AUTOSAR OS est amené à devenir le nouveau standard pour les systèmes d’exploitation d’exploitation dans l’embarqué automobile, Un des objectifs premiers du projet AUTOSAR est de permettre à des applications provenant de différentes sources de s’exécuter sur un même calculateur. Ce document fait un tour d'horizon des mécanismes de protection, par exemple protection mémoire et temporelle, qui permettent à des applications multi-sources de s'exécuter sur un même calculateur avec une sûreté de fonctionnement importante. Slides d'une conférence donnée au salon RTS'2009 à Paris.
As the intricacy of Electronic Control Units (ECU) in present day vehicles has expanded, the requirement for automotive functional safety standard has turned out to be more goal. ISO 26262 standard tends to the all inclusive security hones required for planning basic car segments. We take a gander from an optimistic standpoint rehearses that will help you to plan ISO 26262-agreeable ECU programming.
Cours sur les circuits logiques câblés www.cours-online.commorin moli
L'utilisation de systèmes digitaux est en pleine expansion. Pour s'en convaincre, il n'y a qu'à regarder autour de nous l'explosion de la microinformatique, qui s'est même implantée dans les ménages. Un nombre de plus en plus grand de machines (télévision, voiture, machine à laver, etc.) utilisent de l'électronique numérique.
« La mécatronique est la combinaison synergique et systémique de la mécanique, de l'électronique et de l'informatique temps réel. L'intérêt de ce domaine d'ingénierie interdisciplinaire est de concevoir des systèmes automatiques puissants et de permettre le contrôle de systèmes complexes. »
« La mécatronique exige de penser les produits et les procédés de manière transverse. La mécatronique fait « éclater les murs », avec un pilotage matriciel. Le pilotage au plus haut niveau de l’entreprise est dans ce cadre essentiel, afin que les moyens alloués correspondent aux besoins à mettre en œuvre. »
Slides of a talk given at ERTS2008 in Toulouse. Abstract: with the increasing amount of electronics, making best usage of the bandwidth becomes of primary importance in automotive networks. One
solution that is being investigated by car manufacturers is to schedule the messages with offsets, which leads to a desynchronization of the message streams. As it will be shown, this “traffic shaping” strategy is very beneficial in terms of worst-case response times. In this slides, the problem of choosing the best offsets is addressed in the case of Controller Area Network, which is a de-facto standard in the automotive world. Comprehensive experiments shown give insight into the fundamental reasons why offsets are efficient, and demonstrate that offsets actually provide a major performance boost in terms of response times. These experimental results suggest that sound offset strategies may extend the lifespan of CAN further, and may defer the introduction of FlexRay and additional CAN networks.
This presentation focus on advances on Model Based System Engineering that fUML [1] brings. fUML, better known has Executable UML, provide a formalization of a subset of UML. UML, and with some extensions and adaptations SysML, can now be analysed in a formal way. That was main grief made by researchers.
First part of the presentation illustrates what is now possible by picking ideas from existing tools, notably Alloy [1] and OWL [3]. Following this path will enlighten what still must be done from researchers. It also points out how UML/SysML editors and tools can be enhanced. Indeed in current tools you can modelize activities that are not executable, you can describe Class/Block that cannot be instantiated, and so on.
The second part is about current implementation of previous ideas. It starts with a panorama of tools that can be combined, reused or adapted for the new desired features. For instance, it is possible to generate random instances of a model. Doing so helps to be confident in the model constraints. Moreover details will be given on how Topcased ease or not the integration of such a tool in its suite. For instance, it will be shown how Acceleo and ATL are used, but further details will also be given on how it integrates deeply with Topcased Editors for warnings, quick-fixes and so on.
As the intricacy of Electronic Control Units (ECU) in present day vehicles has expanded, the requirement for automotive functional safety standard has turned out to be more goal. ISO 26262 standard tends to the all inclusive security hones required for planning basic car segments. We take a gander from an optimistic standpoint rehearses that will help you to plan ISO 26262-agreeable ECU programming.
