BMW Car IT GmbH
Transcript of BMW Car IT GmbH
BMW Car IT GmbH.AUTOSAR - First Experiences and the Migration Strategy of the BMW Group
Dr. Christian Salzmann, BMW Car IT
ARTIST2 WSSalzmann24.03.2006Page 2
© BMW Car IT GmbH
AUTOSAR - First Experiences.Overview.
1. Focus of this talk: Model based development under AUTOSAR – the Virtual Function Bus (VFB) and its implementation, the Runtime Environment (RTE)
2. History and Lessons learned
3. The AUTOSAR Strategy of the BMW Group: Migration into the AUTOSAR world.
4. Future Steps: „Beyond AUTOSAR“
ARTIST2 WSSalzmann24.03.2006Page 3
© BMW Car IT GmbH
Standardization
16 Thursday, 24 February 2005
AUTOSAR – ECU Software Architecture
AUTOSAR RTE:by specifying interfaces and their communication mechanisms, the applications are decoupled from the underlying HW and Basic SW, enabling the realization of Standard Library Functions.
Standardized, openly disclosed interfacesHW independent SW layerTransferability of functionsRedundancy activation
Automotive Open System Architecture (AUTOSAR):
source: www.autosar.org
ARTIST2 WSSalzmann24.03.2006Page 4
© BMW Car IT GmbH
AUTOSAR - First Experiences.Model based development under AUTOSAR.
Virtual Function Bus
Software Composition
AUTOSARSW-C
4
AUTOSARSW-C
3
AUTOSARSW-C
1
AUTOSARSW-C
2
AUTOSARSW-C
1
AUTOSARSW-C
2
AUTOSARSW-C
3
AUTOSARSW-C
4
AUTOSARSW-C
1
AUTOSARSW-C
2
AUTOSARSW-C
3
AUTOSARSW-C
4
RTE RTE RTE RTERTE
Basis SW Basis SW Basis SW Basis SW
ECU A ECU B ECU A ECU C ECU D
CAN Bus Flexray Bus
Partitioning A Partitioning B
IDE,System Generator
IDE,System Generator
SystemDeployment<<XML>>
SystemDeployment A
<<XML>>
ECUDescription<<XML>>
AUTOSARSW-C
1
AUTOSARSW-C
1AUTOSAR
SW-C 1
AUTOSARSW-C
1
Business logic of the SW Components
(binary code).
This takes place at Application level –not the basic software.
ARTIST2 WSSalzmann24.03.2006Page 5
© BMW Car IT GmbH
AUTOSAR - First Experiences.A subset of the Virtual Function Bus.
C/S
Communication
...
Client Server
Mode
AsyncSync
Timeout
S/R
Sender
Success
SendMode
CyclicN TimesOnce OnRequest
InformationType
DataEvent
maximumAge
Receiver
Buffering
Init Value
Queue
Last isbest LengthReceive
Mode
DRAWWP
TimeoutValue
ARE
Invalidate Filter
Encryption Integrity Check Reliability
Filter
ConnectorParadigm
ReceiveMode
DRAWWP
TimeoutValue
ARE
ARTIST2 WSSalzmann24.03.2006Page 6
© BMW Car IT GmbHConsolidation SupportProof of Concept
1/04 3/04 5/04 7/04 9/04 11/04 1/05 3/05 5/05 7/05 9/05 11/05
Pilot in BMW SC 6.2
Proof of Concept
AUTOSAR - First Experiences.History.
Final Version Orpheus 6.0.0in BMW Standard Core 6.4
Piloting
Experiences gained of three phases:
1. „Proof of Concept“: technical feasibility and feedback from the developer’s perspective.
2. „Piloting“: Confirming the applicability in the automotive domains by piloting existing functions and ECUs in the domains.
3. „Consolidation Phase“: Integration of resulting software and tools into the BMW Standard Core 6.
ARTIST2 WSSalzmann24.03.2006Page 7
© BMW Car IT GmbH
Basis SWBasis SW
MMI: WaferBoard QNX /JAVA
MirrorGUI
MPC 565 OSEK SC /CMPC 565 OSEK SC /C
EC E60
Display
Restbus Simulation
CAN
RTE (JAVA/QNX) RTE (C/SC)RTE (C/SC)
Außenspiegel links
Außenspiegel rechts
LIN
MirrorPark
MirrorControl
Basis SW
AUTOSAR - First Experiences.„Proof of Concept“ (June 2004).
