The serious challenge facing today's automotive electronics engineers is to build low-cost, fail-silent automotive systems that work even in the event of a fault. Brake, steering, and other vehicle stability control functions are mission-critical features that place extreme demands on safety. Even if electronic chassis control technology is increasingly favored by the general public, it cannot easily meet these challenges.
In September 2006, the US federal government required all vehicles in the future to adopt stable control technology. The National Highway Traffic Safety Administration (NHTSA), in announcing the above requirements, stated that the analysis conducted by the Bureau clearly showed that the probability of a collision with a vehicle equipped with a stable control technology would be reduced by 35%. Electronic stability control technology is expected to reduce the overall major casualties and single vehicle accident mortality rates to 43% and 56%, respectively.
Long before the US federal government made the above regulations, it has been predicted that the assembly rate of global vehicle electronic stability control technology will increase from 21% in 2006 to 35% in 2012 (composite annual growth rate of 12.5%). In addition, the Brake-by-wire assembly rate is expected to increase from less than 1% in 2006 to 5% in 2012 (composite annual growth rate of 36.4%).
Electronic chassis management technology is extremely attractive for major automotive system functions, but for a variety of reasons, the technology is still difficult to achieve, and there are many challenges in terms of safety and reliability. To address the current security challenges, the International Electrotechnical Commission (IEC) has defined standards for the functional safety of electrical/electronic/programmable electronic safety-related systems. Currently, IEC 61508 is considered the most advanced standard in the development of safety-critical systems. Although the standard has not yet been fully enforced in the form of law, it is hoped that automotive system designers will be able to meet this practical technical standard. Automotive system designers must consider the requirements of the entire signal chain, from input sensors to digital processing and transmissions, when building application functional safety.
IEC 61508 defines “hazard†and “risk analysis†as part of the system design and defines the “functional safety†of the Electronic Control Unit as “part of the overall safety†– depending on whether the system or equipment can Correct response to its input." As shown in Figure 1. Each security function of the system is evaluated based on “requirements†(what is required for the function) and “integrity†(the possibility to successfully perform the function). In addition, the standard further divides the probability of dangerous failures of safety functions in high-intensity or continuous operation modes into four different Safety Integrity Levels (SILs). Each level covers a range of acceptable failure rates, known as Mean Time Between Failure (MTTF), and SIL4 is the most stringent of these. The SIL rating applies to many industries, including the automotive industry, and the definition of each SIL rating applies to the respective industry sector. SIL2 and SIL3 in the Safety Integrity Level are the most common safety levels in non-road applications.
This article refers to the address: http://
Depending on the safety function and importance, the automotive system can comply with the SIL2 or SIL3 regulations of the IEC 61508 standard. The reliability of the self-test system requires that the “safety failure factor†(SFF) obtained by multi-level statistics reaches 99%. The specific calculation method of the reliability parameter is the ratio of the detected dangerous fault (including non-hazardous fault) to all faults. Diagnostic Coverage (DC) is the ratio of detected dangerous faults to all dangerous faults. In addition, DC should reach 99% for safety-critical automotive systems.
The ability to pass SIL3 certification for automotive systems typically depends on the performance of the electronic control unit (ECU) that initiates and controls the mechanical system. Such as the German Rheinland Group ( Independent safety assessment agencies such as Rheinland) are responsible for ECU evaluation and SIL3 certification for automotive systems. An international service group that issues safety and quality certificates for products, systems and services.
Mission-critical integrated mechanical systems, such as brakes, are not completely replaced by electronics. However, any advanced mechanical or electronic safety required for SIL3 certification is achieved through the use of redundant systems that facilitate widespread implementation of redundancy.
SIL3 Certification for Electronic Subsystems Replacing hydraulic or mechanical systems with electronic systems will inevitably benefit OEMs, automakers and consumers. Electronic systems eliminate the belt drive burden of internal combustion engines, helping to reduce cost, weight and fuel consumption.
Automakers can replace the hydraulic brake booster with a mechanical solution and eventually eliminate the hydraulic drive system completely, enabling a fully electronically controlled line control system, as shown in Figure 2. However, this revolutionary transformation requires the implementation of redundant or backup systems (similar to avionics systems) to avoid the risk of complete loss of braking capability at a dangerous time. The excessive steps during the period include the "hybrid brake" mode, that is, the hydraulic backup system can be installed only on one of the vehicle instead of the two axles.
A microprocessor (MCU) is a key component in an ECU. It is impossible to achieve SIL3 certification requirements using a traditional automotive MCU. A new chip architecture is required to ensure processing results, data integrity of bus traffic, and data security and reliability in memory while meeting stringent response time requirements.
According to the IEC 61508 standard, the causes of dangerous faults include the following factors:
(1) software or hardware system specifications are incorrect; (2) security requirements are missing; (3) hardware random failure; (4) system cause failure; (5) human error; (6) environmental impact (EMI, temperature, and machinery) Wait).
From a complete system perspective, hazard assessment and safety integrity requirements include the following factors:
· Ensure stable power supply and clock signal integrity in the case of voltage drops, false signals, etc.