Cours sur les circuits logiques câblés www.cours-online.commorin moli
L'utilisation de systèmes digitaux est en pleine expansion. Pour s'en convaincre, il n'y a qu'à regarder autour de nous l'explosion de la microinformatique, qui s'est même implantée dans les ménages. Un nombre de plus en plus grand de machines (télévision, voiture, machine à laver, etc.) utilisent de l'électronique numérique.
« La mécatronique est la combinaison synergique et systémique de la mécanique, de l'électronique et de l'informatique temps réel. L'intérêt de ce domaine d'ingénierie interdisciplinaire est de concevoir des systèmes automatiques puissants et de permettre le contrôle de systèmes complexes. »
« La mécatronique exige de penser les produits et les procédés de manière transverse. La mécatronique fait « éclater les murs », avec un pilotage matriciel. Le pilotage au plus haut niveau de l’entreprise est dans ce cadre essentiel, afin que les moyens alloués correspondent aux besoins à mettre en œuvre. »
Slides of a talk given at ERTS2008 in Toulouse. Abstract: with the increasing amount of electronics, making best usage of the bandwidth becomes of primary importance in automotive networks. One
solution that is being investigated by car manufacturers is to schedule the messages with offsets, which leads to a desynchronization of the message streams. As it will be shown, this “traffic shaping” strategy is very beneficial in terms of worst-case response times. In this slides, the problem of choosing the best offsets is addressed in the case of Controller Area Network, which is a de-facto standard in the automotive world. Comprehensive experiments shown give insight into the fundamental reasons why offsets are efficient, and demonstrate that offsets actually provide a major performance boost in terms of response times. These experimental results suggest that sound offset strategies may extend the lifespan of CAN further, and may defer the introduction of FlexRay and additional CAN networks.
This presentation focus on advances on Model Based System Engineering that fUML [1] brings. fUML, better known has Executable UML, provide a formalization of a subset of UML. UML, and with some extensions and adaptations SysML, can now be analysed in a formal way. That was main grief made by researchers.
First part of the presentation illustrates what is now possible by picking ideas from existing tools, notably Alloy [1] and OWL [3]. Following this path will enlighten what still must be done from researchers. It also points out how UML/SysML editors and tools can be enhanced. Indeed in current tools you can modelize activities that are not executable, you can describe Class/Block that cannot be instantiated, and so on.
The second part is about current implementation of previous ideas. It starts with a panorama of tools that can be combined, reused or adapted for the new desired features. For instance, it is possible to generate random instances of a model. Doing so helps to be confident in the model constraints. Moreover details will be given on how Topcased ease or not the integration of such a tool in its suite. For instance, it will be shown how Acceleo and ATL are used, but further details will also be given on how it integrates deeply with Topcased Editors for warnings, quick-fixes and so on.
Insights on the Configuration and Performances of SOME/IP Service DiscoveryRealTime-at-Work (RTaW)
Scalable Service-Oriented Middleware on IP (SOME/IP) is a proposal aimed at providing service-oriented communication in vehicles. SOME/IP nodes are able to dynamically discover and subscribe to available services through the SOME/IP Service Discovery protocol (SOME/IP SD). In this context, a key performance criterion to achieve the required responsiveness is the subscription latency that is the time it takes for a client to subscribe to a service. In this paper we provide a recap of SOME/SD and list a number of assumptions based on what we can foresee about the use of SOME/IP in the automotive domain. Then, we identify the factors having an effect on the subscription latency, and, by sensitivity analysis, quantify their importance regarding the worst-case service subscription latency. The analysis and experiments in this study provide practical insights into how to best configure SOME/IP SD protocol.
Outine
1) Automotive E/E Systems: mastering complexity
2) Ecosystems of virtualization technologies
3) Automotive use-cases of virtualization
4) Limits of virtualization
Authors: N. Navet (RealTime-at-Work), B. Delord (PSA Peugeot-Citroen), M Baumeister (Freescale semiconductor)
Talk given at RTS Embedded System 2010 on March 31st 2010.
