As the transportation industry shifts towards electrification, vehicles must possess safe, reliable, and user-friendly systems, placing immense pressure on engineers and software architects. The embedded software for electric vehicle (EV) electrical powertrains is extremely complex and requires specialized solutions to address the intricate issues during the development process.
Siemens’ Capital VSTAR helps developers tackle the challenges in developing EV embedded software. This software is a product of Siemens implementing the AUTOSAR standard, containing all the tools and features necessary for rapid embedded software development. Capital VSTAR reduces dependency on hardware, enabling automotive software developers to integrate, test, and analyze next-generation EV software in an AUTOSAR-aware environment.
This white paper explores:
• Key trends that facilitate the acceleration of EV development and adoption
• Architectural challenges in embedded software for electrical powertrain systems
• External security threat risks posed by connected charging ports in vehicles
• Functional safety requirements for developing ECUs
• Evolving communication protocols for EV architectures
• How Capital VSTAR helps developers overcome numerous challenges in EV embedded software development
EVs may have appeared in the automotive sector earlier than you think. In fact, the first primitive EV was developed in the Netherlands as early as 1832, and the first EV made its debut in the United States around 1890. By the turn of the 19th and 20th centuries, EVs accounted for about one-third of the vehicles on the road. However, by the mid-1930s, EVs had nearly vanished.
Today, EVs are making a strong comeback on the streets, with their numbers surging as consumer awareness of environmental issues increases. Evidence of climate change has heightened global interest in sustainability and reducing fossil fuel use, prompting automakers to explore alternative propulsion technologies. Consequently, the EV market has seen explosive growth, reaching $10 million in 2020, a 43% increase from 2019. This trend is global:
• In March of this year, the number of public charging stations in the U.S. surpassed 100,000; with the Biden administration’s commitment to advancing EV infrastructure in its massive new infrastructure bill, the number of charging stations along highways, workplaces, and public parking lots is expected to increase.
• In the UK, the market share of pure electric vehicles surged from 1.6% in 2019 to 6.6% in 2020, with sales tripling.
• Currently, China leads the world in the number of EVs, with 4.5 million; total EV sales in 2020 approached 2 million, prompting the government to commit an additional $1.4 billion in April 2020 to subsidize charging station construction.
• In Europe, EV sales have grown by 110% over the past three years, with 3.2 million EVs now on the road.
Research and Markets predicts that the annual compound growth rate for the EV charging station market will reach 38% by 2024, with other factors also driving the growth of the EV market. New legislation calling for more tax breaks for EV purchases and the ongoing calls for the “Working Families Affordable Electric Vehicle Act” (which will loosen tax break eligibility for used EV buyers) further stimulate the resolve to abandon gasoline vehicles. Additionally, EV technology continues to evolve. According to the International Energy Agency (IEA), the development of EVs has been one of the few sustainable initiatives that remained operational during the COVID-19 pandemic. Moreover, recently developed cobalt-free lithium batteries promise to achieve “charging in seconds, lasting months, and wireless power supply,” eliminating past challenges with EV batteries.
As these trends converge, the development and sales of EVs are surging. Bloomberg New Energy Finance predicts that by 2025, EVs will account for 10% of global passenger car sales, rising to 28% by 2030 and 58% by 2040. Furthermore, approximately 450 new EV models are expected to hit the market in 2022.
2. Components of the EV Powertrain System
Before discussing the challenges of developing EV embedded systems, let’s first understand the six components of the EV powertrain:
• DC Voltage Converter: A DC voltage converter is a high-frequency power conversion circuit. It uses high-frequency switches and inductors, transformers, and capacitors to smoothly convert switching noise into stable DC voltage. In EVs, the DC voltage converter monitors and controls the high-voltage current of the DC voltage conversion entering auxiliary dual-voltage batteries or standard batteries.
• Inverter: The inverter converts energy from the EV’s high-voltage DC battery into AC voltage to drive the vehicle’s propulsion system.
• Motor: This component monitors and controls the phase current and torque applications driven by the motor. The motor converts electrical energy into mechanical energy using magnetic flow.
