Since the 1990s, automobiles have beenincreasingly dominated by electronics andassociated software. Now, automotiveinnovations without modern electronics arebarely conceivable. The breakneckdevelopment of software-based systems innearly all areas of life continues to drivethis trend, presenting the automobileindustry with a difficult dilemma.
On theone hand, customers expect new, innovativeand directly accessible functions as well assafe and environment-friendly vehicles. Onthe other hand, every additional componentincreases development, production andwarranty costs.
This comes at a time when the globalautomobile market is already underconsiderable pressure. While rapid increasein demand for individual mobility incountries such as Russia, India or Chinacreates huge potential for the industry, italso brings many new providers to themarket, many of which are able to achievetheir sales with lower prices. In thisenvironment, the ability to implementinnovations cheaply and quickly canrepresent a decisive competitive advantage.
Including and networking electroniccomponents presented the automobile industrywith new challenges. System complexityincreased with the number of devices. Thedevelopment process became more complicated,installation space became increasinglyrestricted and the wiring harness grew intoone of the heaviest and most difficultcomponents. Not least, the entire systembecame increasingly difficult to manage andafter-sales service had to deal withproblems arising from the electronics andthe software.
Another problem during this phase arose fromthe way automobile manufacturers organizeddevelopment and development processes, whereevery new function also meant a new controldevice that then had to be developed by oneof the manufacturer's component suppliers.This process created a wide range ofmanufacturer-specific and vehicle-specificsolutions and almost all the developmentexpertise stayed in the component supplyindustry.
The AUTOSAR (AUTomotive Open SoftwareARchitecture) development partnership wasfounded in order to change this situation.It has dealt with the standardisation of theautomobile software platform and theassociated processes and tools since 2002and now specifies the standard fornext-generation vehicles.
Despite AUTOSAR'ssuccesses, a few important problems remainunresolved. The standards can be applied totypical vehicle functions, but in the areasof infotainment and connectivity theyexclude precisely those areas which are mostdriven by the entertainment andtelecommunications industries and in whichcustomers experience innovations mostdirectly and immediately.
The dataconnectivity achieved in these areas couldalso be extremely useful in many differentways when applied to vehicle functions,whether in after-sales service fordiagnostics or software updates or in driverassistance systems that could function moreeffectively with data from the navigationsystem or even from the Internet.
OpenSynergy'svision is to bring these two worlds togethersafely and reliably.
The COQOS operating system
COQOS was designed as a universal automotiveoperating system with the followingpremises:
•100% AUTOSAR compliance both in itsarchitecture and in its processes
• Compliance with the relevant automotivestandards
• Open system interfaces in the area ofinfotainment and connectivity
• A platform approach that drasticallyshortens the software development cycle,especially in the areas of infotainment andconnectivity
• Reduction in the number of controldevices, despite the growing number offunctions
• Greatest possible openness andfuture-proofing
• Maximum reusability and scalability
• Flexibility due to modular approach.
Implementation of this concept (i.e. joiningthese two worlds) required intensiveexpertise both in AUTOSAR and intelecommunications. The most important basisfor COQOS is virtualization – a technologythat also developed into a trend last yearin the world of home and office computing.
The objective of virtualization is tocombine or distribute the differentresources on a computer. The objective inCOQOS is to distribute the resources on acontrol device based on a cost-efficientsystem-on-chip between infotainment andconnectivity on the one hand, and AUTOSARapplications on the other hand.
At the sametime, it is important to ensure that thereis no interference between the two softwareworlds in order to meet the automobileindustry's specific requirements for safety,start-up behavior etc. and the functioningof vehicles in all conditions.
Within a layered structure openinterfaces connect functional modules.
In addition to these self-definedrequirements, COQOS must, of course, alsomeet familiar requirements such as on/offbehavior, diagnostic capability, etc.Another clear goal during development was toensure that virtualization would create theminimum possible additional strain on systemresources.
To meet all these requirements,the AUTOSAR modules that are required forthe individual case at hand are combinedwith a Micro Operating System that alsoprovides a virtualization layer. This MicroOperating System already provides basicmechanisms for the secure construction ofthe overall system (such as memoryprotection and timing protection), meetingaspects of functional safety and securityfrom external attacks.
While the automotiveworld is defined extensively with AUTOSAR,the infotainment world remains relativelyundefined in the different systems to date.QNX is widespread in current systems, butthere are also already approaches based onLinux Embedded or Windows Automotive.
As a typicalembedded operating system, QNX comes fromthe industrial milieu and the inclusion offunctions from consumer electronics is adevelopment intensive process. Windows andLinux both come from the area ofentertainment electronics and thereforebring with them all the interfaces andtechnologies (such as WiFi or 3D graphics).