Basic SWBasic SW
MMI: WaferBoard QNX /JAVA
MirrorGUI
MPC 565 OSEK SC /C
EC E60
Display
Simulation
CAN
RTE (JAVA/QNX) RTE (C/SC)
Rear mirror left
Rear mirror right
LIN
MirrorPark
MirrorControl
ARTIST2 WSSalzmann24.03.2006Page 8
© BMW Car IT GmbH
AUTOSAR - First Experiences.AUTOSAR Architecture.
AUTOSAR Runtime Environment (RTE)
ApplicationSoftware
Component..............
Basic SoftwareStandardized
Interface
AUTOSARInterface
MicrocontrollerAbstraction
AUTOSARInterface
ApplicationSoftware
Component
StandardizedAUTOSARInterface
Services
StandardizedInterface
ECUAbstraction
AUTOSARInterface
StandardizedInterface
ComplexDeviceDrivers
AUTOSARInterface
ActuatorSoftware
Component
AUTOSARInterface
SensorSoftware
Component
AUTOSARInterface
StandardizedInterface
Communication
StandardizedInterface
StandardizedInterface
OperatingSystem
StandardizedInteface
AUTOSARSoftware
Component
Interface
ECUFirmware
StandardSoftware
API 2VFB & RTErelevant
API 1RTErelevant
API 0
API 3 PrivateInterfaces insideBasic Software
possible ECU-Hardware
AUTOSAR Runtime Environment (RTE)
ApplicationSoftware
Component..............
Basic SoftwareStandardized
Interface
AUTOSARInterface
MicrocontrollerAbstraction
AUTOSARInterface
ApplicationSoftware
Component
StandardizedAUTOSARInterface
Services
StandardizedInterface
ECUAbstraction
AUTOSARInterface
StandardizedInterface
ComplexDeviceDrivers
AUTOSARInterface
ActuatorSoftware
Component
AUTOSARInterface
SensorSoftware
Component
AUTOSARInterface
StandardizedInterface
Communication
StandardizedInterface
StandardizedInterface
OperatingSystem
StandardizedInteface
AUTOSARSoftware
Component
Interface
ECUFirmware
StandardSoftware
API 2VFB & RTErelevant
API 1RTErelevant
API 0
API 3 PrivateInterfaces insideBasic Software
possible ECU-Hardware
AUTSW Kommit Sch
AUTOSABasis S
AUTOSA
source: www.autosar.org
ARTIST2 WSSalzmann24.03.2006Page 9
© BMW Car IT GmbH
AUTOSAR - First Experiences.Architecture of the BMW SC/RTE.
Runtime Environment (RTE)
..............AUTOSARInterface
ApplicationSoftware
Component
ComplexDeviceDrivers
ActuatorSoftware
Component
AUTOSARInterface
SensorSoftware
Component
AUTOSARInterface
Interface
OperatingSystem
StandardizedInteface
AUTOSARSoftware
Component
Interface
StandardSoftware
ECU-Hardware
..............
CAN CommunicationLayer
AUTOSARInterface
ApplicationSoftware
Component
ErrorManager
InterfacePropr.
Interface
„Classic“
SC
Sofw
atware
FunctionActuatorSoftware
Component
AUTOSARInterface
SensorSoftware
Component
AUTOSARInterface
Diagnose(KWP 2000)
OSEK OS
ProprietäresInteface
AUTOSARSoftware
Component
AUTOSARInterface
BasicSoftware
ECU-Hardware
OSEKNM
Propr.Interface
BMW Message Manager
Propr.Interface
Propr.Interface
Propr.Interface
Propr.Inteface
AUTOSARconformAPI
Inteface
proprietaryAPI
Propr.Interface
ProprietäresInteface
Propr.Interface
Propr.Interface
Propr.Interface
Propr.Interface
Propr.Interface
ARTIST2 WSSalzmann24.03.2006Page 10
© BMW Car IT GmbH
AUTOSAR - First Experiences.Pilots (07/04 – 03/05).
Body sun roof (finished)Body fuel gauge (finished)Body climate control finished)Chassis chassis management (finished)Powertrain Driver Request (finished)
Resulting steps:
1. The RTE is the appropriate interface for migration.
2. An optimized RTE Code Generator is needed.
3. Integrated tool support for modeling, configuration that fits into the BMW design process.
ARTIST2 WSSalzmann24.03.2006Page 11
© BMW Car IT GmbH
AUTOSAR – Migration Strategy.A stable subset of the VFB for migration.
(Attributed not on a mature specification level are not listed)
C/S
Communication
...