• Charging Control: This component varies by country or technology, utilizing specialized protocols to regulate and standardize the charging process, as well as to communicate with charging stations or EV supply equipment (EVSE).
• Onboard Charger (OBC): The OBC converts AC power from the charging station into DC power to charge the vehicle’s battery. The OBC also monitors and protects the charging rate, performing other functions such as charging rate monitoring and protection.
• Battery Management System (BMS): The BMS monitors multiple state and condition parameters of the high-voltage battery, including total voltage, state of charge, and environmental conditions.
Newer EV models, such as those developed by Tesla, Nissan, and Chevrolet, feature a higher level of integration of all components in the EV powertrain system.
The six components of the EV powertrain system must operate in coordination to achieve maximum performance. However, software development faces several architectural challenges, as well as safety and security considerations. Additionally, charging protocols vary by region and are constantly evolving. In the following sections, we will delve into the major challenges in the design of EV powertrain embedded software.
3. Challenges in EV Software Development
1. Architectural Challenges
As the complexity of EVs increases and integration trends become stronger, electronic control unit (ECU) developers must strive to solve new architectural problems. One way to increase integration is through the so-called “combination box” architecture, which integrates two EV functions into one ECU. For example, developers can choose to integrate the OBC and DC voltage converter, or the OBC and inverter, or the inverter and DC voltage converter. Combining various functions in this way can simplify wiring and enclosures, and both functions can share the same cooling and control systems.
If any function contained within the combination framework must have automatic fault-tolerance capabilities, it must be ASIL certified. ASIL refers to the Automotive Safety Integrity Level, which is a risk classification system established by the ISO 26262 standard for functional safety in on-road vehicles. For this reason, a microcontroller with multi-core support and an AUTOSAR stack, along with the AUTOSAR Basic Software (BSW), will be very beneficial.
More and more modern vehicles are becoming connected to networks and contain highly complex electrical architectures with numerous access points, such as diagnostic ports, USB and WiFi connections, and charging ports connected to charging stations or EVSE. Due to these numerous access points, EVs are vulnerable to network threats such as ransomware, malware, or distributed denial-of-service (DDoS) attacks, posing risks to personal data and payment information.
For example, a compromised charger could be injected with ransomware or a trojan to control the vehicle, and hackers could potentially compromise the battery pack. An attacked EV could transfer risks back to the EVSE and then back to the grid network. The charging control and BMS are particularly vulnerable because both directly communicate with the charging station for authentication and payment transactions. To ensure security, ECUs must have advanced security features, including:
• Firewalls to protect the vehicle network.
• Transport Layer Security (TLS) protocols to protect data transmitted between the vehicle, charging stations, and networks.
• Secure onboard communication (AUTOSAR BSW SecOC) modules to enable secure transmission of application data between two or more peers when exchanging information via embedded networks.
• Hardware security modules (HSM) to add an additional layer of security, including encryption, decryption, and authentication.
It can be said that driving safety is the foremost requirement for all vehicles. With the introduction of high-voltage components, safety requirements for EVs have become increasingly stringent.
For example, the BMS must be capable of monitoring various parameters, such as state of charge, overall condition, and environmental factors, to ensure the normal operation of EV batteries, as batteries can only operate effectively within specific voltage and temperature ranges. If the temperature of a cell exceeds the target range, the BMS will take corrective actions, even isolating the faulty cell. Therefore, the BMS must have automatic fault-tolerance capabilities. The inverter must also meet functional safety standards, as its function is to convert DC to AC, which is crucial for driving the electric motor and determining vehicle speed. Any errors in this process could lead to hazardous behaviors, such as unintended acceleration.
Due to the impact of the aforementioned components on the overall system safety of the EV, all these components must be designed to meet specified ASIL requirements. To meet ASIL requirements, all interacting modules must be certified at the same or higher ASIL levels. Other components must be carefully designed to meet the no interference (FFI) requirements.
