Upload
rchulyada
View
239
Download
2
Tags:
Embed Size (px)
DESCRIPTION
Reliability analysis of wireless automotive applications with transceiver redundancy.
Citation preview
“Reliability analysis of wireless automotive
applications with transceiver redundancy.”
Final Presentation – Master Thesis:
Roshan Chulyada
(EEIT Master at FH-Rosenheim – University of Applied Science)
Supervisors: Prof. Dr.-Ing. Holger Stahl Advisor: Dipl.-Ing. Hauke Stähle
Prof. Dr. –Ing. Markus Stichler
09.10.2014 Final presentation - Master Thesis 1
Outline1. Problems and Solution.
2. Challenges for Solution.
3. Comparison of Wireless technologies.
4. Safety Analysis of Existing System in eCar.
5. Approach and Analysis to get Reliable System in eCar.
6. Design of Fail-Operational System.
7. Implementation.
8. Experiments.
9. Conclusion and Further works.
10. Demonstration
209.10.2014 Final presentation - Master Thesis
1. Problems (I).
3
Increase comfort and safety.
Increase sensors (150), switches etc.
Increase integration efforts (inter domain)and complexity.
09.10.2014 Final presentation - Master Thesis
1. Problem (II).
409.10.2014 Final presentation - Master Thesis
source: http://bainite.wordpress.com/category/cars/
1. Solution (III).
5
Wireless
Simple integration.
Reduce weight.
Increase design
Flexibility.
Enable dynamic inter-domain
data
Transmission.
09.10.2014 Final presentation - Master Thesis
2. Challenges
09.10.2014 Final presentation - Master Thesis 6
• Interferences
•Complete Blocking
•DistortionWireless Channel
•Protocols are not designed for this use case.
No protocols are designed for automotive in vehicle
communication.
• System runs with failure.Fail-Operational Behavior
Safe SystemFail Operational
System
3. Comparison of Wireless Technologies.
09.10.2014 Final presentation - Master Thesis 7
Data rate
CostRange
Link Budget
ZigBee
Bluetooth
Wi-Fi
4. Safety Analysis of Existing System in eCar.
09.10.2014 Final presentation - Master Thesis 8
Safety Analysis
1. System Architecture
2. FMEA
3. MTTF4. Reliability
Block Diagram.
5. Reliability
Reliable = ASIL D
Source: ISO 26262 ASIL standard
4. Safety Analysis of Existing System in eCar.
9
Master NodeSafety
Analysis
1
2
34
5
Slave Node
09.10.2014 Final presentation - Master Thesis
4. Safety Analysis of Existing System in eCar.
10
2. Failure Mode and Effect Analysis (FMEA).
Source: "Department of the Army, TM 5-698-4, Failure Modes, Effects and Criticality Analyses (FMECA) for Command, Control, Communications, Computer, Intelligence, Surveillance, and Reconnaissance (C4ISR) Facilities, 29 September 2006."
Safety Analysis
1
2
34
5
FMEA
2.1. Define the system and Identify elements or
components.
2.2. Define Ground Rules and Assumptions
2.3. System Block
Diagram
2.4. Identify Failure modes
2.5. Perform failure effects/causes
2.6. Severity ranking and probability
Methodology
The system is inside the car with the shielding box. The master node is at central system and slave node is at rear axel connected to the sensor to control the wheel. Master and Slave node sends or received data via wireless channel.
•Overview of system failure by research and brain storming.•Assume severity and probability values are according to system.•Mission Time: 12hrs.•Severity Classifications (IV to I).•Probability levels(1 to 4).
09.10.2014 Final presentation - Master Thesis
4. Existing System Arch. in e-Car (II)
11
Node
(MSP430F5438)
Transceiver
(CC2520)
Power Supply System
UART SPINetworks
or Systems.
Node
(MSP430F5438)
Transceiver
(CC2520)
UART SPI
Networks or
Systems.
Master Node
Slave Node
ZigBeeProtocols
2. Failure Mode and Effect Analysis (FMEA).
2.3 System Block Diagram.
09.10.2014 Final presentation - Master Thesis
4. Safety Analysis of Existing System in eCar.
12
2. Failure Mode and Effect Analysis (FMEA).FMEA Table
1, 2
1, 11, 1
2, 2
3, 1
1, 41, 4
1, 11, 1
1, 41, 4
1, 1 2, 11, 1
3, 4
1, 3
1, 4
1, 3
1, 4
1, 3
1, 21, 2
1, 1
1, 4
2, 1
1, 4
2, 2
4, 3
4, 2
1, 11
2
3
4
5
1 2 3 4 5
Seve
rity
Probability
Probability and Severity
Severity
HIGH
High risk
ModerateLow
Moderate
HIGHLOW
LOW
09.10.2014 Final presentation - Master Thesis
4. Safety Analysis of Existing System in eCar.
13
3. Mean Time To Failure.• Measure of rate of failure in useful time for non-repairable systems.
• Formulas for MTTF, Failure Rate( ) and reliability (R) calculation. (Ref: mil-hdbk 338B
and mil-hdbk 217F version 1 and 2)
Failure Rate = base failure rate X temperature X stress X
environment X etc.. Failures/10^6 hours
For example :
Resistor
)(
1/ )( MTTF-t/MTTFt- e e R(t) Re liability
EQSPTb res
Base failure
Temp. factorPower Stress
Power factor
Quality factor
Environment factor
09.10.2014 Final presentation - Master Thesis
4. Safety Analysis of Existing System in eCar.
14
3. Mean Time To Failure.
Example :
Resistors on MSP430 board:
base failure
Temperature Factor , for 120 degree centegrate
Power Stress Factor , for max. power stress 0.9
Quality Factor
Environmental factor , for environment GM, Ground, Mobile
Power factor
09.10.2014 Final presentation - Master Thesis
0.0024 )( b
2.1 )( T
1.9 )( S
0.03 )( Q
16 )( E
0.3391 )( P
4. Safety Analysis of Existing System in eCar.
15
3. Mean Time To Failure.
MTTF of Resistor
09.10.2014 Final presentation - Master Thesis
hoursfailures
res 6
3-
10101.55866 )(
Total MTTF of Board = hours51082.9
Reliability of Board = 610 999987.7
4. Safety Analysis of Existing System in eCar.
16
3. Reliability Block Diagram (RBD).• What is RBD? (Ref: mil-hdbk 338B)
Safety Analysis
1
2
34
5
Types of RBD
Reliability Block Diagram RBD
3.1 Series 3.2 Parallel3.3 Combine
Series & Parallel.
09.10.2014 Final presentation - Master Thesis
4. Safety Analysis of Existing System in eCar.
17
4.Reliability Block Diagram (RBD) of Existing System.
Master Node
Safety Analysis
1
2
34
5
Networks or
Systems.
chtrspnups R R R R R R Rs
Series Combination
09.10.2014 Final presentation - Master Thesis
4. Safety Analysis of Existing System in eCar.
18
5.Reliability Evaluation of System.How we did:
R
FMEA
MTTF
RBD
• System Architecture.
• System Block diagram
• Mil-hdbk-338.
Components Reliability
• Component List
• Mil-hdbk-217F
(Passive components)
(Process Reliability)
Mission Time
12 hoursSafety
Analysis
1
2
34
5
09.10.2014 Final presentation - Master Thesis
4. Safety Analysis of Existing System in eCar.
19
5.Reliability Evaluation of System. Calculations and Analysis:
Reliability in Series combination:
Safety Analysis
1
2
34
5
0.999956 (t)
)(R (t)R (t)R (t)R (t)R (t)R 12hrs)(t chtrspnups
s
s
R
tR
rs.failures/h 10 0.36 -5
ASIL A
Suppose 40 million autos running12hrs then failure will be 1760autos.
09.10.2014 Final presentation - Master Thesis
Approach System Design:
5. Approach & Analysis to get Reliable System in eCar.
20
Transceiver1
(CC2520)
UART1 SPI1
Transceiver2
(CC2520)
UA
RT
-R
SPI2
ZigBee
Protocols
Networks
or
Systems.
CHr
CHx
CHy
Node1
(MSP430F5438)
Power Supply
System1
Power Supply
System2
Node2
(MSP430F5438)
UA
RT
2
Redundancy09.10.2014 Final presentation - Master Thesis
Reliability Block Diagram:
5. Approach & Analysis to get Reliable System in eCar.
21
Networks or
Systems.
)(R (t)R (t)R (t)R (t) chcomsysps tRp
Rps1
Rps2
Ru1
Ru2
Rn1
Rn2
Rsp1
Rsp2
Rtr1
Rtr2
Rchx
Rchy
Rur
Rchr
Power System Controller System
Rps Rsys
RcomRch
09.10.2014 Final presentation - Master Thesis
Analysis:
5. Approach & Analysis to get Reliable System in eCar.
22
ourfailures/h 10 0.41666
50.99999999 (t)R
1 1 960.99999999 90.99999999 )12hrs (
)(R (t)R (t)R (t)R (t)
9-
p
chcomsysps
tR
tR
p
p
ASIL D
Suppose 40 million autos running12hrs then failure will be 0.2autos.
09.10.2014 Final presentation - Master Thesis
6. Design of Fail-Operational System
30.10.2014 Final presentation - Master Thesis 23
Start
IsUART-RstatusOk?
Is MasterNode1
Ok?
Inform toAll Nodes.
Get Statusof MasterNode1fromWirelessChannel.
Inform toAll Nodes.
1
Algorithm Design (I): Master Node2 monitoring Master Node1
NO
NO
YES
YES
Major Failure Levels
•UART-R failure•Power Supply failure•Node Failure•Freeze•Signal Blocked
6. Design of Fail-Operational System
24
Start
Is Tx &Rx
counterincreasing
CRCBITOk?
Switchedto backupChannel.
Block datasend fromMasterNode1 toNetwork.
2
Algorithm Design (II):
Start 1
NO
NO
YES
YES
YES
Major Failure Levels
•Babling Idiot
Moderate Failure Levels
•Frame error
09.10.2014 Final presentation - Master Thesis
6. Design of Fail-Operational System
25
Start
RSSI >-80dBm?
50 >= Corr. Value
<= 108
?
IncreaseTransmitPower.
3
Algorithm Design (III):
2
Switchedto backupChannel.
NO
NO
YES
YES
YES
Moderate Failure Levels
•Path loss•Distortion•Signal Blocked
09.10.2014 Final presentation - Master Thesis
6. Design of Fail-Operational System
26
Start
IsPayload
sizeequal?
Framesequencenumberequal?
Block datasend fromMasterNode1 toNetwork.
Algorithm Design (IV):
3
Senddata fromMasterNode1 toNetwork.
END
NO
NOYES
YES
YES
Minor Failure Levels
•Payload mismatch•Packet lost
09.10.2014 Final presentation - Master Thesis
Channelstat. Tx. Power reset block n/w
Fig. Action Protocol
7. Implementation
27
7.1 Redundant Fail-Operational Protocol - RFOP (I).
Rx. Count.ActionsStatus RSSI Correl. CRC Fra. Sq. PayloadSize Tx. Count.
Fig. Redundant Fail-Operational Protocol (RFOP) for UART
Redundant rUart1 rUart2 M. Node1 M. Node2 S. Node1 S. Node2
Fig. Status Protocol
09.10.2014 Final presentation - Master Thesis
channelstat. Tx. Power reset block n/w
Fig. Action Protocol
7. Implementation
28
7.1 Redundant Fail-Operational Protocol - RFOP (II).
ActionsStatus PayloadSize
Redundant rUart1 rUart2 M. Node1 M. Node2 S. Node1 S. Node2
Fig. Status Protocol
MAC Protocol
Fig. Redundant Fail-Operational Protocol (RFOP) for Wireless Channel
09.10.2014 Final presentation - Master Thesis
7. Implementation
29
7.1 Redundant Fail-Operational Protocol – RFOP (III).
09.10.2014 Final presentation - Master Thesis
Master Node1 Slave Node1
Master Node2 Slave Node2
UART-R UART-R1
RFO
P fo
r UA
RT
Status, Action, RSSI, Corr. val. , CRC, Fra. Sq., payload, Tx. Counter, Rx. counter
MAC header
RFOP for wireless
FCS..
RFO
P fo
r UA
RT
Status, Action, RSSI, Corr. val. , CRC, Fra. Sq., payload, Tx. Counter, Rx. counter
MAC header
RFOP for wireless
FCS..
RFO
P fo
r UA
RT-R
How it works?
7. Implementation (Hardware-I).
30
MSP430F5438 LCD
SPI
SPI
UART
PWR
LEDs
FET connector
Header Ports (GPIOs)
09.10.2014 Final presentation - Master Thesis
7. Implementation (Hardware-II).
31
CC2520 Radio Module
Block diagram of CC2520
Features:1. Excellent link budget (103dB).
2. Extended temp. range (-40 to +125°C).
3. DSSS transceiver.4. Three flexible power modes.5. Very good sensitivity (-98dBm).6. High adjacent channel rejection.7. 768 bytes on-chip RAM.8. 4 wires SPI and 6 configurable GPIOs.
9. Many more…
09.10.2014 Final presentation - Master Thesis
7. Implementation (Hardware-III).
32
UART connection between Node and its redundant node:
09.10.2014 Final presentation - Master Thesis
7. Implementation (Hardware-III).
33
MSP430F5438 Board
CC2520EMK
09.10.2014 Final presentation - Master Thesis
7. Implementation (Software-I).
34
• FreeRTOS used as Operating System.
• Open source and royalty free.
• Priority based preemptive scheduling.
• Same priority tasks use round-robin fashion.
• Queues, binary semaphores, counting semaphores, recursive semaphores and mutexes for communication and synchronisation between tasks, or between real time tasks and interrupts.
• Available five different memory allocation and management algorithms heap1 to heap5.
• Heap2 is favorable.
FreeRTOS
NOTE: reference from http://www.freertos.org/
09.10.2014 Final presentation - Master Thesis
7. Implementation (Software - II).
35
• Software Architecture Overview.
09.10.2014 Final presentation - Master Thesis
7. Implementation (Software - III).
36
• Software Architecture Detail.
09.10.2014 Final presentation - Master Thesis
8. Experiments(I).
37
Experiment Setup:
Master Node2Or
Redundant Node
Master Node1
Slave Node2Or
Redundant Node
Slave Node1
UART-R1UART-R
Aluminum foil
Default Channel – 12 & 19Backup Channel - 16 & 21Transmit power – 3dBmMax. Transmit Power – 5dBm
09.10.2014 Final presentation - Master Thesis
8. Experiments(II).
38
Test Case – I (UART failure):
UART1
Network
s or
Systems.
CH12
CH19
Master
Node1
Power
Supply
Sys1/Sys2
Master
Node2
UA
RT
2
UART3
Networks
or
Systems.
CH12
CH19
Slave
Node1
Power Supply
Sys3/Sys4
Slave
Node2
UA
RT
4
Master Slave
UA
RT
-R
UA
RT
-R1
Experiment Scenario 1Experiment Scenario 2
09.10.2014 Final presentation - Master Thesis
UA
RT
-R
UA
RT
-R1
8. Experiments(III).
39
Test Case – II (Node Failure):
UART1
Network
s or
Systems.
CH12
CH19
Master
Node1
Power
Supply
Sys1/Sys2
Master
Node2
UA
RT
2
UART3
Networks
or
Systems.
CH12
CH19
Slave
Node1
Power Supply
Sys3/Sys4
Slave
Node2
UA
RT
4
Master Slave
Experiment Scenario 1Experiment Scenario 2Experiment Scenario 3Experiment Scenario 4
09.10.2014 Final presentation - Master Thesis
UA
RT
-R
UA
RT
-R1
8. Experiments(IV).
40
Test Case – III (RSSI Decreases):
UART1
Network
s or
Systems. CH12
CH19
Master
Node1
Power
Supply
Sys1/Sys2
Master
Node2
UA
RT
2
UART3
Networks
or
Systems.CH12
CH19
Slave
Node1
Power Supply
Sys3/Sys4
Slave
Node2
UA
RT
4
Master Slave
Experiment Scenario 1
CH16 CH16Tx Pow. 5dBm Tx Pow. 5dBm
Experiment Scenario 2
Tx Pow. 5dBmTx Pow. 5dBm
CH21 CH21
09.10.2014 Final presentation - Master Thesis
UA
RT
-R
UA
RT
-R1
8. Experiments(V).
41
Test Case – IV (Wireless Channel Failure):
UART1
Network
s or
Systems. CH12
CH19
Master
Node1
Power
Supply
Sys1/Sys2
Master
Node2
UA
RT
2
UART3
Networks
or
Systems.CH12
CH19
Slave
Node1
Power Supply
Sys3/Sys4
Slave
Node2
UA
RT
4
Master Slave
Experiment Scenario 1
CH16 CH16
Experiment Scenario 2
CH21 CH21
09.10.2014 Final presentation - Master Thesis
9. Conclusion and Further works.
42
With using parallel redundant system we can have higher reliability (ASIL D) of wireless automotive application and we have verified mathematically using our research and methodologies.
The algorithm and protocol have been designed and implemented using software architecture for controlling and monitoring nodes so that even with single point failure system works in fail-operational behavior.
Further works:
-UART connection can be replaced by wireless channel.
-Initial main component like CPU, Power supply etc. of system check before other functions start.
-Integration in eCar.
09.10.2014 Final presentation - Master Thesis
Demonstration.
4309.10.2014 Final presentation - Master Thesis
Thank You All!
Any questions or suggestion?
4409.10.2014 Final presentation - Master Thesis