Duo duplex drive-by-wire computer system

The integration of drive-by-wire systems into the future generations of vehicles requires a reliable and safe processing of the driver's input requests. Many approaches presented in the last years apply specialised control units as well as communication systems not available in high quantities. This results in cost-intensive systems and increasing developmental periods, which proves to be harmful in the highly competitive automotive sector. Therefore, this article describes a safety relevant controller composed of commercial-off-the-shelf components designed for automotive applications. The article explains the hardware structure consisting of four electronic control units (ECU), connected via the controller area network, constituting a duo duplex system. To stop the communication of faulty ECUs an additional hardware unit is included in the controller system-the so-called BUSPWR block. Beside the hardware a detailed description of the redundancy management is given, which is the software operating the redundant controller. Safety relevant software components have to meet requirements of high software quality standards. For this reason the last part of the article concentrates on the software development process and its supporting tool chain. The application of automated code generation for safety relevant drive-by-wire systems is discussed in detail.