Although EVs and plug-in hybrid EVs on the market are quite mature, chargers and charging technologies are still evolving. Figure 1 shows the various chargers available on the market today.
• Type 1 J1772 and Type 2 Mennekes are primarily used in North America and Europe.
• CHAdeMO is a DC fast charging device developed by the five major Japanese automakers, mainly used in North America, Europe, and Japan.
• CCS Combo Type 1 and Type 2 provide an additional DC charging port, while GB/T is primarily used in China.
• Superchargers are developed and used by Tesla for both AC and DC charging.
Given that these standards are continuously evolving, a communication stack must be used to develop ECUs to ensure compatibility between EVs and roadside EVSE.
5. The Dawn is Approaching
Every challenge can be turned into an opportunity. Let’s explore how to tackle the challenges in EV embedded software design with Siemens’ Capital VSTAR through a comprehensive electrical/electronic (E/E) system development approach.
4. How Capital VSTAR Solutions Address Challenges in Embedded Software Design
Capital® VSTAR™ is production-proven and combines the AUTOSAR 4.x standard version to create an AUTOSAR-aware environment for integrating, testing, and analyzing software while reducing hardware dependency. The unique aspect of Siemens’ AUTOSAR solutions is that only one Capital VSTAR tool is needed to meet the support requirements throughout the entire AUTOSAR development lifecycle. This software consists of applications, software components (SW-C), hardware support implemented through the Microcontroller Abstraction Layer (MCAL), and ECU custom device drivers, all connected through Basic Software (BWS).
Capital VSTAR strictly adheres to the AUTOSAR methodology, providing native support for the AUTOSAR layered software architecture.
What is the AUTOSAR Layered Software Architecture?
AUTOSAR is the main standard for automotive software, developed collaboratively by all major automotive OEMs and most Tier 1 suppliers. The AUTOSAR layered software architecture consists of five distinct layers that sit between the application software and the microcontroller.
• AUTOSAR Runtime Environment (RTE): The RTE abstracts the application layer from the BSW.
• Service Layer: The service layer provides services in the background, including network services, memory management, and communication services for the application layer. The service layer also includes the operating system.
• ECU Abstraction Layer: The ECU abstraction layer sits above the MCAL layer, allowing the layers above it (communication stack and transceiver) to be independent of the ECU hardware configuration.
• Microcontroller Abstraction Layer (MCAL): The MCAL software accesses the on-chip microcontroller (MCU) peripheral modules and external devices mapped to memory, making the upper software layers independent of the MCU.
• Complex Device Drivers: Complex device drivers enable the runtime environment to interact directly with the hardware. These complex drivers are custom and essential, allowing specific functions to be achieved by accessing other functions within the MCU or peripherals and can implement functions not supported by AUTOSAR.
All AUTOSAR standard components in these layers are common to all users, but they can be configured to meet the requirements of each use case, considering the application functions and hardware of the OEM-customized ECU. Note that highly configurable (and sometimes optional) middleware components can be used to provide BSW functionality.
5. Comprehensive Embedded System Development Approach
The Capital VSTAR solution can address the major challenges in EV embedded software design.
1. Addressing Architectural Challenges
As the complexity of E/E systems explodes, embedded software development is conducted in a model-based systems engineering environment. The first step is to develop a multi-domain system model that determines the mechanical, electrical, electronic, and software needs of the system (see Figure 2).
Capital supports all aspects of multi-domain system modeling and can integrate with multiple domains such as MCAD, PLM, and ALM systems for truly integrated system development:
• System Model and E/E Architecture: This step logically and physically designs the distribution system, validating it through modeling methods and preparing it for production. Capital provides optimized solutions for the extremely complex electrical harness manufacturing process and simplifies the maintenance, diagnostics, and repair processes of electrical systems.
• Software and Network Development: After defining the E/E system, the next step is to develop software components and architectural designs using Capital Software Designer. Before software implementation, designs can be imported into Capital Networks for analysis and verification of the in-vehicle communication network. During the software implementation process, tools that comply with AUTOSAR standards, such as Capital VSTAR Integrator and Capital VSTAR Virtualizer, can be used to configure embedded software for the target ECU.