Client Server
Mode
AsyncSync
Timeout
S/R
Sender
Success
SendMode
CyclicN TimesOnce OnRequest
InformationType
DataEvent
maximumAge
Receiver
Buffering
Init Value
Queue
Last isbest LengthReceive
Mode
DRAWWP
TimeoutValue
ARE
Unimplemented Attributes
Implemented Attributes
Invalidate Filter
Encryption Integrity Check Reliability
Filter
ConnectorParadigm
ReceiveMode
DRAWWP
TimeoutValue
ARE
ARTIST2 WSSalzmann24.03.2006Page 12
© BMW Car IT GmbH
AUTOSAR – Migration Strategy. Migration at SW-component level.
SC 6.2 SC 6.7 SC 7.0(full AUTOSAR SC)
RTE based SW Components are migratable with an calculable amount of adaption.
Change of Basic SW Change of Basic SW
ECU-Hardware
Single sided AUTOSAR Runtime Environment (RTE)
ActuatorSoftware
Component
AUTOSARInterface
ApplicationSoftware
Component
SensorSoftware
Component
ApplicationSoftware
Component
..............
AUTOSARSoftwareAUTOSAR
InterfaceAUTOSARInterface
AUTOSARInterface
Complex
Drivers
Microcontroller
Drivers
Memory Drivers
I/O Drivers
I/O Hardware Abstractio
nMemory
Hardware Abstraction
Memory Services
System Services
Onboard Device Abstraction
Communication Drivers
Communication Hardware
Abstraction
Communication
ServicesOEM OEM OEM
OEM
ECU-Hardware
Single sided AUTOSAR Runtime Environment (RTE)
ActuatorSoftware
Component
AUTOSARInterface
ApplicationSoftware
Component
SensorSoftware
Component
ApplicationSoftware
Component
..............
AUTOSARSoftwareAUTOSAR
InterfaceAUTOSARInterface
AUTOSARInterface
Complex
Drivers
Microcontroller
Drivers
Memory Drivers
I/O Drivers
I/O Hardware Abstractio
nMemory
Hardware Abstraction
Memory Services
System Services
Onboard Device Abstraction
Communication Drivers
Communication Hardware
Abstraction
Communication
ServicesOEM
OEM
ECU-Hardware
AUTOSAR Runtime Environment (RTE)
ActuatorSoftware
Component
AUTOSARInterface
ApplicationSoftware
Component
SensorSoftware
Component
ApplicationSoftware
Component
..............
AUTOSARSoftwareAUTOSAR
InterfaceAUTOSARInterface
AUTOSARInterface
Complex
Drivers
Microcontroller
Drivers
Memory Drivers
I/O Drivers
I/O Hardware Abstractio
nMemory
Hardware Abstraction
Memory Services
System Services
Onboard Device Abstraction
Communication Drivers
Communication Hardware
Abstraction
Communication
Services
An application, coded against the RTE interface, can be migrated up to the fully compliant AUTOSAR standard core.
„Stepwise Migration of Software Level
ARTIST2 WSSalzmann24.03.2006Page 13
© BMW Car IT GmbH
AUTOSAR – Migration Strategy. RTE against an existing COM Matrix.
AUTOSAR Vision:From the partitioning to the COM matrix.
Status Quo:From the COM Matrix to the ECU interface
Ergo: „AUTOSAR brings up a new reuirement for migration: generating an RTE against an existing COM matrix “
COM-matrix
Mapping ofRTE Signals to bus
Partitioning Bus-Interfaceof ECU
COM-matrix
Bus-Interfaceof ECU
ARTIST2 WSSalzmann24.03.2006Page 14
© BMW Car IT GmbH
AUTOSAR – Migration Strategy. Migration into an existing board network.
BASIC SW
AUTOSAR SW Component
ADU (Autosar Data Unit)
Data Element
CAN Bus
ECU
Bus Mapping• Integration of an RTE
based ECU into an existing system.
• No ADUs > 8 Byte
CAN MessagesCAN Signals
ARTIST2 WSSalzmann24.03.2006Page 15
© BMW Car IT GmbH
AUTOSAR – Migration Strategy. Migration into a board net.
„stepwise migration of ECU level
The RTE based ECU behaves towards the bus exactly like a „classical“ ECU
ARTIST2 WSSalzmann24.03.2006Page 16
© BMW Car IT GmbH
AUTOSAR – Migration Strategy. ORPHEUS.
