Quantcast
Channel: QNX Auto Blog
Viewing all 233 articles
Browse latest View live

QNX OS for Safety named best software product at Embedded World

February 23, 2016, 1:02 pm
$
0
0
“Winning takes talent, to repeat takes character” — legendary basketball coach John Wooden

Patryk Fournier
Earlier today, at Embedded World 2016, QNX won an embedded AWARD for its QNX OS for Safety, an operating system designed for safety-critical applications in the automotive, rail transportation, healthcare, and industrial automation markets. The OS was named best product in the software category.

This award win is a testament to the commitment and integrity that drives QNX to continuously release world-class products. In fact, this marks the fourth time that QNX Software Systems has won an embedded AWARD. In 2014, it took top honors for QNX Acoustics for Active Noise Control (ANC), a software library that cancels out distracting engine noise in cars while eliminating the dedicated hardware required by conventional ANC solutions. The company also won in 2006 for its multicore-enabled operating system and development tools, and in 2004 for power management technology.

The QNX OS for Safety is built on a highly reliable software architecture proven in nuclear power plants, train control systems, laser eye-surgery devices, and a variety of other safety-critical environments. It was created to meet the rigorous IEC 61508 functional safety standard as well as industry-specific standards based on IEC 61508. These include ISO 26262 for passenger vehicles, EN 50128 for railway applications, IEC 62304 for medical devices, and IEC 61511 for factory automation, process control, and robotics.

Hats off to the many talented QNX staffers responsible for developing, certifying, promoting, and selling the QNX OS for Safety!

The media scrum at today's award ceremony.
Search

Goodbye analog, hello digital

March 15, 2016, 7:05 am
$
0
0
Since 2008, QNX has explored how digital instrument clusters will change the driving experience.

Paul Leroux
Quick: What do the Alfa Romeo 4C, Audi TT, Audi Q7, Corvette Stingray, Jaguar XJ, Land Rover Range Rover, and Mercedes S Class Coupe have in common?

Answer: They would all look awesome in my driveway! But seriously, they all have digital instrument clusters powered by the QNX Neutrino OS.

QNX Software Systems has established a massive beachhead in automotive infotainment and telematics, with deployments in over 60 million cars. But it’s also moving into other growth areas of the car, including advanced driver assistance systems (ADAS), multi-function displays, and, of course, digital instrument clusters.

Retrofitting the QNX reference
vehicle with a new digital cluster.
The term “digital cluster” means different things to different people. To boomers like myself, it can conjure up memories of 1980s dashboards equipped with less-than-sexy segment displays— just the thing if you want your dash to look like a calculator. Thankfully, digital clusters have come a long way. Take, for example, the slick, high-resolution cluster in the Audi TT. Designed to display everything directly in front of the driver, this QNX-powered system integrates navigation and infotainment information with traditional cluster readouts, such as speed and RPM. It’s so advanced that the folks at Audi don’t even call it a cluster — they call it virtual cockpit, instead.

Now here’s the thing: digital clusters require higher-end CPUs and more software than their analog predecessors, not to mention large LCD panels. So why are automakers adopting them? Several reasons come to mind:

  • Reusable— With a digital cluster, automakers can deploy the same hardware across multiple vehicle lines simply by reskinning the graphics.
  • Simple— Digital clusters can help reduce driver distraction by displaying only the information that the driver currently requires.
  • Scalable— Automakers can add functionality to a digital cluster by changing the software only; they don’t have to incur the cost of machining or adding new physical components.
  • Attractive— A digital instrument cluster can enhance the appeal of a vehicle with eye-catching graphics and features.
     
In addition to these benefits, the costs of high-resolution LCD panels and the CPUs needed to drive them are dropping, making digital instrument clusters an increasingly affordable alternative.

2008: The first QNX cluster
It’s no coincidence that so many automakers are using the QNX Neutrino OS in their digital clusters. For years now, QNX Software Systems has been exploring how digital clusters can enhance the driving experience and developing technologies to address the requirements of cluster developers.

Let’s start with the very first digital cluster that the QNX team created, a proof-of-concept that debuted in 2008. Despite its vintage, this cluster has several things in common with our more recent clusters — note, for example, the integrated turn-by-turn navigation instructions:



For 2008, this was pretty cool. But as an early proof-of-concept, it lacked some niceties, such as visual cues that could suggest which information is, or isn’t, currently important. For instance, in this screenshot, the gauges for fuel level, engine temperature, and oil pressure all indicate normal operation, so they don’t need to be so prominent. They could, instead, be shrunk or dimmed until they need to alert the driver to a critical change — and indeed, we explored such ideas soon after we created the original design. As you’ll see, the ability to prioritize information for the driver becomes quite sophisticated in subsequent generations of our concept clusters.

Did you know? To create this 2008 cluster, QNX engineers used Adobe Flash Lite 3 and OpenGL ES.

2010: Concept cluster in a Chevrolet Corvette
Next up is the digital cluster in the first QNX technology concept car, based on a Chevrolet Corvette. If the cluster design looks familiar, it should: it’s modeled after the analog cluster that shipped in the 2010-era ‘Vettes. It’s a great example of how a digital instrument cluster can deliver state-of-the-art features, yet still honor the look-and-feel of an established brand. For example, here is the cluster in “standard” mode, showing a tachometer, just as it would in a stock Corvette:



And here it is again, but with something that you definitely wouldn’t find in a 2010 Corvette cluster — an integrated navigation app:



Did you know? The Corvette is the only QNX technology concept car that I ever got to drive.

2013: Concept cluster in a Bentley Continental GT
Next up is the digital cluster for the 2013 QNX technology concept car, based on a Bentley Continental GT. This cluster took the philosophy embodied in the Corvette cluster — honor the brand, but deliver forward-looking features — to the next level.

Are you familiar with the term Trompe-l’œil? It’s a French expression that means “deceive the eye” and it refers to art techniques that make 2D objects appear as if they are 3D objects. It’s a perfect description of the gorgeously realistic virtual gauges we created for the Bentley cluster:



Because it was digital, this cluster could morph itself on the fly. For instance, if you put the Bentley in Drive, the cluster would display a tach, gas gauge, temperature gauge, and turn-by-turn directions — the cluster pulled these directions from the head unit’s navigation system. And if you threw the car into Reverse, the cluster would display a video feed from the car’s backup camera. The cluster also had other tricks up its digital sleeve, such as displaying information from the car’s media player.

Did you know? The Bentley came equipped with a 616 hp W12 engine that could do 0-60 mph in a little over 4 seconds. Which may explain why they never let me drive it.

2014: Concept cluster in a Mercedes CLA45 AMG
Plymouth safety speedometer, c 1939
Up next is the 2014 QNX technology concept car, based on Mercedes CLA45 AMG. But before we look at its cluster, let me tell you about the Plymouth safety speedometer. Designed to curb speeding, it alerted the driver whenever he or she leaned too hard on the gas.

But here’s the thing: the speedometer made its debut in 1939. And given the limitations of 1939 technology, the speedometer couldn’t take driving conditions or the local speed limit into account. So it always displayed the same warnings at the same speeds, no matter what the speed limit.

Connectivity to the rescue! Some modern navigation systems include information on local speed limits. By connecting the CLA45’s concept cluster to the navigation system in the car’s head unit, the QNX team was able to pull this information and display it in real time on the cluster, creating a modern equivalent of Plymouth's 1939 invention.

Look at the image below. You’ll see the local speed limit surrounded by a red circle, alerting the driver that they are breaking the limit. The cluster could also pull other information from the head unit, including turn-by-turn directions, trip information, album art, and other content normally relegated to the center display:



Did you know? Our Mercedes concept car is still alive and well in Germany, and recently made an appearance at the Embedded World conference in Nuremburg.

2015: Concept cluster in a Maserati Quattroporte
Up next is the 2015 QNX technology concept car, based on a Maserati Quattroporte GTS. Like the cluster in the Mercedes, this concept cluster provided speed alerts. But it could also recommend an appropriate speed for upcoming curves and warn of obstacles on the road ahead. It even provided intelligent parking assist to help you back into tight spaces.

Here is the cluster displaying a speed alert:



And here it is again, using input from a LiDAR system to issue a forward collision warning:



Did you know? Engadget selected the “digital mirrors” we created for the Maserati as a finalist for the Best of CES Awards 2015.

2015 and 2016: Concept clusters in QNX reference vehicle
The QNX reference vehicle, based on a Jeep Wrangler, is our go-to vehicle for showcasing the latest capabilities of the QNX CAR Platform for Infotainment. But it also does double-duty as a technology concept vehicle. For instance, in early 2015, we equipped the Jeep with a concept cluster that provides lane departure warnings, collision detection, and curve speed warnings. For instance, in this image, the cluster is recommending that you reduce speed to safely navigate an upcoming curve:



Just in time for CES 2016, the Jeep cluster got another makeover that added crosswalk notifications to the mix:



Did you know? Jeep recently unveiled the Trailcat, a concept Wrangler outfitted with a 707HP Dodge Hellcat engine.

2016: Glass cockpit in a Toyota Highlander
By now, you can see how advances in sensors, navigation databases, and other technologies enable us to integrate more information into a digital instrument cluster, all to keep the driver aware of important events in and around the vehicle. In our 2016 technology concept vehicle, we took the next step and explored what would happen if we did away with an infotainment system altogether and integrated everything — speed, RPM, ADAS alerts, 3D navigation, media control and playback, incoming phone calls, etc. — into a single cluster display.

On the one hand, this approach presented a challenge, because, well… we would be integrating everything into a single display! Things could get busy, fast. On the other hand, this approach presents everything of importance directly in front of the driver, where it is easiest to see. No more glancing over at a centrally mounted head unit.

Simplicity was the watchword. We had to keep distraction to a minimum, and to do that, we focused on two principles: 1) display only the information that the driver currently requires; and 2) use natural language processing as the primary way to control the user interface. That way, drivers can access infotainment content while keeping their hands on the wheel and eyes on the road.

For instance, in the following scenario, the cockpit allows the driver to see several pieces of important information at a glance: a forward-collision warning, an alert that the car is exceeding the local speed limit by 12 mph, and map data with turn-by-turn navigation:



This design also aims to minimize the mental translation, or cognitive processing, needed on the part of the driver. For instance, if you exceed the speed limit, the cluster doesn’t simply show your current speed. It also displays a red line (visible immediately below the 52 mph readout) that gives you an immediately recognizable hint that you are going too fast. The more you exceed the limit, the thicker the red line grows.

The 26262 connection
Today’s digital instrument clusters require hardware and software solutions that can support rich graphics and high-level application environments while also displaying critical information (e.g. engine warning lights, ABS indicators) in a fast and highly reliable fashion. The need to isolate critical from non-critical software functions in the same environment is driving the requirement for ISO 26262 certification of digital clusters.

QNX OS technology, including the QNX OS for Safety, is ideally suited for environments where a combination of infotainment, advanced driver assistance system (ADAS), and safety-related information are displayed. Building a cluster with the ISO 26262 ASIL-D certified QNX OS for Safety can make it simpler to keep software functions isolated from each other and less expensive to certify the end cluster product.

The partner connection
Partnerships are also important. If you had the opportunity to drop by our booth at 2016 CES, you would have seen a “cluster innovation wall” that showcases QNX OS technology integrated with user interface design tools from the industry’s leading cluster software providers, including 3D Incorporated’s REMO HMI Runtime, Crank Software’s Storyboard Suite, DiSTI Corporation’s GL Studio, Elektrobit’s EB GUIDE, HI Corporation’s exbeans UI Conductor, and Rightware’s Kanzi UI software. This pre-integration with a rich choice of partner tools enables our customers to choose the user interface technologies and design approaches that best address their instrument cluster requirements.

For some partner insights on digital cluster design, check out these posts:

Autonomous cars that can navigate winter roads? ‘Snow problem!

April 21, 2016, 7:21 am
$
0
0
A look at what happens when you equip a Ford Fusion with sensor fusion.

Paul Leroux
Lets face it, cars and snow don’t mix. A heavy snowfall can tax the abilities of even the best driver — not to mention the best automated driving algorithm. As I discussed a few months ago, snow can mask lane markers, obscure street signs, and block light-detection sensors, making it difficult for an autonomous car to determine where it should go and what it should do. Snow can even trick the car into “seeing” phantom objects.

Automakers, of course, are working on the problem. Case in point: Ford’s autonomous research vehicles. These experimental Ford Fusion sedans create 3D maps of roads and surrounding infrastructure when the weather is good and visibility clear. They then use the maps to position themselves when the road subsequently disappears under a blanket of the white stuff.

How accurate are the maps? According to Ford, the vehicles can position themselves to within a centimeter of their actual location. Compare that to GPS, which is accurate to about 10 yards (9 meters).

To create the maps, the cars use LiDAR scanners. These devices collect a ginormous volume of data about the road and surrounding landmarks, including signs, buildings, and trees. Did I say ginormous? Sorry, I meant gimongous: 600 gigabytes per hour. The scanners generate so many laser points — 2.8 million per second — that some can bounce off falling snowflakes or raindrops, creating the false impression that an object is in the way. To eliminate these false positives, Ford worked with U of Michigan researchers to create an algorithm that filters out snow and rain.

The cars don’t rely solely on LiDAR. They also use cameras and radar, and blend the data from all three sensor types in a process known as sensor fusion. This “fused” approach compensates for the shortcomings of any particular sensor technology, allowing the car to interpret its environment with greater certainty. (To learn more about sensor fusion for autonomous cars, check out this recent EE Times Automotive article from Hannes Estl of TI.)

Ford claims to be the first automaker to demonstrate robot cars driving in the snow. But it certainly won’t be the last. To gain worldwide acceptance, robot cars will have to prove themselves on winter roads, so we are sure to see more innovation on this (cold) front. ;-)

In the meantime, dim the lights and watch this short video of Ford’s “snowtonomy” technology:



Did you know? In January, QNX announced a new software platform for ADAS and automated driving systems, including sensor fusion solutions that combine data from multiple sources such as cameras and radar processors. Learn more about the platform here and here.

When the rubber ducky hits the road

April 28, 2016, 9:49 am
$
0
0
Paul Leroux
Rubber duckies are born multitaskers. They can serve as bath toys. Or race for charity. Or track ocean currents. Heck, they can even act as crash-test dummies in tiny autonomous vehicles. Don’t believe me? Then check out the following video from MIT’s Computer Science and Artificial Intelligence Laboratory, otherwise known an CSAIL.

Kidding aside, CSAIL has a launched a graduate course on the science of autonomy. This spring, students were tasked to create a fleet of miniature robo-taxis that could autonomously navigate roads using a single on-board camera and no pre-programmed maps. Here is the (impressive) result:



The course looks like fun (and I’m sure it is), but in the process, students learn how to integrate multiple disciplines, including control theory, machine learning, and computer vision. Which, to my mind, is just ducky. :-)


A matter of convergence: building digital instrument clusters with Qt on QNX

May 24, 2016, 6:48 am
$
0
0
Tuukka Turunen
Guest post by Tuukka Turunen, Head of R&D at The Qt Company

The Qt application framework is widely used in automotive infotainment systems with a variety of operating system and hardware configurations. With digital instrument clusters becoming increasingly common in new models, there are significant synergies to be gained from using the same technologies for both the infotainment system and the cluster. To be able to do this, you need to choose technologies, such as Qt and QNX, that can easily address the requirements of both environments.

Qt is the leading cross-platform technology for the creation of applications and user interfaces for desktop, mobile, and embedded systems. Based on C++, the Qt framework provides fast native performance via a versatile and efficient API. It’s easy to create modern, hardware-accelerated user interfaces using Qt Quick user interface technology and its QML language. Qt comes with an integrated development environment (IDE) tailored for developing applications and embedded devices. Leveraging the QNX Neutrino Realtime OS to run Qt provides significant advantages for addressing the requirements of functional safety.

There is a strong trend in the automotive industry to create instrument clusters using digital graphics rather than traditional electromechanical and analog gauges. Unlike the first digital clusters in the 70s, which used 7-segment displays to indicate speed, today’s clusters typically show a digital representation of the analog speedometer along with an array of other information, such as RPM, navigation, vehicle information, and infotainment content. The benefits compared to analog gauges are obvious; for example, it is possible to adapt the displayed items according to the driver’s needs in different situations, or easily create regional variants, or adapt the style of the instrument cluster to the car model and user’s preferences.

A unified experience — for both developers and users
Traditionally, the speedometer and radio have been two very different systems, but today their development paths are converging. Convergence will drive the need for consistency as otherwise the user experience will be fragmented. To meet the needs of tomorrow’s vehicles, it is essential that the two screens are aware of each other and interoperate. It is also likely that, while these are converging, certain items will remain specific to each domain. Furthermore, the convergence will help accelerate time-to-market for car manufacturers by offering simplified system design and faster development cycles.

Qt, which is already widely used in state-of-the-art in-vehicle infotainment systems and many other complex systems, is an excellent technology to unify the creation of these converging systems. By leveraging the same versatile Qt framework and tools for both the cluster and the infotainment system, it is possible to achieve synergies in the engineering work as well as in the resulting application. With the rich graphics capabilities of Qt, creating attractive user interfaces for a unified experience across all screens of the vehicle cockpit becomes a reality.


Cluster demonstrator built with Qt 5.6.

Maximal efficiency
Qt has been used very successfully in QNX-based automotive and general embedded systems for a long time. To show how well Qt 5.6 and our latest Qt based cluster demonstrator run on top of the QNX OS, which is pre-certified to ISO 26262 ASIL D, we brought them together on NXP’s widely used i.MX 6 processor. As the cluster HMI is made with Qt, it runs on any platform supported by Qt, including the QNX OS, without having to be rewritten.

The cluster demonstrator leverages Qt Quick for most of the cluster and Qt 3D for the car model. The application logic is written in C++ for maximal efficiency. By using the Qt Quick Compiler, the QML parts run as efficiently as if they too were written in C++, speeding up the startup time by removing the run-time compilation step.

The following video presents the cluster demonstrator running on the QNX OS and the QNX Screen windowing system:



A straightforward path
The QNX OS has been certified to both IEC 61508 SIL 3 and ISO 26262 ASIL D, so it provides a smooth and straightforward path for addressing the functional safety certification of an automotive instrument cluster. Qt 5.6 has been built for the QNX OS using the GCC toolchain provided by QNX Software Systems. The display of the cluster is a 12.3" HSXGA (1280×480) screen and the CPU is NXP’s i.MX 6 processor, which is well-suited to automotive instrument clusters.

Our research and development efforts continue with a goal to make it straightforward to build sophisticated digital instrument clusters with Qt. We believe that Qt is the best choice for building infotainment systems and clusters, but that it is particularly beneficial when used in both of these. Please contact us to discuss how Qt can be used in automotive, as well as in other industries, or to evaluate the latest Qt version on the QNX platform.

Visit qt.io for more information on Qt.


About Tuukka
Tuukka Turunen leads R&D at The Qt Company. He holds a Master’s of Science in Engineering and a Licentiate of Technology from the University of Oulu, Finland. He has over 20 years of experience working in a variety of positions in the software industry, especially around connected embedded systems.

NXP i.MX 8 DV — alive and kicking

May 31, 2016, 11:16 am
$
0
0
The team at NXP have really impressed me with how quickly they were able to bring up the new i.MX 8 DV. If you haven’t heard about it, the DV is a development vehicle that NXP introduced in advance of their upcoming family of i.MX 8 processors, and this thing is a beast.

Mapping closely to the upcoming production device, the DV sports dual A72 and quad A53 cores, along with a host of M-cores and dual Vivante GC7000XSVX GPUs. Combined graphics processing jumps sixfold over the previous generation of i.MX devices. The device also has a strong hardware isolation story: 16 partitions are available to map the various hardware blocks on the device and guarantee isolation between them. This architecture greatly facilitates virtualization and even the ability to partition hardware independent of a hypervisor.

Why is this so great? Chips this powerful can span multiple displays in the vehicle. You could have an infotainment system and a digital instrument cluster running on a single i.MX8. Because you don’t have to worry about virtualizing a single GPU (which is quite the challenge), you can carve up the chip’s graphics and processing power to isolate the infotainment system from the cluster. This, in turn, minimizes your scope of certification. Achieving ISO 26262 for a cluster is daunting enough; achieving it for a complex infotainment system as well is off the scale.

This device marks a change in how QNX Software Systems and NXP work together. For the first time NXP is bringing up a new chip on the QNX OS and Linux in parallel. Usually, Linux come first, but not this time. I am, needless to say, delighted by this level of cooperation between our two companies.

At FTF, NXP demonstrated the i.MX 8DV, and it looked great.

Advanced 3D graphics on an i.MX 8DV.

Everything but the kitchen sink

June 7, 2016, 7:59 am
$
0
0
Using a single SoC to drive a full-blown infotainment stack, 3D surround view, driver monitoring, smartphone connectivity, and dual HD displays.

TI and QNX have been working together in the infotainment space for a long time. The nice thing about this ongoing relationship is that lots of cool technology gets built along the way. Speaking of which, TI have put together a compelling demo that they will show at the TU-Automotive Detroit conference, on June 8 and 9. I’m pretty pumped about it and invite you to take the time to check it out.

The demo is built on the DRA75x (Jacinto 6 EP) SoC, which includes dual ARM Cortex-A15 processors, an Imagination SGX544MP2 GPU, dual TI C66x DSPs, and an IVA-HD video processing core. For starters, it runs the QNX CAR Platform for Infotainment with navigation, multimedia, speech recognition — all the goodies you’ve come to expect. Not surprising, as the platform has been running on Jacinto 6 longer than on any other SoC.

One SoC, two displays, many applications
It’s what they’ve managed to pile on beyond the QNX CAR Platform that makes this demo so exciting. You may not know it but we also work closely with TI on the informational ADAS (infoADAS) front. There’s a full port of the InfoADAS stack available today on the QNX platform and it’s included in the demo. Taking 4 camera inputs and the processing power available on the C66x and SGX, TI can demonstrate full 3D surround view concurrently with everything else. If that wasn’t enough, they’ve added a fifth camera and partnered with FotoNation to add driver monitoring and identification, which runs on the second C66x.

Normally, the smartphone projection runs on ARM, but for this demo, it runs on the IVA-HD to further demonstrate the capabilities of the chip. And to top it all off, the demo drives two HD displays. One display shows the QNX CAR Platform and the other shows the 3D surround view, along with the driver monitoring and identification.

So, to summarize, on one dual-core ARM A15 part, TI is showing a full-blown high-end infotainment system, driver monitoring, the ability to see everything around the car in real time, and the ability to connect to pretty much any smartphone in the world. Take a second to think back to just 5 years ago. It’s amazing how fast this industry moves.

If you aren’t going to be at TU this year, reach out to TI. I’m willing to bet they’d be happy to show it to you…

Bringing the power of “and” to the car

June 8, 2016, 7:04 am
$
0
0
QNX unveils a new platform at TU-Automotive Detroit and celebrates an acoustics milestone

Paul Leroux
Some people assume that, when it comes to cars, QNX is mostly about infotainment. Or telematics. Or safety. Or security. But in reality, QNX is about all of these things. So, for a better picture of what QNX brings to the car, simply replace all of those ‘or’s with ‘and’s. For an even better picture, add more things to the list. Like instrument clusters. And handsfree systems. And virtualization.

When you put all of these ‘and’s together, you begin to realize that QNX is a platform for the entire automotive cockpit. So why is that important? Well, more than ever, cars are defined by their software. In fact, automakers are now building cars in which half a dozen systems need a high-level OS. Using a single OS platform for all of those systems can consolidate development efforts, increase interoperability, encourage code reuse, reduce training costs, boost productivity, and just plain make things easier. Of course, it doesn’t hurt if that same platform is also secure, standards-based, and production-proven in over 60 million cars.

So why am I going on about this? Because this week, at TU-Automotive Detroit, QNX is showcasing the full breadth of its automotive technology. Visitors to our booth will see demonstrations of ADAS, instrument clusters, infotainment, acoustics, smartphone integration, V2X, remote SIM management — the list goes on. Highlights include the latest QNX technology concept vehicle, which boasts a voice-controlled instrument cluster (man, I’d love one of those) and acoustics technology that allows a driver to talk to back-seat passengers without having to raise his voice or turn around — even if the car is driving at highway speeds. How cool is that?

That’s me, in the driver’s seat of an SUV, speaking to my colleague Tina, who is sitting in the back row. Thanks to
QNX acoustics technology, she can hear me clearly, even though I am speaking normally and looking straight ahead.

New platform for instrument clusters
Of course, we can’t show up at a major auto event without bringing something new for developers. And so, today, we are unveiling the latest addition to our portfolio of automotive safety products, the QNX Platform for Instrument Clusters.

QNX is already a proven player in the digital cluster market. Since 2009, our OS technology has been powering clusters in brands like Alfa Romeo, Audi, Corvette, Jaguar, and Range Rover. (Check out my recent post for a retrospective on QNX-powered clusters.) The new platform builds on this experience, enabling QNX to offer a comprehensive solution for cluster developers, which includes:

  • The QNX OS for Safety, an ISO 26262-certified OS and toolchain that supports all the automotive safety integrity levels, from ASIL A to D, required for clusters and other critical systems
  • A 2D/3D graphics framework based on the OpenGL standard and set to be certified to the ISO 26262 functional safety standard
  • A software framework that protects safety-critical cluster functions from interference by other software components, enabling greater reliability and easier system-level certification
  • A reference implementation, with source code, that gives developers a jumpstart on building fully digital instrument clusters

To get the full story, check out this morning’s press release.

The digital instrument cluster in the QNX concept vehicle, which is based on a Toyota Highlander. QNX has just
unveiled a new platform that allows instrument clusters with ISO 26262 safety requirements to leverage the
full power of accelerated 2D/3D graphics.

50 million systems, you say?
Hands-free systems may be common, but delivering a high-quality hands-free experience can be notoriously difficult. Cars are noisy beasts, and the cacophony created by tires, fans, vents, and open windows can play havoc with any system that has to process voice signals.

What to do? Well, for over 50 million infotainment and telematics systems, automakers have solved the problem with QNX acoustics technology. QNX acoustics offers patented algorithms for echo cancellation, noise reduction, and other technologies to ensure crisp, clear voice communications, even in the harsh sonic environment of the car. In fact, it has become so popular that, on average, it ships in an automotive system every 2.5 seconds. (So, can you do the math and tell me how many systems that adds up to each month?)

Did I mention? The QNX acoustics portfolio does far more than process voice signals. For instance, it includes the QNX Acoustics Management Platform, which offers unified management of all acoustics in the car, enabling customers to reduce the cost, complexity, and time-to-production of audio signal-processing systems. For more details, read this morning’s press release.

Search

Not Just Secure, Blackberry Secure

July 20, 2016, 9:35 pm
$
0
0



Bill Boldt

Business Development 
Certicom/BlackBerry Technology Solutions








There is a reason that BlackBerry is synonymous with mobile security. It is because security is as elemental to an electronic system as DNA is to an organism—and security is BlackBerry’s DNA. Robust security cannot just be bolted on. It must be infused right from the start, which is why BlackBerry Security has been trusted by world leaders for over two decades and is the mobility partner of all G7 governments, 16 of the G20 governments, 10 out of 10 of the largest global banks and law firms, and the top five largest managed healthcare, investment services, and oil and gas companies. BlackBerry Security has earned more than 70 government certifications and approvals - greater than any other mobile vendor.

The iconic example of the depth of trust in BlackBerry Security is probably the NSA’s licensing (and standardizing) of Certicom’s Elliptic Curve Cryptography (ECC) algorithms, which are quickly becoming the accepted crypto standard for enterprise, government, automotive, mobile, medical, industrial, and IoT security. Vulnerabilities are growing rapidly and present a serious risk for public and private sector organizations, so BlackBerry continues to expand its coverage with advanced technologies, tools, design consulting, and testing services for true end-to-end, layered security. The goal is simple: to ensure there are no back doors, open windows, or lost keys to exploit—anywhere in the system.



In mobile, coverage begins at the crucial hardware root of trust. OS and software authenticity is securely verified every single time any BlackBerry device in the world boots up. Data is encrypted right on the devices, in the trusted network, and behind the corporate firewall. In operating systems, the BlackBerry-QNX Neutrino microkernel ensures safe, secure, and reliable operation robust enough for over 40 car models, the space shuttle, and nuclear plants. It is designed to fail safe, and protect against malware, tampering and data leakage.


Thanks to Certicom’s Security Builder Software Libraries, certificate management solutions, and secure manufacturing systems, it is easy to obtain government approved (FIPS 140-2 Level 1) validation, manage security certificates, and secure manufacturing lines without becoming a crypto expert.









Transformation On Wheels: The Sentient "Car-Bot"

July 22, 2016, 2:26 pm
$
0
0

Bill Boldt                                                                                                   
Business Development Manager, Security
BlackBerry
                       





TRANSFORMATION... ON WHEELS
Cars have been a society transforming technology whose impact has rivaled that of  public sanitation, antibiotics, jet travel, telephone, and electricity.   Over time, the car has functioned as a status symbol, a rite of adolescent passage, provider of personal freedom, enabler of the formation of the middle class, and the catalyst of mass assembly and consumerism.  

THE EMERGING CAR-BOT
The next transformative event involving cars is already upon us, and it is a really big deal; namely, the "Car-Bot."    Cars are becoming self-propelled robots, and the Tesla with Autopilot is the poster child car-bot.   Autopilot truly does take the wheel and completely drive the car under certain conditions, like the highway. That is simply amazing.  Beyond Tesla, every car company, including new ones that are popping up, are going after assisted and autonomous driving. The established carmakers (or "OEMs" in auto-industry argot)  are just slower to make that happen since they actually have to run an industry with an existing manufacturing and distribution infrastructure and not just conduct a large scale science project that hit the road.  When the big guys get going we will see even more amazing things and on a scale that will change not just individuals' lifestyles, but cities, economies, and society itself.  

SOFTWARE-DEFINED VEHICLE
All car makers know the car of the future will be defined mainly by the software that gives it personality, purpose, and features.   The “software-defined car" will catalyze transformation including new ownership models such as shared or fractional and updatable performance and features.  There are already signs of fractional ownership and pay as you go usage. That is the Uber-effect.  Designs are already being presented for small buses ("bus-bots") that drive themselves to help ameliorate the crush of urbanization.  The bus-bot can solve important problems that urbanization poses, such as better resource utilization, reducing pollution, improved road safety, and less road congestion.

AUTOMOBILITY PLATFORM
The platform formerly known as the car is becoming a networked, sensing-actuating, connected, computer system of systems .  Sensors and actuators will communicate over a range of evolving electrical communications buses to act in a coordinated organic way, controlled by sophisticated integrated software and hardware inside and outside of the platform/vehicle.  The software and hardware must be cryptographically super-secure to create a truly safe system (i.e. one with very few crashes).  Cryptographic security means that mathematical algorithms like those used to secure electronic commerce web sites will be embedded into the vehicle and used to communicate to the vehicle.  This is known as Public Key Infrastructure (“PKI”) and ensures that the signals that sense and control things cannot be hacked, corrupted, or monitored. 

Cryptography maintains the confidentiality, data integrity, and authentication (the three pillars of security) of the various signals inside the car, between cars, and between cars and infrastructure to ensure safety, security, and reliability.  More on that later.                                                   

ORGANIC EVOLUTION 
The move to the car-bot started fairly humbly with in-vehicle entertainment, but will end up growing into a virtual organism of transportation-communication-and-lifestyle.   It is as if car radios, GPS, and cell phones were like single-cell organisms that materialized independently, but then linked up into multi-cell organisms.  More linkage is happening and the organism is evolving further.  Infotainment (the first linkage) is already linking with instrument clusters, ADAS, and more.  Hypervisors are making this happen.

What really made the linkage of segregated systems possible was the right kind of operating system.  And, in the case of a car it had to be safe, secure, and reliable.   Those three items cannot be over-emphasized.   Just ask car companies that made the mistake of not using the right type of operating system and had to go back to the drawing board. 

In parallel to the cockpit electronics evolution, there were other evolutionary branches on the locomotion and safety fronts that included Electronic Control Units (ECUs).   ECUs are little computers that intelligently control physical things like mirrors, lights, seats, AC, and other things in the body or cockpit.   More importantly, ECUs made for better control of brakes, engine systems, airbags, and other things that make the car stop and go and become safer.   

ECUs started out as discrete items that did one thing, but quickly became connected via in-car networks of various types such as CAN, LIN, MOST, Ethernet, etc.  These networks are like the prototypical spinal/nervous system in early vertebrates.  In addition,  ECUs (little brains) are becoming larger and capable of doing many more things at once (bigger brains).   This is represented by emerging domain controllers that are leveraging the amazing advancements in multi-core processing and architecture.    
                                                                             
BECOMING SENTIENT
Now that electrical automotive vertebrates have shown up, the evolutionary stage is being set for the omega point (i.e. the ultimate stage of evolution): Sentience.    Sentience means self-aware and self-controlled.  However, it is not just the vehicle that will become self-aware, it is the entire ecosystem that contains the smart vehicle, the cloud, and the smart/communicating cyber-physical infrastructure that interacts with it.

Note again that none of this can be possible without robust cryptographic security. Security is a leitmotif that will show up throughout the entire system. It must be everywhere at all times.  The sentient car-bot ecosystem will contain smart sensors, distributed processing systems, multi-level security, transmitters and receivers, and service providers, among others.  The bottom line is this:  No security, no sentient car for you.

THE TRIAD:  SAFETY, SECURITY, AND RELIABILITY
There are strong forces that are driving the software-defined, sentient car-bot evolution.  What underpins all of these forces is that each will require the triad of Safety, Security, and Reliability.   The triad must be present in all the systems in the vehicle from infotainment to instrument clusters, to body control, to engine control, etc..    The triad must be present at all times when the systems communicate with each other, with other vehicles, and with the infrastructure. The systems have to be secure even at rest to fight off attacks.   Service providers must provide services that are safe, secure, and reliable.  

Subscribers and vehicle owners will abandon products and services that are weak on any of the parameters.  The invisible hand of the market (as coined by Adam Smith) will kill companies and solutions that are not safe, secure, and reliable.   Respect the Triad!


Safety, security, and reliability must be forethoughts.  They are not products or features that can be offered as options.   They cannot be bolted on.  All three must be infused into everything at birth.    It is not hard to see that the parts of the triad are inseparable, meaning you cannot provide one without the other:  Can something be safe if it is not secure?   Can it be reliable without being safe?  Can it be reliable without being secure.  Clearly not.  The triad is the DNA of the software-defined car.  

Other articles will explore how designing with the triad in mind can make the software-defined future easier to create.  Hint:  it will require a safe, secure, and reliable operating system and end to end security.

In the meantime, please take a look at the QNX operating system and the security products from Certicom that secure the manufacturing supply chain and securely manage cryptographic keys and certificates.  Doing so will help you understand Blackberry makes autmotive not just secure, but BlackBerry Secure. 




        


  


In Car Communications (“ICC”) Solution Check List

August 8, 2016, 3:55 pm
$
0
0


Len LaytonLen Layton
Global Business Development Manager, Acoustics, BlackBerry


If you’ve ever had to “twist and shout” to be heard by back seat passengers then listen up – you might find some new technology from QNX useful (and safer!) 
So many cars already have the basic hardware that we could leverage to effectively make a phone call to the people in the back of the vehicle.  The handsfree microphone can  pick up the driver’s voice, amplify (reinforce) it and play it out of the rear loudspeakers near to the people in the back. This is the principle of in-car communications -- “ICC” for short.

Designing a practical in-car communications (“ICC”) system can be broken down into a few basic steps. But first let’s look at how a car’s hardware is setup and the paths where audio will be flowing.  The main problem is the “front-to-back” case where the driver’s voice needs to be reinforced for the benefit of the passengers in the back, to that the driver doesn’t have to twist around and shout at the people in the back. 



You can see that we have essentially built a public address system for the car.

In noisy conditions we could turn on the ICC system and then the voice of the driver should be heard much more clearly.  Sound would be flowing through the “reinforced path” in the diagram. At intermediate noise levels, the listener in the back will be able to hear both the direct path and the reinforced bath at the same time.

If there is too much time delay between these two paths, then the listener will perceive the reinforced signal as though it was someone else talking and will not sound natural at all. Studies have suggested that any more than about 30 milliseconds is the limit of this time delay between the direct and reinforced paths.

There will also be some of the reinforced signal that comes back to the talker in the form of echo, which can be disturbing or annoying for the talker if there is too much delay on this path too.And let’s not forget the key issue we are dealing with – NOISE! Noise is all around the occupants and the faster you go the more noise there is.  So, what should we care about when designing and ICC system?

The Solution Checklist:
QNX ICC is the first practical seat-to-seat speech enhancement software product. It addresses the whole set of challenges faced when implementing a practical ICC system:
1) Improved intelligibility by reinforcing speech naturally without distortion or added noise. QNX ICC addresses the primary goal of an ICC system – replacing the “What?” with “Oh Yeah!”

2) fully Automatic -  the amount of reinforcement is continuously adapted to the actual noise level in the car. So as different noise conditions are experienced, the reinforcement is immediately and smoothly adjusted and the driver does not need to operate any controls at all. QNX ICC is truly “set and forget” and can be safely left enabled so that it is ready to kick-in as needed. 
 
3) No feedback howling  Under any circumstances QNX ICC will never howl.

4) No Echo or unpleasant perceptible effects – QNX ICC operates at low delay so the talker will only perceive that their voice is slightly louder and not delayed or sounding “processed.” 

5) low delay operation so that reinforced speech does not perceptibly interferewith direct, non-reinforcedspeech. QNX ICC’s algorithmic latency is only 5 milliseconds. 

6) Reinforces speech only and does notamplify backgroundnoise. Leveraging more than a decade of experience and over a hundred patents in the area of automotive signal processing, QNX ICC includes advanced noise reduction algorithms to ensure clear and natural speech reinforcement. 

7) Simultaneous operation with music andnot cause any perceptible distortion to music or other mediaplayback.

8) Implementable on current ICs such as infotainment processor CPUs and DSPsand co-exist with other systemsoftware.

9) Tuning that is easy and quickly adapted for different vehicle types and acoustic configurations beforeproduction.

QNX ICC is available for licensing today either as a standalone signal processing library or as part of QNX’s new Acoustics Management Platform ("AMP"). QNX In-Car Communications is one of the great features of the breakthrough QNX Acoustics Management Platform click here to find out more. 

A future blog post will address how QNX ICC can be integrated with a complete automotive acoustics solution.

Security Matters for the Software-Defined Car

August 18, 2016, 11:52 am
$
0
0

Bill Boldt
Business Development Manger, Security, BlackBerry
wboldt@blackberry.com

  
Certicom, the crypto expert in the BlackBerry Technology Solutions family is positioned to lead the way to a secure software-defined future for the automotive industry –because when it comes to the security, real-world experience matters.
 

Certicom is a recognized leader in public key infrastructure (PKI) security design,innovation, and delivery. PKI is a foundational technology that has become the cornerstone of real world security across the internet, mobile, medical, financial, government,military, consumer, automotive, industrial, IoT, and just about every application that communicates information electronically. 

Public Key Cryptography uses public-private cryptographic key pairs to sign digital certificates and provide the essential elements of security, which are confidentiality, data integrity, authentication, and non-repudiation. PKI establishes the infrastructure that defines how digital certificates are created, distributed, stored, and revoked.



Public Key Cryptography Matters

It is not at all an overstatement to characterize Public Key Cryptography as having established the main way that security is provided throughout today’s (and tomorrow’s) connected world. In fact, anyone who has ever logged on to a secure web site such as e-commerce or e-banking has used Public Key crypto, most likely without even knowing it. it is already built into personal computers and smart phones, and it won’t be long before it is built into every embedded application as well. And, that is a very important notion to grasp.



Proven PKI solutions from world leading software and security infrastructure suppliers like Certicom increase device (e.g. semiconductor chip and board) security, fight counterfeiting and cloning of products and firmware, promote product and personal identity authentication, secure asset management in supply chains, and improve the security of numerous other applications, including the emerging Internet of things (“IoT”).

    
Public Key crypto's tremendous growth is being increasingly driven by two powerful forces: 1) the widespread adoption of autonomous communicating devices, and 2) the realization that such devices absolutely must be authenticated.

Supply Chain Security Matters
The long pole in the tent for  security in the software-defined car is in fact securing the supply chain. 

Security assets (such as crypto keys, uniqueserial numbers, etc.) must be installed into the devices at manufacturing time.  Devices must be distributed to and installed into vehicles in globally located factories. Devices must be warehoused worldwide for subsequent repairs.  Secure devices must be updateable at the dealers and repair shops.  Aftermarket suppliers must be able to sell and update secure devices. These requirements present a logistical tangle. Making a device such as an ECU or secure processor secure means that it will be unique. 


However, by definition that device cannot be used anywhere else.  It becomes a unique stock keeping unit (SKU), which is averse to the purpose of flexible, just in time manufacturing flows.  Security versus flexibility is a serious trade off that must be managed carefully. To maintain the maximum amount of flexibility, personalization and updating should be moved as close as possible to the very last minute.   That means it must happen not only in the factory, but in the field and via updates.  Each car maker faces the same issues, and will have to design and manage a secure device manufacturing system, security certificate management system, and a secure updating system – all of which must be global and long term in nature.
  

These are the type of things that Blackberry can provide  based upon decades of experience in securing mobile infrastructure and devices, to a level that no other company has done.



Experience Matters

Security is as elemental to an electronic system as DNA is to an organism—and security is BlackBerry’s DNA.


For the connected autonomous car of the future-- security has to be inside and outside the car, in the supply chain,  and updateable.  BlackBerry has the state of the art experience to to those things due to proven experience in making products secure, in high volumes, and in the supply chain. 





QNX's Fabulous Concept Cars

August 23, 2016, 5:12 pm
$
0
0

Thomas Bloor
Business Development Manager, BlackBerry

If you’ve been to CES chances are you’ve seen one of our concept cars, even if you’ve not been to our booth, we take these to our industry partners. Now as we start gearing up for next year’s CES there are some great innovations in the pipeline. (I’ve seen them, but I’m not telling.) So as I can’t spill the beans on what's coming, but let’s take a look at some of my favorite QNX Concept Cars from years past.


The Porsche 911 Carrera (CES 2012)
Admittedly I have a soft spot for performance cars, but the Porsche deserves headline billing in the roster as a CNet "Best of CES" winner. With revolutionary (for 2012), cloud-based voice recognition you could control the navigation system using natural language.   And, text-to-speech meant that you could listen to incoming BBMs, emails and text messages. Rounding out the roster of features that would still be considered ahead of the curve for a production car today, this model featured one-touch Bluetooth pairing.  Simply touching your phone to an NFC reader in the center console automatically paired the phone and car. 



The Bentley Continental GT (CES 2013)
In an outburst of Canadian quirkiness, we decided that when better to do a photoshoot of a Bentley Convertible than in the middle of the Canadian winter? Of course despite the -20C (-4F) weather we’d have to have the top down!

The cold and the snow do not detract from the revolutionary center stack with DLP® display from Texas Instruments. This immense (for 2013) featured an organically curved surface and TI’s optical touch input technology, which allowed physical control knobs to be mounted directly on the screen resulting in an ideal balance in physical and touchscreen controls



Taking natural language voice recognition a step further we worked with AT&T’s WatsonSM . Say "Hello Bentley," and the car's voice recognition system immediately starts interacting with you, in a distinctly British accent, old chap.


If that weren’t enough, the cluster displays the back-up camera and user configurable high resolution instrumentation. We also took the mobile office to new heights with smartphone integration with streaming music, email notification, news feeds, and other real-time information. Put the Bentley into park and you could fire up video conferencing with realistic telepresence.  

Separate cameras for the driver and passenger provide independent video streams, while high-definition voice technology from QNX offers expanded bandwidth for greater realism, while stereo telepresence makes the remote caller sound as if they’re sitting right next to you.


Mercedes CLA 45 AMG (CES 2014)
Have you looked inside a Mercedes S class recently? The horizontally orientated center stack display extends across the dash. Coincidentally our 2014 Mercedes concept had a 21-inch-wide center display extending towards the passenger enabling a seamless interaction with the vehicle.
 
Behind the scenes the Cluster was integrated with the center stack running both driver information and IVI functions. With seamless controllability across the touch screen, physical buttons and the jog wheel controls multi-modal input was highlighted across all available functionality. 

Not content with that, we foreshadowed greater integration of ADAS functionality warnings to the driver through both the cluster and verbally through text to speech if the local speed limits were exceeded.

Jeep Wrangler and Toyota Highlander
Now it’s not all high end luxury cars, which is just as well because they never let me drive any of them. Our Jeep Wrangler and Toyota Highlanders serve as our QNX reference vehicles showcasing what the QNX CAR application platform can do, straight out of the box. Additionally, the Toyota features our advances in in-car communication and acoustics platforms enabling an enhanced user experience for drivers and passengers.

These cars are not just  "show floor wonders" because our automotive knowledge enables us to build demonstrators for the real world, which can be driven, and the technology can be experienced first-hand. Concept clusters and displays abound, but real vehicle bus integration means these cars are drivable with real instrumentation and connectivity.


While I can’t reveal what new exciting technologies we are planning for CES 2017 (believe me, you’ll want to come and take a look), I can say that our reference vehicles are currently on tour so keep an eye open for them on the roads near you.

Cryptography is the New Seatbelt

September 1, 2016, 2:41 pm
$
0
0
Bill Boldt
Business Development Manager: Security, BlackBerry
wboldt@blackberry.com


The evolution of the car into an electronic platform started with cockpit electronics and branched into safety and locomotion, giving rise to Electronic Control Units (ECUs). ECUs are little computers that intelligently control physical things like mirrors, lights, seats, AC, and other things in the body or cockpit; and made for better control of brakes, engine systems, airbags, and other things that make the car stop and go, steer, and become safer. Cars today can have well over 100 ECUs. And that can be challenge to make truly secure.

Fortunately, that is changing. Multi-core processor technologies are being harnessed to consolidate ECUs into a platform populated by powerful domain-controllers. A major benefit of domain controllers is that they lend themselves to being secured by modern cryptography because they can run algorithms faster and store crypto keys more securely. Also, fewer controllers means fewer points for attack. In a connected autonomous car safety comes from security, and security comes from cryptography. Because attacks can come from anywhere, at any time, and on any system, automotive security must be multi-layered, meaning everything has to have some sort of cryptography to protect from attackers. Security awareness should start right at the beginning of design with disciplines such as penetration testing of the software and security audits to find vulnerabilities. And, these should be applied inside and outside of the car.

Once you have a good start you need to ensure a good ending, which means security updates, and that typically means over the air. In between the beginning and the end there should be secure manufacturing and secure distribution of crypto keys and certificates. BlackBerry can help with all of that with security design and testing, QNX's microkernel based RTOS, and Certicom's technology for securing the supply chain and managing security certificates to gain BlackBerry level security, without your having to become a crypto expert.

By now you can see that by providing the first line of defense for personal safety, cryptography is becoming like the new seatbelt.

SECURING AUTOMOTIVE 
When it comes to embedding security into the autonomous connected car of the future, it has to start with securing the supply chain. Security in and around a car has many requirements:

  • Security assets (i.e. crypto keys, serial numbers, etc.) must be installed into the devices at manufacturing time

• Devices must be distributed to and be installed into vehicles in globally located factories

• Devices must be warehoused worldwide for subsequent repairs

• Secure devices must be updateable at dealers and repair shops

• Aftermarket suppliers must be able to sell and update secure devices

These requirements present a logistical tangle. Making a device such as a networked ECU on a CAN bus secure means that it will become one of a kind. This is the entire objective of
personalization. However, by definition that device cannot be used anywhere else. It becomes a unique stock keeping unit (SKU), which is averse to the purpose of flexible, just in time manufacturing flows. Security versus flexibility is a serious trade off that must be managed carefully. High profile automotive hacks have shown the world that automotive security is necessary, but it is difficult to apply especially because it makes manufacturing more difficult and costly. Because security must be injected in the factory and beyond, a secure manufacturing system must have global reach, be manageable on a distributed basis, be updatable by various entities, and remain secure for years. Secure manufacturing, including injection and updating of security assets, will touch factories, warehouses, distributors, dealers, repair shops, and aftermarket parts stores. In addition, security updates will often be over the air.
 

To maintain the maximum amount of flexibility, personalization and updating should be moved as close as possible to the very last minute. Each car maker will be faced with the same situation and will have to design and manage secure device manufacturing systems and  security certificate management systems, that are global and long term in nature.

Fortunately, the tools to do that are available from Certicom; namely, the Managed PKI system and Asset Management System. The way in which these systems get deployed will have to be designed to the specific logistical and security needs of the manufacturer. Therefore, the overall manufacturing blueprint must be designed with best practices in mind, right from the start, and BlackBerry Professional Services and help with that. Also,
in-car and around the car security systems can be developed using Certicom’s cryptographic libraries and architectural consulting services.

Blackberry brings it all together to make the software defined car more secure...and that means safer.

On Clusters and Infotainment

September 24, 2016, 6:53 am
$
0
0


Romain Saha
Strategic Alliances Manager
BlackBerry


I think I have IAD or internet addiction disorder. I don’t argue with people anymore. I just google until I get the answer. I can’t remember anything. Why should I? It’s all out there on the internet. I barely watch TV anymore. I’d rather just learn something using the internet. 

OK – this probably isn’t textbook IAD. Maybe it’s just the new reality. Pretty much everything anyone could possibly want to know is out there somewhere on the internet. Sometimes it’s easy to find. Sometimes it’s hard. But it almost always is out there if you look hard enough. 

You would think that in this brave new world that there’s no opportunity for confusion anymore. I thought so until I started trying to figure out how one could build a safety certified digital instrument cluster and a full-blown infotainment system using a single high powered embedded processor. I see a lot of silicon road maps in my role and those indicate that a lot of horsepower is coming online. So much horsepower that it’s starting to look like using separate processors to run disparate systems in a car doesn’t make sense anymore.

You’d think that combining a cluster and infotainment system on one SoC would be a no-brainer. Dual (or more) display support is getting pretty common and even today’s SoCs have the compute cycles, so why isn’t everybody already doing this?  It seems pretty easy until you consider that the cluster is a safety critical system. It’s not even the whole cluster, mind you. It’s just what they call telltales. Telltales are those icons that light up in your car to tell you you’re in drive and not reverse, that your traction control is offline, or that your engine is about to blow up. Small things maybe, but very useful information indeed. So, that means you have to address safety concerns for the cluster.

Why not just apply safety criteria to the whole system including the head unit then and be done with it? That is one approach certainly, but the problem is that an infotainment system is pretty much impossible to safety certify. Maybe impossible is too strong. You could probably do it, but why would you? It would probably cost way more than any savings resulting from collapsing two systems onto a single chip.  Plus it would take forever.

If that’s not the answer, then what is? Finding a way to isolate cluster safety criteria from the infotainment system can do job, as long as you can ensure complete isolation. This isn’t a new concept but still pretty rare in embedded.   This is called a hypervisor, and if it is done right, it does the trick. Well, almost. Not every hypervisor can do it right. In order to ensure isolation for this use case you need a type-1 hypervisor. Type-2 hypervisors don’t cut it.  

This is where the internet starts to fail me.  I see hypervisors described as type-1 but then see things about proprietary drivers. I see people say virtualization, but when you dig a bit deeper it’s hard to say whether it’s virtualization or para-virtualization. Type-1, type-2, para, hybrid… I’m at the point where I don’t really know what I see. 

It would be so much easier if people answered simple questions with simple answers.

  • Can you share graphics and still achieve true safety isolation? 
  •  Is the hypervisor built in a way that you can reasonably safety certify your system.
  •  Is it real-time? 
  • How much overhead does it add to the overall system? 
  • What happens if a guest OS goes rogue? 
Maybe you could ask your hypervisor supplier how they address this kind of stuff. If you get an answer that makes sense, do the world a favor and spread the word.

The second thing you need is a foundation on which to build a safety certified system. QNX, as an example, has certified both its OS and tool chain to ISO 26262 ASIL D. You can find this certification on the internet. It’s  here. If you take the time to read it, it says we did the tools and the OS. The production OS used in millions of systems shipping worldwide.
  
Here’s where the internet fails me again. I have looked and looked and looked for another embedded OS company with anywhere near the same level of certification. It has to be out there. I see all kinds of anecdotal “marketing" evidence but I can’t find a certificate. The closest I have come so far is a certificate for an OS, without the tools, that was issued in 2007 for Common Criteria EAL 6+ on an old single-core PowerPC processor. I must be missing something.  Can you buy a PowerPC processor anymore? I guess you should ask to see certificates to be sure you know what you’re getting.

I’m having a hard time coming to grips with the internet letting me down. I’m certain I just don’t know where to look, so if anyone has the answers I’m looking for, I’d love to hear about it. Better yet, post it somewhere on the internet that’s easy to find.

The next thing I’m going to try to find is someone with a safety certified hypervisor because you’ll need one of those too…

Search

The Secret to a Successful Autonomous Vehicle Development Program: A Data-Centric Approach to Autonomous Car Design

September 28, 2016, 9:06 am
$
0
0
Bob Leigh, Director of Market Development at RTI
Romain Saha, Strategic AlliancesManager at BlackBerry

The automotive industry is facing unprecedented changes in the coming decade. With the rise of autonomous and connected cars, software is a significant differentiator in the automotive market. As software takes a central role in the functions and features of the car the investment in software development is accelerating dramatically. Automotive companies must adopt novel software design methodologies to be competitive, as well as ensure safety, security, and a quality user experience. Fortunately, embedded system architecture is also evolving. Fueling this change is the proliferation of “system-of-systems” architectures, where connectivity and accessibility are baseline requirements. This requires interoperability! 
  
IIoT and Data-Centric Design

The rise of the Industrial Internet of Things (IIoT) is driving this need for new architectures to unify the standalone devices of the past. These changes are already happening in other market segments and are fully applicable to automotive. In ever more connected and autonomous cars, many subsystems operate in tandem, but without the benefit of a greater awareness. For example, braking systems have very little interaction with power steering.  As we connect these systems and add layers of automation, the car itself becomes a system-of-systems – where braking and steering coordinate with vision and sensor functions – and every car is then connected to a much larger system. 


These larger connected systems could support fleet management, traffic management, sharing services and other as yet undefined applications.


 
Such a new design model must provide:
  • Time-sensitive reliable transport, safety and mission-critical rigor in software design;
  • Interoperability between applications, domains, operating systems, and entire heterogeneous systems;
  • Support for high volume communication across multiple domains or compute platforms (sensors, actuators, etc.); and 
  • Code reuse and the evolution of the system as it moves from research to development, on to production and into maintenance lifecycles that span multiple model releases.
Data-centric architectures address all these requirements. A data-centric architecture offers reduced development and maintenance costs when compared to deviceor application-centric or object-oriented approaches. 

Data centric-architectures support interoperability between teams, application and entire network domains and foster innovation through better access to data. To be data-centric means to put data at the center of any system, which is then self-describing and accurately reflects the real-time state of the system. It abstracts the complexity of operating systems, hardware, and network programming to allow applications to focus on the core value they add to the system. It decouples applications so that they become actors that use or change the state of data but do not explicitly interact with each other. This approach supports the sharing of code and IP (since it does not depend on a specific platform) and has many advantages in scalability, interoperability and maintaining data/state integrity.

Complete Lifecycle Support Platform

 

The preeminent data-centric middleware standard for real-time systems is DDS (Data Distribution Service). DDS is an open standard maintained by the Object Management Group (OMG). This standard has been developed over decades in highly demanding applications and is in use today in multi-billion dollar product lines worldwide.

DDS offers many features that are critical to any ADAS or Autonomous Drive application. Core to DDS, Quality of Service allows developers to guarantee latency, control data flow and manage network bandwidth. All of these things are achieved within the middleware, so the application only needs to focus on the processing of data, not the delivery.

Interoperability between applications and domains creates a layer of abstraction that allows OEMs to combine systems from different Tier 1s in a way that minimizes complexity and risk. It supports multiple operating systems seamlessly to enable architectural evolution from statically to dynamically configured higher-level operating systems – moving from the idea of domain controllers to compute platforms. It provides a unified infrastructure to connect and control different domains, paving the path to sensor fusion. It supports the high volume of traffic that these architectures will demand.

With DDS, applications, teams of developers, and systems share data using a common data model defined for the entire system. Once defined, all interaction between system actors is understood through this common data model. Code development and application interactions are decoupled, which allows more efficient development and collaboration of large, geographically distributed teams. DDS can support many thousands of applications with hundreds of development teams worldwide. This is the power of data-centric middleware.

Certified Software Stack

For many years DDS has been used in air, land, and sea autonomous system projects. It provides the features needed to support time-critical, dynamic, high volume applications that are key to the next generation ADAS architectures and ultimately to autonomous drive. Using a safety certifiable middleware, such as RTI Connext® DDS Cert, with QNX ISO26262 certified RTOS and ADAS framework, you can begin development with a fully-integrated, certified software stack. The combination allows engineering teams to focus on their core value-add in application development while ensuring system performance, interoperability, security and safety certifiability.

RTI(Real-Time Innovations, Inc.) is the largest DDS vendor and is the only one with a safety certifiable version of its product. RTI Connext® DDS is used in many mission-critical and safety-critical applications and is an essential component of the future Autonomous Car.

Please contact RTI at  bobl@rti.com or QNX atrsaha@blackberry.com today to learn more about these powerful tools.

QNX Software Systems Limited, subsidiary ofBlackBerry is a leading vendor of operating systems,development tools, and professional services forconnected embedded systems. Global leaders such asAudi, Cisco, General Electric,Lockheed Martin, andSiemens depend on QNX technology for vehicleinfotainment units, network routers, medical devices,industrial automation systems, security and defensesystems, and other mission- or life-critical
applications. Founded in 1980, QNX SoftwareSystems Limited is headquartered in Ottawa, Canada.


For more information on Connext DDS in Autonomous Vehicles, please download our whitepaper or register for this upcoming joint webinarwith QNX and RTI.








Anchoring Trust in the Increasingly Software-Based Car

September 30, 2016, 9:40 am
$
0
0


Bill Boldt
Business Development Manager, Security 
Blackberry




Electronic Control Units (ECUs) started out in the 1970s as discrete modules with each one doing one particular thing, at that time mainly for emissions controls and mileage.  Then they became connected via in-car networks with the invention of the CAN bus in 1985.  In-car networking represented a big improvement in capability.  However, being networked means that ECUs became vulnerable to mischief and thus they, and what the connect to (such as domain and area controllers) need to be secured cryptographically to ensure that the signals being sent have not been tampered with or corrupted, and perhaps most importantly, that they are authentic.   There is also the emerging need for confidentiality (i.e. encryption/decryption).

The picture below shows the top attack points.  This range or targets indicates just how vulnerable cars have become: 


      With a car having so many places to attack, how can trusted security be implemented and why is it so important?  Well, the main thing is that trust leads to safety, especially as cars become more connected and autonomous.  Hacked or corrupted signals can have dire consequences in a car, which is obvious.  In a car, safety is related to security and security comes to a  large extent from cryptography.  (Note that safety and security are not exactly the same thing, but there is tremendous overlap and interplay, and safety is becoming much more dependent on cryptographic security as cars become more connected and autonomous.  For more on functional safety look here.)

      Trust
      Trust is paramount in digital systems, and increasingly so in automotive. Trust comes from cryptographic solutions that:
      • Securely store secret keys
      • Securely issue, manage, renew and revoke security certificates
      • Include a mix of software and security hardened hardware devices, and
      • Are manufactured in highly secure facilities

      What Creates Trust?
      A major tenet of security is that each system and sub-system will have different types of threats and a range of options to provide countermeasures to those. This means that the automotive security equation has many variables and thus is difficult to solve.

      However, two things are always common to trustable cryptographic security, and they form the basic foundation of modern security:

      1. A proven algorithm (e.g. Elliptic Curve Cryptography (ECC)), and  
      2. A secret cryptographic key  (to provide the required level of security for the selected algorithm). 
      The challenge for the automaker is to choose the right algorithm and key length for the available processing resources and to securely issue, manage/store, renew, and revoke the security certificates. Cryptographic strength comes from the combination and application of these principles, processes, and techniques. 
       
      Trust Anchor
      On a CAN bus, which was designed without security in mind, ECUs are exposed.   So, connected cars should employ best practices for security, but cost, complexity (especially of the supply chain) and time get in the way. Having said that, best practices will eventually prevail and that will likely include a hardware trust anchor system to establish, maintain, and update cryptographic processes.


       
      From the diagram you can see the four basic things that create a PKI-based hardware trust anchor:
      1. A trusted hardware anchor that stores the key
      2. That key, which becomes the root of trust
      3. The certificate chain anchored by the root of trust, and
      4. A signing mechanism that creates the anchored certificate chain


      Multi-level Security

      Because there are so many systems in the increasingly software-defined car, security has to be multi-layered and fit the specific application. In other words — it must be tailored. You have to figure out what you are securing, what threats that system will face, and what countermeasures should be employed. You have to pick what pillars of security to apply; namely, confidentiality, data integrity, authentication, and non-revocation. Making sure you are doing the right security things on each system is what Blackberry is positioned to help you with, from consulting, to design, testing, certificate management, securing the supply chain, making updates, and applying cryptography to the in-car and around-the-car networks.



      To learn more about cryptography for automotive please contact Blackberry's Certicom
      subsidiary, and for more information and/or help regarding reliable, secure, and trusted software for safety- and mission-critical applications such as automotive please contact QNX. 

      The bottom line is that BlackBerry, Certicom, and QNX can help your system become not just secure, but BlackBerry secure. 

      Autonomous Cars Part 1-- And Now for Something Completely Different: The Autonomous Accident

      October 4, 2016, 8:21 am
      $
      0
      0


      Kaivan Karimi
      SVP of Strategy and Business Development
      BlackBerry Technology Solutions (BTS)

      A few weeks ago a self-driving Tesla Model S in Autopilot mode crashed into a large semi-trailer in Williston Florida This is pretty much what lawyers call a case of first impression, and rightfully so.  This unprecedented eventbrought up a bunch of questions, and it is clear that we are now on the cusp of the autonomous (i.e. robot-driven) automotive future.  With that comes a completely different mix of risks, liabilities, safety concerns, responsibilities, ownership models, insurance platforms, and regulatory oversight. 

      Car crashes are, and should be, a big deal. They are the number one reason for death among young people and number five overall, claiming over 32,000 American lives each year. Some news outlets have questioned the sanity of allowing driverless cars on the road all together. Fairly or unfairly, the whole notion of driverless cars is experiencing knee-jerk reactions. It is easy to see why the first known death caused by a self-driving car in the history has focused everyone’s attention on autonomous vehicles.

      This incident is much like how Bridget Driscoll made the history in 1896 by being the first pedestrian being struck and killed by a gas-powered car (at a top speed of four miles per hour).   Thanks to the sensationalism of the press, the Florida crash got much more coverage in the news cycles than the more positive story about the Missouri man who used his Tesla Model X in autopilot mode to get to the hospital when he suffered from a debilitating blood clot on the highway.  Tesla Autopilot saved his life, and that is real (and good) news.  Nothing like that has happened before—a robot saving a man’s life.  Amazing.

      These issues have made so much headlines that it made it to the white house, and president Obama wrote anop-edmostly in support of the technology.  President Obama wrote that safer, more accessible driving, and less congested, less polluted roads are what harnessing technology for good can look like referring to self-driving car technologies. He also said that we have to get it right. Americans deserve to know they’ll be safe today even as we develop and deploy the technologies of tomorrow.
      The accident has given rise to discussions about what types of sensors should have been in place to avoid that accident.  Also, as you would expect, there is a lot of questioning by legislators about the need for such technology, and how it can be regulated. A proper outcome of the crash has been awareness that autonomous driving is a public safety issue.  This is multi-faceted and includes technology (i.e. hardware, software, and architecture), economics, policy implementation, liability, and oversight factors.

      I started following the development of autonomous vehicles when I first heard about Google’s so-called “self-driving car” project back in 2009. While I knew about DARPA’s initiative around this idea in mid 2000s, a commercial entity like Google picking up the project lends real credibility. Back in the 2010-2011 timeframe, my team and I were working on Freescale’s MCU strategies, and through that I got to understand the role of Active Driver Assistant System (ADAS) and the numerous architectural considerations and technologies needed to make autonomous driving a reality. 

      Now at BlackBerry, I am working with our QNX software team on ADAS development.The QNX perspective, of course, comes from the software side with expertise in instrument clusters, functional safety,hypervisor infotainment, and telematics. When you add that to  Certicom’s cryptographic security expertise, and BlackBerry’s Over-the-Air (OTA), updates for automotive security life cycle management, you have what you need for safety and security of the software-defined autonomous future. The evolution to connected autonomous vehicles is transitioning through different stages that in fact were defined by the U.S. Department of Transportation's National Highway Traffic Safety Administration.       SAE has defined levels as well.  

                                                                
                                                                 Source: NHTSA

      Most car OEMs that we are working with have autonomous driving pilot programs in place. That is no surprise.  Even before the Tesla Autopilot accident, it was hard to open a technology magazine or website and not see a mention of self-driving cars and various pilot programs around the world. Cars are becoming cool again due to new technological evolution.   This is similar to how cellphones became cool in the early 2000s when the emergence of 3G made the notion of smartphones real.   Cars are much more than a phone, obviously, and the sky is the limit.  Software, semiconductor, networking, cryptography, sensors, communications, electric/hybrid engine, charging, display, augmented reality, smart highways, retail, and other technologies all converge on the car platform.  These things are quickly redefining the car, the highway, ownership models, insurance, and society itself. 
       
      Some of the items to consider are the forms that vehicles will adopt due to automation, such as autonomous cars,  to  self-driving busses  , self-driving trucks,  and DARPA’s 132-foot long Sea Hunter unmanned Submarine-Hunter Drone .

      Hardware + Software

      Self-driving vehicles, or self-propelled anything, are based on an intimate relationship between electronics hardware and software to create not only a perceiving, processing, and actuating system, but a system that is safe, secure, and reliable.   While that last part seems obvious, it is not all that easy to accomplish.   Safety, security, and reliability come only from careful design based upon experience—experience that can make hardware and software work seamlessly.
       
      Starting with the hardware, if you look at automotive microprocessors and microcontrollers, you can see that their complexity has skyrocketed to meet real time requirements of active safety elements such as vision processing, sensor fusion, and control algorithms, while still maintaining stringent power budgets.




      Advanced driver assistance systems (ADAS) are the backbone of autonomous vehicles, obviously, and that it is based uponmultiple application cores and hardware accelerators.   ADAS,software platforms must provide high performance by combining symmetric multiprocessing on application cores with support for built in accelerators such as vision processing engines or graphics processing units (GPUs).   Examples of applications range from four camera surround view systems, to a single camera forward facing collision avoidance system, to a sensor fusion hub.
      Of course, the most important aspect of anything automotive is safety.  The old adage of safety first is still valid, and getting even more so as robotic cars start to drive themselves.  Therefore, there has to be real safety know-how at the core of the design and implementation of ADAS.  This is where safety standards compliance comes in.  The QNX Platform for ADAS is a great example of safety-centered software for the autonomous car.   The platform is certified by TÜV Rheinland to ISO 26262 ASIL-D.

      More details will be addressed in a future blog, but are presented here to illustrate that software must be compliant with safety standards if it is to be taken seriously.  How safety is achieved by a software architecture is by ensuring that system faults in one area do not affect other areas.   This is accomplished by using a microkernel architecture the operating system (OS) to create isolation of failed components, and allowing them to be restarted dynamically while the rest of the system continues to operate. This type of adaptive partitioning technology safeguards the operation of the safety-critical components by ensuring they are never starved of CPU cycles. With a microkernal approach, traditional OS services can be contained in separate, hardware-protected address spaces in the same manner as applications.

      The next blog will focus on the individual subsystems used in an ADAS platform in the connected autonomous car.    In addition, other connected autonomous car technologies will be covered in subsequent blogs, including security, Domain/Area-controller evolution, more about safety, and other technologies needed, plus use-case and financial considerations related to autonomous cars.   The story of the software-defined automotive future is just starting to be written.   For more see the QNX web site.

       


      _____________________________________________________________________________
      Kaivan Karimi is the SVP of Strategy and Business Development at BlackBerry Technology Solutions (BTS). His responsibilities include operationalizing growth strategies, product marketing and business development, eco-system enablement, and execution of business priorities. He has been an IoT evangelist since 2010, bringing more than two decades of experience working in cellular, connectivity, networking, sensors, and microcontroller semiconductor markets. Kaivan holds graduate degrees in engineering (MSEE) and business (MBA). Prior to joining BlackBerry, he was the VP and General Manager of Atmel wireless MCUs and IOT business unit.


      Autonomous Cars – Part 2: The ABCs ADAS

      October 11, 2016, 4:26 pm
      $
      0
      0


      Kaivan Karimi
      SVP of Strategy and Business Development
      BlackBerry Technology Solutions (BTS)


      Advanced driver assistance systems (ADAS)is one of the most important of the many different technologies going into the connected autonomous car of the future. 
      ADAS is evolving from discrete single function systems, such as blind spot monitoring and lane departure warning to integrated active safety systems and automated driving.  With ADAS high performance computing is intersecting with the need for functional safety, changing the very nature of the hardware and software in these next generation systems. So, a flexible, safe and stable software environment that leverages the performance advances in silicon while maintaining ISO 26262 functional safety certification is critical.  In an ADAS based car, software is the nervous system that works with the brains of the operations, which are  Microprocessors/Microcontrollers.  Together they work seamlessly with a range of other hardware components, some of which are noted below.


      Radar Systems
      Radar technology collects information around the vehicle and feeds it to the ADAS’s domain controller managing sensor fusion.  Several subsystems are part of the package such as a 77 GHz radar system that enables high precision and scalability from short to mid to long range detection; 24 GHz radar for high-demand features, such as rear cross traffic alert or blind spot detection; and Light Detection and Range (LIDAR) for adaptive cruise control, accident avoidance and mitigation and object detection. LIDAR is like a light-based radar that sends out short pulses of invisible scanning laser light, and based on how long it takes to see the reflection, calculates how far away it is.  It then creates a 3-D image of the surroundings of the car with high accuracy. 

