Search Results (9)

In the design of military, automotive, medical, space, and professional equipment, it is essential to demonstrate that devices can operate for a specific duration with a given level of confidence. Reliability must be considered in the design process, which can involve component selection, component testing, and mitigation techniques such as redundancy and forward error correction (FEC). In modern DC–DC converters, a higher level of reliability is now a mandatory requirement—the ISO 26262, for example, acts as the guidance to provide the appropriate standardized requirements, processes and risk based approach, and it determines integrity levels (known as automotive safety integrity levels or ASILs). The purpose is to reduce risks caused by systematic and random failures to an appropriate level of acceptance. Since the release of MIL-HDBK-217F Notice 2 in 1995, newer standards for predicting failure rates have emerged in the electronic systems reliability market. These updated standards were introduced to address the limitations of the older standards, particularly in relation to advanced component technologies. Numerous studies have shown that the output capacitor bank is one of the most critical components concerning reliability. This work focuses on calculating the failure rates of an output capacitor bank and a MOSFET transistor pair used in a high-current, low-voltage buck converter. The failure rates are calculated using both the latest prediction standard, SN 29500, and the previous MIL-HDBK standard. This comparison serves as a valuable tool for selecting the output capacitor during the early stages of design. Both simulations and experimental setups were employed to measure the temperatures of the components. The SN 29500 standard is particularly beneficial for components operating in harsh environments, as it provides up-to-date failure rate data and stress models. The environmental conditions for the components were defined using a standard point of load (PoL) buck converter for both calculation methods. Results are compared by considering the impact of component temperature and by applying specific parameters such as reference and operating conditions. This kind of comparison is useful for circuit designers, especially in the field of Power electronics when the concept of designing with reliability in mind is adopted. Full article

To address the insufficient bandwidth and message response delays in FlexRay dynamic segments within automotive communication networks, this study proposes an optimized message scheduling strategy based on the FlexRay dynamic segment (DSMSS). By holistically integrating multi-dimensional parameters—including message length, deadline, remaining processing time, and Automotive Safety Integrity Level (ASIL)—the strategy introduces a dynamic frame ID priority allocation mechanism. Leveraging dynamic programming, this approach systematically optimizes message transmission sequences. Furthermore, a new compensation scheduling method is proposed to prevent the continuous delay of low-priority messages and achieve priority transmission within the compensation period after high-priority tasks. Guided by ISO 26262 standards, electronic control units (ECUs) are classified, and an experimental platform simulating an automotive chassis control system is established using the FlexRay bus topology. The verification is performed using the CANoe.FlexRay simulation tool and the VN8970 hardware interface. The experimental results demonstrate that, compared to the conventional Earliest Deadline First (EDF) algorithm, the DSMSS strategy achieves a 28.1% improvement in bandwidth utilization and a 9.4% reduction in worst-case response time when transmitting 20 dynamic messages. This study addresses communication system asymmetry through balanced supply–demand scheduling, significantly enhancing real-time FlexRay performance and resource efficiency. The findings provide theoretical and technical foundations for designing efficient, robust communication architectures in intelligent connected vehicles, advancing practical solutions for bandwidth-constrained automotive networks. Full article

Electro-mechanical brake (EMB) systems have garnered significant attention due to their distributed architecture. However, their signals from the brake pedal to the wheel-end actuators (WEAs) are transmitted electrically, meaning that any fault in EMB systems can severely impair the braking performance of vehicles. Consequently, the functional safety issues of EMB systems are the primary limitation of their widespread adoption. In response, this study first introduced the typical architectures of EMB and evaluated the automotive safety integrity level (ASIL) that must be achieved. Based on this, an EMB system architecture that satisfies functional safety standards was proposed. To accurately analyze the main factors affecting the probabilistic metric for hardware failures (PMHF) of the architecture, the failure rate of WEAs is further discussed. Specifically, a Markov chain was employed to define the operating states of the WEA matrix. The availability of each operating state was assessed based on the fault-tolerant control strategy. Finally, the failure rates of critical EMB parts, particularly the WEA matrix, were calculated. The results indicate that the unavailability of the WEA matrix is 9.244 × 10⁻³ FIT. Furthermore, the PMHFs of the EMB system for each safety goal are 6.14 FIT, 5.89 FIT, and 6.03 FIT, respectively, satisfying the ASIL-D requirements. Full article

Autonomous driving is becoming a pivotal technology that can realize intelligent transportation and revolutionize the future of mobility. Various types of sensors, including perception sensors and localization sensors, are essential for high-level autonomous and intelligent vehicles (AIV). In this paper, the characteristics of different sensors are compared, and the application characteristics and requirements of AIV are analyzed in depth. These analyses indicate that: GNSS, as the unique localization sensor that can obtain an absolute position, can not only provide all-weather position and time information for internal multi-sensor fusion but also act as a standard spatiotemporal reference for all autonomous systems; Furthermore, AIVs aim to provide safety for a mass user base ranging from tens to hundreds of millions; for this, AIVs require a global wide-area and instantaneous precise positioning service with location privacy protection. Based on a “geometry-bound” description of road grade and vehicle size, it has been found that GNSS requirements in autonomous vehicles include decimeter-level positioning with the assurance of high integrity. Combined with high-integrity GNSS implementation in the civil aviation field, GNSS different technology routes, and commercial solutions, a state space representation (SSR)-based GNSS high-precision augmentation positioning solution for AIV is summarized and introduced. The solution can achieve instantaneous, precise positioning with high integrity in a wide area by utilizing passive positioning mode with location privacy protection. In addition, the research progress on key technologies in the solution and existing challenges is investigated in detail by reviewing a series of publications. Full article

