Locations
America
Brazil
EnPo
Canada
Latam
Mexico
EnSp
United States
Europe
EnDe
Benelux
Germany & Austria
EnDe
Nordic
Southern Europe
EnFr
United Kingdom & Ireland
Asia Pacific
Asean
Australia & New Zealand
China
Japan
EnJp
Korea
Taiwan
India & Middle East
India
Middle East
Africa
Global Site
< Engineering

Three Steps to Implementing Mixed Criticality Systems for Superior Automotive Safety

comments.png fav-article
comments.png

Our Perspective

  • Auto manufacturers need a secure, reliable way to transmit, install and verify updates across systems while ensuring that these processes do not disrupt the vehicle's essential functions or compromise its safety.
  • MCS allows different software applications with varying levels of importance and safety requirements to coexist on the same hardware platform, ensuring that critical functions such as emergency braking systems get the priority and resources they need to operate reliably in real-time, every time.
  • A structured approach to MCS integration ensures that vehicles can meet the demands of modern drivers and the technological landscape of the future.

As the automotive industry accelerates towards software-defined vehicles, MCS emerge as the key to balancing innovation with uncompromised safety and performance.

By 2030, software-defined vehicles (SDVs) are expected to generate more than $650 billion for the automotive industry. The rise of SDVs marks a pivotal shift in the automotive industry, promising to revolutionize how cars are designed, manufactured, and experienced. But to access these opportunities, automotive companies must first navigate the challenges: modernizing legacy systems, establishing robust yet flexible security systems, and developing the capabilities necessary to manage a wide range of hardware and software components.

Central to this transformation is the adoption of mixed criticality systems (MCS), which are essential for integrating applications with diverse safety needs and importance levels onto a single hardware platform. This strategy boosts vehicle performance and efficiency while ensuring top-notch safety and reliability. It also facilitates the smooth introduction of innovative features and updates, aligning with the dynamic needs of drivers and the automotive sector.

A Bumpy Road to the SDV Future

The rise of SDVs presents several predictable yet critical challenges for automotive scompanies. For starters, modern vehicles are incredibly complex, combining various software and hardware components. Take Tesla's Autopilot system as an example. It's a mix of sensors, cameras, and software that allows for semi-autonomous driving. Making sure all these parts work well together is key to keeping things safe on the road. Then there's the need for systems, like emergency braking, to react in real-time. These systems must work instantly, every time, which means software updates need to be spot-on.

Security is another major concern, illustrated by Black Hat’s remote hack of Jeep Cherokee in 2015. As vehicles become more connected, manufacturers must invest in robust security measures while keeping pace with hackers to avoid unexpected vulnerabilities.

There's also the challenge of complying with safety and regulatory standards, such as ISO 26262, which are constantly evolving, especially for new technologies like EV battery systems. Over-the-air (OTA) updates are crucial to ensure that safety features and secondary applications remain up to date, but managing these updates adds another layer of complexity to SDVs. Manufacturers need a secure, reliable way to transmit, install, and thoroughly verify updates across systems of varying criticality, all while ensuring that these processes do not disrupt the vehicle's essential functions or compromise its safety.

How Mixed Criticality Systems Can Help

MCS promises to be a game-changer in tackling these challenges. By design, MCS allows different software applications with varying levels of importance and safety requirements to coexist on the same hardware platform. This approach is particularly useful in managing the complexity of modern vehicles. MCS can ensure that critical functions such as emergency braking systems get the priority and resources they need to operate reliably in real-time, every time. This means that even when new software updates are introduced, the system can maintain its integrity, ensuring that safety-critical functions are not compromised.

On the security front, MCS offers a structured way to isolate less critical functions from those that are vital, reducing the risk of a cyber attack impacting the entire vehicle system. For instance, an entertainment system would be considered less critical than the braking system. If the entertainment system were compromised, MCS could help prevent the attack from spreading to more critical systems. This isolation enhances security and simplifies the process of updating and maintaining different vehicle systems, which can benefit compliance and feature development.

MCS architectures are also a boon for automotive companies looking to future-proof their vehicles. These systems are designed to grow and adapt, dynamically managing and prioritizing system resources and tasks to ensure seamless integration of new features without disrupting essential functions. For example, as autonomous driving technology advances, MCS can facilitate the integration of more sophisticated autonomous features through OTA updates, enhancing vehicle capabilities without compromising safety or performance, thereby keeping the vehicle at the forefront of technology and user experience.

Three Steps to Integrating MCS

Integrating MCS into the automotive industry, particularly for SDVs, can be streamlined into three key steps:

  1. Transition from Monolithic to Microservice-Based Architecture: Start by breaking down monolithic automotive software systems into microservices. One microservice could handle the vehicle's navigation, while another manages the entertainment system. This division allows for easier updates and maintenance since changes to one service don't directly impact others. Manufacturers might undertake this restructuring themselves or partner with tech companies specializing in software architecture to ensure a smooth transition.
  2. Integration with Mixed Criticality Infrastructure: After breaking down the software into microservices, the next step is integrating these services within a mixed criticality framework. This involves setting up a system where services are prioritized based on their importance to vehicle safety and operation. For instance, the braking system's microservice would be given higher priority over the infotainment system's microservice. This step requires careful planning to define how much computing power and resources each service gets and how they interact with each other to prevent critical services from being starved of resources by less critical ones. It's akin to ensuring that emergency services can always get through traffic, even when the roads are busy.
  3. Orchestration of Mixed Criticality: The final step is orchestrating these microservices, ensuring they work together efficiently. This involves managing the lifecycle of each microservice, from deployment to retirement, and dynamically allocating resources based on current needs. For example, if the vehicle enters a critical situation, like emergency braking, the system automatically reallocates resources to prioritize this function. This orchestration is managed by specialized software that acts like a conductor, ensuring each part of the system gets what it needs to perform its function without interference. This step might involve using existing orchestration tools or developing new ones tailored to the specific needs of automotive systems.
By following these steps, automotive companies can build software-defined vehicles that are safer, more reliable, and easier to update and maintain. This structured approach to integrating MCS ensures that vehicles can meet the demands of modern drivers and the technological landscape of the future.

Innovation in Action

A prime example of these principles in action is Wipro's work with a European Tier 1 automotive client, where the shift to a microservices framework has paved the way for vehicles that align with modern expectations of safety, reliability, and easy maintenance. The client’s existing surround view system was operating on a monolithic setup that made updates cumbersome. Breaking down the system into independent services, such as image capture/processing and storage, each deployed in containers using Docker for easier management and scalability, improved system maintenance and feature deployment speed.

We took a similar approach in our work on the Autoware ADAS system, addressing its determinism and communication issues. By segmenting the system into multiple containers and employing a mixed criticality orchestrator for scheduling, we enhanced the system's reliability and safety, particularly in its valet parking functionality. This approach allowed for real-time monitoring of safety violations and ensured deterministic scheduling, showcasing our capability to tackle complex challenges and advance automotive technology.

Mixed criticality systems are changing the game for software-defined vehicles, enhancing safety and streamlining management. By facilitating smooth updates and new feature integration, they’re paving the way for vehicles that are smarter, safer, and always ready to meet the challenges of tomorrow.

X

popup-image