While the automotive industry has skyrocketed its progress over the past decade, more and more car manufacturers have been leaning towards developing new models of vehicles. The question of component variety control has become more acute, including the manufacturing of electronic control units, which component producers try to make compatible with the largest possible number of vehicle models. Variety control requires complex software development with flexible configurations depending on a manufacturer’s needs. The automotive business demonstrates promising results by setting a pretty high bar for entering the market, but that brings about an increasingly complicated automobile certification process.
What is AUTOSAR in automotive software?
Mass production of cars is a sticky patch for automotive businesses due to the stringent requirements for software and certification. If you are planning to launch mass production of any vehicle, you should pay very close attention to product safety. Advanced driver-assistance systems (ADAS) are in charge of driver security, since any errors in the software can potentially influence whether a driver will get into an accident or not.
That's where AUTOSAR enters the stage. This automotive software architecture is a standardized and certified solution used for automotive projects. Major AUTOSAR partners, including BMW Group, Ford, GM, Toyota, and Volkswagen, have contributed to its creation to form a global standard for automotive software and a unified approach to embedded software development in the industry.
AUTOSAR software usage helps automotive companies to reduce go-to-market timelines due to internationally recognized standards and a lot of readymade solutions. This framework automatically generates numerous parts of the code that car manufacturers can apply for their projects and allows for a faster software development process and smooth certification. AUTOSAR ensures flexibility in development and electronic block configuration, as well as compliance with stringent safety standards according to the automotive safety integrity level (ASIL), more on what it is later.
Our article by LS Head of Embedded Engineering Pavlo Matiieshyn will provide you with the full picture by making an extensive AUTOSAR overview, including its main tools and specifications, and pinpointing the difficulties engineers usually face while using this software.
In this article
Let's look at the layered architecture of AUTOSAR, which contains basic software (BSW), runtime environment (RTE), and application layers.
The basic software layer is responsible for low-level drivers providing basic functionality and microcontroller configuration. BSW sets up access to input/output (I/O) signals and tunes network communication, OS performance, fault treatment, and engine control unit (ECU) performance. Its main goal is to ensure the stable work of basic software modules, RTE, and the application layer.
The RTE layer is basically an operating system that developers need to configure manually and create tasks. This part of AUTOSAR architecture maintains communication services for software components. The RTE is a mediator between the software components and separate hardware parts of a vehicle.
Finally, the application layer is where embedded engineers develop the business logic of the software. This layer comprises a set of software components (SWC) that communicate via well-defined ports. Each component includes a range of running functions. The core objective of the application layer is to abstract software from particular physical characteristics of hardware sensors. This is where developers need to write the code on their own.
In a nutshell, first, AUTOSAR generates drivers (e.g., I/O and peripheral modules settings), and then developers add functionality code. By separating BSW and the application layer through the RTE, AUTOSAR provides a more structured data exchange between these parts. This makes software more hardware-independent, allowing developers to integrate many changes without heavy losses for the project. Automatic code generation on the AUTOSAR lower layers is what facilitates the certification process for vehicles.
On top of that, development using AUTOSAR allows manufacturers to be platform independent. The electronic blocks will become outdated while the development of new software is time-consuming and costly. But not with AUTOSAR: its layered architecture allows for changing the BSW layer without interfering with other layers.
ISO 26262-1:2011 is a globally recognized certification for the functional safety of automobile software. AUTOSAR software complies with its standards making it easier for manufacturers to get their vehicle certified. Safety of electrical systems is directly connected to the security on the road. When engineers develop a specific electronic component, they need to identify its importance for safe operation. If a critical block fails to operate, or there's a glitch in a system, traffic safety severely decreases.
Microcontrollers used in cars are adjusted to road safety standards and include numerous protection mechanisms. In the event of any program error in a master core, a checker core that simultaneously runs the same program will receive a different result of the program operation. Then, a special comparator device will detect this error and switch the microcontroller to emergency operation mode, sending error code to the system.
The automotive industry also uses the automotive safety integrity level (ASIL) established by ISO 26262-1:2011 to determine the guiding principles of the vehicle's functional safety. It is divided into four levels — A, B, C, and D, where A is the lowest grade of risk and D is the highest. In further detail, ASIL D is more strict because the potential hazards of software failure it verifies are the most severe in terms of road user safety. For instance, if the headlamp control block breaks down at night, the driver will most probably get into an accident; that's why this block applies to the ASIL D level.
