Safely realize real-time performance of automotive electronics

The user's requirements for features and functions seem to be unsatisfactory, forcing automakers to install more and more electronic control units (ECUs) in their cars, so that the automotive electronic network is so complex that it is incomprehensible. Some features are purely for comfort or convenience (such as navigation, premium audio, automatic air conditioning, etc.), while other systems are legally mandated (eg tire pressure monitoring, advanced airbags, vehicle stability control, etc.). To manage this growing complexity, the automotive electrical architecture (Boardnetz) is divided into specific domains, including: powertrain, body, chassis, security systems, and infotainment systems. Each sub-domain is connected to the high-speed backbone bus through an information gateway to realize information sharing between different electronic control device clusters. (Figure 1) The backbone bus currently used is usually FlexRay technology, but Ethernet technology is also possible in the future. The next step is to reduce the number of electronic control devices in each sub-domain by providing a "domain controller" instead of a series of electronic controls in the sub-domain. These domain-controlled electronic controls provide a high-performance computing platform that can host many applications in parallel, replacing a large number of small electronic controls and simplifying systems. This approach has many attractive advantages, such as saving installation space, reducing assembly time, reducing harness complexity, reducing network complexity, and reducing power consumption. This approach also saves a lot of money in terms of system cost and R&D investment. However, it is followed by many new requirements for the computing platform to support a single microcontroller in the domain control electronic control device, while hosting software and applications provided by different vendors.

This article refers to the address: http://

Domain controller "Boardnetz" to simplify network connectivity

Figure 1: Domain controller "Boardnetz" for simplifying network connectivity, integrating several related applications into high-performance domain control electronic controls

Interference exemption between different applications

A key issue is to ensure "interference exemptions" between all the different applications running on the platform. This means that each process enforces predefined limits on resource usage, including CPU processing time, interrupt latency, code execution range, RAM usage, peripheral access, and service usage (such as operating system functions, EEPROM handlers). , bus network drivers and similar sharing functions). These safeguards need to be carefully considered when using multi-core microcontrollers. These multi-core microcontrollers will have several CPUs to run multiple instances of the AUTOSAR operating system (operating system applications) and share the same set of hardware resources. The traditional method of sharing shared computing resources involves abstracting hardware using the "manager" layer. This hypervisor avoids direct access to the physical hardware by the operating system, instead collects these accesses, sorts them to determine their priorities and permissions, and denies or agrees to access requests. Introducing this idea into the automotive world means running several "AUTOSAR virtual machines" on each CPU and managing the permissions and conflicts of using shared resources by a specific hypervisor layer. However, automotive electronic control devices are not yet able to support this level of abstraction because the main disadvantage of this deeply nested real-time system is that it greatly extends the latency of all peripheral accesses. In order to successfully achieve resource sharing, AUTOSAR version 4 provides a cooperative sharing model that specifies an operating system inter-application communication (IOC) mechanism whereby a basic software module (BSW) that cannot be serviced on a particular core is re-established. Directed to the kernel that can provide the service. This mechanism relies on cooperation between the cores. The downside is that it is possible for a kernel to receive a large number of IOC requests, thus affecting its ability to perform other tasks. The “interference exemption” between applications on different cores implemented through this cooperative mechanism must be carefully examined and the potential additional load that may be imposed must be limited.

To put the domain controller concept into practice, a more pragmatic first step is to combine the two electronic controls directly into one. Even this small move can result in significant savings in packaging, electronic control infrastructure (boards, connectors, power supplies, bus repeaters, placement and testing), and wiring harnesses. The simplest solution is to place two original microcontrollers side by side on a single board. However, it is best to have a multi-core microcontroller to provide dedicated resources for both applications to further reduce complexity and save component costs. However, if there are one or more applications involving security issues (ie, applications that may cause personal injury during unexpected operations), then rigorous analysis and engineering must be performed in accordance with the recently published ISO 26262 Functional Safety Standard. Design, consideration and argumentation. The ISO26262 Functional Safety Standard requires hardware to have adequate fault detection capabilities and to minimize the possibility of violating any safety objectives in order to be used in such a safety system. The highest requirements for Automotive Safety Integrity Level D (ASILD) are an interesting challenge for economic and energy efficiency solutions. To achieve more than 99% of single point of failure (SPF) metrics, redundant computing power, data failure detection logic, timer and memory protection units, clock monitoring, voltage monitoring, and dedicated self-test mechanisms are typically required. If an application programmer is to solve all of these hardware-related problems, performing plausibility checks and tests at runtime consumes a lot of processing power. If there are multiple processing cores on the microcontroller, additional steps must be taken to detect interference from other CPUs and other devices such as the DMA engine and any other internal bus masters.

