Faculty of Electrical Engineering and Information Technology
Institute of Control and Industrial Informatics
M.Sc. XXXX XXXX
Arbitration Advances and Determinism
in a single car communication bus
Advanced Car Communication technologies
Written work on the dissertation examination
Study field: 5.2.14 Automation
TitleI. Preamble
II. AbstractThis preparation paper intends to indicate the purpose of the dissertation for the PhD program of the Slovak university of technology in Bratsilava, faculty of electrical engineering and information technology.
In the very beginning there is the planned table of content, which gives a clue on the later structure of the dissertation. Chapter one is the description of the today´s state of the art. The Objective reports the target and the methodology shows the way to achieve the target.
Appendix A contains information about the FlexRay Bus System which is the basic communication system for the later dissertation.
III. Table of content TOC o “1-2” u Title PAGEREF _Toc354385981 h 2
I. Preambel PAGEREF _Toc354385982 h 2
II. Abstract PAGEREF _Toc354385983 h 2
III. Table of content PAGEREF _Toc354385984 h 3
Main Part PAGEREF _Toc354385985 h 5
1.Introduction PAGEREF _Toc354385986 h 5
1.1.Introduction into area of expertise PAGEREF _Toc354385987 h 5
1.2.Problem definition PAGEREF _Toc354385988 h 5
1.3.Motivation for the solution PAGEREF _Toc354385989 h 5
2.State of the Art PAGEREF _Toc354385990 h 5
2.1.Electronic in cars PAGEREF _Toc354385991 h 5
2.2.Interconnection PAGEREF _Toc354385992 h 6
2.3.Diagnosis PAGEREF _Toc354385993 h 9
2.4.Automotive bus systems PAGEREF _Toc354385994 h 11
2.5.Arbitration PAGEREF _Toc354385995 h 17
2.6.Error detection and fault confinement PAGEREF _Toc354385996 h 20
2.7.Determinism PAGEREF _Toc354385997 h 21
3.Detailed definition of the scope of work PAGEREF _Toc354385998 h 22
3.1.Objective of the dissertation PAGEREF _Toc354385999 h 22
3.2.Aims of the dissertation PAGEREF _Toc354386000 h 24
3.3.Methodology PAGEREF _Toc354386001 h 26
3.4.selection of an appropriate bus system PAGEREF _Toc354386002 h 28
4.modification of the physical layer PAGEREF _Toc354386003 h 28
4.1.dominant and rezessive voltage levels PAGEREF _Toc354386004 h 28
4.2.timing requirements PAGEREF _Toc354386005 h 28
4.3.error detection and avoidance PAGEREF _Toc354386006 h 28
5.arbitration PAGEREF _Toc354386007 h 28
5.1.priorization PAGEREF _Toc354386008 h 28
5.2.methods PAGEREF _Toc354386009 h 28
5.3.Interrupt PAGEREF _Toc354386010 h 28
5.4.Trigger PAGEREF _Toc354386011 h 28
6.data content PAGEREF _Toc354386012 h 28
6.1.bitrate PAGEREF _Toc354386013 h 28
6.2.redundancy PAGEREF _Toc354386014 h 28
6.3.data length PAGEREF _Toc354386015 h 28
Summary PAGEREF _Toc354386016 h 28
Main PartIntroductionIntroduction into area of expertisexxx
Problem definitionxxx
Motivation for the solutionxxx
State ofthe ArtElectronic in carsFrom the very beginning of automobile creation in the late 19th century, the benefits of individual travelling caused more and more people to use cars. The demands of the owners and legal regulations to increase safety have increased the features enormously and force the automotive industry to continuously develop better cars.
The electronics have a severe influence to the convenience and safety of the customer. Just 50 years back, the light was the only electronic device on board. Now, electronic is a major part of every single car concept. While some electronics are hidden (like electronic fuel injection), others bring new experiences to the customer, like global positioning system (GPS) based navigation.