Automotive embedded systems now include numerous software-intensive functions that are critical from a safety point of view (e.g., braking, assisted driving, etc). These functions are distributed on the Electronic Control Units and they need to exchange large amount of data with real-time constraints. In this context, the communication system plays a major role and it has to respect stringent dependability constraints. Security, especially with the widespread of wireless networks, is now becoming a serious matter of concern too. In this talk, we will review the main threats to dependability and security in automotive communication systems, the existing technical solutions to attain them, and, highlight areas where developments might be needed.
Une rapide introduction au développement dirigé par les modèles (MDA/MDD) et à ses bénéfices. Présentation de l'approche implémentée par le logiciel RTaW-Generator.
RTaW SysML Companion transforms SysML models into VHDL/AMS so that it becomes possible to simulate SysML models. SysML Companion enables to perform virtual prototyping and derive tests very early in the design phase directly from SysML specification. To the best of our knowledge, SysML Companion is the first tool of its kind.
There is today more than 20 years of experience in automotive CAN applications, and CAN has certainly proven very successful as a robust, cost effective and all-around network technology. But the use of CAN in vehicles is evolving, in particular because of more complex and heterogeneous architectures with FlexRay or Ethernet networks, and because of recent needs like hybrid, electric propulsion or driver assistance that involves more stringent real-time constraints. Besides, there are other new requirements on CAN: more fine-grained ECU mode management for energy savings, multi-ECU splitted functions and huge software downloads. In parallel, safety issues request more and more mechanisms to protect against potential failures and provide end-to-end integrity. The development process is also evolving with the advent of multi-domain cooperation, Autosar, ISO2626-2 and the always shorter time-to-market requirements. In this landscape, CAN has now to be used at much higher bus load level than in the past, and there is less margin for error. What does it imply in terms of verification and validation? What are the characteristics of the communication stacks that should be paid attention to? This article is intended to shed some light and share our views on these issues.
Timing verification of automotive communication architecture using quantile ...RealTime-at-Work (RTaW)
Slides of a paper at ERTSS'2014 co-authored by Nicolas NAVET (University of Luxembourg), Shehnaz LOUVART (Renault), Jose VILLANUEVA (Renault), Sergio CAMPOY-MARTINEZ (Renault) and Jörn MIGGE (RealTime-at-Work). Early stage timing verification on CAN traditionally relies on simulation and schedulability analysis, also known as worst-case response time (WCRT) analysis. Despite recent progresses, the latter technique remains pessimistic especially in complex networking architectures with gateways and heterogeneous communication stacks. Indeed, there are practical cases where no exact WCRT analysis is available, and merely upper bounds on the response times can be derived, on the basis of which unnecessary conservative design choices may be made. Simulation, on the other hand, does not provide anyguarantees per se and, in the context of critical networks, should only be used along with an adequate methodology. In this paper, we argue for the use of quantiles of the response time distribution as performance
metrics providing an adjustable trade-off between safety and resource usage optimization. We discuss how the exact value of the quantile to consider should be chosen with regard to the criticality of the frames, and illustrate the approach on two typical automotive use-cases.
Timing verification of real-time automotive Ethernet networks: what can we ex...RealTime-at-Work (RTaW)
Switched Ethernet is a technology that is profoundly reshaping automotive communication architectures as it did in other application domains such as avionics with the use of AFDX backbones. Early stage timing verification of critical embedded networks typically relies on simulation and worst-case schedulability analysis. When the modeling power of schedulability analysis is not sufficient, there are typically two options: either make pessimistic assumptions or ignore what cannot be modeled. Both options are unsatisfactory because they are either inefficient in terms of resource usage or potentially unsafe. To overcome those issues, we believe it is a good practice to use simulation models, which can be more realistic, along with schedulability analysis. The two basic questions that we aim to study here is what can we expect from simulation, and how to use it properly? This empirical study explores these questions on realistic case-studies and provides methodological guidelines for the use of simulation in the design of switched Ethernet networks. A broader objective of the study is to compare the outcomes of schedulability analyses and simulation, and conclude about the scope of usability of simulation in the desi gn of critical Ethernet networks
Slides of a talk given at the Workshop on Specialized Networks held in Conjunction with ETFA 2009.
