ramesh s talk
Post on 14-Apr-2018
239 Views
Preview:
TRANSCRIPT
7/30/2019 Ramesh S Talk
http://slidepdf.com/reader/full/ramesh-s-talk 1/21
GM Confidential
Next Gen Embedded Control SW Development and
Validation:
Challenges & Solutions
S. Ramesh
GM R&D
(ramesh.s@gm.com)
7/30/2019 Ramesh S Talk
http://slidepdf.com/reader/full/ramesh-s-talk 2/21
2
GM Confidential
Electronics & Control Software
On the increase in several domains
Its complexity is exploding
Performing several critical functions
7/30/2019 Ramesh S Talk
http://slidepdf.com/reader/full/ramesh-s-talk 3/21
3
GM Confidential
ABS: Antilock Brake System
ACC: Adaptive Cruise Control
BCM: Body Control Module
DoD: Displacement On Demand
ECS: Electronics, Controls, and Software
EGR: Exhaust Gas Recirculation.
GDI: Gas Direct Injection
OBD: Onboard Diagnostics
TCC: Torque Converter Clutch
PT: Powertrain
V a l u e f r o m E
l e c t r o n i c s & S
o f t w a r e
- More functions & features in Software
Forefront of Innovation
Vehicle Integration
System Connection
Subsystem Controls & Features
Hybrid PT
Electric Ignition
ACC
Rear Vision
Passive Entry
Side Airbags
Fuel Cell
Wheel Motor
…
OnStar
OBD II
HI Spd Data
Rear aud/vid
CDs
BCM
ABS
TCC
EGR
Electric Fan
Head Airbags...
Electric Brake
DoD
GDI
…
…
…
……
…
1970s 1980s 1990s 2000s 2010s 2020s
Electronics, Control & Software
shifting the basis of competition in vehicles
$ 1 1 8 2
( + 1 9 6 % )
5 0 E C U s ( + 1 5 0 % )
1 0 0 M L i n e s o f C o d e ( + 9 9 0 0 % )
$ 4
0 0
2 0 E
C U s
1 M L
i n e s
Software $
Other $ Electronics $ Software $Other $2%
13%
76%
9%
Mechanical $
13%
24%
55%
8%
Mechanical $
Electronics $
AVG. AVG.
Source: Matt Tsien, GM
7/30/2019 Ramesh S Talk
http://slidepdf.com/reader/full/ramesh-s-talk 9/219
GM Confidential
Active Safety to Autonomy
360o Sensing
Hybrid Power
Train
EPS+AFS
(Partial Steer-by-wire)
V2I V2V
Wheel Motor
Brake by Wire
CAN
• By-wire applications
• Partial and Fully
Autonomous
• Federated to
Integrated functions
7/30/2019 Ramesh S Talk
http://slidepdf.com/reader/full/ramesh-s-talk 10/2110
GM Confidential
Central Problems
How do we develop such large, complex and critical software that is correct and provides the necessary
confidence?
Are the current processes, methods and tools for V&V adequate?
What are the possible solutions and what challenges for their implementations?
