Automotive Smart Vehicles & Functional Safety Applied To .

2y ago
53 Views
2 Downloads
420.23 KB
8 Pages
Last View : 2m ago
Last Download : 2m ago
Upload by : Giovanna Wyche
Transcription

2017 NDIA GROUND VEHICLE SYSTEMS ENGINEERING AND TECHNOLOGYSYMPOSIUMAUTONOMOUS GROUND SYSTEMS (AGS) TECHNICAL SESSIONAUGUST 8-10, 2017 - NOVI, MICHIGANAutomotive Smart Vehicles & Functional Safety Applied to DoDGround VehiclesDavid A. LaRue: PhDSr. Technical SpecialistFEV North AmericaAuburn Hills, MITom TaskyDirector ElectronicFEV North AmericaAuburn Hills, MIStephan TarnutzerVP ElectronicsFEV North AmericaAuburn Hills, MIJerry LaneGreat Lakes Systems & Technology LLCMacomb, MIABSTRACTThe application of advanced FEV Automotive Smart Vehicle methods and technologies whilemaintaining functional safety compliance and how it applies to similar features, requirementsand capabilities across the fleet of DoD combat and tactical vehicles will be discussed. Therequirement of technologies for DoD autonomous ground vehicle including leader follower,automated convoy operations, and intelligent applique kit’ are common to those specified in theautomotive industries. Intelligent vehicles can be advanced and implemented in an expeditiousmanner through FEV Smart Vehicle technologies, techniques and methodologies while maintaincompliance to required functional safety. The application and impact of ISO 26262 (2011) aswell as Mil-Std. 882(E) to the implementation of the advanced technologies and techniques insupport of full operational vehicle autonomy can hinder development. Leveraging the FEVAutomotive Smart Vehicle reduces the time and cost for safety compliant implementation of theseadvanced technologies and techniques even where VI and AI strategies are required through theoptimization of system and sensor fusion of ISO safety certified components and systems. DoDGround Vehicles can leverage this evolution of vehicle intelligence, autonomy and safetynormally only supportive of the automobile industry.INTRODUCTIONFEV Smart Vehicle is a method and processdeveloped by FEV and includes the design,development and implementation of technologiesfor Infotainment, Telematics, ADAS iving)technologiesandtechniques while maintain compliance to requiredfunctional safety standards as well as cybersecurity challenges. Infotainment systems arebecomingthecentralandoperationalcommunication hub in many vehicle designs.

Proceedings of the 2017 Ground Vehicle Systems Engineering and Technology Symposium (GVSETS)These hubs support numerous communicationprotocols such as CAN (Controller AreaNetwork), LIN (Local Interconnect Network),Automotive Ethernet, FlexRray, MOST (MediaOriented Systems Transport), SPI (SerialPeripheral Interface), SCI (Serial CommunicationInterface), UART (Universal AsynchronousReceiver/Transmitted), and USB. It also includesvarious wireless protocols such as LTE (LongTerm Evolution) and DSRC (Dedicated ShortRange Communication) Wi-Fi (Wireless Fidelity),NFC (Near Field Communication, GSM (GlobalSystem for Mobile), CDMA (Code DivisionMultiple Access), Bluetooth as well as other RF(Radio Frequency) type communication over analmost infinite range of frequencies in support ofCloud Connectivity based applications as well asFOTA (Flash Over The Air) all while supportingCyber Security through various means such s of AD operation and thecommunication protocols supporting theseoperations, FEV Smart Vehicle also supports AI(Artificial Intelligence)and VI (VirtualIntelligence) strategies, while maintainingcompliance to various safety standards (e.g.ISO26262; 2011, Mil Std. 882 (E), IEC 61508,edition 2; 2010)\Illustration 1In comparison, the first aircraft autopilot wasdeveloped by the [1] Sperry Cooperation in 1912.These systems at their introduction as well astoday are not intended to replace the pilot, but toassist them in the operation of the aircraft allowingthe pilot to focus on broader aspects of operationsuch as monitoring the weather, trajectory andother operational systems, as well as to reducepilot fatigue in longer duration flights. As theaircrafts sense and control systems evolved, so didthe autopilot. The technology currently exists forfull autonomous operation of an aircraft, andwithin the next decade we will likely see thesetypes of aircrafts being introduced into thecommercial realm for various operations. Similarto the automotive industry these systems leveragethe use of various technologies and techniques insupport of both the autopilot system as well asautonomous operation. Autonomous operationshould not be confused with remote operationsuch as the technique used in drone or UAV(Unmanned Arial Vehicle) operation.Looking at advanced technology applications inthe automotive space, the Cadillac’s Night Visionwas originally introduce on the DeVille in 2000using a thermal imagery sensor which detectedinfrared radiation, displaying an image thru theHUD (Heads Up Display) onto the windshield.This image would have to be processed and actedupon by the vehicle operator. This feature wassubsequently canceled following the 2004 modelyear.ABS (Anti-Lock Brake Systems) as of 2004have been mandated as standard equipment on allnew passenger cars sold in the US (United States).[2] Anti-skid brake systems first turned up onaircraft in the late 40’s. One of these purelymechanical systems, the Maxaret was adapted tothe British Jensen FF in 1966. These vehicleswere not available in the US. It was recognizedearly on that these type systems would need tohave fast acting electronic controls. Despite theclaims of a famous German carmaker, the firstelectronic four-wheel anti-skid system wasintroduced by Ford in late 1969. The Ford Sure-Very Really Incredibly Long Example Sample Title Name Which is Very Long and Descriptive , One, et al.Page 2 of 8