The use of networks for communications between the Electronic Control Units (ECU) of a vehicle in production cars dates from the beginning of the 90s. The specific requirements of the different car domains have led to the development of a large number of automotive networks such as LIN, J1850, CAN, FlexRay, MOST, etc..
This talk first introduces the context of in-vehicle embedded systems and, in particular, the requirements imposed on the communication systems. Then, we highlight future trends in the development of automotive communication systems.
As the demand for computing power is quickly
increasing in the automotive domain, car manufactur-ers and tier-one suppliers are gradually introducing mul-ticore ECUs in their electronic architectures. Additionally, these multicore ECUs offer new features such as higher levels of parallelism which eases the respect of
the safety requirements introduced by the ISO 26262 and can be taken advantage of in various other automotive use-cases. These new features involve also more complexity in the design, development and verification of the software applications. Hence, OEMs and suppliers will require new tools and methodologies for deployment and
validation. In this paper, we present the main use cases
for multicore ECUs and then focus on one of them. Pre-
cisely, we address the problem of scheduling numerous
elementary software components (called runnables) on
a limited set of identical cores. In the context of an au-
tomotive design, we assume the use of the static task
partitioning scheme which provides simplicity and bet-
ter predictability for the ECU designers by comparison
with a global scheduling approach. We show how the
global scheduling problem can be addressed as two sub-
problems: partitioning the set of runnables and building
the schedule on each core. At that point, we prove that
each of the sub-problems cannot be solved optimally due
to their algorithmic complexity. We then present low com-
plexity heuristics to partition and build a schedule of the
runnable set on each core before discussing schedula-
bility verification methods. Finally, we assess the perfor-
mance of our approach on realistic case-studies.
La supervision industrielle à distance par le réseau de téléphonie mobile. Superviser, contrôler et commander n'importe quel équipement, de n'importe où, n'importe quand, à partir de terminaux fixes ou mobiles grâce à la technologie OCCOX et au protocole M2M CHANNEL de DEMTECH.
What are the relevant differences between Asynchronous (ATS) and Credit Based...RealTime-at-Work (RTaW)
The effects of CBS and ATS shapers (IEEE Std 802.1Q-2022, Annex L and V) are basically identical for a single flow in the highest priority Traffic Class. But the number of CBS instances is intrinsically limited by the number of TCs, while ATS instances can be numerous and are organized into Scheduler-Groups. We discuss how selecting ingress-flows for ATS instances can create different behavior from CBS. How does the ATS grouping-rule affect shaper performance? What benefit can shaping of lower priority TCs have? How are other non-shaped TCs affected by ATS vs. CBS?
t has been more than 10 years since the inception of the Time-Sensitive Networking Task Group (TG) in IEEE802.1. Since then, TSN has become a rich toolbox of mechanisms and protocols to address Quality-of-Service (QoS) requirements pertaining to timing and reliability. While IEEE 802.1CB, AS and Qci are natural choices for dependability, the designer has much more possibilities when it comes to timing QoS. The selection and configuration of a suitable TSN scheduling solution is not straightforward, as many mechanisms are available (priorities, preemption, CBS, TAS, CQF, ATS), most of them being complex to configure, and they can be used in a combined manner to meet the needs of applications comprising mixed types of traffic. In this talk, based on the academic literature and the observation of industrial practices, we review the well-understood and the emerging use-cases of the different timing QoS mechanisms and what we have learned in terms of their configuration. Ultimately, this talk aims at shedding new light on what to expect from TSN QoS mechanisms and how to introduce the least complexity needed to meet the application's timing requirements.
