《世界經濟論壇：2023解鎖汽車軟件的安全與創新白皮書（英文版）（11頁）.pdf》由會員分享，可在線閱讀，更多相關《世界經濟論壇：2023解鎖汽車軟件的安全與創新白皮書（英文版）（11頁）.pdf（11頁珍藏版）》請在三個皮匠報告上搜索。

1、Unlocking Safety and Innovation in Vehicle SoftwareB R I E F I N G P A P E RJ U N E 2 0 2 3In collaboration with Boston Consulting GroupCentre for the Fourth Industrial RevolutionImages:Getty Images 2023 World Economic Forum.All rights reserved.No part of this publication may be reproduced or transm

2、itted in any form or by any means,including photocopying and recording,or by any information storage and retrieval system.Disclaimer This document is published by the World Economic Forum as a contribution to a project,insight area or interaction.The findings,interpretations and conclusions expresse

3、d herein are a result of a collaborative process facilitated and endorsed by the World Economic Forum but whose results do not necessarily represent the views of the World Economic Forum,nor the entirety of its Members,Partners or other stakeholders.The industry is evolving rapidly and we need a com

4、mon lingua franca to provide clarity.The World Economic Forums Automotive in the Software-Driven Era initiative helps to fill this need.Georg Kopetz,Chief Executive Officer,TTTechUnlocking Safety and Innovation in Vehicle Software2The automotive industry is undergoing its most challenging transforma

5、tion in over a century.This is marked by a shift from internal combustion engines towards electric ones,and a shift from vehicles that are almost exclusively mechanical machines to ones with increasingly complex software-defined systems.The software-defined vehicle is just emerging,and it will conti

6、nue to evolve over the next decade.To prepare for the changes ahead,the World Economic Forum launched the Automotive in the Software-Driven Era initiative.This initiative aims to unlock the potential of cross-industry and public-private collaboration to help improve safety,inclusivity,sustainability

7、 and overall system resilience in the automotive sector.To date,the initiative has engaged over 30 leading companies from the automotive,new mobility and tech industries to join the effort.Automotive in the Software-Driven Era initiativeOne of the key components of the software-defined vehicle is th

8、e software platform,which orchestrates all signals,data,activities and processes in the vehicle(see Box 1 for a full picture of the software-defined vehicle layers).As the“brain”of the car,the vehicle software platform is essential to ensure safety,while also enabling more efficient use of resources

9、 and computing capabilities and supporting faster update cycles for user-centric innovation.Every major OEM and many of the larger automotive and technology suppliers are developing their own full-fledged software platforms.Additionally,several specialist players and tech companies are making partia

10、l-tailored components for these platforms.A more unified,industry-wide,scalable vehicle software approach would:Increase safety.Clearer,more standardized interfaces and aligned platform architecture designs help increase stability and reduce error rates in software integration.Safety is crucial for

11、devices as highly safety-critical as software-defined-vehicles,especially with increasing levels of autonomy.Improve maintainability.The life cycle of a vehicle,unlike for smartphones and other smart devices,spans several decades.Safety also needs to be ensured for the full life cycle.A more unified

12、,industry-wide solution can ease the ability to manage,update and maintain the software for 20+years.Speed up innovation.A more unified approach simplifies the development and distribution of safety-critical updates and additional value-adding functions.For example,software innovation contributes to

13、 energy efficient driving and battery management,with a positive sustainability impact.Reduce costs.A more unified industry solution reduces unnecessary duplicities,freeing budget and talent resources to focus on enhanced safety,maintenance efforts and differentiating value-added innovation.This bri

14、efing paper explores a target picture for the vehicle software platform.It also provides a timeline for how its different characteristics could evolve,and an overview of current related initiatives.The aim is to help the industry align on a more unified,sector-wide,scalable vehicle software solution

15、 that will drive safety during the life cycle of the software-defined vehicle.The challenge:A more unified,industry-wide,scalable vehicle software approachUnlocking Safety and Innovation in Vehicle Software3The vehicle software platform and its role in the software-defined vehicleBOX 1The vehicle so

