SW partitioning – why do you try to implement it?

SW partitioning is seems to be a very useful approach to decompose ASIL in SW. I understand that if it is implemented, some SW parts can be excluded in the FuSa scope. But I have a different point of view. My question is that is it really give us benefit to reduce our resources?

Regarding to applying SW partitioning, its motivation is to reduce resource. It was my involved project’s interest. If some SW components are excluded as QM, then we have reduced scope for FuSa, and it is benefit to us. When I heard its trials, it sounds good, but I realized that its result would not be good. I’ll tell you what should be considered additionally.

Let’s assume that we should apply a watchdog. It requires many technical consideration and it does not mean just add watchdog in a circuit. Even if watchdog is added, main purposes cannot be achieved if it is not implemented smartly. (reference; proper watchdog timer use in Korean)

Similarly if we implement SW partitioning, design should be verified. At least, task scheduling plan should be specified in a SW design, its design should be reviewed, and its effectiveness should be tested during or after SW integration.

if critical faults occur in a QM side, it shall be ensured that OS catches such exceptions and manages as we intended. it is one side of SW partitioning.

The other consideration is a space partition. A SW component in one partition can try to access memory region or resources that are allocated to other partition. In this case, it shall be ensured that such trials are not succeed. And such trials are invalid, exceptions or any error events should be triggered. Then exception handling should be considered. How will you do if such exceptions are occured? SW reset? Are you sure?

For now, I don’t think that SW partitioning will save our resource. It is a safety design concept, not a method to save our resources. But I may change my mind if I will experience more, but this idea is my latest idea for SW partitioning.

Software partitioning in AUTOSAR

software partitioning is a development concept to decompose ASIL. It is like a firewall that protects a failure propagation from the other partition. In some ways, it is very close to ASIL decomposition concept used in the SW part, so its concept is recommended to consider it also.

To implement the concept, supporting mechanisms shall be supported. As I know, existing version of AUTOSAR cannot support it. Maybe it will take some time to use this scheme. The reasons that I thought are that there are many approaches suggested in the paper to improve partitioning in AUTOSAR. Such studies reflect that this is in progress, and needs more time to complete.

And when I attend Vector conference, I heard that there will be a need for very powerful computing for a ECU.

When the day has come, it will cover many features. In this environment, SW partitioning will be very useful technology. For now, it seems to be immature for AUTOSAR to support SW partitioning scheme.

If what I know is incorrect, then please give a feedback as a reply.

Practical Guide to SysML

Recently I had a chance to use SysML to design a system. My role is more close to make a rule for modeling and guide a drafted design to be a more structured design and to refine preliminary design which to be a simple and straightforward design in a manageable way.

Enterprise Architecture gives me very useful examples and I chose some sample diagrams to apply to my project. This book also gives me real examples how modeling using SysML can be specified.

First impression for SysML modeling examples is that a system in the real world can be modeled using SysML. It seems to be more realistic. It does not just a concept in mind. It exists in a semi-formal specification way

The book have many example sysML models in a real world, and they are useful to understand how SysML model  can be formalized and which modeling notations are useful to specify.

Obviously, Model based System Engineering approach really helps requirement management to be manageable, because design engineers can specify their system more structured way, which help stakeholders to understand system better.

If a SysML model is imported to Medini, then systematic safety analysis can be performed. so I recommend to apply MBSE approach, and SysML is a very good tool to model a system design.