· Redundancy or authenticity checks for processing and communication, including signals to and from sensors and actuators;
· Provide fault detection function;
· Provide fault management strategies, including defining security status and fault protection in the case of fault tolerant architecture, emergency operating mode, and controllable system shutdown;
· Enhanced software development processes include the use of formal specifications, a subset of programming languages, and code verification tools.
Powerful support for silicon chips Developers can take advantage of commercially available microprocessors to provide the technology needed to achieve SIL3 certification standards for ECU brake control functions. One such microprocessor is the TMS570 jointly developed by TI and Robert Bosch GmbH.
In silicon chip design, chip layout itself is a big challenge and should include proprietary intellectual property (IP) to reduce and detect random hardware and system failure causes. In addition, the processing results can be compared with a dual-core processor architecture running in lock-step mode, thereby avoiding a significant amount of time spent developing independent verification microprocessor software. To protect the memory subsystem from failures caused by external events, error correction code (ECC) and parity protection mechanisms should be implemented on main and local memory and bus traffic. To simplify development, developers should also use devices in the MCU that have implemented the FlexRayTM network protocol. This deterministic communication standard developed by leading automotive manufacturers and suppliers provides fully defined redundant communications for advanced automotive systems.
For example, TI's TMS570 MCU is a symmetric dual-core MCU based on two identical next-generation ARM R4 CortexTM cores. Each Cortex-R4 core delivers up to 300 MIPS, and the TMS570 integrates 2 MB of on-chip flash, FlexRayTM network, BIST, CAN and a variety of peripherals. The dual core is tightly coupled to the patent-pending architecture for maximum reliability.
Advantages of the Cortex-R4 The Cortex-R4's 64-bit AMBA 3 AXI memory interface offers several important performance benefits that enhance reliability, including issuing multiple pending addresses and supporting out-of-order data returns.
Another most significant advantage of the AMBA 3 AXI memory interface is that even if the memory or peripherals are slow, it does not block the bus, which in turn affects access speed. This feature allows the kernel to perform more access without having to wait for slower access completion. In addition, the 64-bit wide bus increases the available bandwidth so that cache line fills can be completed with just four accesses, unlike the ARM946E-S.
Compared to the 946E-S, the Cortex-R4 also significantly improves the interrupt latency, and the worst-case interrupt latency and average interrupt latency are improved. For example, the 946E-S must wait for an instruction or interrupt process to complete, but not to abandon it. In the worst case, it means that even with zero wait state memory, the interrupt latency can be as long as 118 cycles. Although the above situation is unlikely to occur frequently, real-time systems must make the worst plans.
On the other hand, if an interrupt request is received during execution, the Cortex-R4 processor will relinquish the multi-load instruction of normal memory. Designed to withstand the longest interrupt latency of up to 20 cycles, the TMS570 MCU has little or no access to AMBA AXI memory and peripheral access time.
In addition, the Cortex-R4 processor provides a non-maskable interrupt option to avoid software disable fast interrupt request (FIQ), which is especially important for safety-critical applications.
For automakers and OEMs, as vehicles become more complex and integrated, more and more functions are becoming more important. Innovative designs incorporating the Cortex R4 core, such as the TMS570 device, enable fault detection and response times required by the IEC 61508 standard.
Incorporating microprocessor-based system reliability into the SIL3 certification category marks a major step forward for automotive OEMs and automakers in the full implementation of vehicle-driven drive functions.
The TMS570 MCU is a SIL3 certified 32-bit microprocessor family that meets braking requirements. The technology development strategy of the TMS570 MCU covers electronic stability control, chassis control and steering systems.
ZGAR FILTER TIP
ZGAR electronic cigarette uses high-tech R&D, food grade disposable pod device and high-quality raw material. All package designs are Original IP. Our designer team is from Hong Kong. We have very high requirements for product quality, flavors taste and packaging design. The E-liquid is imported, materials are food grade, and assembly plant is medical-grade dust-free workshops.
Our products include disposable e-cigarettes, rechargeable e-cigarettes, rechargreable disposable vape pen, and various of flavors of cigarette cartridges. From 600puffs to 5000puffs, ZGAR bar Disposable offer high-tech R&D, E-cigarette improves battery capacity, We offer various of flavors and support customization. And printing designs can be customized. We have our own professional team and competitive quotations for any OEM or ODM works.
We supply OEM rechargeable disposable vape pen,OEM disposable electronic cigarette,ODM disposable vape pen,ODM disposable electronic cigarette,OEM/ODM vape pen e-cigarette,OEM/ODM atomizer device.
Vape Filter Tip,ZGAR Filter Tip Disposable Pod Vape,ZGAR Filter Tip Disposable Vape Pen,ZGAR Filter Tip,ZGAR Filter Tip Electronic Cigarette,ZGAR Filter Tip OEM vape pen,ZGAR Filter Tip OEM electronic cigarette.
ZGAR INTERNATIONAL(HK)CO., LIMITED , https://www.oemvape-pen.com