For all vehicle concepts, which are considered in this document, there are requirements for the cross-linking, which may be identical. This is because all vehicles have the commonness to meet the requirements of traffic safety. So, in any small cars as well as the most expensive luxury vehicle blinkers, we can find wipers and brake lights, to list just a few common examples. While the design of the systems often differs fundamentally, the connection to a vehicle networking concept does not necessarily. Whether chic LED or old-fashioned light bulb taillights: in both cases, a signal from the brake pedal to the brake light in the rear is routed. There are also components that despite the same tasks have very different demands on the network. The headlight of a small car has light bulbs for low beam, high beam, parking lights and turn signals. To realize a luxury car add some motors and positioning controllers to adaptive headlights, automatic headlamp leveling, bi-xenon function and different brightness of the LED strip to DRL or sidelight . The fog lights in addition unilaterally light up when cornering.
Hence, there is need to create individual concepts for different classes of vehicles. However, this can then be used for several variants, as another body style (e.g. station wagon instead Saloon) has no dramatic effect on the functions.
InterconnectionIn modern vehicles almost all electrical components are interconnected. The degree of crosslinking is dependent on the number of electronics, the field of use of the vehicle and in particular the class. In order to controlallthe functions requiredof the vehicle, the car manufacturer could use a centralcomputer, whichwould have tobe very fastandexpensive andhad to connecteach actuator, sensor or switch with at least one line(safety components additional monitoring lines). This would result in a thick and heavyharness and inadditionlead tohigherfuel consumption, significantly higher manufacturing cost, since copper cablesare not cheap at all.
Alternatively, you can split the functions of the car. For similar tasks create functional blocks, which can then be placed into a closed area to avoid long connections. Another advantage of this concept is that it is characterized by short connection injects less conducted and radiated interference into the line.
In the automotiveworld these function blocksare called electronic control units (ECUs) orcomponents. The components are in most cases not able to perform its taskwithoutinformation from othercomponents. But notall of the dataof eachcontrol deviceisimportant for thefunction. The stability managementcertainly needsthewheel speed sensor data, butnoinformation on whetherthe rear wiperis currently active.The components mustindeedexchange data, butthey can besummed upinone another(more or less) independentgroups. The demands onthe data rateare quite different.Apower window switchis usuallyoperatedlessoftenthan awheel sensorpassesitsspeed value.The faster thedata transferneeded, the more expensive isthe essentialbus. The currentbus systemsarecurrently usedin the following chapterexplained againin detail.
Certain information isimportantfor all components, such aswhether theignition is turned on, orthe car isparkedandevery single componentshould change to alow-powermode in order tosave battery power. Theessential informationneededby severalgroups, are transported via agatewaycontrol device intothe respective group.
Individualgroupsof controllerscanbecombined inbus systems thatare significantly different. Thecommon systemsaredescribedin chapter below. Thechoice of the appropriatebus systemdepends on many factors: the required data rateandquantity, safety requirements, portability to othervehicle concepts, expandabilityand more.Butcertainly a big factoris theaffordabilityof the concept.Especially inthecompact carclass, cost pressureassumes enormous influence on thedecisionof the applicableoptions. In general, the price of a bus systemincreases with itstransmission speed. Universaland widely usedsystems are alsocheaper thanexoticcustom solutions.Such specialbusesare foundhardly. Systemsfrom other areas (e.g., Ethernet), which, althoughcheap andwidelyspreadand would therefore beseengladlyfor financial reasons.Butthese systems oftendo notmeet the stringenttechnicalrequirements forautomotive electronics.Thus, forexample, Ethernetdevicesdesigned forroom temperatureandplugs ofpatch cablesdo not provide sufficientprotectionagainstdust and vibrationin the engine compartment. Systemsfor militaryapplications providecertainly technicallyperfect conditions, but considering the costwould causetears to thewatchful eyes of thecontrolling department.
For derivatives thatare designedfor entry markets, rathersimple networkingconcepts arein the specifications. This allowscostsavingsin the double sense:The number ofnetworked control unitsis reducedandalso the wiring harness of the vehicle islessexpensive andlighter. Since commonnetworks,especially in thelow-price segmentare based on copper interconnects, this means cost reduce due to currently highraw material prices.
High-pricedluxury carshavenetworkedfeatures thatwould not be possiblewithoutnetworking:Camera-basedenvironmental sensors, ultrasonic basedparking systems,distance RADAR and LIDARcan be mergedso thatthesensor cloud creates a digitalimageof the vehicle environment. The mutualplausibility ofdataof different measurementmethodscan belifesavingin certain circumstances, important decisions, such aspre-crashdetection, multi collision brake assists, and safety isolationofhigh-voltage systems.
