Fail-operational architecture for highly automated driving unveiled

TTTech Auto and Infineon Technologies have developed key components for a fail-operational electronic architecture for highly automated driving of SAE Level 3 and 4. This enables the safe and reliable processing of, for example, radar or LiDAR camera sensor data and is targeting car and technology manufacturers. The fail-operational architectural concept and its key components ensure the safe operation of highway pilot functions, valet parking and autonomous truck driving in case individual functions fail.

The design of a fail-operational electronic architecture

The mixed critical approach allows the use of computer hardware and software that run applications of different Automotive Safety Integrity Levels (ASIL). A specially developed failover mechanism consisting of a primary (“Doer” node) and a fallback ECU (“Fallback” node) ensures the necessary fail-operationality for vehicles. In case the “Doer” fails, the “Fallback” promptly takes over within the millisecond range. This mechanism ensures the fail operationality of the system, for example, sensor fusion, trajectory planning and object recognition tasks of SAE Level 3 and 4 functions.

Diagram: failover management mechanism developed under the European PRYSTINE project

The modular concept offers the highly flexible and fast development of Automated Driving Systems (ADS) by enabling the combination of various off-the-shelf elements such as SoCs (System on a Chip), automotive microcontrollers, power supplies, with the deterministic backbone network as well as multiple cameras.

Aviation safety level for the automotive industry

Stefan Poledna, TTTech Auto

“With a fail-operational system design, car manufacturers lift the safety of their highly automated vehicle to aviation standard in a cost-efficient manner”, says Stefan Poledna, CTO of TTTech Auto. “This system architecture takes the high safety and reliability requirements of global car manufacturers’ mass-production programs into account. Furthermore, based on a centralized computer architecture, it forms the foundation for the future software-based car.”

Thomas Boehm, Infineon

“We are developing multicore microprocessors to offer a high-performant, safe and cost-efficient solution for highly automated vehicles,” says Thomas Boehm, Senior Vice President Automotive Microcontroller at Infineon. “Multicore processors provide the necessary processing power, sufficient memory and meet the increasing safety requirements due to the electrification of the car and the advancement of automated driving.”

This developed architecture represents an ideal setup for a safe electronic architecture to take highly automated driving to the next level. Infineon and TTTech Auto, with the participation of TTTech Group, will continue their collaboration to enable Level 4 and Level 5 automated driving and shape the future of safe autonomous mobility.

Successful completion of the European PRYSTINE program

The joint research contributed to the successful completion of the European PRYSTINE (Programmable Systems for Intelligence in Automobiles) project. With a budget of about € 50 million, PRYSTINE aimed to realize safe automated driving by fail-operational urban surround perception. For three years, about 60 partners worked together in the areas of sensor-fusion, electronic architectures and artificial intelligence coordinated by Infineon.

Overview: project partners and contributors