Scribd
Upload
86 views

Contract Based Design of Automotive Electronics: Harald Röbig, Carmeq GMBH Berlin, Germany

1. Carmeq GmbH provides consultation and development services for automotive electronics systems. 2. It employs highly qualified staff, with 97% having a university degree and 16% having a doctorate, from fields including computer science, engineering, and design. 3. The typical development process for automotive electronics involves multiple design reviews and iterations between the function developer, ECU supplier, and integration of software and hardware.

Uploaded by

bnd1u
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
86 views

Contract Based Design of Automotive Electronics: Harald Röbig, Carmeq GMBH Berlin, Germany

1. Carmeq GmbH provides consultation and development services for automotive electronics systems. 2. It employs highly qualified staff, with 97% having a university degree and 16% having a doctorate, from fields including computer science, engineering, and design. 3. The typical development process for automotive electronics involves multiple design reviews and iterations between the function developer, ECU supplier, and integration of software and hardware.

Uploaded by

bnd1u
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 33

Contract based Design of

Automotive Electronics
Harald Röbig, Carmeq GmbH
Berlin, Germany

2010 March 4th @ INCOSE/ILTAM Seminar


“Contract Based Systems Engineering”
The company
Operational business launched in January 2003.

Revenue in million Euros

25 23,6 23,6
Our business mandate 19,9
20
14,6
y We provide consultation and development services for the 15
implementation of software-based systems for vehicles. 10
y Acting as an active link between organizational units, we 5
interconnect people and technology throughout all
0
development phases. 2006 2007 2008 2009
y On an equal footing with our customers, we lighten their load,
give them security and turn the strengths and the
cooperation of all actors into true added value.
y We work for the international vehicle industry, and
together with Volkswagen and its suppliers we strive Berlin
to create innovative, sustainable and effective solutions.
Wolfsburg
y We attract top class personnel and value the role they take
in contributing towards our joint success.

Carmeq is part of the Volkswagen Group. Ingolstadt

Stuttgart

Carmeq GmbH, Company Presentation, V5.0 2


The staff
Highly qualified employees from various industry sectors.

300 97 % have a university degree,


Number of employees
16 % of these employees have
198
210 a doctorate
200
170
146 y Computer scientists
y Electrical engineers
100
y Management experts
y Psychologists

0 y Designers
2006 2007 2008 2009

2% 2%
Industrial background of employees
9%

y Automotive industry: 37 %
37 %
15 %
y Science / research: 20 %
y Information technology: 15 %
y Telecommunications: 15 %
y Other: 9 %

15 %
y Aerospace: 2 %
y Consulting: 2 %
20 %

Carmeq GmbH, Company Presentation, V5.0 3


Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 4

Agenda

1 Automotive Electronics Typical Development Process

2 How to Include Contracts into the Development Process

3 Making your Software component Portable

4 Conclusion
Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 5

Automotive Electronics
Typical Development Process
DR0 DR1 DR2 DR3 DR4 DR5 DR6 DR7
Developer

„
Function

Functional Architecture Acceptance


System Test
Analysis (System) Test
(Car)
(Function)
Developer

Architecture Acceptance
ECU

(ECU) Test (ECU)

Iteration upon Change


Requests of the Function
developer

Technical Supplier Management


Software
Function

Supplier

Function
Software ECU Test
Development

Architecture ECU Basic SW/SW


(ECU Basic Software Integration
Software) Development and Test
Supplier
ECU

HW/SW
ECU Hardware ECU Test
Integration
Development (HIL) Iteration for
and Test (HiL)
each
Release
Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 6

Automotive Function Software Development


DR3 DR4 DR5 DR6 DR7

Developer
Functional
Function Systemtest
Analysis (Car)

Architecture Acceptance
(System) Test
(Function)
Developer

Acceptance
ECU

Architecture
(ECU) Test
(ECU)

Technical Supplier Management


Software
Function

Supplier

ECU Test

Architecure
(Function
Software)

Function Function
Software Design Software Test

Function
Implementation Softeware Unit
Test Iteration pro
Release

SW/SW
Architecture ECU Basic Software Development
Integration
Supplier

Basic Software
ECU

HW/SW
ECU Test
ECU Hardware Development Integration
(HIL)
and Test
Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 7

Automotive Function Software Development - Purposes of Models

Model of Controlled System, Test Model

Model Based
Model Specification
System/

on
Function

lati
Specification

u
Behaviour

Sim
Model

Modell

ion
Model Based

tat
Implementation
lem al
en
imp -seri Software Development
Pre

Code Generation

Implementation
Model
Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 8

Automotive Function Software Development - Tools


DOORS

Specification

MATLAB/Simulink/Stateflow

Behaviour
Adobe Flash/Flex Model

EvalBoard/
ECU
MATLAB/Simulink/Stateflow
RealTime-Workshop
Implementation
Model
TargetLink
Autocode
Code Generator

Embedded Coder TargetLink


Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 9

Example of a Behaviour Model in Simulink

Central locking

Interior / Exterior
Lights

Washer / Wiper
Energy
management

Climate / Heating
Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 10

Workflow Behaviour Modelling

Feedback on Model Developer


Specification
Requirements
Analysis and Architect
Modelling Behaviour
Models Model Testing Model
Specification and Improving √ Integration
Behaviour
Test case
Models
Architect Development
(tested)
Test Cases

Test Developer

Simulation
Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 11

Example of a GUI using Adobe Flash/Flex


Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 12

Integration tests
Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 13

Agenda

1 Automotive Electronics Typical Development Process

2 How to Include Contracts into the Development Process

3 Making your Software component Portable

4 Conclusion
Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 14

Workflow Behaviour Modelling – Introducing Contracts

Feedback on
Specification Model Developer
Requirements
Analysis and Architect
HRC Modelling Behaviour
Formal
Specification Models Model Testing Model
and Improving √ Integration
Behaviour
Models
Model (tested+)
Code Checking,
Specification Generation Model
HRC with Analyses
Behaviour
Architect Test case
Development