7/30/2019 Ramesh S Talk
http://slidepdf.com/reader/full/ramesh-s-talk 11/2111
GM Confidential
SW Development
Human-intensive
Considered a creative experience
Predominantly use of mental models and artifacts
Non standard Quality human dependent
Huge Gap between Requirement and Code
Requirements vague and informal
Code is formal
Human errors natural, inherent and have low
traceability 1 bug in every 40 – 50 lines of code (Industry
estimates)
Errors lead to
poor quality, high costs, conservative designs
extreme human hardship and
even serious safety issues
Requirements
Code
7/30/2019 Ramesh S Talk
http://slidepdf.com/reader/full/ramesh-s-talk 13/2113
GM Confidential
Model-based Development
Executable models used as intermediate step
Simulink/SF, UML Code auto-generated
Gap Still exists between Requirements and Design Models
V&V focused only on code
Requirements
Code
3
speed
2
throttleDelta
1
active
f()
fcg
throttleDelta
active
inactiveThrottleDelta
drag
speed
Plant
trigger
onOff
accelResume
cancel
decelSet
brake
gas
speed
throttleDelta
active
dSpeed
CruiseMain
CruiseMDL
8drag
7
inactiveThrottleDelta
6
gas
5
brake
4
decelSet
3cancel
2
accelResume
1
onOff
7/30/2019 Ramesh S Talk
http://slidepdf.com/reader/full/ramesh-s-talk 14/2114
GM Confidential
V – cycle of Development and V&V
Focus on Integration testing (Domain & Vehicle level testing)
Many artifacts are informal and ambiguous
Test generation manual
Requirements
(System,Functional)
Functional
Architecture
Development
Physical
Architecture
Development
Integrate
SW & HW
(Component)
Functional
Integration
Vehicle
Validation
System
Validation
Implemen-
tation,
& Unit Testing
S y s t e m L
e v e l
C o m p o
n e n t
L e v e l
Simulation and Analysis Test Benches, Test Vehicles
7/30/2019 Ramesh S Talk
http://slidepdf.com/reader/full/ramesh-s-talk 15/2115
GM Confidential
Fallout
Significant efforts for Verification and Validation with the explosion of Software Functionality
Automation of Verification Steps
Early Verification – catching bugs as they enter Higher standard of quality in Development and Verification of SW
Rigorous Processes, Methods and Tools
7/30/2019 Ramesh S Talk
http://slidepdf.com/reader/full/ramesh-s-talk 16/21
16
GM Confidential
Formal Methods integrated in Model Based Development
Design
Testing
Implementation
Requirements
• Formal Requirements models
– Transition systems
– Math functions – Formal logic
• Rigorous analysis
– Consistency
– Correctness – Completeness
• Design Verification
• Timing Analysis
– Model checking
• Design models – Transition Systems
– Hybrid automata
• Automatic code generation – Code generator verification
– Translation Validation
• Distributed Task schedules – Formal Verification
– Automatic
Synthesis
• Model-based testing – Test generation using model checking
– Better and effective coverage
7/30/2019 Ramesh S Talk
http://slidepdf.com/reader/full/ramesh-s-talk 17/21
17
GM Confidential
Formal Methods alone not enough
Formal methods is one (probably small) part in the solution
Software Engineering practices need to change
Good Requirement Engineering
Standardized and proven Components and execution infrastruture
Product-line approach to development
Rigorous Change management processes and Tools
7/30/2019 Ramesh S Talk
http://slidepdf.com/reader/full/ramesh-s-talk 18/21
18
GM Confidential
Technical Challenges
Scalability of formal methods
Striking the right level of abstraction
Earlier in the life cycle the better the scalability, the more robust the results (Time and Space) Distributed Development of Applications
Compositional verification methods
Extreme dependence on manual steps
Less/poor use of documentation
Lack of traceability Non standard activities
Focus on product-line rather than individual products
Lack of inadequate data for automatic V&V
7/30/2019 Ramesh S Talk
http://slidepdf.com/reader/full/ramesh-s-talk 19/21
19
GM Confidential
Techno Political Challenges
Existing internal `proven-in-use’ practices
Resistance to experimentation and exploration
External Tool vendors influence
Mathworks, IBM, Reactis
Changing SW Platforms and Standards
CAN vs Flexray vs Ethernet
Autosar vs Home-grown platforms
Mounting Resource Constraints
Struggling to complete yesterday’s work – no question of tomorrow’s technologies
7/30/2019 Ramesh S Talk
http://slidepdf.com/reader/full/ramesh-s-talk 20/21
20
GM Confidential
Conclusions
SW for Next Gen Embedded Systems pose several challenges
Automation and Rigorous Techniques are key requirements for meeting the challenges of Verification and
Validation
Formal methods employ mathematical artifacts that provide the necessary rigor
Formal artifacts are precisely analyzable with automatic support
Formal methods enhance quality and can lead to aggressive designs
SW Engg. Practices need to change significantly
Move away from human dependent steps
More standardization and less freedom for tomorrow’s programmers
The chasm between requirements and design to be bridged
top related