16、ftware platform is one of the six key layers of the software-defined vehicle(see Figure 1).The platform includes four components:the hardware abstraction layer(HAL),which simplifies interaction between operating systems and different hardware;the base operating system,which controls all hardware res

17、ources such as I/O and security;base services(often referred to as middleware),which cover basic functions across all services and applications,including networking,communications,diagnostics and API management;and extended services,which provide key functions,such as perception and driver monitorin

18、g,across applications.Six layers of the software-defined vehicleFIGURE 1Compute platformEnable high-performance compute at minimum energy consumption2Data platform Syndicate insights on user and vehicleand provide relevant predictions4ApplicationsDeliver differentiating and increasingly complex func

19、tions/services to users5Vehicle platformScale and simplify common mechanical components across models1Smart mobility ecosystemEnable seamless user journeys,faster innovation and scaling6Layer are ledge and cloud distributedSmart mobility ecosystemApplicationsData platform Vehicle software platformCo

20、mpute platformVehicle platformVehicle software platformProvide secure,high-performance run-timeenvironment and reusable SW components3Many siloed vehicle software solutions with proprietary interfaces drive complexity and slow down feature development and integration.A more simplified and scalable s

21、tructure is needed.Figure 2 outlines eight key elements of a target picture of the vehicle software platform,which would help streamline current development efforts and enhance software maintainability and safety benefits.In the past,safety-critical and non-safety-critical workloads were separated.F

22、or the majority of use cases,however,mixed-critical solutions allow for more efficient use of vehicle compute,helping minimize execution time,and reduce power consumption through optimized hardware and software allocation.Ultimately,more efficient computing allows more high-performance operations,ne

23、cessary for ADAS(Advanced Driver Assistance Systems)applications,and helps drive better next-generation digital cabin user experiences.The need for an industry north star:The vehicle software platform target picture1 https:/www.informatik.rwth-aachen.de/cms/informatik/Forschung/Publikationen/Bibliog

24、raphie-komplett-/lolj/Details/?file=856836&lidx=1Unlocking Safety and Innovation in Vehicle Software4Vehicle software platform target picture characteristics and their end-goal ambitionsFIGURE 2Standardized architectureIndustry follows common tech stack with modular template structure and interfaces

25、 OEM 1OEM 2Simplified integration and reuseServiceIntegrated toolchainIndustry adopts commonly agreed toolchain standard allowing co-creation OEMToolOEMToolOEMToolBuildTestMergeSupplierToolOEMToolRelease.Speeds-upprocessEases collaborationCloud-native principlesServices can be handled individually(e

26、.g.via containerization,APIs)ServiceServiceServiceServiceServiceFaster updates and innovationBetter fault isolationServiceUpdateChip agnosticCode can run on different silicon and compute meeting performance requirements Cloud agnosticMultiple clouds can be combined to interact with the SW platform L

27、anguage agnosticAny coding language can be used to develop a service Mixed-criticalUnified HW/SW foundation can run safety and non-safety critical loads safely for all applications Cloud-edge distributedSoftware can be virtually tested in cloud and deployed over-the-air during runtime Faster develop

28、ment testing and deploymentEfficient compute distributionTaskTaskTaskTaskTaskFlexibility and better updateabilityHigh-performance use cases might require specific siliconFlexibility and better balancing of workloadsFlexibility and easier reuse of codeC+PythonService12345678Safety-critical functions

29、with hard real-time constraints(e.g.electronic stability programmes or ESP)require isolated handling in the foreseeable future.Managing the increasing amount of software requires a seamless interplay between the vehicle as an edge device and the cloud,or cloud-edged distributed.This includes,develop

30、ing,validating and testing a new service in the cloud,deploying it over-the-air while the vehicle is operating,getting real-time traffic information from the cloud,or shifting high intensity compute to a cloud environment.To effectively orchestrate the development of services,they should be develope

