As the Stakes Rise, Software Suppliers Must Sync with Car Manufacturers’ Standards

January 23, 2019 Jim McElroy, LDRA

After a record number of automotive recalls in 2016, 2017 took a seemingly positive turn with the fewest number of automotive recalls since 2013, according to the National Highway Traffic Safety Administration. But look more closely, as Forbes contributor Jim Gorzelany did earlier this year, and the news is still bleak. Comparing the 30.7 million units recalled to the 17.6 million new vehicles sold in 2017, the industry recalled a whopping 74 percent more cars and trucks than it delivered to consumers. And 2018 has already seen large recalls due to software—many of which could lead to injury or death—from major manufacturers around the world.

When Fiat Chrysler Automobiles (FCA) recalled more than 1.25 million pickup trucks to address a software error that was potentially linked to two accidents, one of them fatal, a spokesman “declined to say whether the code was produced in-house or by an FCA supplier, saying ‘we do not discuss supplier relationships,’” according to a Reuters report.

Manufacturers may not be discussing the issue with the press, but you can bet every supplier is hearing about it.

The stakes continue to rise, and the importance of suppliers and manufacturers being in sync on software safety, security, and reliability has never been higher. As automakers act to reduce the potential of recall-inducing (and life-threatening) software flaws, they’re putting new pressure on suppliers to keep up, and that puts new demands on the ecosystem. While the final responsibility for certification lies with the automobile manufacturer, both OEMs and their suppliers face significant challenges managing distributed teams, reducing time to market, and containing compliance costs. Improved collaboration and communication between OEMs and suppliers at the software development level can help suppliers achieve compliance more quickly, shorten time to market, lower costs, and improve software quality.

Of course, each automotive application has different safety and security needs, and suppliers must adapt to the specific needs and meet the highest safety and security levels defined by industry and OEM standards. For instance, multimedia and infotainment applications such as GPS, in-vehicle connectivity, back-up cameras, and security systems are dynamic in nature and rely on advanced software development languages such as C/C++ and Java. Powertrain and body electronics applications typically use the C programming language, as they are more statically oriented and safety-critical by nature. A failure of these components can result in physical harm or loss of life. By relying on stringent static analysis requirements set by the OEM based on safety and security standards, risk is mitigated early and throughout the development cycle, helping ensure the delivery of high-assurance software.

In GM’s case, one approach was to work with LDRA to implement new technologies for software analysis and verification, helping GM and its suppliers work together to meet increasing safety standards. The LDRA tool suite for Automotive helps address the challenges suppliers face in developing software that meets stringent automotive standards such as ISO 26262. Developers—both in-house and suppliers—must ensure they are meeting a variety of industry standards, depending on the application and target market.

Along with industry standards such as AUTOSAR, SAE J3061, ISO 26262, and coding standards such as MISRA, OEMs often have their own in-house standards that they—and increasingly, their suppliers—must comply with. By providing GM suppliers a tool suite that fully integrates the GM coding standards, LDRA helps GM suppliers streamline their development and verification process, improve communication with GM, and reduce potentially thousands of hours of documentation effort.

By giving suppliers the same tools that support the same reports and file formats, communication between suppliers and OEMs becomes much easier and more efficient. Overall development cost, time to market, and quality all benefit from an automated process that is quicker, easier to use, and less prone to mistakes than traditional, siloed methods. By automating the compliance process according to the OEM’s guidelines, they can be confident that suppliers have a cost-effective way to meet their safety and security requirements.

It’s a trend that we should see continue.

Previous Article
GOWIN Semiconductor Licenses Intrinsic ID's BroadKey to Deliver Hardware Root of Trust for IoT Security

GOWIN Semiconductor licenses Intrinsic-ID's IP for secure FPGA solutions

Next Article
Exploring Embedded Machine Learning

Machine learning belongs at the edge and Qeexo is developing solutions to do just that.