ORPHEUS = modeling tools + code generator
Enabler for migrationIntegrated in BMW SC6, Import DBC/FIBEX
Graphical Modeling of- AUTOSAR Application Components- Mapping to CAN and Flexray Bus- Scheduling- Partitioning of Software
Optimized Codegeneration of RTE (incl. autom. Unit Tests)
Open (Adation to ASCET, AUTOSAR Templates)
AUTOSAR Component Types
AUTOSAR Compositions Deployment
Scheduling
Bus Mapping
RTE.c OIL Make AUTOSARTemplate.xml
CodeGenerator
AUTOSAR Model (with dynamic constraint checks)
.dbc / FIBEX
ARTIST2 WSSalzmann24.03.2006Page 17
© BMW Car IT GmbH
AUTOSAR – Migration Strategy. The Powertrain Pilot.
Voices outside AUTOSAR back in 2002:
„AUTOSAR will never work!“
„AUTOSAR is not feasible“
„The runtime environment will double the RAM/ROM allocations!“
ARTIST2 WSSalzmann24.03.2006Page 18
© BMW Car IT GmbH
AUTOSAR – Migration Strategy. The Powertrain Pilot.
Cooperation between BMW AG, BMW Car IT and Siemens VDO
MSV80
PVI Momenten-Erzeugung
CodierDaten
Siemens BSW
ipolmath
MSV80-AS
PVI
ssRTE
CodierDaten
Momenten-Erzeugung
Siemens BSW
ipolmath
MSV80-AS
Siemens BSW
ipolmath
Momenten-Erzeugung
CodierDaten
ssRTE
S12X Eval Board
BMWSC 6.4
ipol
mathPVI Codier
Daten
ssRTE (Orpheus)
PT-CAN
ISG ( Imaginary ECU )
ARTIST2 WSSalzmann24.03.2006Page 19
© BMW Car IT GmbH
AUTOSAR – Migration Strategy. The Powertrain Pilot.
The Imaginary ECU (ISG)
The MSV80 on and under the hood
The AUTOSAR Car at BMW CarIT
On the rear seat of the AUTOSAR car.
ARTIST2 WSSalzmann24.03.2006Page 20
© BMW Car IT GmbH
AUTOSAR – Migration Strategy. Resource Allocation: RAM and ROM.
Data read and write accessR, WAccess Types
Scenario II: 1 – PVI on ISGnone# of Runnables
15 RTE Write Functions25 RTE Read Functions (26)
22# of Connectors
-22# of Required Ports
-12# of Provided Ports
1:3, 1:2, 10:115# of Data Elements
-12# of Interfaces
2 full compliant: PVI, TRCG9 capable: PVSV ... MTAC9# of Software components
201+ 92231RAM in bytes
4283+_?_43903+_?_4ROM in bytes
Scenario IIScenario IAdditional resources
1 – Internal RTE buffers2 – Temporary CAN message buffers3 – RTE Functions (RTE read/write, RTE PDU send/receive)4 – Additional code within the aggregates to call the RTE read and write functions and dealing with different resolutions of data.
ARTIST2 WSSalzmann24.03.2006Page 21
© BMW Car IT GmbH
AUTOSAR – Migration Strategy. Resource Allocation: How does it scale?
39
3
51
13
62
18223158
16861031
5481
2538308833983638
9585
1044
1
10
100
1000
10000
1 10 100 1000
Data Elements / Operations
Byt
e Orpheus 6.1.0 RAMOrpheus 6.1.0 ROM
ARTIST2 WSSalzmann24.03.2006Page 22
© BMW Car IT GmbH
AUTOSAR at BMW Group. Future Work.
Timing & Scheduling
Safety aspects at model level
Error handling at VFB level.
ARTIST2 WSSalzmann24.03.2006Page 23
© BMW Car IT GmbH
AUTOSAR at BMW Group.Conclusion.
The AUTOSAR approach is feasible
AUTOSAR getting into series production
Iterative prototyping is an appropriate way to boost the quality and acceptance of software innovations.
AUTOSAR is an enabler for future innovations concerning timing, error management and safety aspects.
ARTIST2 WSSalzmann24.03.2006Page 24
© BMW Car IT GmbH
AUTOSAR at BMW Group. Thank you for your attention.
Die Vervielfältigung von Inhalten, Daten oder Bildmaterial bedarf der vorherigen Zustimmung der BMW Car IT GmbH.
No part, information or figures may be reproduced, distributed or republished without the prior permission of the copyright owner BMW Car IT GmbH.