A car manufacturer can develop software without AUTOSAR and even get it certified, but if they plan to produce many different car models with numerous software blocks, the certification process gets much more challenging. To avoid certifying each block for each car, leading original equipment manufacturers (OEMs) created AUTOSAR, which generates a safe core of the code and serves as a standard. On top of that, AUTOSAR provides plenty of configuration files for each module, making room for adding diverse functionalities to make a manufacturer's car unique.
There are two AUTOSAR platforms you can employ — Classic and Adaptive. Knowledge of which platform to use will have far-reaching consequences for your device performance. Below, I explain the difference between the Classic Platform and Adaptive Platform and introduce the ways of applying them.
The Classic Platform is responsible for automotive ECUs performance and is used for the creation of control software and basic modules configuration.
The Adaptive Platform is a Linux distribution, certified just like the Classic Platform. It is used for running more powerful programs on multicore microcontrollers. For instance, the Adaptive Platform can be used for ADAS, Car-to-x, and dashboard development. Processing power of the Adaptive Platform is significantly higher, but it doesn't replace the Classic one. Both platforms interact and create a comprehensive system.
You should also note that there are two main AUTOSAR framework distributors:
- ETAS ISOLAR-A/B — a tool to design and address AUTOSAR Classic architecture, systems, and application software.
- DaVinci Developer Classic — a tool for designing the architecture of software components (SWCs) for AUTOSAR Classic ECUs.
The number of developers who can use AUTOSAR is pretty small around the world, and here’s why: the main problem with AUTOSAR use is a high entry barrier for embedded engineers. To try AUTOSAR out, a developer needs a specific programmer and software that can cost a pretty penny. An individual engineer cannot afford to learn how to use AUTOSAR, but a big enough tech company can provide their workers with such an opportunity.
On top of that, there is a lack of open information concerning AUTOSAR. Developers of this software architecture constantly add numerous updates, and it's hard to find support if you don't have licensed software installed.
What about issues that arise when using AUTOSAR tools? Since only a handful of people are employing this software, it is quite raw. The problem aggravates when a manufacturer wants to use microcontrollers that are new to the market because they are not sufficiently tested in real-life conditions. So, engineers usually develop code and test it at the same time.
For example, the LS embedded team sends dozens of tickets to ETAS AUTOSAR support since we use ETAS Isolar A/B. But the good news is, the ETAS team always replies and helps configure the malfunctioned blocks.
After complex and painstaking learning through trial and error, LS developers are now able to create functioning software using AUTOSAR. The bad news is that even being a person with a good memory, you won't handle thousands of configuration blocks relying on your memory; you will always have to address the integration manual.
But don't rush with giving up on AUTOSAR! Despite all the complications, this software is a real savior — engineers spend far less time writing the code and manufacturers getting certification if they use AUTOSAR.
In the modern world, the automotive industry focuses on integrating more electric parts in vehicles to make the driving experience more secure. Mass production of modern cars requires rigorous certification standards to avoid critical software errors, and AUTOSAR is a powerful automotive software development tool for embedded engineers to develop reliable code.
Here are the main points for you to take away:
1. AUTOSAR comprises basic software (BSW), runtime environment (RTE), and application layers. BSW will help you create low-level drivers, RTE — build communication services for the software components, and the application layer — develop business logic.
2. AUTOSAR is approved by ISO 26262-1:2011, a certification for automobile software safety. This software architecture ensures easy and secure code development even for ASIL D electronic blocks.
3. AUTOSAR consists of two platforms: Classic and Adaptive. The Classic Platform works with basic microcontroller performance, while the Adaptive Platform is responsible for complex programs that run on multicore microcontrollers.
4. There are few engineers that took over AUTOSAR due to the costliness of the program and its extreme complexity.
Regardless of the software's complicity, AUTOSAR considerably accelerates code writing since it provides countless configuration possibilities and functionalities for the vehicle. Additionally, this tool is your guarantee to certify many electronic modules in the car at once.
We at Lemberg Solutions will be happy to help you get your automobile to the market since our embedded engineers are among those who have mastered AUTOSAR and continue monitoring the updates and learning even more. Our wide experience in embedded development and creation of reliable IoT systems will come in handy if you have an automotive project in mind and don’t know who to turn to, so don’t hesitate to get in touch through the contact form or message me directly on LinkedIn.