an architecture to support future business. antonsson - volvo.pdf · safety & security...
TRANSCRIPT
An Architecture to support
future business
Some Experience from Volvo Cars
12/12/2018 2
100 000 000
F-35 Lightning IIISSSpace Shuttle Boeing 787 Airbus A380Orion
400 000 2 300 000 2 300 000 (in dev.) 14 000 000 24 000 000 100 000 000
Software intensive systems
Current estimates state that a typical (high-end) car today
contains between 50 000 000 and 100 000 000 lines of code.
Lin
es O
fC
od
e
Automotive software is comparable in size
(and thus complexity) to the most advanced
aeronautical systems.
XC90
60 000 000
(rough estimate)
12 December 2018 ARCHITECTURE TRANSFORMATION 3
ECU count Evolution at VolvoN
um
ber
of
EC
Us
100
1995 2000 2005 2010
S80
XC
90
V40
S80
2015
V60
PH
EV
XC
90
12 December 2018 ARCHITECTURE TRANSFORMATION 4
Over the past 20 years,
the number of ECUs
has grown from around
20 to more than 100.
Software size evolution at Volvo
12 December 2018 5ARCHITECTURE TRANSFORMATION
100
200
300
400
500
600
700
800
900
1.5
Meg
ab
yte
s
4.9 10.9 18.6 20.6
117.597.0
917.0
S80/1998 XC90/2002 S80/2006 V70/2007 XC60/2008 V60/2011 V40/2012 SPA/2014
74MB in ICM+IAM
Maps not included
Compared to V60:
Reduced ICM,
RSE not included
750 MB in IHU
Speech and Maps
not included Over the past 20 years,
software size has grown
by a factor of 10 every
5-7 years.
Bus signal count evolution at Volvo
12 December 2018 6ARCHITECTURE TRANSFORMATION
2 000
4 000
6 000
8 000
10 000
12 000
14 000
16 000
18 000
Nu
mb
er
of
sig
nals
P2 (1998-2014)
In the 1
00’s
, lo
w1000’s
EUCD (2006-ongoing)
~2700
SPA (2015)
~7000
SPA AD (prototype)
~1
4 0
00
Over the past 20 years,
the number of bus
signals has grown from
100’s in P2 to ~7000 in
SPA (~14 000 in our AD
prototypes).
Decreasing time to marketProduct evolution
after original sale
Increasing OEM control
over OEM concerns
Unknowns
Our Future Business...
12 December 2018 7ARCHITECTURE TRANSFORMATION
ConnectivityElectrification
Multiple brands
multiple segments
Autonomy Sharing
System of systems Crowd sourced data Machine learning
Personalization
Third party access
12/12/2018
Required Core abilities of the solution
ARCHITECTURE TRANSFORMATION
Scalability & FlexibilityEvolvability & Adaptability
Manageability & Controllability
Updatability & Upgradability
Safety & Security
.
Robustness & Reliability
.
8
Why Architecture?
12 December 2018 9ARCHITECTURE TRANSFORMATION
Architectural Tactics
Product System Development
Product System
Architecture Development
Product Functions,Product Attributes
“The Architecture is that which will ensure that the Product System
can fulfill its Business Goals, together with its Functionality”
Development Enablers Constraints
(Architecture Decisions & Strategies)
Product Functions,Product Attributes
&Product Business Goals
Architectural Tactics
12 December 2018 10ARCHITECTURE TRANSFORMATION
Scalability & Flexibility
Evolvability & Adaptability
Manageability & Controllability
Updatability & Upgradability
Safety & Security
Robustness & Reliability
Security domains for Information access
Safety Guarantees on Interfaces
Service Capability on Interfaces
Business driven
Product Modularization
SW Layered Structure
Central Computational
Cluster
Decision Based Hierarchy
We are Lean and Agile...
...and we work with 3 important artifacts
1. Architecture Description
The Documentation of the Architecture
2. Architecture Description Framework
How to Document the Architecture
3. Knowledge driven Architectural Tactics
The essence of the Architecture
Short increments & Risk & Trade-off driven
How Do we do it?
12 December 2018 11ARCHITECTURE TRANSFORMATIONIEEE/ISO 42010
Knowledge driven Architecture Development
12 December 2018 12ARCHITECTURE TRANSFORMATION
Architectteam
Businessowners
Architectteam
Architectteam
Business Goals, Product Functions
&Product Attributes
Architectural Tactics
Generate Quality Scenarios
Prioritized Scenarios
Analyze Architectural Tactics
Scenario Impact:- Risks/Non-risks- Tradeoff points- Sensitivity points
Architecture Development
Architectural Tactics
Securi
ty d
om
ain
s fo
r
Info
rmati
on a
ccess
Busi
ness
dri
ven P
rod
uct
Mod
ula
riza
tion
Centr
al C
om
puta
tional
Clu
ster
SW
Laye
red
Str
uctu
re
Decis
ion B
ase
d H
iera
rchy
Serv
ice C
ap
ab
ility
on
Inte
rfaces
Safe
ty G
uara
nte
es
on
Inte
rfaces
System Quality Requirements Securi
ty d
om
ain
s fo
r
Info
rmati
on a
ccess
Busi
ness
dri
ven P
rod
uct
Mod
ula
riza
tion
Centr
al C
om
puta
tional
Clu
ster
SW
Laye
red
Str
uctu
re
Decis
ion B
ase
d H
iera
rchy
Serv
ice C
ap
ab
ility
on
Inte
rfaces
Safe
ty G
uara
nte
es
on
Inte
rfaces
"Scalability & Flexibility Scenarios" NR1NR2,
R1, SP1R4 TO7
"Manageability & Controllability" Scenarios R5
Updatability & Upgradability Scenarios TO1, R2 SP3 NR6
Evolvability & Adaptability Scenarios NR1 SP1 R5, TO4
Robustness & Reliability Scenarios R3 NR3TO5,
TO6, SP4
Safety & Security Scenarios SP1 NR4 NR5 TO2
As a Workshop Engineer I want to update small part of the Software in a used Vehicles and I want to be sure that the
Vehicle every time fulfil our System Safety
Thank you
Questions?