This week, NXP Semiconductors N.V. unveiled a microcontroller family that brings fault-tolerant safety performance to autonomous, electric, and hybrid automobiles. Known as S32S, the family uses an ARM-based computing architecture to marry high performance with a so-called ASIL D (Automotive Safety Integrity Level) environment. “Up until now, microprocessors capable of running safety applications have had much lower performance,” Ray Cornyn, vice president and general manager of vehicle dynamics and safety products for NXP, told Design News.
By endowing the new MCU family with higher performance, NXP engineers said that they can now offer capabilities that go beyond those of conventional ASIL D systems. Instead of merely enabling fault detection, as ASIL D does, the new architecture provides vehicles with the ability to identify faults, isolate them, and then continue on in a safe mode. “This is a degree of fault tolerance that has not been available in any architecture before now,” Cornyn told us.
The S32S family is built atop Cortex-R52 core technology from ARM Holdings. On a single piece of silicon, it incorporates four cores operating at 800 MHz, making it faster than anything previously used for such applications. The four cores also make it possible for users to run four safety-critical tasks in parallel.
The company said that the new family of MCUs will be focused on “start, stop, and steer” applications. As such, the MCUs will be capable of detecting and isolating faults in the control systems of the brakes, steering, transmission, electric motors, and internal combustion engine. “In the steering system, it could check the power supply or look at the processor for a memory fault,” Cornyn said. “In the brakes, it could see if one of the solenoids is jammed or if there’s pressure in the master cylinder. It would have the capability to do the testing in real time and identify the fault before it became an issue.”
NXP’s S32S family is built atop ARM Cortex-R52 core technology. It incorporates four cores operating at 800 MHz, making it possible for users to run four safety-critical tasks in parallel. (Image source: NXP Semiconductors N.V.)
One of the keys to the new family is its use of so-called “hypervisor” technology. The hypervisor is an embedded software program that allows users to run multiple applications on the same piece of silicon without them interfering with each other. NXP engineers developed the hypervisor in partnership with OpenSynergy GmbH, a maker of embedded automotive software.
The new architecture is also designed to support over-the-air software updates. Being able to update it enables OEMs to keep their vehicles viable in terms of security, NXP said. To meet those needs, NXP endowed early versions of S32S with 16 MB of on-chip memory. Subsequent versions will move up to 64 MB, the company said. “If you think about how long a vehicle stays on the road, and how hacking occurs, you know you’re going to need to enhance the security throughout the lifetime of the vehicle,” Cornyn said.
At last week’s NXP Connects conference in Santa Clara, the company’s engineers said they were motivated to create the new electronic architecture by the rapid changes in the auto industry. Increasingly, they said, automated vehicles are reaching the point where they will need to do more than merely alert the driver of any potential faults; they will need to enable the vehicle itself to move ahead in a safe mode if a driver isn’t alert or available. By bringing more computing capabilities to the table, they believe they’ve taken a big first step in that direction.
“This is the first platform that allows you to run very high levels of functionality that are also guaranteed to be safe,” Cornyn told us. “It’s a major step forward in safe performance.”
Senior technical editor Chuck Murray has been writing about technology for 34 years. He joined Design News in 1987, and has covered electronics, automation, fluid power, and auto.