Assessment of high-integrity embedded automotive control systems using hardware in the loop simulation

Sensor-based driver assistance systems often have a safety-related role in modern automotive designs. In this paper we argue that the current generation of ''Hardware in the Loop'' (HIL) simulators have limitations which restrict the extent to which testing of such systems can be carried out, with the consequence that it is more difficult to make informed decisions regarding the impact of new technologies and control methods on vehicle safety and performance prior to system deployment. In order to begin to address this problem, this paper presents a novel, low-cost and flexible HIL simulator. An overview of the simulator is provided, followed by detailed descriptions of the models that are employed. The effectiveness of the simulator is then illustrated using a case study, in which we examine the performance and safety integrity of eight different designs of a representative distributed embedded control system (a throttle- and brake-by-wire system with adaptive cruise control capability). It is concluded that the proposed HIL simulator provides a highly effective and low-cost test environment for assessing and comparing new automotive control system implementations.

[1]  Donal Heffernan,et al.  Digital networks in the automotive vehicle , 1999 .

[2]  Peter W. O'Hearn,et al.  Verified Software: A Grand Challenge , 2006, Computer.

[3]  Michael J. Pont,et al.  Simulation of Vehicle Longitudinal Dynamics , 2004 .

[4]  P. G. Gipps,et al.  A MODEL FOR THE STRUCTURE OF LANE-CHANGING DECISIONS , 1986 .

[5]  Jean Arlat,et al.  Fault Injection for Dependability Validation: A Methodology and Some Applications , 1990, IEEE Trans. Software Eng..

[6]  Gerard J. Holzmann,et al.  The power of 10: rules for developing safety-critical code , 2006, Computer.

[7]  Alexander C. Jolly,et al.  Hardware-in-the-loop simulation at the U.S. Army Missile Command , 1996, Defense, Security, and Sensing.

[8]  Gene F. Franklin,et al.  Feedback Control of Dynamic Systems , 1986 .

[9]  Robert Bosch,et al.  Comparison of Event-Triggered and Time-Triggered Concepts with Regard to Distributed Control Systems , 2004 .

[10]  Neil R. Storey,et al.  Safety-critical computer systems , 1996 .

[11]  J. D. Turner,et al.  A review of current sensor technologies and applications within automotive and traffic control systems , 2000 .

[12]  R. R. Rhinehart,et al.  A relative performance monitor for process controllers , 2003 .

[13]  Haris N. Koutsopoulos,et al.  Simulation Laboratory for Evaluating Dynamic Traffic Management Systems , 1997 .

[14]  HeidelbergerPhilip Fast simulation of rare events in queueing and reliability models , 1995 .

[15]  Michael J. Pont,et al.  Fault-Tolerant Time-Triggered Communication Using CAN , 2007, IEEE Transactions on Industrial Informatics.

[16]  Philip Heidelberger,et al.  Fast simulation of rare events in queueing and reliability models , 1993, TOMC.

[17]  R. P. Jones,et al.  An investigation into the use of hardware-in-the-loop simulation testing for automotive electronic control systems , 1999 .

[18]  Rolf Isermann,et al.  Fault-tolerant drive-by-wire systems , 2002 .

[19]  Robyn R. Lutz,et al.  Operational anomalies as a cause of safety-critical requirements evolution , 2003, J. Syst. Softw..

[20]  Tim Edwards,et al.  Prototyping Time-triggered Embedded Systems using PC Hardware , 2003, EuroPLoP.

[21]  Mike McDonald,et al.  Fuzzy sets and systems for a motorway microscopic simulation model , 2000, Fuzzy Sets Syst..

[22]  Janusz Sosnowski Software-based self-testing of microprocessors , 2006, J. Syst. Archit..

[23]  Qi Yang,et al.  A SIMULATION LABORATORY FOR EVALUATION OF DYNAMIC TRAFFIC MANAGEMENT SYSTEM , 1997 .

[24]  T D Gillespie,et al.  Fundamentals of Vehicle Dynamics , 1992 .

[25]  Martin Törngren,et al.  Fundamentals of Implementing Real-Time Control Applications in Distributed Computer Systems , 1998, Real-Time Systems.

[26]  W. Wierwille,et al.  Analysis of Distribution, Frequency, and Duration of Naturalistic Lane Changes , 2002 .

[27]  Mark S. Young,et al.  Drive-by-wire: The case of driver workload and reclaiming control with adaptive cruise control , 1997 .

[28]  Fan Yu,et al.  The rapid development of a vehicle electronic control system and its application to an antilock braking system based on hardware-in-the-loop simulation , 2002 .

[29]  Jean Arlat,et al.  Fault Injection and Dependability Evaluation of Fault-Tolerant Systems , 1993, IEEE Trans. Computers.

[30]  P. Fancher,et al.  Intelligent cruise control field operational test. Final report. Volume II: appendices A - F , 1998 .

[31]  G. B. Finelli,et al.  The Infeasibility of Quantifying the Reliability of Life-Critical Real-Time Software , 1993, IEEE Trans. Software Eng..

[32]  M. Hecht,et al.  Use of importance sampling and related techniques to measure very high reliability software , 2000, 2000 IEEE Aerospace Conference. Proceedings (Cat. No.00TH8484).

[33]  Bob Swart,et al.  C++ Builder 5 Developer's Guide with Cdrom , 2000 .

[34]  P Fancher,et al.  Intelligent Cruise Control Field Operational Test , 1997 .

[35]  Masashi Kobayashi,et al.  Pd controller for car-following models based on real data , 2001 .

[36]  G. Stoeppler,et al.  Hardware-in-the-loop simulation of machine tools and manufacturing systems , 2005 .

[37]  Michael J. Pont Patterns for Time-Triggered Embedded Systems: Building Reliable Applications with the 8051 Family of Microcontrollers , 2001 .

[38]  J. Ploeg,et al.  VEHIL: developing and testing intelligent vehicles , 2002, Intelligent Vehicle Symposium, 2002. IEEE.

[39]  Mike McDonald,et al.  Simulation of lane usage characteristics on 3 lane motorways , 1994 .

[40]  Iain John Bate,et al.  Scheduling and timing analysis for safety critical real-time systems , 1998 .

[41]  Peter Neumann,et al.  Safeware: System Safety and Computers , 1995, SOEN.

[42]  Stephen Parker,et al.  Two novel shared-clock scheduling algorithms for use with 'Controller Area Network' and related protocols , 2007, Microprocess. Microsystems.

[43]  Kenji Hagiwara,et al.  Development of automatic transmission control system using hardware-in-the-loop simulation system , 2002 .

[44]  Hans B. Pacejka,et al.  A New Tire Model with an Application in Vehicle Dynamics Studies , 1989 .

[45]  M. Short,et al.  Hardware in the loop simulation of embedded automotive control system , 2005, Proceedings. 2005 IEEE Intelligent Transportation Systems, 2005..

[46]  M. Bacic,et al.  On hardware-in-the-loop simulation , 2005, Proceedings of the 44th IEEE Conference on Decision and Control.

[47]  Nancy G. Leveson,et al.  Safeware: System Safety and Computers , 1995 .

[48]  R. Hammett Design by extrapolation: an evaluation of fault-tolerant avionics , 2001, 20th DASC. 20th Digital Avionics Systems Conference (Cat. No.01CH37219).