Time-Predictable Communication in Service-Oriented Architecture - What are th...RealTime-at-Work (RTaW)
Software defined vehicle puts the challenges not only on the computing systems in the vehicle but also on the network. To design a system that can exhibit the required level of determinism for a set of distributed control applications, it is not enough to have a network that is predictable from the timing perspective, one also needs proper real-time scheduling mechanisms in the operating system and in the communication stack, i.e. the interface between the application and the network. In this contribution, we present:
- Overall concept, or what do we mean with a time-predictable system,
- State of the art in deterministic real-time Ethernet communication,
- The real-time scheduling mechanisms commonly used in Automotive,
- Examples of challenging issues and practical use cases that OEMs need to address toward timing predictability in the system.
Strategies for End-to-End Timing Guarantees in a Centralized Software Defined...RealTime-at-Work (RTaW)
This presentation reports on design choices explored for next-generation zonal E/E architectures supporting mixed criticality traffic with strong timing constraints at the gateways between Ethernet and CAN:
• We present methods to validate strategies for packing/unpacking CAN frames to be transmitted over an Ethernet backbone
• We present a novel use-case for Time Aware Shaper (TAS), used to confine the traffic from Android applications into short, periodic transmission windows, shielding hence the rest of the traffic from their interference under any evolution scenario. System-level simulations are used to compare TAS with two alternative solutions based on priorities and Credit Based Shaper (CBS)
• This study exemplifies how the collaboration between an OEM, a Tier1 and a timing analysis tool vendor built a timing-accurate model of the SDV architecture to explore design alternatives, reduce the time for prototyping and to provide new inputs for the 802.1DG Automotive profile
Signal-Oriented ECUs in a Centralized Service-Oriented Architecture: Scalabil...RealTime-at-Work (RTaW)
The industry is quickly moving away from a function/signal-oriented architecture towards Service-Oriented Architectures (SOA). To carry-over legacy signal-oriented ECUs during the transition phase, Volvo Cars has developed a layered software (SW) architecture based on the concepts of "device proxys" (i.e., one per legacy ECU), signal real-time database and service interface. This architecture, executing on the central computer on the TSN backbone, provides a clear separation of concerns between its components with a reduced additional complexity.
In this presentation, we will review the main challenges faced in the integration of signal-oriented ECUs into SOA, and present the solutions explored at Volvo with a focus on layered SW architecture in the centralized E/E architecture and its 3 core components:
o Device Proxies
o Signal DataBase
o Service Interface
We then report on the performances of this architecture in terms of latencies and conclude on the maximum number of signal-oriented frames and legacy ECUs that can be handled. The performance evaluation is conducted by simulation, with sensitivity analysis to identify the performance bottlenecks. The E/E architecture under study is a prototype TSN-based central computing architecture targeted at next-generation models.
The main questions that will be discussed throughout the presentation are 1) how to efficiently handle signal to service conversion? 2) The performance and the scalability of the SW architecture proposed and 3) the suitability of SOME/IP as the SOA protocol.
Do We Really Need TSN in Next-Generation Helicopters? Insights From a Case-StudyRealTime-at-Work (RTaW)
As Ethernet rapidly replaces legacy networks as the core high-speed network in helicopter’s avionics and mission systems, we ask in this paper the question of the technical benefits of migrating to Ethernet Time-Sensitive-Networking (TSN). Indeed, TSN has become a rich toolbox of mechanisms and protocols to address Quality-of-Service (QoS) requirements pertaining to timing and reliability. TSN is quickly becoming the prominent technology for wired high-speed communications in a variety of application domains like automotive, industry 4.0 and telecom. In this context, this work explores the use of TSN timing QoS mechanisms for helicopter’s avionics and mission systems on a case-study representative of the communication requirements of next-generation systems. This study aims to provide quantified insights into what can be expected from TSN in terms of timing, memory usage and extensibility. Paper available at http://hdl.handle.net/10993/48093
This work is about the design and configuration of service-oriented communication on top of Ethernet TSN. The first objective is to present takeaways from the design and implementation of the Renault E/E Service-Oriented Architecture (SOA) called FACE. In particular, we discuss technological, design and configuration choices made for the SOA, such as how to segment messages (UDP with multiple events, TCP, SOME/IP TP), and the technical possibilities to shape the transmission of the packets on the Ethernet network.
