technologies, including Bluetooth, WiFi, and cellular. Potential threats also come from both outside and inside the vehicle, including from the driver's or passenger's infected mobile phone, tablet, or MP3 player.

Given the extent of the attack surface, all solutions should, at a minimum, support eSHE, the enhanced Secure Hardware Extension that is the equivalent of EVITA Light from the E-safety Vehicle Intrusion-protected Applications project. Superior security is afforded by a Hardware Security Module (HSM) that is equivalent to EVITA Medium with its enhanced cryptographic and random number generation features, along with more secure embedded memory.


The large and growing variety, volume, and velocity of data from an ever-expanding number of connected systems and sensors requires substantially more processing power from Micro Controller and Electronic Control Units.

A common means for measuring processor performance is the Dhrystone benchmark that measures Millions of Instructions Per Second. MCUs and ECUs should deliver a minimum of 500 DMIPS for basic applications and upwards of 1500 DMIPS for more sophisticated applications.

Performance can be further increased by using tightly-coupled memory that provides the low latency and determinism needed to support real-time applications. Storing application software in high-speed NOR flash also helps boost performance. Additionally, it will add faster response with instant-on operation for applications that have been idled to conserve power.


Power consumption is an important consideration for both the embedded automotive electronics and the functions they control. Its importance will become even more critical as adoption of electric vehicles--and their attendant range anxiety--increases.

Substantial reductions in power consumption can be achieved using ECUs that support various "idling" modes of operation, such as Stop, Sleep, and Partial Wake-up. MCUs and ECUs capable of being clocked at slower rates can further decrease power consumption when running those applications and/or processes that do not require peak performance.


From a vehicle owner's perspective, every function should work without fail. This is obviously true for body control functions like keyless entry, but the expectation also applies to functions as basic as changing the temperature or volume.

Just as critical is the expectation that a vehicle can be expected to remain in service and continue to run reliably for 20 years--or longer.

The Automotive Electronics Council's Q100 standard for Failure Mechanism-Based Stress Test Qualification for Integrated Circuits establishes common part qualification and quality system standards for MCUs, ECUs, and other ICs. AECQ100 specifies four operating temperature Grades, with Grades 3, 2 and 1 being suitable for body control applications requiring operation from -40[degrees]C to +85[degrees]C, +105[degrees]C and +125[degrees]C, respectively.

Related to reliability is durability, and this applies mainly to the non-volatile flash memory normally used in automotive electronics. NOR and NAND flash memory cells slightly degrade with each erase/program cycle. NAND flash is especially susceptible to becoming unreliable after decades of use.


With vehicles expected to remain in service 20 years or longer, manufacturers must be able to depend on their component suppliers to provide support over the long haul. Therefore, it is essential to partner only with those suppliers that have proven to be reputable, including with demonstrated longevities of supply and support in the automotive industry.


With automotive applications becoming increasingly interconnected and complex, both development cycles and the potential for design flaws have increased. For the hardware involved, the effort is simplified by advances in technology, especially the smaller geometries that are leading to more IC-level integration, Multi-Chip Packages, and even complete System-on-Chip (SoC) solutions.

For the software, standards like the AUTomotive Open System Architecture (AUTOSAR) with its Micro-Controller Abstraction Layer (MCAL) can substantially simplify development and testing efforts. AUTOSAR provides a set of specifications describing basic software modules and application programming interfaces, along with a run-time environment and common development methodology that includes acceptance testing.

Modular designs with layered architectures (Figure 2) can dramatically simplify the development of embedded automotive applications. Existing--and proven--software modules from a variety of sources can be used and reused in different applications, often with little or no modification. The better hardware suppliers support such architectures by offering useful software modules and by ensuring compatibility across a family of scalable MCUs at different performance points, memory densities, and number of pins.

Nobuhiko ("AKA") Akasaka is vice president of Cypress Semiconductor's automotive business unit, where he is responsible for marketing the company's automotive body microcontroller portfolio.

By Nobuhiko Akasaka, VP of Marketing for the Automotive Business Unit at Cypress Semiconductor

Caption: Figure 1: This block diagram for a body control unit shows some of the interfaces needed to external systems, along with the use of a PMIC for intelligent power management.

Caption: Figure 2: The layered embedded application architecture depicted here helps simplify development efforts by enabling the use (and reuse) of existing software modules.
COPYRIGHT 2018 Advantage Business Media
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2018 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Engineering Answers: AUTOMOTIVE
Author:Akasaka, Nobuhiko
Publication:Product Design & Development
Date:Nov 1, 2018
Previous Article:Where COTS Designs Stand in the IoT Gold Rush: The COTS boards for IoT applications like industrial and transportation are still a work in progress,...
Next Article:High Pressure Pump Speeds Up Virus Filtration and Concentration Process: Contract manufacturer dramatically reduces processing time.

Terms of use | Privacy policy | Copyright © 2020 Farlex, Inc. | Feedback | For webmasters