TTTech Automotive Solutions for Safety, Electric Vehicles and Testing Company Overview products@tttech.com www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved. What do they have in common … NASA Orion Boeing 787 … Reliable Networks and Controls from TTTech Audi A8 www.tttech-automotive.com Prinoth Leitwolf Copyright © TTTech Automotive GmbH. All rights reserved. Page 2 Company Mission TTTech establishes time-triggered communication platforms and certifiable safety modules as the solutions of choice for volume embedded market segments that need and value reliability and robustness. Benefits include simple to use complete products, best-in-class product cost performance and service, and enabling our customers to deploy their solutions more efficiently and profitably. www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved. Page 3 Experts for Reliable Networks and Safe Controls • Founded in 1998 • Award-winning spin-off of Vienna Technical University • Unique know-how pool of 200+ employees • Headquartered in Vienna, Austria • Shareholders • Founders & employees: ~40% • AUDI AG: < 25% • Remaining shares: investors including aeris Capital AG Carlsbad California www.tttech-automotive.com Gaimersheim Germany Vienna Austria Brixen Italy Copyright © TTTech Automotive GmbH. All rights reserved. Bukarest Romania Seoul Korea Yokohama Japan Page 4 TTTech Automotive GmbH • 100% subsidiary of TTTech Computertechnik AG • Premium associate member of FlexRay Consortium • Premium member of AUTOSAR Consortium • Premium member of JasPar Consortium Ingolstadt • Support • Engineering Stuttgart • Sales Yokohama Vienna Seoul • Sales • Sales • Engineering • Support • Headquarters • Sales • R&D • Engineering • Support www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved. Page 5 Automotive Production Program Reference Audi A8 Communication Software • FlexRay, CAN, LIN, Tools • Performance optimized Communication Safety Software • End-to-end safety on FlexRay and CAN • ISO 26262 ASIL D Process Optimization • Automated ECU Validation • Testbench automation Premium Engineering • 10 Mbit/s physical layer • Stable parameterizing and interoperability • Software integration and prototype support • Diagnostics specification • Representation in FlexRay Consortium Audi A8, A6, A4, … www.tttech-automotive.com VW Touareg, … Bentley Arnage, Continental Copyright © TTTech Automotive GmbH. All rights reserved. Page 6 Automotive Portfolio ReliableNetworks Networksand andSafe SafeCommunication Communication Reliable Embedded Safety Software Safety Hardware for E-Vehicles Testing Tools • Autosar Safe up to ASIL D • Modulare Safety Platform • Data Logger • SafeCOM • IEC 61508 / ISO 26262 • FlexRay Tools • SIL 2-3 Networks & Engineering www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved. Page 7 TTTech Automotive Safety Hardware and Solutions for Electric Vehicles • Electric Vehicle Safety Unit • Electric Vehicle Control Unit • Modular ECU Family www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved. Solutions for Functional Safety in Electric Vehicles ModularHardware HardwareSafety SafetyPlatform Platform Modular ISU Inverter Safety Unit Inverter • Safety for electric powertrain • Add-on or integrated ISU Electric Vehicle Control Unit … cost effective customized version possible • Platform for electric powertrain control strategy VCU HY-TTC 90 Modular ECU Family • Certified for SIL 2/3 (ASIL C/D) HY-TTC 100 HY-TTC 50 • Off-the-shelf / customizable HY-TTC 200 HY-TTC 60 • Flexible configurable I/O Safety ECUs certified by TÜV Nord HY-Vision2 Standard ECUs ModularSoftware SoftwareSafety SafetyPlatform Platform Modular SafeExecution Application SafeCOM RTE CAL • For safety functions up to ASIL D • Safe end-to-end comm. over CAN or FlexRay • Co-existance of safety related and non-safety related functions • Integrates with AUTOSAR www.tttech-automotive.com SafeCOM AUTOSAR COM PDU Router FX TP CAN TP FlexRay Interface LIN Interface CAN Interface FlexRay Driver LIN Driver CAN Driver • Up to ASIL D SafeExec • Conform