When safety meets performance

Working closely with leading market-leading vendors, Infineon has introduced a new family of multi-core TriCore processors to meet the growing demand for computing performance, higher memory capacity, security and automotive quality. The new processor family, named AURIX, is a rising star of the successful AUDO and AUDOMAX families. The newly designed AURIX family is designed to provide the most advanced processing power in an energy efficient, high performance manner. The TriCore core has been redesigned into two different versions: one is a superscalar version that delivers industry-leading 300Mz performance; the other is a scalar version that achieves minimum current consumption and minimum size at 200MHz, which is suitable for The most efficient solution for mid-range applications. Both versions of the TriCore CPU implement locksteps to provide superior fault detection and fast response times for ASIL D safety systems. The AURIX family's flexible scalability in performance, memory capacity and packaging enables a shared set of security instances to be shared between different devices, allowing for the hosting of a single application on a smaller device and the simultaneous hosting of multiple devices on a larger device. Applications without changing the software architecture or security policy. This is partly due to the integration of a unique feature in each peripheral and each internal bus slave that accepts only access from defined resources. This mechanism (called Register Access Protection) (Figure 2) permanently blocks or allows any CPU, DMA, or other bus master to access (or possibly corrupt) any internal shared resources (SRAM, peripherals, IO). status. This allows the user to combine any peripheral and memory dedicated to each CPU and DMA. Many peripherals also implement dual configuration so that each hosted application has its own dedicated resources to ensure "interference free" without any memory protection mechanisms or other operating system-related packaging mechanisms. Space-saving potential for main controller software engineering and integrated analysis is high (~30%) because hybrid critical systems can host an AUTOSAR OS for ASILD applications on one core and simultaneously host on another core A non-AUTOSAR OS that does not enable local memory or timing protection, making it impossible for non-secure applications to interfere with the security-related behavior of the microcontroller. If you want to implement multiple ASIL D applications, AURIX can also host multiple AUTOSAR operating system applications and fully support the cooperative mode. The new temporary protection system provides assistance in performing task time budget monitoring and outage rate monitoring on the CPU core. In this way, the ASIL C and ASIL D systems can also implement the AUTOSAR IOC because the hardware can monitor any interaction between the cores and limit them to pre-defined limits. The hardware enforces encapsulation boundaries, allowing straightforward security arguments when integrating monitoring functions into existing systems, as the “interference immunity” can be directly inferred. Together, these mechanisms provide the point of entry needed to achieve "paravirtualization." “Semi-virtualization” is a pragmatic first step toward full “virtualization” and hypervisor. Because today's automotive applications are not actually available, and the ability to run "virtual machines" is not strictly required.

General specifications

Base speed: 1                      Detachable shaft: lock & unlock sign

 LED light: No                       Speed setting: 1

 

Technical specifications

Power: 150W/200W               Frequency: 50/60 Hz

Voltage: 220-240V                 Cord length: 1.2 m

 

Design specifications

Material body: ABS                  Surface finishing: injected color

Material rod: Stainless steel      Material blade: Stainless steel                 

Material measure cup & chopper: SAN

Dishwasher attachments: Yes

 

Approvals

     GS/CE/CB/LVD/EMC/ROHS/LFGB/DGCCRF/REACH/ERP

 

Optional Accessories

A. Mixer Beater (s/s)                                                    

B. Mixer whisk (s/s)                                                     

C. Potato masher                                                          

D. 550ml measure cup                                              

F. 700ml measure cup                                             

G. 350ml chopper      

3327 1

Hand Mixer

Mini Electric Hand Mixer,Mini Hand Mixer,Turbo Function Hand Mixer ,Home Hand Mixer

Housoen Electric Manufacture Co., Ltd. , https://www.housoenappliances.com