Test Cases

Test Developer Simulation


Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 15

Contract specification – Requirements based


Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 16

Contract specification – Structure based


Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 17

Model Checking
Formal proof of invariants defined within the model

Functional
Requirements

Model Checker
ModelChecker Formal Requirements
ModelChecker

z.B. LTL, Z, …
Pattern ...
MATLAB /
Simulink
Model
9 Pass
9   Fail + Counter example
Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 18

Agenda

1 Automotive Electronics Typical Development Process

2 How to Include Contracts into the Development Process

3 Making your Software component Portable

4 Conclusion
Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 19

Making your Software component Portable

System Architecture Modelling (Rhapsody)

Specify Assumptions, Promises, Contracts (A&P Editor)

HRC Analysis (Static Semantic Checker)


Generation Simulink Blocks from HRC
(Speeds Simulink Model Converter)
Behaviour Modelling (Simulink)
Export Behaviour
(Hosted Simulation Wrapper Generator)
Hosted Simulation (Desyre)
Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 20

Software Architecture
corresponding to Specification Structure
- Specification <<implementing>> Component Model
Functional area Component
(e.g. climate control)
Subcomponent
1. Function group (e.g. air distribution) Subcomponent

1.1 Function
(e.g. manual air distribution)

1.2 Function Subcomponent
(e.g. automatic air distribution)

Basic function 1
(e.g. air circulation at reverse)
Software Module
Basic function 2
(e.g. air circulation by air quality)

Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 21

System Architecture Modelling - Rhapsody


Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 22

Making your Software component Portable

System Architecture Modelling (Rhapsody)

Specify Assumptions, Promises, Contracts (A&P Editor)

HRC Analysis (Static Semantic Checker)


Generation Simulink Blocks from HRC
(Speeds Simulink Model Converter)
Behaviour Modelling (Simulink)
Export Behaviour
(Hosted Simulation Wrapper Generator)
Hosted Simulation (Desyre)
Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 23

Assumptions, Promises, Contracts - A&P Editor

„ A&Ps in natural language deduced from specification.


Promise: If crash blinking, alarm blinking or hazard blinking is requested, all
blinkers are activated within 500 ms.

„ Formal A&Ps on the basis of natural language specification.


whenever [bAlarmBlnkReq=1 or bCrash=1 or bBlkWarnSwitch=1] occurs
[bBlkFrontleft=1 bBlkFrontRight=1 & bBlkRearLeft=1 & bBlkRearRight=1]
occurs within [500ms]
Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 24

Making your Software component Portable

System Architecture Modelling (Rhapsody)

Specify Assumptions, Promises, Contracts (A&P Editor)

HRC Analysis (Static Semantic Checker)


Generation Simulink Blocks from HRC
(Speeds Simulink Model Converter)
Behaviour Modelling (Simulink)
Export Behaviour
(Hosted Simulation Wrapper Generator)
Hosted Simulation (Desyre)
Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 25

HRC Analysis – Static Semantic Checker

„ Static Semantic Analysis


Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 26

Making your Software component Portable

System Architecture Modelling (Rhapsody)

Specify Assumptions, Promises, Contracts (A&P Editor)

HRC Analysis (Static Semantic Checker)


Generation Simulink Blocks from HRC
(Speeds Simulink Model Converter)
Behaviour Modelling (Simulink)
Export Behaviour
(Hosted Simulation Wrapper Generator)
Hosted Simulation (Desyre)
Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 27

Generation of Simulink Blocks from HRC –


SPEEDS Simulink Model Converter

„ Mapping HRC Components to Simulink Subsystems


„ Mapping HRC Subcomponents to Simulink Libraries
„ Mapping HRC Ports to Simulink Bus Specifications
Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 28

Making your Software component Portable

System Architecture Modelling (Rhapsody)

Specify Assumptions, Promises, Contracts (A&P Editor)

HRC Analysis (Static Semantic Checker)


Generation Simulink Blocks from HRC
(Speeds Simulink Model Converter)
Behaviour Modelling (Simulink)
Export Behaviour
(Hosted Simulation Wrapper Generator)
Hosted Simulation (Desyre)
Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 29

Behaviour Modelling – MATLAB/Simulink/Stateflow

Central locking

Interior / Exterior
Lights

Washer / Wiper
Energy
management

Climate / Heating
Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 30

Making your Software component Portable

System Architecture Modelling (Rhapsody)

Specify Assumptions, Promises, Contracts (A&P Editor)

HRC Analysis (Static Semantic Checker)


Generation Simulink Blocks from HRC
(Speeds Simulink Model Converter)
Behaviour Modelling (Simulink)
Export Behaviour
(Hosted Simulation Wrapper Generator)
Hosted Simulation (Desyre)
Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 31

Making your Software component Portable

System Architecture Modelling (Rhapsody)

Specify Assumptions, Promises, Contracts (A&P Editor)

HRC Analysis (Static Semantic Checker)


Generation Simulink Blocks from HRC
(Speeds Simulink Model Converter)
Behaviour Modelling (Simulink)
Export Behaviour
(Hosted Simulation Wrapper Generator)
Hosted Simulation (Desyre)
Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 32

Agenda

1 Automotive Electronics Typical Development Process

2 How to Include Contracts into the Development Process

3 Making your Software component Portable

4 Conclusion
Contract based Design of Automotive Electronics - Harald Röbig 2010 March 4th 33

Conclusion

SPEEDS
=
„Front Loading“

You might also like