HereclassicCAN-basednetworking solutionsare reaching their limits. Firstly,the bus loadincreases with the numberofnetworked control unitsandthe associatedbus load. Too highbus loadmakesthe crosslinkingunstable, so in these cases thecontrol units,aftertheir installationor areaseparatedinto different sub-buses (which means that, in somecurrently producedSUVs upto sevenCANbus viaa gateway,communicate with each other). Secondly,justsafety-critical applicationsneedto check the plausibilityofdatanot onlythe readingsbut also a temporalmappingin order to derivethe changeandthe rate of changefrom it.
DiagnosisDiagnosis via computer is a common benefit of the used communication systems. Since every electronic is part of a network, it is possible to reach it by gaining access to this network. Almost every car has got anenhanced on-board diagnostic (EOBD) connector, a standardized interface (see figure 1); the regulatory intend was to force car manufacturers to design reliable emission control systems.
Figure SEQ Figure * ARABIC 1: OBD-II connector
Both connector and protocol are specified by OBD-II standards, and an error code indicates problems. The first letter indicates the system (e.g. P for powertrain), followed by four digits. This helps to locate the problem. But the possibilities to perform diagnosis are far beyond the standard protocol.
Every automobile enterprise has its own diagnostic and testing system (see figure 2) to get access to every single ECU.
Figure SEQ Figure * ARABIC 2: PIWIS Tester
With this test device, it is possible to flash software, code the ECU depended on the car setup, start routines, read back analog and digitals I/O ports and simulate certain communication blocks.
It is also possible to force the car into special conditions, like production mode, where it is possible to engage the immobilizer system, but speed is limited to 30km/h, for example. Another scope is to log the entire communication data to get feedback, how the car behaves in certain conditions.
The OBD-II interface is based on a CAN communication protocol, therefore the gateway has to translate signals from other bus systems. Since some bus systems have higher data ratios, the limits are obvious.
Automotive bus systemsThis chapter will provide basic information about bus systems which are used in nearly every single car produced nowadays.A bus is a subsystem that transfers data between components inside a device or between devices inside of a system. Unlike a point-to-point connection, a bus can logically connect several electronic control units over the same set of wires. Each bus defines its set of physical connectors, timing and access methods together.
Inthe automotive industry, several bus systemhave been established,tailored to therequirements thatare expected intoday’s vehicles. CAN and LINare themost established,MOST hasfound its placewiththe implementation ofmultimediainterfacesin 21stcentury. Thelatest bus systemiscurrently FlexRay.
CAN
This is themost widely used businthe currentcars. It is basedon atwo-wireasynchronous serialbus system.The twodatalines are terminatedwith 120 ohmresistors on each end of the line.
HYPERLINK “http://upload.wikimedia.org/wikipedia/de/7/7b/Can.jpg”
Figure SEQ Figure * ARABIC 3: CAN Logo
Communication takes place viamessagesthat canbe sentatany time of bus idleness. When several participantstry to sendat the same time, the message with the highest prioritywill always be transmittedfirst.During the data transmissionbegins, no other control device is allowedto send until thebus idlenessafter the end oftransmission.This can lead to delay ofthe transfer of individualmessages(low priority) andfixed specific timeof data transferis not possible.The busis monitoredand supervised by all participants. In case of detected errorsin thetransmission, each participant (includingthetransmitter) will send an errorframe. The senderthen attempts tosendthe message again. Itrecognizes, however, when sendingfaulty too often and stops transmitting.
The percentile bus load must not exceed 60% in order to reduce communication problems. (more preferably less than 50% is recommended). Since the buses are often deployed across the entire vehicle, they are often a feedback path for electromagnetic interference and thus always in the focus of EMC considerations of cars.
There is a distinction in principle between high-speed and low-speed CAN:
Highspeed-CAN:
Max. data transmission: 1Mbit/s
Max. length of wiring: 40m at 1 Mbit/s (100m at 500kBit/s)
based on twisted pair copper harness
Lowspeed-CAN:
Max. data transmission: 125kbit/s
Max. length of wiring: 500m at 125 Kbit/s
based on twisted pair copper harness with ground reference
Capable of Wakeup
LIN
Forperipheral applicationswith relatively lowdata transmissionLINis most suitable. It isthe cheapest optionto linkcomponents.LINisespecially used for applicationsthathavelow requirements fortransmission speed(the customerhardlynoticesthat thewindowsstarts runningonly100 millisecondsafter switching).