2. Multi-Core Solutions Enable Software Distribution
Capital VSTAR’s multi-core solutions enable software distribution, which is particularly useful for overcoming performance and security challenges in EV embedded software design:
• Performance: Capital VSTAR supports the EV combination framework by distributing functions across multiple cores. For example, when designing an EV combination with an OBC and a DC voltage converter, the OBC can be placed on core 0, while the DC voltage converter can be placed on core 1. When one of the functions requires automatic fault tolerance, this can be easily implemented (see Figure 3).
Assuming your CPU load is high due to CAN and Ethernet communications, you can utilize Capital VSTAR to partition the COM module, allowing each core to handle only one COM module. All SWC, MCAL, and other related modules are moved to the same core. This reduces CPU load and avoids additional overhead caused by inter-core communication.
• Security: Software partitioning can also be used to achieve the required security levels. For example, if the OBC in core 0 must achieve ASIL B certification, it is very easy to integrate the ASIL application into a partitioned BWS that meets ASIL requirements.
Capital’s data-centric approach achieves a high level of automation, data consistency, and integration with adjacent domains (such as mechanical design). This E/E data management system provides traceability, change, and configuration management as required by customers. From the development process to maintenance, Capital provides end-to-end validation.
4. Secure In-Vehicle and Vehicle-to-Grid (V2G) Communication
As threats arise from both within the vehicle network and external infrastructure, layered embedded security is essential. Capital VSTAR implements layered embedded security for connected vehicle ECUs, providing integrity, authenticity, and confidentiality features. These advanced systems include:
• Standard Security Components: The implementation of the AUTOSAR encryption stack provides standardized access to encryption services for applications and system functions through components such as the Encryption Service Manager (CSM), encryption interfaces, encryption drivers, and key managers.
• Vehicle Intrusion Protection: Siemens collaborates with Sectigo, the largest certification authority in the industry, to provide advanced IP firewall capabilities. Capital VSTAR supports static, dynamic, deep packet inspection, protocol, and threshold filtering types.
• Secure Onboard Communication (SecOC): SecOC communicates with BSW modules or the PDU router (PduR) to provide validation mechanisms for critical data at the PDU level. It also utilizes CSM encryption services and interacts with the runtime environment for key and counter management.
Capital VSTAR supports all levels of functional safety use cases defined by ISO 26262 (from ASIL A to ASIL D), as well as multiple ASIL software partitions, which are crucial for implementing EV combinations.
• Transport Layer Security (TLS) Protocol: TLS is an encryption protocol designed to ensure the security of end-to-end communications over networks. To implement TLS support in Capital VSTAR, Siemens collaborated with a verified and widely used third-party solution.
• Hardware Security Module (HSM): The HSM is an important security element implemented in hardware for specific MCUs. The interfaces connecting the HSM are not standardized AUTOSAR. Capital VSTAR’s automotive-grade HSM drivers support functions such as true random number generation, encryption, hashing, and general data integrity checks. It also supports digital signature functions, such as signature generation and verification.
5. Rapid Adoption of Evolving Charging Protocols
EV charging protocols are constantly changing, and your ECU development environment must provide a communication stack that can quickly adapt. The Capital VSTAR solution supports charging protocols for ECU communication (including ISO15118), integrates partner products, and supports the implementation of the following protocols:
• IEC 61851, integrated with Capital VSTAR’s CAN protocol stack
• GB/T 27930, integrated on top of Capital VSTAR J1939
To develop advanced automotive products for the future, it is essential to have advanced integrated E/E system development tools. Capital VSTAR provides a comprehensive solution to address architectural, functional safety, and security challenges in software platform development, powering high-performance ECUs for today’s EVs. The Capital VSTAR solution offers:
• Software distribution capabilities and multi-core architecture
• Secure in-vehicle and V2G communication
• Rapid deployment of functional safety requirements
• Quick adoption of new and evolving charging protocols
Scan the QR code to download the original text:
