Manufacturers of vehicles are increasingly dependent on software to deliver a wide range of capabilities that improve everything from entertainment experiences to driver safety. The building, integrating and securing software components that need to be deployed across thousands of processors embedded within a wide range of makes and models of vehicles, however, is not exactly easy.
The ultimate success or failure of any vehicle is wholly dependent on the ability of software engineering teams to meet deadlines that are determined by not just the year in which a vehicle is scheduled to be made available, but also what types of over-the-air subscription services might be later added during its lifespan.
In effect, software engineering is transforming the business model of the entire automotive industry. In addition to either leasing or buying a vehicle outright, it’s already common for software to be the core technology that distinguished one class of vehicles from another. Just as importantly, it’s quality of the over-the-air (OTA) updates to that software that ultimately determines the level of customer loyalty any vehicle manufacturer can engender.
The challenge, of course, is that while there may be thousands of processers in a vehicle the amount of compute resources being made available to developers is finite. As such, vehicle manufacturers now more than ever need to further optimize software engineering using best DevOps practices if they hope to remain competitive.
It’s already apparent the most innovative features of most vehicles, from head-up displays (HUDs) to advanced drive assistance systems (ADAS) that enable autonomous driving, are now driven by software. However compelling those advances are, they are actually only early examples of a lot more to come.
Mercedes-Benz, for example, is developing its own Mercedes-Benz Operating System (MB-OS) for launch next year. More than 3,000 software engineers will be working on this effort in Sindelfrigen, Germany, with additional hubs planned for Berlin, Tel Aviv, Seattle, Sunnyvale, Beijing, Tokyo and Bangalore. MB.OS will become the central nervous system for accessing a wide range of external cloud-based services. A primary goal is to streamline the driver experience by eliminating frustrating menu tiers that currently make accessing more advanced features more cumbersome than most drivers today are not all that inclined to use. Mercedes-Benz has enlisted with Unity Technologies, a builder of video games, to help incorporate real-time 3D visualization capabilities to achieve that goal.
MB.OS will also provide the foundation for a pillar-to-pillar “hyperscreen” digital display, 3D navigation and a 3D “Star Avatar” digital assistant that will function as a “digital butler” that, for example, will provide tips on how to drive more economically. Other capabilities include audio and video streaming, messaging, gaming and augmented-reality enhanced experiences. One safety feature under development will even go so far as to show how data gathered from the vehicle, with driver consent, can identify high risk accident locations and alert drivers to potential collision spots using GPS coordinates.
Despite promising all these capabilities, Mercedes-Benz is nevertheless going to simultaneously reduce the number of electronic control units (ECUs)—the current S-class uses over 80 ECUs—to reduce power requirements and fine tune driving modes ranging from comfortable to sporty to dynamic. One key technology enabler for achieving that goal will be an Omniverse platform that creates a digital twin of a factory where production changes can be examined in a virtual world before implementation.
Not to be outdone, The Volkswagen Group, which includes the brands Audi, Porsche, Lamborghini, Bentley, Bugatti and others, plans to reduce the amount of computing power needed inside the vehicle in favor of a system called The Big Loop being developed by Cariad, a VW subsidiary. The Big Loop has two core elements. One is an isolated, protected piece of hardware called the “blade” that handles all driving functions, including assisted driving (AD) and automated driving (ADAS) capabilities. Inside the blade is a deep-neural network software package dubbed In Situ Intelligent Data Collector, otherwise known as INSTICT) that analyzes in real time sensor data. Instinct is designed to be on the lookout for “known knowns” as well as “unknown unknowns” should an unexpected hazard suddenly appear.
The Volkswagen Group will constantly be connected to the cloud where “swarm data” will be stored. Swarm data, gathered by the all the sensors and cameras in the car, includes information about the vehicle as well as its surroundings and road conditions, providing guidance to AD and ADAS systems to enable predictive cruise control, a cornering assist function that adapts to vehicle speed, and an autonomous lane-changing capability on highways. Continuous linkage to the cloud also means more highly detailed maps are made available.
Honda and Sony, meanwhile, are building an Afeela electric car incorporating 45 sensors and camera both inside and out. Afeela “will integrate real and virtual worlds” with the latter viewed on a pillar-to-pillar panoramic screen across the dashboard. Novel light bars mounted on the front and rear bumpers allow communication with surrounding people. A yoke-style steering wheel design minimizes any obstacle to screen viewing.
Software is also going to play a critical role when it comes to personalization. A next-generation EV platform, code-named Neue Klasse (New Class), from BMW seeks to create an intelligent, almost human-like experience in terms of people’s interactions with the car. Those capabilities could range from simple personalized greetings to an ability for the headlights and grilles to use intelligent lighting to create facial expressions.
The interface for accessing these capabilities is a HUD that spans the width of the wind screen. A slide controller allows the driver to control how much information is presented, with five levels of interaction ranging from basic driving information to a full augmented-reality projection. Another capability being touted by BMW is the ability of drivers to change the exterior color of a vehicle at the touch of a button thanks to the use of E-ink technology.
Other forthcoming advances from vehicle manufacturers include improved long-range lidar systems that can identify road obstacles and their velocity in high-resolution, sensors to monitor drivers for “eyes off the road” behavior, and biometric capabilities enabled by voice recognition. Additional advances may include an airborne component. Ford has been awarded 11 patents that pairs vehicles with drones, the idea being that a drone, mounted in the moonroof, could serve as a scout to illuminate an unpaved road far ahead of the vehicle’s lights. Alternatively, a drone could query passengers with a message that would appear on the vehicle’s infotainment system and then deliver food or other goods on demand.
There is no shortage of operating systems and processors for vehicle manufacturers to employ as they look to add more advanced services. The VW Group, Ferrari, BMW, Renault, Mercedes-Benz, General Motors (GM), Stellantis and Great Wall Motors in China, for example, have all announced partnerships with Qualcomm that will result in Qualcomm’s Snapdragon Ride platform finding its way into more vehicles to enable two-way messaging via satellites. Epic Games, meanwhile, is working on a navigation system that will include augmented reality using 800 terra operations per second (TOPS) of on-board computing power enabled by Qualcomm processors. Alternative options include systems-on-a-chip (SoC) architecture being put forward by Nvidia, the Intel MobleEye platform, or any one of multiple instances of embedded Arm processors that may emerge in the years ahead.
Historically, vehicle manufacturers have relied on operating systems such as QNX from Blackberry or Wind River Linux from Wind River Software. However, other alternatives are gaining traction. Qualcomm is now also partnering with Red Hat to provide GM with a version of its Linux operating system.
Linux, of course, has suffered from lack of safety certification, but following the establishment of an automotive grade standard for employing Linux in automotive infotainment systems, adoption into other subsystems with a software-defined vehicle is expanding.
Role of the Cloud
Not every advanced capability, however, is solely dependent on the platforms installed in the vehicle. The Amazon Web Services (AWS) cloud, for example, is at the core of a set of services being developed by Stellantis that will be made accessible via 14 different brands. Enhanced vehicle control functions role enabled by the Amazon Alexa digital assistant will allow for the development of custom experiences using AI and voice-driven technology that is being made available via an Alexa Custom Assistant program. A Jeep, for example, could turn Alexa into a digital off-road “coach” that would help drivers properly calibrate the vehicle and optimize performance before tackling an off-road excursion. Other capabilities would be available via a subscription to an app store.
There is even an opportunity to retrofit software-defined capabilities into older vehicles. Cerence, a provider of automotive electronics, has partnered with Nvidia to develop an AI-powered voice-centric “concierge” platform, using a module that can be installed by car dealers to provide access to OTA cloud services.
Apple, meanwhile, is expected to expand on the inroads it has made with Apple CarPlay to make a range of OTA services available via the cloud. Apple is likely to use an enhanced version of CarPlay to tap into the vehicle’s sensors, although there is a great deal of skepticism bordering on resistance regarding such usage. Tesla, for example, doesn’t support CarPlay.
Google may have a similar opportunity as its navigation software becomes more integrated with cars as exemplified by its use on upcoming Honda Accord models and the integration of Waze by Renault.
The DevOps Challenge
Software in addition to defining the driving experience will clearly be responsible for everything from battery management to the collecting and processing data from sensors and cameras. The challenge is not only are deadlines tight given the production schedules of vehicles the applications themselves are among the most complex to build. Just about every application for a vehicle is going to be based on an event-driven architecture that requires a lot of sophisticated programming expertise.
Developers can build highly scalable, accessible, robust and versatile systems that can digest and aggregate exceptionally large amounts of events and information in real-time using this type of software architecture. However, while event-driven applications have been around for decades the number of developers that have these skills today is limited. Building this type of distributed application in a way that runs on a finite amount of computing horsepower within a vehicle is even more challenging. Not only do those events span multiple on-board systems within a vehicle; they will also need to account for any additional latency that is introduced when accessing external cloud services.
Finally, the reliability of the software services being provided is critical when it comes to ensuring the safety of passengers. Vehicle manufacturers will need to err on the side of caution when it comes to balancing innovations versus safety. Unless everything from the cloud services to the code itself has been thoroughly tested and vetted the better of part of valor no matter how economically painful is going to be delay introduction for another year.
On the plus side, cloud platforms make it easier than ever to build these applications. By making it easier for teams of developers to build innovative applications a cloud platform will play a pivotal role in development of the next generation of software-defined vehicles.
The DevSecOps Challenge
OTA has already proven itself useful in reducing vehicle maintenance issues, but future uses will span everything from relaying information on individual cars and their location to delivering additional digital experiences that all need to be secured using best DevSecOps practices.
Cybersecurity is a major concern because unsecured OTA updates are subject to spoofing, tampering, repudiation, unauthorized escalation of privileges, and information leakage. Providers of OTA services must meet multiple existing cybersecurity standards. These include the IEEE’s Uptane standard, UNECE WP.29, and ISO/SAE2143, ISO270001 and guidelines created by the U.S. National Highway Traffic Safety Administration (NHTSA). Data privacy requirements also include meeting the provisions of Europe’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
Vehicle manufacturers appear to still be in the early stages of a cybersecurity learning curve. Earlier this year web application security researcher Sam Curry identified security vulnerabilities to the application programming interface (API) with vehicles from 15 manufacturers. While many of these vulnerabilities allowed access to internal company computer systems and customer accounts, the most egregious from am operating standpoint were vulnerabilities found in Kia, Honda, Nissan, Acura, Hyundai and Genesis that allowed potential hackers to remotely lock and unlock a vehicle, precisely locate it, start and stop an engine, flash headlights and honk the horn using only the car’s VIN number. While some advocate for multi-tiered authentication procedure, it’s unclear how drivers may react to what may be perceived as a cumbersome process on the road.
The protection of secrets is clearly vital because the vehicle contains both first and third-party APIs that can be easily accessed. Security attacks will change over the lifetime of the vehicle so a robust method of updating security protocols is absolutely necessary
Complicating security matters is that unlike most other computer software implementations, in-car safety measures require automotive software to “fail gracefully” in the event of a denial-of-service (DoS), for example. Automotive software developers can expect additional regulations in the future as OTA use broadens into areas involving remote vehicle diagnostics using artificial intelligence (AI) models.
Choosing the right tools and platforms that enable vehicle manufacturers to adopt a stringent set of robust DevSecOps practices for automating the building and development of applications is obviously one of the most critical decisions a DevOps team working in the automotive sector is going to make.
The development of software-defined vehicles is extremely challenging for one simple reason: New vehicles only roll off the assembly line once a year. Capabilities that are not made available on schedule represent a massive amount of potential lost revenue when competitors are able to execute more adroitly. Consumers have no shortage of options, so capabilities that might be made available in one vehicle versus another can shift market share and, by extension, stock valuations.
The issue, of course, is no company has infinite resources. Economic downturns that result in hiring freezes, layoffs and even shortages of critical components all need to be factored into an software development strategy. DevOps platforms that improve developer productivity are more crucial than ever given the current state of the global economy. After all, many organizations are not nearly as keen to hire full-time employees as they once were. IT leaders, just like every other business executive, are being charged with finding ways to do more with less. Automating many of the manual tasks that conspire to make DevOps workflows less efficient creates an obvious opportunity to make the productivity gains needed to build software-defined vehicles.
In fact, the decisions that DevOps team leaders in the automotive industry make concerning which tools and platforms to employ are nothing less than the equivalent of the want of the proverbial nail that lost the war in an era where consumers will soon be subscribing to, not just software, but entire lines of models via contracts that will routinely span multiple years.