Reading Time: 7 mins

Automobil Elektronik

Building safe and robust software is the key for Autonomous Commercial Vehicles in their journey from Prototype to Production.

Over the past few years, we have seen a great interest for Autonomous Driving (AD) in the commercial vehicle (CV) industry. Advanced Driver Assistance Systems (ADAS) and Autonomous Driving (AD) technologies for CVs have the potential to improve efficiencies in terms of costs and increase safety. These business cases for Autonomous CVs have been proven. The CV industry is now targeting models with features like Hub to Hub driving, Highway Pilot with Level 2 and later Level 4 capabilities for production programs.

In order to expedite the process of bringing Autonomous Commercial vehicles to market, CV OEMs are collaborating with AD platform providers like Torc Robotics, Tu Simple, Aurora, Gatik and others. In these collaborations’ OEMs expect the software and in some cases the hardware platform from these platform providers. However, OEMs must own the overall system integration and compliance to ISO 26262 and homologation requirements.

The absence of experience with Commercial Vehicle OEMs on Autonomous Software and the absence of experience with platform providers on developing production software and hardware for safety critical systems creates a gap.

Software Industrialization is the key challenge for Level 2 and Level 4 AD Production Programs

In an interview in January 2021 the (Ex) CEO of Waymo stressed the fact, that transformation from prototype – to safe production ready platform needs experience in domain, safety, simulation, and integration.

The complexity of taking platform software to production, complying to safety and regulation requirements is extremely high. It needs deep domain expertise and experience in how to make a safety critical ADAS and AD software comply to production readiness.

Thus, there is a need for an “Industrialization Partner” in the commercial vehicle eco-system who can bring this expertise.

This article brings out methodologies and best practices of Software Industrialization for safety systems and the factors to consider in ADAS and AD programs are as follows:

Critical factors to consider for software Industalisation

Figure 1 : Factors to consider for Software Industralisation

Each of the above-mentioned points comprises of factors that are only understood from a full cycle production program.

Let’s look at the factors in detail.

ASPICE and ISO process adherence
Usually, platform players focus on developing ADAS and AD features and create prototype ready solutions. These solutions are then demonstrated on the concept vehicle in controlled environment on the road.

While developing these prototypes, the ASPICE and ISO processes are not followed but during the production phase, it is essential to deploy a tailored process and comply to all documentations and additionally train developers to ensure strict implementation and adherence.

A software industrialization partner plays this role in the journey from prototype to production, where it brings safety critical process which consider ASPICE as base process and brings all the required processes from ISO 26262, ISO 15288, and other processes. The implementation of the process must also be customized to an Agile Operating Model.

Figure 2: KPIT’s ADAS Software Development Process in Agile Operating Model

KPIT brings tailored processes and has also deployed the ISO process in an Agile environment.

The key importance in the process deployment is not the process definition but process adherence. The process mentioned above has been developed keeping in mind the self-explanatory aspect and training associated with the process. It is developed for every developer to understand what he needs to do in the software to adhere to safety process.

System engineering and requirements

System engineering is an important part of building Safety Critical Systems. The Aerospace industry which also builds safety critical systems like Autonomous Driving, diligently follows the system engineering process even in the concept phase. But in ADAS and Autonomous Driving development, it is observed that during the concept phase, developers focus on proving the concept in a vehicle and system engineering, detail requirements articulation and architecture development is kept for the latter phases of development.

Therefore, during production phase, capturing system architecture, logical and physical software architecture along with system, software and hardware requirements becomes crucial. Also, it must be noted that the quantum of requirements hovers around tens of thousands and demands very high effort and domain expertise.

KPIT follows a three-view system engineering methodology which provides expertise in scale to develop architecture and requirement with a huge library of artifacts that bring savings of time and cost in the program.

Deployment of ISO 26262 in Process, System, Software and Validation

Implementation of Functional safety and Security as per ISO 26262 standards is a key factor. Starting with the safety process, a series of safety analysis must be performed at system, software, and hardware level.

