A group of French industry and government researchers has demonstrated how to integrate end-to-end scheduling analysis using Autosar 4.0, the latest release of the emerging Automotive Open System Architecture. Scheduling analysis is a timing verification method to ensure that a real-time system can meet its timing requirements. The lack of this critical capability has been a significant limitation of the Autosar industry standard for embedded automotive software systems.
“Our work shows OEMs and suppliers that they can use scheduling analysis to verify the timing constraints of Autosar systems at the model level,” said coauthor Stefan Kuntz, project manager at Continental Automotive France/Germany, one of the world’s top five automotive suppliers, which conducted the research in conjunction with CEA LIST, the French government Laboratory of Applied Research on Software-Intensive Systems.
The research appears in a paper presented at the March 2011 14th IEEE International Symposium on Object/Components/Service-Oriented Real-Time Distributed Computing (ISORC 2011).
Autosar Industry Consortium and Standard
Under development since 2003, Autosar is an international industry effort to define a model-based architecture with standard interfaces. The model aims to help reduce the number of electronic control units (ECUs) in an automobile—50 is the current average—and simplify software development and integration. The consortium motto, “Cooperate on standards; compete on implementation,” reflects a fundamental change in automotive design from an ECU/code-based approach to a function-based/model-driven approach.
Earlier efforts to perform model-level scheduling analysis for Autosar had failed for lack of a means to express timing information. Autosar 4.0, released in December 2010, added timing extensions that car manufacturers and their suppliers can use to specify the timing behavior at different Autosar system levels. However, the extensions provide only a language to use in expressing timing-related information, said Saoussen Anssi, a software development engineer at Continental Automotive France and PhD student supervised by CEA-LIST. “Users must still characterize an analyzable system model to test,” she explained.
Anssi is the lead author of the ISORC research paper, in which she and her colleagues describe the basic features of an analyzable Autosar model as required by scheduling analysis. They illustrate their approach in a cruise-control system case study and present results that confirm its feasibility.
The function-based, model-driven approach requires a change in the way scheduling analysis is used to verify real-time system constraints.
“The old ECU-based approach expressed timing constraints as simple deadlines on operating system tasks,” Kuntz explained. “It performed scheduling analysis to calculate the response time of each task and compare it with the deadline. But a function-based architecture like Autosar expresses timing constraints as end-to-end deadlines on function flows that might be distributed over many ECUs.”
This capability lets all involved parties assess the dynamic behavior of vehicle functions much earlier than in the past, Kuntz said, which means significant cost savings.
For More Information
The research paper, “Enabling Scheduling Analysis for Autosar Systems,” is available to IEEE Computer Society Digital Library subscribers at http://doi.ieeecomputersociety.org/10.1109/ISORC.2011.28.