Figure SEQ Figure * ARABIC 4: LIN Logo
LIN is amaster-slavesystem. The masteris responsible for thediagnosisof the slaves, and determines whether thebusgoes into sleepmodeor active.Bus accessiscontrolledviatime schedules, so collisions between messages are avoided. But due to thistimetablenoflexibleresponse to specific eventsis possible.Thesingle wiretechnologymakesthe businexpensive, butmore susceptible tointerferencefrom the electrical system, which is why it findslittleusein the engine compartment(except forenergy-LIN for monitoring batteryand generator).
LIN:
Max. data transmission: 20 Kbit/s
Max. length of wiring: (far beyond demands in automotive enclosures)
based on single wire copper harness with ground reference
collision free deterministic bus access
Master-Slave topology
FlexRay
FlexRaymarks the latest development ofbus systems at the moment. It was created by a consortium of car manufacturers, suppliers and semiconductor producers in the years 2000 to 2010. It is found in high-class premium cars like Audi Q7, BMW X5 and 7series, Mercedes S-class.
HYPERLINK “http://de.wikipedia.org/w/index.php?title=Bild:FlexRay_Logo.svg&filetimestamp=20080511085828” o “FlexRay Logo”
Figure SEQ Figure * ARABIC 5: FlexRay logo
It isa serialdeterministic andfault tolerantbus system, which should be up to the taskonthe vehicle networkin the near future. Advantage over theCANisthereal-time capability, higher data transfer ratesandreliability. Severalchannels(typically two) that are synchronized with each other, can interconnect the participants.In case of short circuit/ interruptionof a single channelcommunicationstill takes place. Similarly to CAN,datais packed intoframes, but the access to the bus is managed differently.There isa static segment, in which participantsare allowed to sendin a defined sequencedata packetsof fixed lengthwith(a ECUmayalsoseveral packetssendbyitis assignedmultipleIDs) and a dynamic segment, messagesin the subscriberin a fixedorderflexiblecansendlength. Thefixed orderis necessary since (unlike CAN) noarbitrationis possible due a missing recessivebus level. FlexRayhas threestates: “0”, “1”and “idle”, and all three are dominant.The sender of amessagethatreadsbackthe same timeand therefore cannotsee anybus errorsdue to collisions. It is not specified to senderror framesbyother participantson thebus during transmission. Fault is detectedat the endof the framefor severalerror sums(CRC headeranddataCRC).
FlexRay:
Max. data transmission: 10 Mbit/s per channel
Max. length of wiring: 24m (48m in a active star topology)
based on twisted pair copper harness
guaranteed latency
flexible topology
MOST
The MOST is the most expensive and most complex bus system that is currently found in automotive industry applications. MOST provides the highest data rate in automotive buses and is therefore suitable for the realization of audio, video, and data transmission in multimedia and infotainment systems. Due to its high costs, it is almost exclusively found in luxury vehicles.
Figure SEQ Figure * ARABIC 6: MOST logo
The data is transmitted serially over fiber optic lines between the participants, which are built in a ring topology. One subscriber is the timing master, which continuously feeds into the annular frames, which are then filled with data from the other participants and forwarded. An extension of the bus is relatively complex because of the split ring and the new device has to be inserted between two nodes. The fiber optic cables are immune to electromagnetic interference from the vehicle; the transceiver chips can greatly disrupt their environment, however.
MOST:
max. data transmission: 23 Mbit/s
max. participants: 64
based on copper or fiber optic
collission free bus access
token ring topology with bus timing master
ArbitrationThe arbitration logic (from Latin arbiter, “Judge”) is a functional unit in the form of electrical, digital circuit or a software routine that resolves access conflicts or collisions or prioritized access. This is necessary, for example in the case of bus systems with multiple bus masters, that means units permitted active, such as a DMA controller to access the data, in order to decide which one gets bus master access. In general, the arbitration´s target is the fairest possible allocation of resources to different users or devices.