Integrating them with the vehicleinfrastructure, however, is developmentintensive and will provide every functiondeveloper in the automotive environment withproblems. COQOS will combine infotainmentoperating systems with standard-compliantAUTOSAR basis software. Functionaldistribution of the components retains theadvantages of the existing systems:
• The AUTOSAR modules meet specifications,and can therefore be used for all automotiveapplications and provide a tool-basedconfigurable RTE as a functional interface.
• In the infotainment area it is possible touse operating systems available on themarket. There is no need for specificchanges to the automobile environment.Functions can be implemented in the existingapplication interfaces.
• As an additional module, COQOS contains aMicro Operating System that provides thevirtualization view for the infotainmentsystem and enabling secure and independentparallel operation on a shared hardwareplatform.
The first COQOS implementation will beLinux-based in order to enable access to thewidest possible spectrum of functionproviders from the areas of mobilecommunications and entertainmentelectronics. Linux also offers many benefitsfor development, such as open access to thesource code, multiple-access developmentenvironments, etc. In later implementations,it will also be possible to apply otherinfotainment operating systems whererequired by customers.
Solution examples for current and futuresystems
COQOS was designed as a softwareconstruction kit and is based on multiplemodules that can be used to design therelevant solution. The following listprovides an idea of the wide range ofdifferent solutions:
1. AUTOSAR basis software
The construction kit can, of course, also beimplemented without infotainment components.Unlike other systems, COQOS is AUTOSAR basissoftware and therefore includes thedifferent listed backup mechanisms fromAUTOSAR 3.1 onwards.
2. Connection of existing, complex,non-AUTOSAR-compliant functions with AUTOSAR
During the development of AUTOSAR, manyautomobile manufacturers developed functionsthat can be easily adapted to the standard.Other functions have already been developedaccording to the standard and can use an RTEas a system interface. If you want tocombine both functions without starting newdevelopments, you would have to install twocontrol devices and connect them via anappropriate bus (usually CAN). COQOS allowscombination on shared hardware asnon-AUTOSAR functions can be included at thevirtualization level.
3. Infotainment with an AUTOSAR environment
This configuration provided the basic ideafor COQOS and has already been described indetail. COQOS combines two software systemswith different, non-functional requirements,separates them securely and enables targetedand managed communication. The performanceof modern embedded processors can be fullyexhausted, intelligent functional assignmentmakes it possible to save on control devicesthroughout the overall system.
These are probably the three most importantCOQOS-based solution approaches. Others arestill being developed. The design of thedevelopment process, partitioning of thesoftware architecture and high qualitystandards ensure that the system is stronglyoriented towards reusability. Stable,standard-based application interfaces makeit possible to continuously integrate newfunctions in ever shorter development times.COQOS ensures a stable system basis for verydifferent vehicles, making it possible toconcentrate on the important goals ofdeveloping new, exciting and affordablefunctions for next-generation vehicles.
The COQOS development tool
The development environment is an important,albeit often neglected, component of complexsoftware systems. It plays an important rolein managing complexity in the developmentprocess and also in providing targeted andaccurate design for the latest vehiclesoftware. The COQOS development environmenthad to meet similar requirements to COQOSitself. The tools needed to be modular,multi-purpose, expandable and they needed abasis that was already widely available onthe market. As well as easy configurability,support for required development methods wasalso given high priority. Java and Eclipsewere therefore used to reflect in the toolchain the methodology defined by AUTOSAR fordeveloping the basis software.
The COQOS development environment:Versatility meets connectivity. (Forhigher resolution, clickhere)
Because the COQOS development environment isused to develop both AUTOSAR software and aninfotainment platform, theoretical AUTOSARapproaches were developed further in thisarea. Assignment to the different areas isperformed in the development environment, asis assignment of the required sub-functions.As the first module of a customer-readysolution from the COQOS developmentenvironment, QONFORMAT is a tool that can beused to demonstrate AUTOSAR-compliance ofbasis software modules.
Benefits for consumers
The overriding objective when developingCOQOS was to achieve a high level of benefitfor consumers (i.e. buyers of modernautomobiles). COQOS was designed to enablethe integration of new, exciting functionswithout simultaneously increasing coststhroughout the overall system. This can onlybe achieved if it is possible in the longterm to minimize the hardware in the vehicleand drastically shorten the developmentcycle for software-based functions.
Standardization, reusability and separationof hardware and software are the keys toachieving our goal. COQOS enables thesethings. This will make it possible toimplement new functions in mass productionthat were previously possible only in theluxury sector. Consistent compliance withthe relevant software development standardwill also make it possible to implementsafety concepts and assistant functions insmaller vehicles, making them safer intraffic.
The three authors are co-founders of OpenSynergyGmbH, Berlin. Dipl.-Ing. Frank-PeterBoehm is CEO of the company, Dipl.-Ing.Rolf Morich is COO and Dr. Stefaan SonckThiebaut is CTO of OpenSynergy.
This article was previously published on EETimes.