31、d and updated individually.To this end,the platform should follow cloud-native principles,in which software consists of micro-services with clear APIs to ease interplay between the microservices,instead of a monolithic stack.This not only enables individual and faster updates and innovation,but also

32、 better fault isolation,driving overall software safety.To leverage the cloud-native benefits at scale not only within a company but across the auto industry,companies should agree on a standardized architecture template a modular tech stack with clear interfaces.This would help leverage cloud benef

33、its across the industry,simplifying integration and reducing redundancy.Moreover,an integrated toolchain,where the industry adopts a common toolchain standard,would support simplification and acceleration of software development,validation and integration processes.Interoperability is crucial to cre

34、ate flexibility not only for the services within the vehicle software platform,but also for the interaction with other vehicle layers(see Box 1 with vehicle layers).This also drives long-term maintainability as different software pieces can be updated individually.Interoperability of the vehicle sof

35、tware platform should extend to the chip(chip agnostic),cloud(cloud agnostic)and coding language(language agnostic).All three are essential for improving updateability,better balancing of workloads and easier reuse of code.Finally,in the journey towards the vehicle software platform target picture f

36、rom Figure 2,cybersecurity should be guaranteed.Ensuring that cyber safety is built for vehicle software at the design level software“secure-by-design and-default”is paramount to unlock safety and innovation in the long run.This is especially so with views to the high connectivity and open-source de

37、pendency of advanced software-defined vehicles.New principles for software cyber safety are being published,among others,by different US cybersecurity agencies and the European Commission.Unlocking Safety and Innovation in Vehicle Software5Trajectories for the vehicle software platform characteristi

38、csFIGURE 3Current vehicle software capabilities diverge significantly from the eight-part target picture described above.Not all these characteristics are equally easy to achieve(see Figure 3).For example,hardware and software are still closely interlinked in many vehicles.While hardware and softwar

39、e will certainly be routinely decoupled in the long term,selected high-performance or high-safety use cases might always require dedicated silicon/compute to meet performance requirements.An industry-wide architecture template and toolchain designed for safety,flexibility and efficiency can serve as

40、 catalysts.While some of the elements in the target picture are already emerging today,others might never be fully achieved(e.g.chip agnostic).The industry discourse around some of the mentioned characteristics,especially chip agnostic and cloud-edge distributed,is subject to diverging technological

41、 and commercial interests,even if the target picture direction is shared across actors.Three elements stimulate the progress of the remaining five(as shown in Figure 3),namely having an architecture that follows cloud-native principles,is standardized across the industry and paired with an industry-

42、wide integrated toolchain.Efforts to accelerate them are thus necessary to advance the path towards the overall target picture.Box 2 provides a starting point for future discussions towards the joint standardized architecture with cloud-native principles.Catalysing the journey towards the target pic

43、tureMatureScalingEmergingCharacteristic is widely adopted by the marketCharacteristic is being implemented across several providers/makesCharacteristic is starting to being implemented in first solutions/areasNow(2023)MatureScalingEmergingIn 5 years(2028)In 10 years(2033)EmergingScalingEmergingMatur

44、eLanguage agnosticCloud agnosticMixed-criticalEmergingMatureStandardized architectureIntegrated toolchainChip agnosticMatureScalingEmergingTrajectory for new vehiclesCloud-native principlesEmergingMatureEmergingScalingCould-edge distributedMatureScalingEmergingCatalyzersAcceleration efforts required

45、12345678Unlocking Safety and Innovation in Vehicle Software6Towards an architecture template for the vehicle software platformBOX 2The standardized architecture template with cloud-native principles should provide safety,efficiency and flexibility by design(see Figure 4).Three types of stacks with d

46、edicated functionality and purpose can enable this.First,most functions will be led by a mixed-critical stack with layered architecture(ASIL&QM),where workloads are dynamically distributed.This enables an efficient use of computing and scaling up of software.Noting that different approaches will be