The second objective is to study how to ensure the Quality of Service (QoS) required by services. Indeed, services introduce specific challenges, be it only the sheer amount of traffic they generate and if there is a growing body of experiences in the use of TSN QoS mechanisms most of what has been learned so far is mostly about meeting the requirements of individual streams. Less is known for services that involve the transmission of several, possibly segmented, messages with more complex transmission patterns. We show on the FACE architecture how SOME/IP messages were mapped to TSN QoS mechanisms in a manual then automated manner so as to meet the individual requirements of the services in terms of timing, and the system’s requirements in terms of memory usage.
Simulation-Based Fault Injection as a Verification Oracle for the Engineering...RealTime-at-Work (RTaW)
TTEthernet (TTE) is considered for use as high-speed backbone in the avionics of next-generation orbital space launchers. Given the key role of communication in launchers, the OEM must acquire a precise understanding of TTE’s functioning and its performances in nominal and error conditions. This holds especially true for the clock synchronization algorithm, the cornerstone of time-triggered communication in TTE, which involves complex distributed algorithms. In this study, we use both an experimental platform and fault-injection on a simulation model to gain quantified insights in these questions. We first describe a fine-grained simulation model of TTE model and discuss how it has been validated against communication traces recorded on the TTE platform. We then present experiments that evaluate the accuracy of the clock synchronization in TTE in the fault-free case as well as considering permanent link failure and transient transmission errors. Finally, we discuss what we have learned during the project in terms of development process and programming language support for complex simulation models used in the design of critical systems.
Autonomous driving requires safety considerations and the need of “fail operational” requires redundancy. In the networking portion of a car, this may mean separate networks, possibly of different technologies. Or it could mean a network topology and technology that supports scalable redundancy, like Ethernet TSN.
This presentation focuses on IEEE 802.1CB-2017, which is the TSN standard that supports data redundancy through the network. Various network topologies are examined. The relative costs of adding TSN redundancy for these topologies (including some, or all of, the end-stations/ECUs & bridges) are examined for various bandwidth utilizations, along with the expected packet loss. Each topology and bandwidth will be modeled under various bit-rate error values with the results discussed.
This presentation aims at providing a clear understanding of the TSN standards that support redundancy, and an understanding of the cost/benefit tradeoffs so proper engineering decisions can be made and proper expectations set.
Towards Computer-Aided, Iterative TSN-and Ethernet-based E/E Architecture DesignRealTime-at-Work (RTaW)
Typical design goals of next generation architectures are future extensibility and cost optimization of the lowest-end. We propose to introduce guidance to an otherwise standard Monte-Carlo simulation by providing certain fixed points (e.g., mandated connections of ECUs to certain bridges, complete re-use of ECUs) and “hot spots” in the topology (e.g., ECUs with the highest variability pressure) that are known in advance from BMW’s experience with their vehicles in the field. Several important practical considerations must be integrated in the generation of candidate architectures:
- Topological constraints: ECU proximity to sensors, daisy chain connections between ECUs to minimize cable length, number of switch ports in a certain ECU, etc.
- Security and reliability requirements: segregation between mixed-criticality streams, proxy ECUs, and redundant paths.
Our position statement explores the ability of algorithmic tools to synthesize Ethernet-based architectures based on a minimal fixed core TSN topology, design goals, design constraints, assumptions about next generation applications and data from past projects (capturing part of the OEM domain knowledge).
There has been a pivotal change in the design of E/E architectures, which is that we cannot assume anymore that the functions, and thus the communication requirements, are known in advance and fixed over time. It has become crucial for OEMs to be in the position to add further functions / services during the lifetime of the vehicle: OEMs need to design E/E architectures that are future-proof.
We show how design space exploration, by answering a series of design questions and proposing solutions to the designers, helps to improve an automotive E/E architecture in several dimensions.