Automated Driving Systems (ADSs) commend a substantial reduction of human-caused road accidents while simultaneously lowering emissions, mitigating congestion, decreasing energy consumption and increasing overall productivity. However, achieving higher SAE levels of driving automation and complying with ISO26262 C and D Automotive Safety Integrity Levels (ASILs) is a multi-disciplinary challenge that requires insights into safety-critical architectures, multi-modal perception and real-time control. This paper presents an assorted effort carried out in the European H2020 ECSEL project—PRYSTINE. In this paper, we (1) investigate Simplex, 1oo2d and hybrid fail-operational computing architectures, (2) devise a multi-modal perception system with fail-safety mechanisms, (3) present a passenger vehicle-based demonstrator for low-speed autonomy and (4) suggest a trust-based fusion approach validated on a heavy-duty truck. Full article

The increasing use of lithium batteries and the necessary integration of battery management systems (BMS) has led international standards to demand functional safety in electromobility applications, with a special focus on electric vehicles. This work covers the complete design of an enhanced automotive BMS with functional safety from the concept phase to verification activities. Firstly, a detailed analysis of the intrinsic hazards of lithium-based batteries is performed. Secondly, a hazard and risk assessment of an automotive lithium-based battery is carried out to address the specific risks deriving from the automotive application and the safety goals to be fulfilled to keep it under control. Safety goals lead to the technical safety requirements for the next hardware design and prototyping of a BMS Slave. Finally, the failure rate of the BMS Slave is assessed to verify the compliance of the developed enhanced BMS Slave with the functional safety Automotive Safety Integrity Level (ASIL) C. This paper contributes the design methodology of a BMS complying with ISO 26262 functional safety standard requirements for automotive lithium-based batteries. Full article

The simulation of electronic control function failure has been utilized broadly as an evaluation method when determining the Automotive Safety Integrity Level (ASIL). The driver model is quite critical in the ASIL evaluation simulation. A new driver model that can consider drivers of different driving skills is proposed in this paper. It can simulate the overall performance of different drivers driving vehicles by adjusting parameters, with which the impact of a certain electronic control function failure and the ASIL are evaluated. This paper has taken the function failure of regenerative braking as the simulation object in the double-lane-change driving scenario to simulate typical driving conditions with the designed driver model, and then has obtained the ASIL of regenerative braking function, which is applied to a BAIC new energy vehicle development project. Full article

ISO26262: 2018 is an international functional safety standard for electrical and/or electronic (E/E) systems within road vehicles. It provides appropriate safety requirements for road vehicles to avoid unreasonable residual risk according to automotive safety integrity levels (ASILs) derived from hazard analysis and risk assessment (HARA) required in the ISO26262 concept phase. Systems theoretic process analysis (STPA) seems to be designed specifically to deal with hazard analysis of modern complex systems, but it does not include risk evaluation required by most safety related international standards. So we integrated STPA into Failure Mode and Effect Analysis (FMEA) template to form a new method called system theoretic process analysis based on an FMEA template, STPAFT for shot, which could not only meet all the requirements of the concept phase in ISO26262, but also make full use of the advantages of the two methods. Through the focus of FMEA on low-level components, STPAFT can obtain more detailed causal factors (CFs), which is very helpful for derivation of safety goals (SGs) and the functional safety requirements (FSRs) in the concept phase of ISO26262. The application of STPAFT is described by the case study of fuel level estimation and display system (FLEDS) to show how the concept phase of ISO26262 could be supported by STPAFT. Full article

In the last decade, modern vehicles have become very complex, being equipped with embedded electronic systems which include more than a thousand of electronic control units (ECUs). Therefore, it is mandatory to analyze the potential risk of automotive systems failure because it could have a significant impact on humans’ safety. This paper proposes a novel, functional safety concept at the power management level of a system basis chip (SBC), from the development phase to system design. In the presented case, the safety-critical application is represented by a powertrain transmission electronic control unit. A step-by-step design guideline procedure is presented, having as a focus the cost, safety, and performance to obtain a robust, cost-efficient, safe, and reliable design. To prove compliance with the ISO 26262 standard, quantitative worst-case evaluations of the hardware have been done. The assessment results qualify the proposed design with automotive safety integrity levels (ASIL, up to ASIL-D). The main contribution of this paper is to demonstrate how to apply the functional safety concept to a real, safety-critical system by following the proposed design methodology. Full article