Proceedings of the 2017 Ground Vehicle Systems Engineering and Technology Symposium (GVSETS)Track system by Kelsey-Hayes was available onthe Thunderbird and Continental Mark III. TheSure-Brake system for Chrysler’s 1971 Imperialprevented the front wheels from locking up inorder to maintain steering control during a fullbrake or panic braking event.The advent of electronic controls, help to pushfunctions such as ABS into the mainstream and aspreviously mentioned are now a required featureon all new vehicles in operation on Americanroadways. Today’s vehicles use throttle and brakeby-wire capabilities, where there is no longer amechanical connection to these functions. Bywire uses various sensors to determine theoperators request and electronically pass this inputto an ECU (Electronic Control Unit) where therequest is verified and acted upon. This typecontrol has two unique challenges over oldermechanical systems; first how do I know therequest received by the ECU is that requested bythe operator and secondly how do I know theaction taken by the ECU reflects the operatorsrequest. Even with older mechanical systems afailsafe approach was required. Older throttlecontrol systems would use redundant springs onthe throttle plate of the carburetor of the throttlebody so if the mechanical linkage were to breakthe vehicle would return to idle, even if one of thetwo springs were to fail. Today’s cars use asimilar process where there are two or moreredundant sensors used to verify the operator’srequest. These two inputs are compared to eachother to be sure they both match the expectedvalues based upon the request from the operator.Sensor type, slope and other key measurables aredefined as to reduce what is referred to as a“common mode fault” as required by the safetystandards that apply.Today’s vehicles can include in excess of over100 ECUs communicating over a number ofbuses,supporting various communicationprotocols. Additionally it is not uncommon tohave fully electronic (by-wire) throttle, brake,PRNDL (Park Reverse Neutral Drive Lever) andsteering functions.Current safety systemsleverage the technologies of vision (optical andinfrared), RADAR (Radio Detection AndRanging), LiDAR (Light Detection And Ranging),proximity (or ultra-sonic) and GPS (GlobalPosition System) type sensors. These sensors andby-wire controls work in conjunction with digitalmaps provided in the navigation systems (or viacloud connectivity) allowing for various levels ofautonomous operation; ultimately to the NHTSA(NationalHighway TransportationSafetyAdministration) Level 4, or SAE (SocietyAutomotive Engineers) Level 5, which is fullautonomy. These ADAS & AD functions includeFCW (Forward Collision Warning) RCW , LCW (Lane Keep Assist),LDW (Lane Departure Warning), CTA (CrossTraffic Alert), Parking Assist, TSR (Traffic SignRecognition), ACC (Adaptive or Active CruiseControl), C2I (Car to Infrastructure), C2C (Car toCar), AEB (Automatic Emergency Braking),Pedestrian Detection/Warning, and many others.In addition to these systems, many vehicles alsouse captive type steering and brake interfaceswhich are used to alert the driver. This, togetherwith the world’s need to be connected, also hasdriven a need to support various HMI (HumanMachine Interface) and Apps through; Linux,QNX, iOS & Android).Despite and in support of the complexity oftoday’s vehicles, a keen and continued focus onsafety is an absolute necessity, regardless of anymandate for compliance. Understanding the riskassociated with autonomous operation, thechallenges and limitations of the technologies usedas well as the potential for threats outside thevehicle environment must be understood andquantified early and throughout the productsdevelopment life-cycle.Very Really Incredibly Long Example Sample Title Name Which is Very Long and Descriptive , One, et al.Page 3 of 8