We start by estimating the total "capacity" of a baseline architecture, then, by removing bottlenecks, we obtain an "enhanced capacity" architecture. The architecture is then further optimized in terms of costs and reliability.
The work is conducted on Volvo's prototype centralized E/E and domain-based E/E architectures.
Early-stage topological and technological choices for TSN-based communication...RealTime-at-Work (RTaW)
A main issue in the design of automotive communication architectures is that the most important design choices pertaining to the topology of the networks and the technologies to use (protocols, data rate, hardware) have to be made at a time when the communication requirements are not entirely known. Indeed, many functions only becomes available along the development cycle, and vehicle platforms have to support incremental evolutions of the embedded system that may not be fully foreseeable at the time design choices are made. The problem is becoming even more difficult and crucial with the introduction of dynamically evolving communication requirements requiring network re-configuration at run-time.
We present how the use of synthetic data, that is data generated programmatically based on past vehicle projects and what can be foreseen for the current project, enables the designers to make such early stage choices based on quantified metrics. The proposals are applied to Groupe Renault's FACE service-oriented E/E architecture with the use of the “Topology Stress Test” feature implemented in RTaW-Pegase.
Insights into the performance and configuration of TCP in Automotive Ethernet...RealTime-at-Work (RTaW)
The idea of using TCP in cars has been around for some time, as the first specification of Autosar TCP/IP stack dates back from early 2013. However, TCP has not been popular yet in cars and there has not been much published works on using TCP for in-vehicle communications so far.
TCP – the Transmission Control Protocol – provides connection-oriented reliable transmission between network applications. TCP is the cornerstone of the Internet – a hugely successful protocol over the last 40 years – if it is certainly a fine piece of engineering but it is definitely a complex one.
The question we explore in this study is what can we expect from TCP for on-board in-vehicle communication in terms of latencies & throughput and how to best configure TCP in a context for which
it has not been conceived. In particular, we will show that TCP configuration on the ECU sides should consider the amount of memory available in the switches and that traffic shaping policy, as available in TSN, can provide a nice performance boost for TCP communication.
Insights on the Performance and Configuration of AVB and TSN in Automotive Ap...RealTime-at-Work (RTaW)
Switched Ethernet is profoundly reshaping in-car communications. To meet the diverse real-time requirements in automotive communications, Quality-of-Service protocols that go beyond the mere use of priorities are required. In this work, the basic questions that we investigate on a case-study with diverse and demanding communication requirements is what can we expect from the various protocols aimed at providing a better timing Quality of Service on top of Ethernet? And how to use them? Especially how to use them in a combined manner. We will focus on the Credit-Based Shaper of AVB, the Time-Aware Shaper of TSN and the use of priorities as defined in IEEE802.1Q. The performance metrics considered are the distributions of the communication latencies, obtained by simulation, as well as upper bounds on these quantities obtained by worst-case schedulability analysis. If there have been over the last 5 years numerous studies on the performance of AVB CBS, the literature on comparing AVB to TSN and other candidate protocols is still sparse. To the best of our knowledge, this empirical study is the first to consider most protocols currently considered in the automotive domain, with the aim to gain insights into the different technological, design and configurations alternatives. In particular, an objective of this study is to identify key problems that need to be solved in order to further automate network design and configuration.
Frame latency evaluation: when simulation and analysis alone are not enoughRealTime-at-Work (RTaW)
This talk is about temporal verification in real-time communication systems. Early in the design cycle, the two main approaches for verifying timing constraints and dimensioning the networks are worst-case schedulability analysis and simulation. The aim of the talk is to demonstrate that both provide complementary results and that, most often, none of them alone is sufficient. In particular, it will be shown that response time distributions that can be derived from simulations cannot replace worst-case analysis. This will be done on automotive case-studies using RTaW analysis and simulation software tools.
Modeling, Simulation and Timing Analysis for Controller Area Network (2.0A, 2.0B, FD, Arinc825) - RTaW-Sim is a timing-accurate simulator of CAN networks that enables the designer to come up quickly with the best design and configuration choices, and assess the performances and reliability of a system.