Ansys SCADE：自动驾驶引发的安全要求对汽车软件开发的影响_Aubanel Monnier.pdf

1、 2024 ANSYS,Inc.Autonomy-induced safety requirements influences on Automotive Software developmentAubanel Monnier2024-09-12 2024 ANSYS,Inc./Proprietary.Do Not Share.Autonomy-induced safety requirements?3 2024 ANSYS,Inc.Fail-operational demands driven by automotive autonomy(SAE 3+)“A fail-safe system

2、 relies on the human as part of the safety concept to maintain a degraded level of control to be able to stop the vehicle in the event of a failure.”“A fail-operational system is designed to maintain normal operation,even in the event of a system fault.”Previous GenCurrent GenNext GenFAIL SAFESAFETY

3、 AND AVAILABILITYFAIL OPERATIONALDetect faultIndicate fault to safe state systemDetect faultIndicate fault to safe state system and recoverDetect faultIndicate fault to safe state systemStop operationContinue operationContinue degradedStop operationContinue full operation0 No Adas1 Feet off2 Hands o

4、ff3 Eyes off4 Mind off5 No driverHuman driver is drivingUpon system requestSystem is drivingHuman driver is drivingDriver support featuresAutomated driving featuresSAE Levels of Driving Automation4 2024 ANSYS,Inc.Fail-operational demands driven by automotive autonomy(SAE 3+)Autonomy&Electrification

5、as drivers towards higher ASIL(HW and SW)BatteryHeadlampsSteeringBrakingPerceptionControlAutonomy5 2024 ANSYS,Inc.Transition to fail-operational automotive systemsCustomer challenges VW is developing a new Electrical Power Steering PlatformSAE Level 3+(SAE Level 2 in previous steering generation)ASI

6、L D fail operational(no ASIL+fail safe in previous steering generation)New approaches required to cope with increased complexityChange in strategy from developing a system with cut-off mechanism towards a system that guarantees availability demanded by autonomous driving functionsTowards full model-