Proceedings of the 2017 Ground Vehicle Systems Engineering and Technology Symposium (GVSETS)SAFETY STANDARDSThis paper, as well as FEV’s Smart Vehicle arebased on ground type systems. Generally thesesystems and their integration require complianceto at least one of the following safety standards;ISO 26262, IEC 61508 or Mil Std. 882. Theautomotive industry based on volume is the largestconsumer and advocate for these safety standards.Originally, commercial safety critical systemssuch as electric or hybrid vehicles would developthese systems to IEC61508 as there was nospecific standard for these type applications. Inparallel to the design and development of electricand hybrid vehicle applications in compliance tothe IEC standard, ISO had taken the IEC standardand updated it specific to the automotive industryfor vehicle applications less than 3500kg, whichwas formally released in 2011. Even prior to theformal release of ISO 26262, many of the NorthAmerican OEMs were working to compliancewith pre-release or draft copies of the standard,abandoning the IEC standard. With exception ofa few legacy vehicles or systems there is currentlylittle direct use of IEC 61508 within theautomobile industry today. ISO 26262 has justrecently completed an update scheduled forrelease in late 2017 or early 2018. This newupdate has increased content and examplesspecific to ADAS and AD systems and has alsoincluded parts specific to Motorcycles, MicroControllers, and Commercial Applications (heavyTrucks and Buses). In addition to the ISOstandard, SAE J2980; May 2015: Surface VehicleRecommended Practice, Considerations for ISO26262 ASIL Hazard Classification is very helpfulin supporting and performing the Hazard Analysisand Risk Assessment required of ISO 26262.system might fault and what the specificconsequences or risks of such a fault might be. Inshort, each standard assists in the development ormetrics which are used to direct the user in thetype design, analysis, diagnostic, monitoring andmitigation techniques required to either avoid afault or failure or to always maintain the vehicle ina safe state.The safety demonstrated through the limited useof early ADAS systems has not gone unnoticed.Insurers, legislators and the automotive industryitself have recognized the effectiveness of thesesystems many of which are being mandated foruse in future production vehicles. This as well asthe volumes consumed in the automotive industryhas driven component manufacturers to takenotice as well.The integration of thesetechnologies couldn’t have happened at a bettertime as there was already considerable focus onneeded compliance to ISO 26262. The end resultis many of the micro-controllers, sensors, and theiraccompanying systems can be purchased precertified to a specific ASIL (Automotive SafetyIntegrity Level).The ASIL is similar to the SIL (Safety IntegrityLevel) value defined and used within IEC 61508as well as the Risk Values associated with Mil Std.882. Though there is no direct relationshipbetween any of these values the underlyingrequirements in design, analysis and integrationare quite similar. It is also important to note, thatthough a system may be certified to an ASIL D (asexample) this certification is only valid when thesystem has been properly integrated.There are certainly differences in the approachand requirements when comparing Mil Std. 882,to IEC 61508 and/or ISO 26262. Despite thesedifferences the intent of all three (3) standards isin the support of functional safety with a keyattribute to that in being understanding how aVery Really Incredibly Long Example Sample Title Name Which is Very Long and Descriptive , One, et al.Page 4 of 8

