The race is on
As autonomous vehicles edge ever closer to mainstream reality, it’s now legislation and litigation that are expected to hold things up, not technology. But that only puts more pressure on manufacturers to get their solutions to market, as Philip Ling investigates.
There’s really no such thing as being too early to market, particularly in a market that’s expected to be as large as autonomous vehicles. Realistically, the idea of self-driving vehicles is largely dependent on the technology behind it being in every vehicle on the road — even if that road is reserved exclusively for self-driving vehicles — but the first ‘steps’ have already been taken by the likes of Delphi and Google.
However, even with the inexorable move towards total autonomy, the reality is nobody knows when the industry will arrive there. It is, of course, dependent on the availability of the technology, but it doesn’t end there. In order to get global sign-off for self-driving vehicles, that technology will need to be put through exhaustive tests, at every level. And for that to even begin to happen, the technology needs to not only be available but effectively production-ready.
And while many, including Kathy Winter, Delphi's Vice President of Advanced Engineering and Software Services, understand that the non-technical issues will be the biggest speed bumps in the road to autonomous driving, the real effort will be directed towards delivering the level of safety deemed necessary. The US Transportation Secretary, Anthony Foxx, visited Delphi Labs in Silicon Valley recently to announce a series of steps to accelerate the rate of deployment of safety-related technology. He pledged to work with the automotive industry and technology companies to ensure demonstrable technologies will be brought to market faster than originally planned: “The Department wants to speed the nation toward an era when vehicle safety isn’t just about surviving crashes; it’s about avoiding them,” Secretary Foxx said. “Commercial, automated vehicles that can sense the environment around them and communicate with other vehicles and with infrastructure have the potential to revolutionise road safety and save thousands of lives.”
To that end, the Department’s National Highway Traffic Safety Administration is moving ahead of its public timetable for its proposal to require vehicle-to-vehicle (V2V) communication devices in new vehicles, and work to accelerate testing necessary to ensure that V2V and Vehicle-to-Infrastructure transmissions are free from radio interference.
Roadmap to autonomous roads
But what does this mean at the chip level? Safety has long been a feature of hardware and software in embedded devices, but transferring that expertise to the autonomous vehicle isn’t without its challenges. It is, perhaps, best described by what has come to be known as an embedded/automotive Hardware Security Module (HSM); a dedicated extension to the HSMs used in the IT world.
Over a relatively short evolution these HSMs now fall in to three variants; Full, Medium and Light, each focusing on different security use-cases with different cost, functional and security requirements. Not surprisingly, the Full HSM offers the greatest level of functionality, security and performance by employing (for example) a hardware-accelerated asymmetric cryptographic block. Medium modules focus on securing the in-vehicle communication and so wouldn’t necessarily feature a dedicated hardware-accelerated asymmetric cryptographic block or hashing function, but may be capable of performing some non-time critical asymmetric cryptography (such as key exchange protocols). This saves cost and power, but still supports symmetric algorithms. The light HSM is intended to secure the interaction of ECUs and sensors/actuators, and is able to meet strict cost requirements. The European research project, EVITA (E-safety Vehicle Intrusion Protected Applications), helped define the standard and terminology that has since been adopted by a number of manufacturers.
Recently, STMicro announced what it describes as a the next generation of Flash-based MCUs targeting safety and security in the automotive market. The multi-core single-chip automotive MCUs in its SPC58NE product line are based on the Power architecture and are the first to use ST’s proprietary 40nm embedded Flash process, offering true read-while-read access.
The first device in the family is the SPC58NE84 (Figure 1) and is compliant with ISO 26262 ASIL-D and EVITA Medium Class, and is the first in the family to start sampling. ST commented that automotive security is now becoming pervasive and, in some cases, mandatory, adding that security now extends to the hardware security module (HSM) system, targeting EVITA Medium Class, which can be seen as an autonomous and isolated system, embedded into the microcontroller, handling all security operations.
The SPC58NE family will soon encompass additional devices, forming a subset of the flagship device and omitting a number of the full architecture’s features, presumably in order to meet the cost and/or power requirements of Light HSMs.