  • a. Functional Safety Concept (FSC),
  • b. Hazard Analysis Risk Analysis (HARA),
  • c. Technical Safety Concept (TSC) ,
  • d. Failure Mode and Effect Analysis (FMEA) ,
  • e. Fault Tree Analysis (FTA)

Along with these activities, detailed safety requirements are also part of the production phase.

  • f. Functional Safety Requirements (FSR),
  • g. Technical safety requirements (TSR)
  • h. Software safety requirements (SSR)
  • i. Hardware safety requirements (HSR)

Other than the above safety activities, safety validation is also critical. It requires deep domain experience and dedicated expertise on deriving test cases against safety requirements and doing the fault injection testing for both application software as well as middleware software.

Safety of The Intended Function (SOTIF) is another big area that needs to be considered during production phase. KPIT provides ready developed libraries of test cases and SOTIF scenarios that bring savings in schedule during production. KPIT provides comprehensive engineering services for deployment of IS026262 along with sets of accelerators that help optimize time and cost.

Software Refactoring and Industrialization, especially for Artificial Intelligence components

The most prominent challenge in ADAS and AD Level 3+ production programs is the maturity and quality of the features and algorithms.

During the prototype phase, the feature validation takes place in controlled environment and hence it is crucial to achieve software/feature maturity during production.

Maturity and quality are achieved through refactoring and optimization of the code. The code must adhere to MISRA, Functional Safety standards and other guidelines and the code also needs follow basics of embedding environment.

Since most of the algorithms and features contain Artificial Intelligence (AI) models, refactoring of code becomes challenging. The difficulty is more from newness perspective as this is one of the first time AI is used for safety critical applications and there are no proven methods to make then production ready.

KPIT has developed a robust and proven AI industrialization methodology. The below diagram explains in detail the industralisation method we have developed.

Figure 3: KPIT’s AI industralisation Methodology

After software refactoring the next important step is optimization of the code to first run on the desired embedded platform and second run at the desired speed.

Performance of entire ADAS and AD system depends on the response time of sensing to actuation and the response time depends on code quality, maturity, and embedded implementation. During prototype implementation, only feature or algorithm is tested as individual component. Hence, the response time is not very critical.

However, during the production phase, the middleware components such as Autosar, Adaptive Autosar, safety components, security components get added to make the complete stack. Achieving the desired microsecond requirements against response time depends on expertise of how the code is optimized during refactoring and the architecture decisions on partitioning. Therefore, software architecture which considers partitioning of software to run on different cores becomes a very important activity.

KPIT brings experience on almost all System On Chips (SOCs) being implemented in ADAS and AD space and best practices and methodologies for partitioning and optimization.

Virtual Simulation and Assurance of Coverage

Validation of Autonomous software through simulation is an inevitable practice today also validation through simulation is getting matured, but ‘how to assure coverage’ in simulation is still an unresolved issue in production programs.

KPIT has developed a validation strategy to assure the coverage of critical corner cases and SOTIF cases. The set of inputs considered for assuring coverage are domain experience, analysis of 20 Years of accident data, safety analysis and Operation Design Domains (ODDs) recommended by NHTSA and ISO.

The figure below shows the library of corner cases and SOTIF cases we have developed that provide significant savings in time and cost.

Figure 4: KPIT’s end to end solution for virtual simulation and coverage

Homologation and Mileage Coverage

The last but not the least activities are the mileage coverage and homologation. This includes not only the methodology of SIL/HIL but also integration of Data collection, Data ingesting, Data Management, Analysis, and Cloud implementations.

KPIT has developed an end-to-end methodology along with Industry leader partners to implement the bench and testing methods that assures homologation.

Bridging the gap with software industralisation

Taking Autonomous Driving prototypes or technology demonstrations developed by Commercial vehicle OEM and their Platform partners to production is the next step and key requirements for this step are ADAS/ AD software expertise, experience of production programs and scale to optimizes time and cost.

An Industrialization expert like KPIT brings a decade of experience in safety driven production programs expertise and best practices in System Engineering, Functional Safety, Software Integration, Virtual Simulation, and System Validation to transform the prototype ready platform software to production intent software. KPIT as a bridge brings saving of up to 35% through ready components, automation tools and framework.

Copy link

Comments:

Leave a Reply

Your email address will not be published. Required fields are marked *