By Nobuhiko Akasaka, VP of Marketing for the
Automotive Business Unit at Cypress Semiconductor
The slogan “Safety First” should apply to all automotive
electronics. While safety is not a matter of life-and-death
for body control applications, safety should always be the
primary consideration for everything automotive.
ISO standard 26262 for Road Vehicles–Functional Safety
specifies a methodology for ensuring adequate safety from
product development through production. Body control
applications should meet, at a minimum, the Automotive
Safety Integrity Level (ASIL) “B” standard.
Additional provisions that help ensure safety through
operational integrity include the use of Memory Protection
and Peripheral Protection Units (MPUs/PPUs), Error-Correcting Code for memories, watchdog(s), and self-testing
of both memory and CPUs.
As long ago as the 1980s, Sun Microsystems made
the claim, “The computer is the network,” to emphasize
the importance of network connectivity in all computing
applications, including for both businesses and the Internet.
Now, vehicles require their own interconnected networks to
function. Interoperable connectivity with external sensors,
controls, and other systems is best assured by supporting
industry standards like the Controller Area Network Flexible
Data-rate (CAN FD), legacy CAN, the Local Interconnect
Network (LIN), and the Clock eXtension Peripheral Interface
(CXPI), as well as emerging standards like Ethernet Audio
Video Bridging (AVB). Figure 1 shows some of the interfaces
required for body control units.
Connectivity is also required internally within embedded
control systems using standards like the Serial Peripheral
Interface (SPI), Quad SPI, and Octal SPI. To prevent both
external and internal connectivity from becoming a bottleneck
for some applications, it is important to support applicable
standards and protocols at sufficiently high data rates; for
example, at a minimum of 100 Mbps and, ideally, 1 Gbps for
Security has become its own separate and special
consideration for ensuring safety in applications that require
extensive connectivity where every system, sensor, control,
gateway, and network creates a potential vulnerability.
Without adequate security, malware infecting a seemingly
innocuous system like HVAC could spread to other systems,
and threaten safe operation of Advanced Driver Assist
Systems or other critical functions.
Threats to security can come via both wired and wireless
connections, including On-Board Diagnostic (OBD), other
physical ports, and all wireless technologies, including
Bluetooth, WiFi, and cellular. Potential threats also come from
both outside and inside the vehicle, including from the driver’s
or passenger’s infected mobile phone, tablet, or MP3 player.
Given the extent of the attack surface, all solutions
should, at a minimum, support eSHE, the enhanced Secure
Hardware Extension that is the equivalent of EVITA Light from
the E-safety Vehicle Intrusion-protected Applications project.
Superior security is afforded by a Hardware Security Module
(HSM) that is equivalent to EVITA Medium with its enhanced
cryptographic and random number generation features, along
with more secure embedded memory.
The large and growing variety, volume, and velocity of data
from an ever-expanding number of connected systems and
sensors requires substantially more processing power from
Micro Controller and Electronic Control Units.
A common means for measuring processor performance
is the Dhrystone benchmark that measures Millions of
Consider These Factors When
Developing Automotive Body
SAFETY, CONNECTIVITY, SECURITY HEAD THE LIST OF CONCERNS FOR VEHICLES
Automotive body control applications require the design engineer to consider a number of actors, ranging from safety to development.
These factors cover the vehicle from bumper to bumper
and span from the beginning to end of vehicle lifecycles.
The eight considerations outlined here are shared by all
body control applications and include the best designs
that employ technologies to satisfy all eight.