Since a serial communication system such as CAN is based on a two-wire connection between nodes in the network, all nodes are sharing the same physical communication bus. A collision may occur, when two or more nodes in the network attempting to access the bus at virtually the same time, which may result in unwelcome effects, such as bus access delays or even damage of messages. CAN provides a non-destructive bus arbitration, no messages get lost [1].
CAN systems are based throughout on an event-driven transmission order, but therefore are not deterministic. This means that the exact time at which a message is sent cannot be predicted. Only exception is possibly the highest-priority message. CAN uses arbitration with CSMA / CD method, whereby important messages can be sent in time prior to less important. It is therefore a process that does not guarantee a fair allocation of the resource. The priority is done by the classification of the messages in the CAN-matrix: the lower the ID, which is the identifier of the message, the higher its priority. Arbitration is at the beginning of each message cycle.
CDMA assigns a different code to each node. Each node then uses its unique code to encode the data bits it sends, as discussed below. We’ll see that CDMA allows different nodes to transmit simultaneously and yet have their respective receivers correctly receive a sender’s encoded data bits (assuming the receiver knows the sender’s code) in spite of interfering transmissions by other nodes. CDMA has been used in military systems for some time (due to its antijamming properties) and is now beginning to find widespread civilian use, particularly for uses in wireless multiple access channels. [2]
Following graphic (figure 7) shows the general flow chart of a transmission attempt. Arbitration is a key element of every single try.
Figure SEQ Figure * ARABIC 7: transmission procedure
The arbitration itself starts, if two or more bus nodes start their transmission at the very same time after having found the bus to be idle. Collision of the messages is avoided by the implemented CMSA/CA + AMP bus access method. Each node sends the bits of its message identifier and monitors the bus level. As long as the bits from all transmitters are identical nothing happens.
Figure SEQ Figure * ARABIC 8: Arbitration example
At bit 5 nodes 1 and 3 send a dominant identifier bit. Node 2 sends a recessive identifier bit but reads back a dominant one. Node 2 looses bus arbitration and switches to listening only mode that is transmitting recessive bits. At bit 2 node 1 looses arbitration against node 3. This means that the message identifier of node 3 has a lower binary value and therefore a higher priority than the messages of nodes 1 and 2. In this way the bus node with the highest priority message wins arbitration without loosing time by having to repeat the message. Nodes 1 and 2 will send their messages after node 3 has finished its transmission. [3]
Error detection and fault confinementRather than providing a message confirmation, which in turn would increase the bus load, CAN goes the more aggressive route of assuming that all messages must be consistent with the defined standard. Every diversion from this standard is detected and reported immediately. This means, the error detection actually replaces the message confirmation. Naturally, confirmed messages would occur more often than actual error messages. Each node in the network will receive each transmitted message. A message filter guarantees that the node knows when to ignore a message or to process it. However, each node in the network will check the transmitted message for compliance with the defined standard. All receiving nodes check the consistency of the received frame and acknowledge the consistency. If the consistency is not acknowledged by any or all nodes in the network, the transmitter of the frame will post an error frame to the bus.
The occurrence of an error frame may actually have two reasons: first, the transmitted data frame was really faulty or second, the data frame was correct, but one node erroneously reported an error due to a local reception problem. It is important to distinguish between temporary errors or permanent failures of a node. CAN controllers address this problem by providing two different error counters, one for the transmit errors and one for the receive errors. If either counter exceeds a programmable limit, the node is considered faulty.
As a part of the fault confinement, the CAN protocol allow the removal of a CAN node from the network, in case the node produces a constant stream of errors and therefore unnecessarily increases the bus load. CAN also provide very short error recovery times of a maximum of 15-bit times. With a baud rate of 1 Mbit/sec this translates to maximal 15 microseconds [3].
DeterminismA system in which the later state of the system follows from, or is determined by, the earlier ones, is called deterministic. Such a system contrasts with a stochastic or random system in which future states are not determined from previous ones. [4]
For a communication system in automotive environment deterministic means, that data is provided to the receiver at a predictable time. The static segment of the FlexRay communication represents those deterministic characteristics. As you can read in the chapter “FlexRay Basics”, the FlexRay Bus is divided into a static and a dynamic segment. The segments are part of the time cycle of a sequence and repeated as long the bus is awake. The static segment is used for all messages containing time critical or time sensible subjects. An example may be common motor states, which are essential for many electronic sub-components of the drivetrain of a car. Advanced car assistance systems need time equivalent distance between single measurement points to extrapolate the curve and predict future values more accurate (see figure 9).