47、necessary to build the safety critical and non-safety critical parts of this mixed-critical stack for example,while non-safety critical applications can follow standard quality management(QM)methods for development and validation the safety critical ones(ASIL-Automotive Safety and Integrity level)re

48、quire special and longer validation methods.Second,a monolithic,vertically integrated stack will be necessary,at least for the time being,for isolated handling of safety-critical cases with hard real-time constraints(ASIL-D),to minimize latency.And third,a cloud stack,which will enable a seamless in

49、teraction between the vehicle and the cloud,including development,testing,validation and deployment of software.To enable realistic virtual testing and validation of software in the cloud,the cloud stack should mirror the vehicle architecture for highest safety.Communication happens on several ends.

50、First,between the cloud and the in-vehicle stacks for agile,pervasive over-the-air updates during runtime.Second,within the vehicle,between safety-critical ASIL-D stack and mixed critical stack.And third,communication efforts are in place to communicate with the infrastructure and the broader mobili

51、ty ecosystem.Architecture template for the vehicle software platform.Adapted from Eclipse and SOAFEEFIGURE 4SoCsSafety-critical executionwith hard real-timeconstraints(ASIL-D)Mixed-critical execution(safety and non-safety critical)of ADAS/AD,digital cabin services(ASIL&QM)Development,testing,validat

52、ion,deployment ofservices(ASIL&QM)Application layerVehicle SW platformCompute platformWorkloadsBasic hardware abstractionBackplaneCommunicationIn-vehicleCloudMiddleware and OSSemantic signal abstractionData transformationIn-vehicle cloud-native infrastructureMiddlewareand RTOS Basic hardware abstrac

53、tionMonolithic architectureCloud-native,layered architectureApplicationse.g.electronic stability program(ESP)e.g.trajectory calculation for ADAS,navigation system,HVAC control e.g.validation of ADAS system functionalityin-vehicle distributed communication middlewareUnlocking Safety and Innovation in

54、 Vehicle Software7One way to accelerate the path towards the ideal target picture is via coordinated,global cross-industry initiatives that promote collaboration.Open-source efforts can especially be relevant for safety-related topics,and they play an important role helping complement competitive in

55、dustry dynamics.Several initiatives have already been formed to this end.Figure 5 shows some major initiatives and their unique benefits that help accelerate the path towards a scalable vehicle platform.Current efforts are necessary in coordinating among the initiatives to maximize the synergies of

56、the different initiatives and their impact in the roadmap towards the target picture.Overview of selected vehicle-software platform initiatives2FIGURE 5MembersFocusAmbition30Open standards for connected vehiclesSafety-criticalNon safety-criticalGlobal50Uniform SW architecture+toolingSafety-criticalN

57、on safety-criticalGlobal30Open-source SW collaborationSafety-criticalNon safety-criticalGlobal300Uniform software architectureSafety-criticalNon safety-criticalGlobalSDV working groupReachUnique sellingpointDrive semantic standardizationArchitecture frameworkCompany independentEstablished framework3

58、0AD collaboration ecosystemSafety-criticalNon safety-criticalGlobalAutonomous mobility focusVehicle software platformThere are big challenges around the software-defined vehicle.Strong,long-term industry collaboration is key to overcome them in an efficient,timely and safe way.Markus Heyn,Chairman,R

59、obert Bosch Mobility Solutions2 SOAFEE,https:/www.soafee.io/blog/2022/soafee_sig_journey_to_date_and_whats_next;Eclipse https:/sdv.eclipse.org;Covesa https:/www.covesa.global;The Autonomous:https:/www.the-;AUTOSAR:https:/www.autosar.org/.Leaving rigid legacy systems behind and moving towards an indu

60、stry-wide scalable vehicle software approach will be a challenging,but crucial journey to untap the safety and economic opportunities of the software-defined vehicle over its entire life cycle.This paper,co-designed through a cross-industry endeavour,puts together a target picture and outlines the t

