Figure 1 - uploaded by Prachi Joshi
Content may be subject to copyright.
![CAN-FD Frame Format (from [9]).](profile/Prachi-Joshi-3/publication/320188400/figure/fig1/AS:645507512819713@1530912392610/CAN-FD-Frame-Format-from-9.png)
Source publication
![Figure 1 CAN-FD Frame Format (from [9]).](profile/Prachi-Joshi-3/publication/320188400/figure/fig1/AS:645507512819713@1530912392610/CAN-FD-Frame-Format-from-9_Q320.jpg)
Contexts in source publication
Context 1
... this section, we briefly describe the main features of CAN-FD. The CAN-FD frame format is shown in Figure 1. For a more detailed description, readers are referred to [2]. ...
Context 2
... input to the algorithm is the set of frames Γ for all the domains. Similar to Audsley's algorithm, priority levels are assigned iteratively to all the frames starting from lowest to highest (Lines 3-15). At each iteration, a priority level is assigned to the first frame γ that satisfies the schedulability constraints over all the domains belonging to ∆(γ) ( Lines 8-12). ...
Context 3
... is because one of the systems (out of 100) turned out to be unschedulable and thus the heuristic runs 10 iterations for this case, thereby increasing the average runtime. On the other hand, the unschedulable system in the case of 120 signals becomes schedulable in just one iteration with our heuristic (please refer to Figure 10). ...
Context 4
... to the long runtime of ILP, we generated 100 random systems for each system size. As in Figure 10, the performance of the greedy heuristic is comparable to that of ILP with respect to the number of feasible cases for small systems (namely, with number of signals below 150). However, for system size of 180 the greedy packing results in about 5% infeasible cases whereas the ILP delivers just 1% infeasible cases. ...
Similar publications
In the frame of the Italian In-Kind collaboration for the construction of the European
Citations
... The discussion on networking technologies in the design of E/E architectures is another hot topic. In the traditional E/E architectures, E/E components are designed and developed in a distributed fashion, mainly using various bus technologies, such as CAN [10][11][12][13][14], CAN-FD [13][14][15][16][17], LIN [13,14], FlexRay [13,14,18,19] and MOST [13,14], to connect in-vehicle ECUs for different E/E systems. These E/E/ architectures have been widely used in vehicles, such as BMW 7 series [20]. ...
With the rapid development of autonomous vehicles, more and more functions and computing requirements have led to the continuous centralization in the topology of electrical and electronic (E/E) architectures. While certain Tier1 suppliers, such as BOSCH, have previously proposed a serial roadmap for E/E architecture development, implemented since 2015 with significant contributions to the automotive industry, lingering misconceptions and queries persist in actual engineering processes. Notably, there are concerns regarding the perspective of zone-oriented E/E architectures, characterized by zonal concentration, as successors to domain-oriented E/E architectures, known for functional concentration. Addressing these misconceptions and queries, this study introduces a novel parallel roadmap for E/E architecture development, concurrently evaluating domain-oriented and zone-oriented schemes. Furthermore, the study explores hybrid E/E architectures, amalgamating features from both paradigms. To align with the evolution of E/E architectures, networking technologies must adapt correspondingly. The networking mechanisms pivotal in E/E architecture design are comprehensively discussed. Additionally, the study delves into modeling and verification tools pertinent to E/E architecture topologies. In conclusion, the paper outlines existing challenges and unresolved queries in this domain.
... Furthermore, Bordoloi and Samii [21] presented the frame packing problem for CAN FD and proposed an optimization approach for selecting and packing payloads into frames to minimize bus utilization. Their approach considers timing constraints and potential repacking of messages to satisfy deadlines and formulates the best-and worst-case transmission times of CAN FD. ...
The Controller Area Network (CAN) dominates in-vehicle networking systems in modern vehicles. CAN was designed with low-latency and reliability as key features. Authenticity of a CAN frame was not considered in the design, thus, most in-vehicle network nodes inherently trust received messages as coming from a legitimate source. As a result, it is trivial to program (or hack) a network node to spoof traffic. Authentication is challenging for CAN and related protocols, such as SAE J1939, due to limited frame sizes and high bus utilization. Adding a message authentication code (MAC) as a separate message can unduly stress the real-time delivery of safety-critical messages. Although this stressor is well-known, the impact of authentication protocols on real-time message delivery in CAN has not yet been thoroughly examined. In this paper, we provide the first comprehensive analysis of realtime schedulability analysis applied to authentication schemes for CAN, CAN Flexible Data-rate (CAN FD), and CAN extra long payload (CAN XL). We formulate the response time analysis for addition of MACs and periodic transmission of MACs, and we examine their impact on two case studies and through evaluation with randomized schedulability experiments over a wide range of message sets.