Proceedings of the 2017 Ground Vehicle Systems Engineering and Technology Symposium (GVSETS)LEVERAGING FEV SMART VEHICLEThe FEV Smart Vehicle is a highly modularizedsystem which supports the Benchmarking, SystemArchitectural Design, Requirements Development,Functional Safety/Cyber Security, ControlsDevelopment (HW & SW Function), Component& System Integration/Calibration, Test &Validation as well as Test System Design of allaspects of the systems and components in supportof Infotainment, Telematics, ADAS and fullautonomous vehicle operation all with fullcompliance to applicable safety standards.FEV Smart Vehicle allows for the seamlessintegration or removal of functions and featuresthroughout the vehicles architecture, whilemaintaining compliance to applicable safetystandard and in support of cyber security needs.This is done in part by FEV’s deep knowledge ofmost all automotive OEM’s design andarchitectural designs and strategies, including theirunique HW/SW design as well as buscommunication. This knowledge drives thecompany’s highly optimized solution approachfrom simple to complex and static thru full VIapplication and strategies.FEV’s work through all aspects of groundvehicle development as well as their respectiveapplicable standards which they have to support,allow the comapny an understanding which in turngives it the insight necessary to draw arelationship between these standards allowing theuse of COTS (Commercial Off The Shelf) systemsreadily available for integration into defenseground based vehicles/systems. The result inleveraging technologies and techniques precertified to the ISO standard is reduced cost in theintegration of proven compliant sensors,components and systems as well as greatlyexpedited integration timing. Additionally, manyof the technologies and techniques used in theautomotive industry are available to support HIL(Hardware in the Loop), MIL (Model in the Loop)and SIL (Software in the Loop) systems as well asSW (Software) and HW (Hardware) integrationdevelopment and validation. To further supportthe rapid prototyping of ground based systemsthere are libraries readily available that mightotherwise need to be developed (e.g. signrecognition), even where regional differences insize and color exist. These libraries not onlysupport the simulators companies might use butthe actual controls recognition and executionneeded in the actual implementation of theproduct.Illustration 2FEV Smart Vehicle also supports ANN’s(Artificial Neural Networks) which is a typelearning task of an application in [3] DeepLearning (also known as deep structured learningor hierarchical learning). This compounded withthe company’s continued work in AI and VI allowthe systems themselves to improve in function,capability, and performance over time without anydirect operator or user input. The use of cellularVery Really Incredibly Long Example Sample Title Name Which is Very Long and Descriptive , One, et al.Page 5 of 8

Proceedings of the 2017 Ground Vehicle Systems Engineering and Technology Symposium (GVSETS)networks allow VI systems to learn not only fromthemselves but also from other similar systems.optimize on the success of this type of controlsstrategy.This learning frequently programmed in thesesystems support all aspects of operation, function,monitoring, and mitigation.Hence, overallfunctions as well as general fault mitigationstrategies evolve over time, working to maintainas much overall operational function while stillsupporting failsafe operation mitigation actionswithin the required FTTI (Fault Tolerant TimeInterval) assigned by the hazard (based upon ISO26262 as example).There are a host of projects where FEV hasdemonstrated its competency in these areas; one ofwhich involves platooning for commercialvehicles. The initial system supported longitudinalcontrol of commercial vehicles with a followingdistance of 0.4 seconds at highway speeds. Thisresulted in a 3rd party determination that the leadvehicle had improved fuel economy of 5% whilethe trailing vehicle saw an increase in fueleconomy of just over 10%. Though safety wasdemonstrated with these parameters (target trailingdistance of 0.4seconds), it was found the closuretrailing distances had an adverse effect on enginecooling resulting in extended use of the coolingfan which reduced efficiency and also resulted inincreased driver fatigue operating at these closedistances.The FTTI is the time period between when afault presents itself until when the vehicle isbrought to a safe state. The FTTI period definedis required regardless as to the complexity of theoverall systems as well as any strategy which mayallow the system to progress thru multiplemitigation actions in order to bring the vehicle to asafe state. A typical FTTI time line is similar tothe image belowSimilar systems are being demonstrated withlateral steering controls as well, proving upon thefunctional capability of the current longitudinalsystems.Illustration 3When applied to vehicle powertrain controls,leveraging the use of those systems used inADAS/AD allows not only for predictive controlin the improvement of mileage and increase inrange but alsoreduction in overall vehicleemissions.These improvements are furtheroptimized through the use of a network center aswell as VI strategies applied which allow for realtime adjustment to these controls to furtherIllustration 4Very Really Incredibly Long Example Sample Title Name Which is Very Long and Descriptive , One, et al.Page 6 of 8

