It’s hard to believe, but once again it’s time for the most exciting (and exhausting) show of the year – the Consumer Electronics Show (CES).
CES 2017 will be my third, and while each of the last two has showcased innovative advances in the segments of wearables, drones, and augmented/virtual reality (AR/VR), CES is as much an automotive show these days as anything else. The event allows attendees to see underlying embedded technologies side by side with the vehicles that employ them, and glimpse features that will be incorporated into the model years of the not-so-distant future.
One of the best examples of this from CES 2016 came at the QNX Software Systems booth, where the company showcased an automotive emergency stop simulation that prevented an “accident” on the show floor. There, the QNX team outfitted a Jeep Wrangler, Toyota Highlander, and impromptu traffic signal with Cohda Wireless MK5 telematics boxes based on the NXP/Cohda RoadLINK chipset and running QNX’s ISO 26262-certified OS for Safety. The MK5 devices – on-board units (OBUs) in the case of the vehicles and a roadside unit in the case of the traffic signal – communicated wirelessly over the IEEE P1609 protocol for wireless access in vehicular environments (WAVE), and the OBUs were also connected via the CAN bus in order to communicate with other vehicular subsystems. As a result, the Jeep and Toyota believed they were traveling in various directions at certain speeds when fed manipulated timestamp data and GPS coordinates, which formed the basis for several potential accident scenarios surrounding an imagined four-way intersection.
Here, the QNX OS for Safety played multiple key roles. First, the OS for Safety was responsible for managing the networking and connectivity stacks on the MK5 boxes, as well as the corresponding inbound/outbound GPS notifications indicating the speed and orientation of both vehicles. Second, after running GPS data through a thread analysis engine, the OS for Safety needed to reflect that information through the CAN bus to warn drivers of an imminent collision, which could have been performed using haptic or auditory measures but was done using a red warning light indicator on each vehicle’s instrument cluster. Given the safety-critical nature of the application, this process had to be conducted within the millisecond and sub-millisecond latency requirements of vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communications.
Building blocks for autonomous drive
The OS for Safety has two attributes in particular that enabled last year’s demo and will usher in the advanced driver assistance systems (ADAS) and autonomous driving technology of the years to come, with one being a microkernel real-time operating system (RTOS) architecture and the other being a feature called adaptive partitioning.
The OS for Safety is based on QNX Neutrino, a deterministic microkernel RTOS that encapsulates each software component (including individual protocol stacks) into separate memory-protected regions. This architecture allows software to automatically restart and execute even in the event of faults, but also facilitates a preemptive design paradigm in which the kernel can be interrupted by external requests and then execute those threads based on a pre-determined scheduling priority. In the context of the V2X demo described previously, this implies that, regardless of the function being performed, the system is able to rapidly switch context and process tasks related to a GPS notification, predictably and on deadline.
Adaptive partitioning extends that preemptive design characteristic to management of the processor itself through a unique capability that permits the full utilization of a CPU while still guaranteeing temporal isolation (in other words, the time and resources dedicated to a particular task). Beyond typical scheduling algorithms and as opposed to fixed static partitioning that reserves part of a processor’s core(s) for a dedicated operation, adaptive partitioning allows idle portions of a processor waiting to compute a pre-defined executable to be reallocated to other threads that could use those resources immediately, and then revert back to the original task as soon as it is ready to be processed. This has obvious benefits in terms of efficiency, but also paves the way for the vehicle architectures of tomorrow.
With the consolidation of electronic control units (ECUs) in next-generation automobiles and the possibility that one ECU could be responsible for multiple vehicle subsystems, there will not only be a need for software technologies like adaptive partitioning, but safety-certified hypervisors that can ensure the separation of safety-critical and non-safety-critical functions running on the same system on chip (SoC) as well. These are the embedded building blocks that will take us into the age of autonomous driving, and that is what I want to see at CES 2017.