... They evaluated the authentication overhead and concluded that their implementation, which authenticates each CAN frame separately, would impose an impractical bandwidth overhead. Previous studies have computed the worst-case transmission time of CAN FD [5], [6]. However, formulations are flawed due to using an outdated pre-specification prior to ISO standardization which has been updated [5], and use of the obsolete CAN transmission time [6] that has been revised [7]. ...
... Previous studies have computed the worst-case transmission time of CAN FD [5], [6]. However, formulations are flawed due to using an outdated pre-specification prior to ISO standardization which has been updated [5], and use of the obsolete CAN transmission time [6] that has been revised [7]. In addition, these earlier studies did not consider the extended format (29-bit identifier). ...
... Q k,i is a binary variable, if Q k,i =1, it indicates that T k,i is a security-critical task; otherwise, T k,i is a non-security-critical task. We assume that deadline equals to period for each task, and priorities are assigned to tasks based on their periods, these assumptions are common in ACPS [29][30][31]. P k,i , C k,i , D k,i , and Q k,i are given, and R k,i is calculated as follows: ...
... The message set of all ECUs is denoted by M, where M = ∀k M k , and MN indicates the total number of messages in M. m k,j is indicated with a 5-tuple: m k,j = {p k,j , c k,j , r k,j , d k,j , q k,i }, which indicate the period (in µs), worst-case transmission time (WCTT, in µs), WCRT (in µs), deadline(in µs) and security level of m k,j , respectively. p k,j and c k,j are given, q k,j equals to that of its sending task, and d k,j equals to p k,j [29][30][31]. As the authors of [32] verified that the rate monotonic priority order is close to the optimal priority order for CAN, thus we assume that the rate monotonic priorities are assigned to CAN FD messages. ...
The introduction of various networks into automotive cyber-physical systems (ACPS) brings great challenges on security protection of ACPS functions, the auto industry recommends to adopt the hardware security module (HSM)-based multicore ECU to secure in-vehicle networks while meeting the delay constraint. However, this approach incurs significant hardware cost. Consequently, this paper aims to reduce security enhancing-related hardware cost by proposing two efficient design space exploration (DSE) algorithms, namely, stepwise decreasing-based heuristic algorithm (SDH) and interference balancing-based heuristic algorithm (IBH), which explore the task assignment, task scheduling, and message scheduling to minimize the number of required HSMs. Experiments on both synthetical and real data sets show that the proposed SDH and IBH are superior than state-of-the-art algorithm, and the advantage of SDH and IBH becomes more obvious as the increase about the percentage of security-critical tasks. For synthetic data sets, the hardware cost can be reduced by 61.4% and 45.6% averagely for IBH and SDH, respectively; for real data sets, the hardware cost can be reduced by 64.3% and 54.4% on average for IBH and SDH, respectively. Furthermore, IBH is better than SDH in most cases, and the runtime of IBH is two or three orders of magnitude smaller than SDH and state-of-the-art algorithm.
... As the data volume transferred inside the ACPS is daily increasing, bandwidth is a scarce resource for in-vehicle networks. Consequently, many research focuses on minimize the bandwidth utilization for CAN and CAN FD by packing as many signals as possible into messages [9]- [17], [19]- [22]. However, for large-volume and long-lifetime ACPS, extensibility is also of great importance for in-vehicle networks of the ACPS, as the adding of new signals (signal size extension can be seen as a special case of new signal) is inevitable due to function upgrade or adding of new functions [23]. ...
... Besides the above mentioned heuristic algorithms, Natale et al. [16] modeled the signal packing as a mixed integer linear programming (MILP) problem to minimize the bandwidth utilization. Joshi et al. [17] firstly formulated the signal packing of multi-domain CAN FD as an integer linear programming (ILP) problem to minimize the bandwidth utilization, and then another greedy heuristic method is presented for industry-sized signal sets. Later, Joshi et al. [18] proposed to optimize the signal packing of CAN FD by assigning different offsets to signals. ...
... Just like [12], [16], [19], [24], we reuse existing research results for priority assignment and WCRT analysis of CAN FD messages. We assume that only signals with harmonic period can be packed together, and message's deadline equals to its period [16], [17], [19], [24]. Thus, T k, j is calculated as follows: ...
Extensibility is an important optimization objective for the E/E architecture of automotive cyber-physical systems (ACPS), while little attention has paid to the extensibility-aware design of in-vehicle network. To address this problem, this paper formulates a trade-off problem that balances the bandwidth utilization and the extensibility from the initial design of CAN FD. We firstly propose a new extensibility model and the related evaluation metric, and then two optimization algorithms, namely, the mixed integer linear programming (MILP) approach and the simulated annealing (SA) based heuristic approach, are proposed to resolve the trade-off problem for mid-sized and industry sized signal sets, respectively. The experiment results show the efficiency of the proposed extensibility metric and the optimization algorithms. By comparing with state-of-the-art algorithm, the MILP reduces the increase range of the bandwidth utilization of the extended signal set by 18.17% to 57.64% averagely, and 49.22% to 89.40% maximally, with only 0.06% to 0.79% bandwidth utilization overhead; the SA approach can reduces the increase range of the bandwidth utilization of the extended signal set by 12.71% to 58.33% averagely, and 40.08% to 89.40% maximally, with only 0.06% to 0.8% bandwidth utilization overhead.
... Moreover, finding an optimal configuration for a single configurable parameter is a difficult problem. For example, frame packing for CAN-FD [18] and synthesizing gate control list for TSN [76] is NP problems. ...
... For CAN(-FD) protocol, [18] proposes heuristic algorithms to pack signals into CAN-FD messages to minimize bus utilization. [50] solves the frame packing problem for the system consisting of multiple CAN-FD buses with a central gateway. ...
... However, Eq. 2.1 has to be revised to consider differences between CAN frame format and CAN-FD frame format. Bordoloi et al. [18] provided the revised equation for CAN-FD as follows where p is the payload size in bytes: ...
Automakers keep adding new functions to their products to attract more customers. Since such newly-introduced functions usually require communication with other electronic control units (ECUs) to acquire & deliver sensor (e.g., speedometer, radar, etc.) data, the amount of in-vehicle network traffic keeps rising. To deal with this ever-increasing trend, automakers have re-designed in-vehicle network architecture and adopted high-bandwidth protocols such as controller area network with flexible data-rate (CAN-FD), switched-Ethernet, etc. However, since the complexity and cost related to in-vehicle networks increases with this change, optimizing the in-vehicle network to minimize the cost becomes a major challenge to the automakers. To tackle such a challenge, we propose a suite of design optimization methods for modern in-vehicle network architectures. First, we present PAMT, an optimal priority-assignment algorithm for a single mixed CAN and CAN-FD bus. By clustering messages based on their type, PAMT minimizes the timing overhead for mode transitions. Second, we propose EACAN to relax the pessimistic assumptions used in the formal verification for CAN communication. Third, we identify configurable parameters for standardized frame preemption of Ethernet Time-Sensitive Networking (TSN) and present DOFP, a genetic algorithm based optimization for the frame preemption. Fourth, we propose OPMB, an optimal priority assignment algorithm for multi CAN/CAN-FD buses with a central gateway. Finally, we propose PRMB which finds a schedulable priority assignment and generates routing tables to use signal-based routing at the central gateway while meeting the timing requirements of in-vehicle data.
... To address these caveats, we solve the multi-mode schedule synthesis problem sequentially using heuristics, as commonly done in related approaches [26,35,39]. Algorithm 2 summarizes our approach. ...
... We first prove by recurrence that virtual legacy sets defined in (26) are sufficient to satisfy (24). For the highest priority mode M 1 , by definition, L 1 = ∅, thus CF (L 1 ). ...
... We now prove that the virtual legacy sets are also necessary. Let us consider smaller virtual legacy sets than defined by (26), that is, ...
Wirelessly interconnected sensors, actuators, and controllers promise greater flexibility, lower installation and maintenance costs, and higher robustness in harsh conditions than wired solutions. However, to facilitate the adoption of wireless communication in cyber-physical systems (CPS), the functional and non-functional properties must be similar to those known from wired architectures. We thus present Time-Triggered Wireless (TTW), a wireless architecture for multi-mode CPS that offers reliable communication with guarantees on end-to-end delays and jitter among distributed applications executing on low-cost, low-power embedded devices. We achieve this by exploiting the high reliability and deterministic behavior of a synchronous-transmission-based communication stack we design, and by coupling the timings of distributed task executions and message exchanges across the wireless network by solving a novel co-scheduling problem. While some of the concepts in TTW have existed for some time and TTW has already been successfully applied for feedback control and coordination of multiple mechanical systems with closed-loop stability guarantees, this paper presents the key algorithmic, scheduling, and networking mechanisms behind TTW, along with their experimental evaluation, which have not been known so far. TTW is open source and ready to use.