to AUTOSAR Copyright © TTTech Automotive GmbH. All rights reserved. SafeCOM Page 9 Example 1: Electric Vehicle Safety Unit • Electric vehicles are „by-wire“ (safety-relevant system) • Unintended acceleration or deceleration to be avoided! • TTTech‘s ESU is a safe guarding unit to control this behavior • Torque supervision by voltage and current measurements, switch off in case of error • Retrofit to existing powertrain concepts, or customized integration with inverter / VCU • Certified for SIL 2-3) • Prototypes available now, SOP in Q1/2011 Accelerator Pedal ESU Battery Unit www.tttech-automotive.com Inverter Copyright © TTTech Automotive GmbH. All rights reserved. E-Motor Page 10 Example 2: Electric Vehicle Control Unit ECU Platform for Electric Powertrain Control VCU Battery Unit Inverter E-Motor • 16/32 Bit main CPU, supervised by certified watchdog CPU • ISO 26262 compliant Hardware and Software platform • Safe software runtime environment (SafeExecution and SafeCOM) • Accomodates non-safe Basic Software (AUTOSAR, Diagnostics, …) and non-safe application software modules • Supports mixed-criticality applications www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved. Page 11 TTTech Automotive Embedded Safety Software • Modular Safety Platform • Partnership with Vector Informatik • MICROSAR Safe www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved. ASIL Decomposition Safety Concept Application SW (ASIL D) Economic Implementation ASIL D Î ASIL D (D) + QM (D) Basic SW (ASIL D) Application SW (ASIL D) Safety Layer (ASIL D) Basic SW (QM) Safety Mechanisms Reused Standard SW The safety elements … • … detect and handle possible faults in the Basic SW • … are independent elements in the system with specific functionality (addressing the detection and mitigation of faults in the Basic SW) • … are developed according to the required ASIL • … are developed as „Safety Element out of Context“ and have to be integrated according to their „Safety Manual“ www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved. Page 13 Use Case 1: End-to-End Communication Protection Safety-Relevant Application • Trusted input data required App. 2 E2E Protection Wrapper E2E Protection Wrapper App. 3 App. 4 E2E-Lib App. 1 Basic Software • SafeCOM ensuring end-to-end communication protection • Errors in the conduction can be detected. The application can react accordingly www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved. Page 14 Use Case 2: Different ASIL Levels ASIL-x Application SafeExecution - Safety Layer for: • Usage of AUTOSAR system services (QM) • Timing protection • Memory protection • Program flow monitoring App. 2 Checkpoint „SafeApp1“ Checkpoint „SafeApp2“ App. 3 SafeSelfCheck App. •4Separation of different ASIL levels Basis Software Checkpoint „SafeCDD“ SafeIO Complex Drivers SafeWatchdogMgr SafeMemoryProtection App. 1 SafeWatch dog • SafeExecution ensuring „Criteria for Coexistence“ of QM SW • Violation of the “Freedom from Interference” is detected safely www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved. Page 15 Modular Safety Platform App. 1 App. 3 App. 2 App. 4 E2E Protection Wrapper E2E Protection Wrapper (incl.Watchdog) Watchdog) (incl. E2E-Lib OS RTE CommunicationProtection Protection •• Communication IOProtection Protection •• IO Checkpoint „SafeCDD“ HWIntegrität Integrität •• HW SafeIO System Services Memory Services Comm. Comm. Services I/O Services Complex Drivers SafeWatch dog SafeSelfCheck Bootloader SafeMemoryProtection Freedomfrom fromInterference Interference •• Freedom SafeWatchdogMgr Checkpoint Checkpoint Safety Layer„SafeApp2“ forECUs ECUs „SafeApp1“ Safety Layer for BSP • Safety Layer(s) for ECUs up to ASIL D • Mapping for SIL 3 and PL e www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved. Page 16 Modular Safety Platform App. 3 Checkpoint „SafeApp1“ Checkpoint „SafeApp2“ E2E Protection Wrapper E2E Protection Wrapper App. 4 RTE SafeIO System Services Memory Services Comm. Comm. Services I/O Services Complex Drivers SafeWatch dog SafeSelfCheck Checkpoint „SafeCDD“ SafeWatchdogMgr App. 2 E2E-Lib SafeMemoryProtection OS Bootloader App. 1 BSP Checking/Protection Function Non-Safety Standard SW, System SW Safety-Relevant Function Non-Critical Application SW www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved. Page 17 TTTech – Vector Partnership www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved. Page 18 MICROSAR Safe www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved. Page 19 TTTech Automotive Testing Tools - Networks & Engineering • Testing, Verification and Logging Tools • FlexRay Test Benches and Validation Tools • Engineering Offering www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved. Testing, Verification and Logging Tools TTXConnexion TTXDisturbance Gateway and Manipulation for FlexRay and CAN TTXOptical Reproducable Failure Injection for FlexRay Datalogger NG Link Optical Decoupling for FlexRay www.tttech-automotive.com Node Consistently Data Logging for all Automotive Bus Systems Copyright © TTTech Automotive GmbH. All rights reserved. Page 21 FlexRay Test Benches and Validation Tools TTXPower TTXUniversal Link High-Performance Tool for FlexRay Prototyping Applications www.tttech-automotive.com Control Unit The Modular FlexRay Development Board Copyright © TTTech Automotive GmbH. All rights reserved. Page 22 Engineering Offering Onsite and Offsite Engineering Rapid Development Project Support Integration of Basic Software FlexRay Training Network Tests Communication Validation Parameter Validation Physical Layer Validation Safety Analysis & FMEA Hazard & Risk Analysis Functional Safety Special Know-How in Time-Triggered Architecture, Safety and Development Processes www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved. Page 23 TTTech Automotive Advanced Solutions • TTXMulti Switch for FlexRay • Time-Triggered Ethernet as Vehicle Backbone Network www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved. What is a TTXMulti Switch? The TTXMulti Switch is a zero-delay, non-buffering, time-triggered switch for multiple parallel FlexRay data streams • Offers increased FlexRay bandwidth • Improves system robustness and fault-tolerance • Can be integrated in 4-fold transceiver chip in central gateway ECU TTXMulti Switch FlexRay Network Central Gateway www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved. Page 25 What is TTEthernet? = Ethernet + Clock + Time-Triggered + Rate-Constrained + Safety Synch. • Established • Coordination • Dominant • Standard • Distributed control • IEEE 802.3 • SAE AS6802 • IEEE 1588 Communication • Real-time control (chassis, engine, active & passive safety systems) Communication • Audio/video streaming • ISO26262 ASIL D • Sensor fusion • IEC 61508 SIL 4 • ARINC 664, AVB • DO 254 Level A • Determinism • „By-wire“ Integration of all data flows in one single network • 100% compatible with Ethernet standard IEEE 802.3 • Scales from low to high speed (10 Mbit/s, 100 Mbit/s, 1 Gbit/s, …) • Scales from simple to safe and high-availability systems www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved. Page 26 TTEthernet Services TTEthernet adds Rate-Constrained (Streaming) Services www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved. Page 27 Time-Triggered Ethernet Key Features • 3 concurrent traffic classes: time-triggered / rate-constrained / event-triggered • Core functionality implemented in TTEthernet switch chip • Software based nodes can use standard Ethernet controllers • Fulfills highest safety standards (Aerospace DO254 / DO178B Level A) • 100 Mbit/s and 1 Gbit/s Mixed-Criticality & Safety • Real-time / non-real-time and critical / non-critical traffic in one network • Fail-operational support on network level • Single, dual and triple channel Standard Support • Interoperable with standard IEEE 802.3 TTEthernet Switch (Evaluation Box) • Support for IEEE 1588 • Standardization in progress - SAE AS6802 www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved. Page 28 www.tttech-automotive.com Copyright © TTTech Automotive GmbH. All rights reserved.