61、imeline to achieve it.The paper also highlights that in order to unlock the societal and economic benefits of todays automotive transformation,a collaborative effort is necessary at both the technical and strategic levels.Strategic guidance can help ensure alignment on the roles and responsibilities

62、 for the different initiatives,adding clarity to the technical efforts being currently undertaken.Technical efforts can,with that,also better align in their efforts towards a common join architecture and toolchain solution.Such collaborative efforts contribute towards a more unified,industry-wide,sc

63、alable vehicle software approach that is maintainable during the entire vehicle life span fostering safety,sustainability and long-term user value.Further collaboration and strategic alignment Unlocking Safety and Innovation in Vehicle Software8ContributorsAcknowledgementsWorld Economic Forum Maria

64、AlonsoLead,Autonomous Systems,Centre for the Fourth Industrial Revolution,SwitzerlandMaya Ben DrorManager,Automotive,New Mobility and Advanced Manufacturing,Global Industries Team,SwitzerlandSophie HohlerProject Fellow,World Economic Forum,Switzerland,and Consultant,Boston Consulting Group,GermanyBo

65、ston Consulting GroupMarkus HagenmaierAssociate Director,AustriaAlex KosterManaging Director and Senior Partner,SwitzerlandNikolaus LangManaging Director and Senior Partner,GermanyKasim AlfalahiChief Executive Officer,AvanciKatharina AmannChief Executive Officer,Volkswagen Car Insurance,AllianzWassy

66、m BensaidVice-President,Software Development,RivianSorin-Christian CheranVice-President,AI Chief Technologist,Hewlett Packard EnterpriseFrancis ChowVice-President and General Manager,In-vehicle OS and Edge,RedHat,IBMPhilippe DivrySenior Vice-President,Group Trucks Strategy,Volvo GroupNakul DuggalSen

67、ior Vice-President and General Manager,Automotive,QualcommGretchen EffgenDirector,Global Automotive Partnerships,Platforms&Ecosystems,GoogleChristoph GroteSenior Vice-President,Electronics,BMWMartin HofmannChief Technology Officer and Chief Information Officer,Volta TrucksAnoop KachharaVice-Presiden

68、t,Group Strategy,MahindraYuseon KangGlobal Digital Business Strategy,Hyundai MotorGrcan KarakasChief Executive Officer,TOGGAndrea KetzerDirector Strategy,Automotive Technology,AWSJochen KirschbaumChief Operating Officer,Critical TechWorks,BMWMartin KristenssonVice-President,Autonomous Driving,Volvo

69、CarsDirk LinzmeierChief Executive Officer,TTTech AutoLiam MaweGlobal Head Automotive&Mobility,PalantirKatsu NakamuraVice-President,JPN Customer Office,Global Solutions and Ecosystems,Analog Devices Inc.Stefan PolednaChief Technology Officer,TTTech Auto Chris RyanManaging Director,Ecosystems and Part

70、nerships,Analog DevicesUnlocking Safety and Innovation in Vehicle Software9Bernd SchmaulChief Development Officer,Bosch Mobility,Robert BoschGirish ShirasatSenior Director and Head of Software Defined Vehicle Products,QualcommAmit SinhaPresident Group Strategy,Mahindra&MahindraAnant ThakerSenior Vic

71、e-President and Chief Strategy Officer,AptivMichael TseGeneral Manager,Corporate Strategy,MTRPaul WillisPresident,AlFuttaim AutomotiveDetlef ZerfowskiVice-President,ETAS,Robert BoschUnlocking Safety and Innovation in Vehicle Software10World Economic Forum9193 route de la CapiteCH-1223 Cologny/Geneva

72、Switzerland Tel.:+41(0)22 869 1212Fax:+41(0)22 786 2744contactweforum.orgwww.weforum.orgThe World Economic Forum,committed to improving the state of the world,is the International Organization for Public-Private Cooperation.The Forum engages the foremost political,business and other leaders of society to shape global,regional and industry agendas.