... Xie et al [16] proposed another heuristic signal packing algorithm for CAN FD, where signals are clustered and packed to optimize the bandwidth utilization. Natale et al [17] modeled the signal packing of CAN FD as an MILP problem and solved this problem to minimize the bandwidth utilization, while Joshi [18] firstly proposed an ILP formulation for the optimal frame packing of multi-domain CAN FD, and then another greedy heuristic method is further given for industry-sized systems. However, [10], [11], [12], [13], [15] cannot find the optimal result, and the MILP formulations proposed by [17], [18] are only applicable to medium-sized signal sets. ...
... Natale et al [17] modeled the signal packing of CAN FD as an MILP problem and solved this problem to minimize the bandwidth utilization, while Joshi [18] firstly proposed an ILP formulation for the optimal frame packing of multi-domain CAN FD, and then another greedy heuristic method is further given for industry-sized systems. However, [10], [11], [12], [13], [15] cannot find the optimal result, and the MILP formulations proposed by [17], [18] are only applicable to medium-sized signal sets. Furthermore, no security constraint is considered in the above works. ...
... We assume that only signals with harmonic period can be packed into the same message [18], [17], thus m_period(k, j) is calculated as follows: ...
The Controller Area Network with Flexible Data- Rate (CAN FD) is the new generation of CAN technology to meet the daily increasing bandwidth requirement for Automotive Cyber-Physical Systems (ACPS). However, ACPS is a security- critical system, an efficient security/timing-aware Design Space Exploration (DSE) method is required to fully utilize CAN FD's high data phase data-rate. In this paper, we propose an AUTOSAR-compliant system model that integrates both timing and security constraint, an integrated Mixed-Integer Linear Programming formulation (i-MILP) for the optimal DSE of CAN FD, and a divide-and-conquer approach to the i-MILP (dc-MILP) to address its timing complexity problem. The experiment results show that dc-MILP scales well for industrial-size systems, and saves 1.94% to 4.76% bandwidth utilization and guarantees the schedulability for more signal sets by comparing with state-of- the-art algorithm.
... These problems may be addressed by a modification of the CAN data layer protocol for CAN FD [11][12][13]24] as well as its implications for the higher layers of the OSI model -TTCAN [7]. The comparison of protocols is presented in [4]. ...
The network system of data exchange between the various components is an inherent element of every car. Because of the specific and different requirements for data transfer between specific devices, currently used communication protocols have different properties of performance, security, and degree of determinism. The paper presents the increasing complexity of the data exchange system based on the example of the latest requirements for digital tachographs. The article describes also the data transmission initialization methods in the context of network data exchange organization. The hybrid use of time triggering and event triggering mechanisms has been presented in relation to the operation of the CAN network under increased real-time conditions requirements implemented as TTCAN (time triggered CAN).
... Later, Polzlbauer et al. [8] present another extensibilityaware packing algorithm for CAN, the proposed algorithm is based on the simulated annealing and bandwidth utilization is its optimization objective. Bordoloi et al. [9] first address the signal packing of CAN FD, where the dynamic programming-based heuristic method is suggested to minimize the bandwidth waste. This approach uses the bandwidth waste of a message as the optimization metric, but the motivating examples explained in Section 4.3 indicate that "minimizing the bandwidth waste of packed messages" cannot "minimize the bandwidth utilization of the packed message set". ...
... Packing Unit Schedulability Verification Xie integer linear programming signal cluster signal level Sak [7] best-fit decreasing signal message level Pol [5] next-fit decreasing signal message level Bor [9] dynamic programming signal message level Urul [10] best-fit decreasing message None size (in bit) and deadline (in μs) of s i , respectively. We assume that period and size are given for the signals, and deadline is initially set equal to its period [6,7]. ...
... To improve bandwidth utilization, we allow signals with different periods to be packed into the same message [5,9,10]; however, the oversampling of signals with big period occurs. Thus, the signal's deadline needs to be updated according to the packing result. ...
CAN with flexible data rate (CAN FD) is considered the next generation in-vehicle network standard for automotive cyber-physical systems. CAN FD supports a data phase bit-rate of up to 10 Mbps and message payload of up to 64 bytes. However, the substantial differences regarding the allowed message payloads and the heterogeneity of the signal periods indicate the need for a systematic design method to fully utilize its large transmission bandwidth. We propose an optimized design method for CAN FD to minimize bandwidth utilization while meeting the signal timing constraint. First, two slack evaluation metrics are defined for the quantitative analysis of the potential packing choices. Based on these metrics, we propose a clustering-based signal packing algorithm, and the schedulability of the signals and the packed messages are both verified. The proposed method is compared with other design methods proposed for both CAN and CAN FD. The experimental results demonstrated that our method is the most bandwidth efficient and can meet the timing constraint simultaneously.