Figure SEQ Figure * ARABIC 9: prediction of sensor values
Detailed definition of the scope of workObjective of the dissertationThis thesis tries to find a way of merging the benefits of two different access methods into one system. It means combining the stability and reliability of determinism with the flexibility of the most common priorization model nowadays. The ultimate ambition would be to create a universal bus system for all purposes of automotive applications.
Both methods are established standards:
The CAN Bus provides an arbitration access method and is the most common bus interface in nearly every single modern car in this time. It has proven its benefits over decades in hundreds of millions cars.
The FlexRay bus is the logic consequence to the increasing amount of data between more and more electronic control units (ECUs) in modern cars. It considers special demands of advanced driver assistance, active and passive safety on board.
Both Access methods have their rights to exist and a certain scope of advantages:
CAN is establishedand most common in use. The CAN-matrices for every single system yet exists and has been improved over the years. The method is known to each supplier and standard for every vehicle manufacturer.
The FlexRay standard has been negotiated between major car manufacturers, system suppliers and semiconductor producers. It meets all necessary requirements to be accepted by the automotive industry.
Both Access methods have their restrictions:
CAN has reached its limits. In the 2012 version of a high class sports utility vehicle (SUV) of one of the world´s leading car brands we can find seven different high-speed CAN subsystems to maintain the communication: drivetrain, chassis, comfort, multimedia, dashboard, crash and extended CAN are all connected to a gateway, the neuralgic part of data transfer.
FlexRay has no error detection and fault confinement like CAN. The dynamic segment does not meet the same flexibility as arbitration. It is not possible to perform a change from CAN to FlexRay without redefining every single message.
Combining both systems under consideration of special issues could lead to a bus system to replace the common standard using existing arbitration matrices and benefiting from advantages of determinism. The scope of this work is to show a theoretic way of modifying both physical layer and software in order to implement arbitration into a system, which is not really prepared for the special demands of this.
Aims of the dissertationThe scientific contribution of this work is characterized by the description of finding and describing theoretical ways to modify each aspect of bus properties in order to create a unique system which grants benefits for a radical approach:The sum of all modifications will lead to a revolutionary new bus access method which is suitable for both existing control units and fit for future demands by eliminating the restrictions of existing bus technologies and simultaneous implying the benefits of the different access methods:
Modification of the physical layer
The aim is to slightly modify the physical properties. It would be perfect to find a way of using the complete physical properties of an existing bus technology, since this would mean to be able to keep all established communication modules, drivers, wiring, impedance networks, architecture and monitoring. The scientific scope of this dissertation is to describe a modification, which causes minimal modification effort on established technology. This is the base for building of the bus infrastructure needed to develop the communication systems itself. It is necessary to introduce three logical levels to realize differential signals with two dominant levels and a recessive level for arbitration algorithms. The choice of levels themself is not really easy: on the one hand a low differential voltage offer advantages in current consumption, when establishing a system with quite low impedance (around 120 ohms). On the other hand the logical levels have to differ quite enough during arbitration in order to be assigned correctly, even in critical situations (more than one ECU is trying to manipulate the logical level at slightly different time stamps).
Time management
The time management is essential for a TDMA by topology. Therefore most of the scientific work will be in this domain. The demand is to create a way to literally avoid collisions on the data highway. It is comparable to trying to find a way of merge railway and motorway. The challenge is to put a rail on the same lane a car uses without delaying the time schedule. Scientific contribution is to provide ideas to future bus access methods. The ultimate goal is to keep all existing priority tables of arbitration systems and time tables of deterministic systems.
In order to establish a deterministic part in a system with arbitration, there is only one possibility:
The message with the highest priorization has to start at predefined point of time, dependent on the time schedule. This is used to synchronize thestart of deterministic transmission. Key Element to this is the network idle time. Since even the most important message can only start when no other transmission took place for a defined period of time, it is very important to force bus silence just a short time before the synchronization message. The idle time must not start too early, so there is no chance for other messages to start transmission just a short time before synchronization message.
software modification
Modification of both physical layer and network timing properties logically leads to modifications of the data containers themselves. The aim is to adapt the data security, error and fault management to the changed environment. The scientific work is to restructure the frame fo