Proceedings of the 2017 Ground Vehicle Systems Engineering and Technology Symposium (GVSETS)This system also leverages the data streamed tothe network center (cloud and connected vehicleback-end) from all vehicles in operation, allowingqualification of other driver routes as well as realtime information regarding traffic, constructionand weather. This data is used to assist in settingthe speeds and trailing distances of otherplatooning vehicles as well as to warn them ofsituations that may exist further down their routeas well as the continued advancement in theoverall operational functions of the base systemcurrently.FEV has further demonstrated the capability ofFEV Smart Vehicle thru the accelerateddevelopment of a non-mechanical LiDAR sensorhead. Performance of the standalone device wasin many areas experienced capabilities superior tothat of far more expensive units.Thedevelopment and benchmarking alone though ofgreat use, can be further optimized thru the FEVSmart Vehicle approach whereby this system wasdeveloped and assigned compliance of the systemto the safety integrity level specific to theapplicable safety standard(s

standard, SAE J2980; May 2015: Surface Vehicle Recommended Practice, Considerations for ISO 26262 ASIL Hazard Classification is very helpful in supporting and performing the Hazard Analysis and Risk Assessment required of ISO 26262. There are certainly differences in t

Related Documents:

3.1 General Outlook of the Automotive Industry in the World 7 3.2 Overview of the Automotive Industry in Turkey 10 3.3 Overview of the Automotive Industry in TR42 Region 12 4 Effects of COVID-19 Outbreak on the Automotive Industry 15 5 Trends Specific to the Automotive Industry 20 5.1 Special Trends in the Automotive Industry in the World 20

Table 12: Acquisitions of U.S. Automotive Parts Companies (SIC 3714) Table 13: Automotive Parts Exports, 2000-2010 Table 14: Automotive Parts Imports, 2000-2010 . Automotive parts consumption is linked to the demand for new vehicles, since roughly 70 percent of U.S. automotive parts production is for Original Equipment (OE) products. .

Automotive Pathway Automotive Services Fundamentals Course Number: IT11 Prerequisite: None Aligned Industry Credential: S/P2- Safety and Pollution Prevention and SP2- Mechanical and Pollution Prevention Description: This course introduces automotive safety, basic automotive terminology, system & component identification, knowledge and int

Model Year 2015 Fuel Economy Leaders / 5 2015 Model Year Vehicles / 6 Diesel Vehicles / 29 Electric Vehicles / 31 Plug-in Hybrid Electric Vehicles / 33 Compressed Natural Gas Vehicles / 35 Fuel Cell Vehicles / 35 Hybrid Electric Vehicles / 36 Ethanol Flexible Fuel Vehicles / 38

smart grids for smart cities Strategic Options for Smart Grid Communication Networks To meet the goals of a smart city in supporting a sustainable high-quality lifestyle for citizens, a smart city needs a smart grid. To build smart cities of the future, Information and Communications Techn

2019), the term "smart city" has not been officially defined (OECD, 2019; Johnson, et al., 2019). However, several key components of smart cities have already been well-established, such as smart living, smart governance, smart citizen (people), smart mobility, smart economy, and smart infrastructure (Mohanty, et al., 2016).

Automotive Basics - Course Description "Automotive Basics includes knowledge of the basic automotive systems and the theory and principles of the components that make up each system and how to service these systems. Automotive Basics includes applicable safety and environmental rules and regulations. In Automotive Basics, students will gain

Hernando High School FL Automotive . Central Nine Career Center IN Automotive Elkhart Area Career Center IN Automotive . Kokomo Area Career Center IN Automotive North Lawrence Vo-Tech IN MLR Porter County Career Center IN Automotive Richmond High School IN Automotive Southeastern Career