Redundancy Management for Drive-by-Wire Computer Systems

The integration of drive-by-wire systems into the future generations of vehicles requires a reliable and safe processing of the driver’s input requests. Many approaches presented in the last years apply specialized control units as well as communication systems not available in high quantities. This results in cost-intensive systems and increasing developmental periods, which proves to be harmful in the highly competitive automotive sector. Therefore this article describes a safety relevant control system composed of commercial-off-the-shelf (COTS) components designed for automotive applications. The paper explains the hardware structure consisting of four electronic control units (ECU), connected via CAN, which constitute a duo duplex system. Furthermore a detailed description of the redundancy management is given, which is the software operating the redundant computer system. Safety relevant software components have to meet requirements of high software quality standards. For this reason the last part of the paper concentrates on the software development process and its supporting tool chain. The application of automated code generation for safety relevant drive-by-wire systems is discussed in detail.