Consolidating in-vehicle computer systems for the next generation of vehicles shows tremendous promise but is not entirely without risk for automakers.
For years OEMs have been discussing virtualization as the solution to an ever-increasing number of interconnected computing devices inside the vehicle. Virtualization should be expected in future architectures but putting a few standards in place will smooth the road to successful deployment.
The GENIVI Alliance works with the automotive industry to produce an open-standard automotive virtual platform definition that will increase portability, reduce risk, and provide a more stable situation for OEMs wanting to redesign their systems using fewer computing units that take on more diverse responsibilities.It develops standard approaches for integrating operating systems and middleware present in the centralized and connected vehicle cockpit. The alliance links adopters of Android™ Automotive, AUTOSAR, Linux, and other in-vehicle software with solution suppliers resulting in a productive and collaborative community of 60+ members worldwide.
Tackling the Challenge
Modern vehicles include hundreds of separate electronic control units (ECUs), large and small, interconnected through a vast network of wired and wireless communication systems. The complexity of producing automotive electrical systems that are safe and secure is nearing the point of being unmanageable and development time is several years.
Even so, there is no stopping this progress and future vehicle architectures are adding even more complex automated driving and cloud-computing features. So while software growth is bound to continue, something must be done about the proliferation of inter-connected hardware units to reduce cost and complexity.
What is virtualization?
Virtualization provides the means to combine previously separate software systems on a single computing unit and is another tool to model future functionality growth onto a manageable in-vehicle electrical/computing architecture. Most operating systems use a kernel that is the interface to the processing capability of CPUs and other hardware. The processes that implement the functional behavior can request access to hardware features through the kernel’s interface.
The kernel ensures that multiple processes execute correctly in parallel and arbitrates their requests for hardware access. Thus, in standard, non-virtualized systems, each computer boots only one operating system kernel, and the single kernel is exclusively managing the hardware.
Virtualization enables the concept of virtual machines, each having their own personal view of the real hardware. This trickery is implemented in a specially privileged type of software known as the hypervisor, often assisted by some special hardware features.
What a kernel does for the functional processes, the hypervisor does for whole operating systems and their kernels. The hypervisor decides how each operating system and its functional software can share the execution resources of the hardware, and it provides a view of the hardware that enables every virtual machine (running one operating system kernel each) to run on a “slice” of a single computing unit with little modification.
The Industry Challenge
Virtualization technology dates back almost as far as computers themselves, so what is the issue?
The challenge of deploying virtualization in an automotive context should not be underestimated. In-vehicle computers are built with central processing unit (CPU) cores that increasingly are similar to those of high-end desktop and server computers. However, the amount of specialized hardware support, connectivity standards and peripherals are wider and more diverse in embedded systems in general, and nowhere more so than automotive systems.
Hardware features are highly integrated on system-on-chip silicon that have stringent requirements of guaranteeing no possible interference on safety/security critical software from less critical parts. This likely makes virtualization of automotive systems the most challenging of all.
When new technology is introduced, there is a risk of creating additional problems in place of those being solved. Lock-in to particular technologies and vendors is not good for our industry. It stifles technical and commercial flexibility and thereby amplifies project challenges when systems evolve.
Introducing virtualization to a new vehicle project has many benefits but must be managed carefully. The redesign of the vehicle electrical system is likely to combine many important ECUs, and a failure to execute the project successfully could have dire consequences. Automotive projects run long, with heavy investment in development and supplier contracts and the strong inter-dependencies between subsystems can make reverting to previous electrical system designs almost impossible. To avoid serious project failures, the industry will benefit from producing a guide toward safely leveraging virtualization in future vehicle design.
The Automotive Virtual Platform Specification (AVPS) started by GENIVI is a community developed, open-licensed, requirements and standards specification targeting all automotive systems that use virtualization. It leverages requirements from existing standards like VIRTIO and complements them. The AVPS activity is an open invitation for industry collaboration and aims to be the standard for automotive virtualization.
In the AVPS, the industry can document a shared agreement on the interfaces to be used between legacy systems (kernels) and different implementations of hypervisors, as well as other requirements that an automotive virtualization platform must fulfill. Superficially, the AVPS facilitates portability of systems between different virtualization implementations, and this may provide tremendous value.
However, the creation of such a standard has many other advantages including advancing the state of the art, anticipating solutions to automotive needs, finding a common understanding between all parties on what to expect from a virtualization-based system, and reducing project friction and risks.
Promoting the development and use of the AVPS in the entire automotive industry will facilitate the design process of future systems, smooth the acquisition process for hypervisor technology, and manage some of the inherent complexity and risk in future projects.
GENIVI Alliance invites all companies, groups, and industry consortia to get behind the development of a shared Automotive Virtual Platform Specification.
Together we can make virtualization in the automotive industry manageable, and successfully address future system challenges.
Gunnar Andersson is Technical Lead at GENIVI Alliance. He has 25 years experience in the development of dedicated and embedded software systems, primarily in technical roles but also in entrepreneurship and sales. He is focused on software quality and development methods and built his automotive experience working for a major automaker in many different software and EE architecture roles, in both production and advanced engineering/research environments.