      Vision Processing
       A range of cameras and sensors combine to see the world.  External cameras assist with lane departure warnings, forward collision warnings, traffic sign recognition, and pedestrian recognition.Internal cameras provide information related to the driver’s focal point and behavior so that the ADAS system can react accordingly. These can be augmented with 3D capabilities that enable new HMI user experiences, such as gesture recognition and control of cabin button functions, or infotainment systems.  Ultrasound is also used for close-end object detection and will be used in park-assist applications, where a typical car would have between 10 to twelve sensors.

      GPS
      Global Positioning Systems are satellite-based navigation systems using a network of 24 satellites that were put in orbit by the U.S. Department of Defense (DoD) for military applications. In the 1980s the US government made the system available for civilian use. Galileo (EU), GLONAS (Russia), BeiDou (China), and IRNSS (India) are examples of othersatellite-based navigation systems being developed around the world.  They have accuracy of within 10 to 50 feet for 95% of the time, with most providing a worst case pseudo-accuracy of 7.8 meters at a 95% confidence level. The actual accuracy depends on factors such as atmospheric effects, line of site clearance to the satellites, and receiver quality. To improve GPS location accuracy to centimeter-level accuracy, systems make use of ground-based reference points in combination to the satellite signal. These types of systems are called “differential GPS,” and a great example is that which comes from rental car companies.

      For a self-driving car you need to know which lane a car is in and where within that lane is in reference to other cars and structures surrounding it, and all of this must be updated athigh rates in real-time. This requires computational intensity as well as augmented GPS functionality with accelerometers, altimeters, gyroscopes, and a tachometer/odometer to achieve finer measurements of the position of the car under various conditions.

      V2X
      V2X communication refers to the exchange of information from a vehicle to anything that may affect the vehicle, and vice versa.  V2X stands for Vehicle-to-Vehicle (V2V), Vehicle-to-Infrastructure (V2I), Vehicle-to-Pedestrian (V2P), Vehicle-to-device (V2D), Vehicle-to-grid (V2G) and for all practical purposes, Vehicle-to-Everything.  (You can see that the “X” is the catch-all variable.) 

      V2X is considered a cooperative approach between cars and their environment to make a more effective means to avoiding accidents and traffic congestion.For V2X to really work it needs to be rolled out with adoption rates of greater than 95%, and from that perspective it may be a few years before the infrastructure is put in place. The communication technology most often talked about for V2X is based on Dedicated Short Range Communication (DSRC) operating at the 5.9 GHz frequency based on 802.11p 

      Wireless Access for Vehicular Environments (WAVE). The architecture, message protocols, and security standards are based on IEEE 1609.x in the US and various of ETSI layer standards.  Note that cryptographic security must be built in so that the signal sent and received can be trusted.  False or corrupted signals can produce dire results.

      V2X will establish a hybrid access network and enable the flow of information regarding traffic delays and hazard warnings (e.g. road flooding, electrical poles down, or even cars driving in the wrong direction, and others) in a real time manner.

      Telematics
      A telematics system mixes the functionalities of telecommunications and informatics for a car, and a good way to explain the range of functionalities in a telematics system is to take a closer look those supported by OnStar from General Motors. OnStar includes a cellular modem, GPS, connections to a variety of sensors (some of which are dedicated to reporting significant crashes), a backup battery, and a roof mounted antenna with a range that is better than a typical cellphone. 

      The box itself gets a “black-box” treatment, and is mounted in the back of the car to shield it from most crashes. The system is connected to a call center, which in turn can report accidents to a public safety answering point such as a 911 operator, and contact garages if only simple towing services or mechanical help is needed. After any incident, the call center operator contacts the passengers of the car, getting more information and assuring them that help is on the way. Emergency and roadside assistance along with basic vehicle diagnostics are the most popular services for most Telematic systems. 

      Over time, a host of other services have been added from weather reports and sports scores, to traffic information, geo-fencing, and stolen vehicle tracking. The list of automakers who already offer telematics services include GM, Chrysler, Ford, Lincoln, Audi, BMW, Mercedes-Benz, Volkswagen, Porsche, Jaguar, Rolls-Royce, Volvo, Mini, Toyota, Infiniti, Lexus, Mazda, Nissan, and Subaru. 

      Domain Controllers and Micro Processor/ Micro Controller Units (MPUs/MCUs)
      MCUs and MPUs are the physical hardware brains of the whole vehicle operation, and combined with powerful sensor fusion algorithms are what turn a car into a robot. With the number of sensors feeding situational awareness data in real-time, one can see that high-speed and high-bandwidth data processing are at the heart of automated driving.  High performance Electronic Control Units (ECUs) accept the sensor inputs that monitor the automobile’s constantly changing environment, and fuse those data at speeds of greater that 1Gb/sec to make safe decisions.  As the table shows, this will ultimately shift the burden of “situational awareness and response” from the driver to the car. High-speed decision making at real-time speed, dealing with the amount of data discussed above, requires secure, reliable, and very fast processing computers. 
        
      The growth of electronics in cars has resulted in double-digit growth of the number of ECUs being used in all car segments. Today’s embedded vehicle functions are shared between up to 100 ECUs and are connected over several buses, and typically uses 6-8 operating systems. This decentralized system has drawbacks in increased complexity, weight, and overall cost of the vehicle. The trend now is to move from 80-100 decentralized ECUs scattered across the vehicle, to 8 to 12 domains with their respective mega-ECUs, or Domain Controllers, which among many other things reduces the complexity of the system.



      The next blog will address the software architectural issues to be considered when creating connected autonomous car of the future.   For more see the QNX web site.

       

      _______________________________________________________________________________
      Kaivan Karimi is the SVP of Strategy and Business Development at BlackBerry Technology Solutions (BTS). His responsibilities include operationalizing growth strategies, product marketing and business development, eco-system enablement, and execution of business priorities. He has been an IoT evangelist since 2010, bringing more than two decades of experience working in cellular, connectivity, networking, sensors, and microcontroller semiconductor markets. Kaivan holds graduate degrees in engineering (MSEE) and business (MBA). Prior to joining BlackBerry, he was the VP and General Manager of Atmel wireless MCUs and IOT business unit.

      SECURITY FOR THE AUTOMOTIVE INDUSTRY: From End To End

      October 12, 2016, 11:33 am
      $
      0
      0


      Bill Boldt
      Business Development Manager, Security
      Blackberry 
      wboldt@blackberry.com

      Security is emerging as perhaps the most important factor in the evolution of the connected autonomous car. Due to high profile hacks on cars, it is hard to argue that without security you can have safety. Cars are the most software intensive systems in the universe with far more lines of code than even a state of the art jet fighter. 




      With being such complex digital systems they have become prime targets for attack, and that is where cryptographic countermeasures come in. 

      Connecting the dots:  in the emerging software-defined world,  safety increasingly comes from security, while security comes from cryptography. Robust cryptographic security implementation is how you increase trust, and in a car every system must be trusted, including inside the car, in the smart  infrastructure, in emerging applications-based ecosystems, and in the manufacturing supply
      chain. 

      When considering automotive security, many factors come into play. Some are noted here (and were noted in a prior blog, but are worth repeating):
      •  Security assets (e.g.  crypto keys, serial numbers, etc.) must be installed into
        electronic devices such as Electronic Control Units (ECUs), domain/area controllers, and other processors at manufacturing time. This process is called "personalization"
      • Those electronic devices must be distributed to and be installed into vehicles in globally located factories
      • They must be warehoused worldwide for subsequent repairs, and be updateable at dealers and repair shops
      • In addition, aftermarket suppliers must be able to sell and update secure devices, and
        OEMs must have the ability to authorize electronic devices or not (e.g. enforce warranty  policies) 

      And, there are many more.
        
      To maintain the maximum amount of flexibility, personalization (provisioning) and updating should be moved as close as possible to the very last minute. Each car maker will be faced with the same
      situation and will have to design and manage secure device manufacturing systems, secureupdating systems, and security certificate management systems that are global and long
      term in nature.

      The way in which these systems get deployed will have to be designed to the specific logistical and security needs of the manufacturer.

      Fortunately, the tools to do that are available from Certicom; namely, the Managed PKI
      System and Asset Management System. 


      Asset Management System
      Certicom’s Asset Management System (AMS) installs cryptographic keys into devices (such as ECUs, domain and area controllers, processors, memory,key storage ICs, etc.) to ensure they are secure from tampering, counterfeiting, cloning, and other bad things that happen to good systems.
       
      Personalization using Certicom’s AMS solution automates the secure distribution and tracking of digital assets, especially when used in conjunction with the Managed PKI services. 

      Certicom’s Managed PKI Certificate Services helps high volume manufacturers secure devices and securely enforce ecosystem requirements. Authentication is enforced via certificates, which is a method that provides the highest levels of security. 



      Mangaged PKI System
       
      Certicom’s managed PKI system was initially created for BlackBerry mobile devices, which speaks to high security and volume production scale capabilities. 

      Managed PKI performs four essential functions:
      1. ISSUE: Automatically issue certificates tvalidated devices 
      2. MANAGE: Track all of the issued certificates 
      3. RENEW: Automatically renew active devices 
      4. REVOKE: Disable certificates of lost or decommissioned devices






      Security Design Consulting
      The overall automotive manufacturing blueprint must be designed with best practices in mind right from the start, and BlackBerry Professional Services can help with that.  BlackBerry’s cybersecurity consulting and tools help to:


      • Identify the latest cybersecurity threats
      • Develop risk appropriate mitigation strategies
      • Implement and maintain IT security standards and techniques, and
      • Defend against the risk of future attacks
      BlackBerry is making the proprietary security skill sets that made BlackBerry mobile device the most secure in the world available to the open market. BlackBerry's Professional Security Services teams provide design, analysis, response, and testing ("DART") via a range of services, as noted in the table below, among others:



       
      With security skills honed in the mobile industry, industry leading cryptographic  expertise, and decades of automotive software experience, you can see that Blackberry brings it all together.
      Viewing all 233 articles
      Browse latest View live
      Search