• 1

 

Project Coordinator


 

Dr Georg Stettinger

 
Infineon Technologies AG
81726 München
Germany

Wireless Threats Against V2X Communication

Axel Boström, Franz Wotawa

Abstract: As the automotive industry increasingly relies on wireless technologies, a new attack surface emerges, pos- ing significant security threats to modern cars. This paper investigates the vulnerabilities and risks of wireless vehicle attacks, including eavesdropping, message tampering, spoof- ing, and jamming. It highlights vulnerabilities in the CAN bus communication interface. By exploring these attacks and their potential consequences, this paper aims to shed light on the urgent need for robust security measures to safeguard the safety and privacy of vehicle owners. The focus is on under- standing the evolving landscape of wireless threats in the au- tomotive industry, providing valuable insights for researchers, practitioners, and stakeholders involved in developing effective countermeasures and enhancing overall vehicle security. In contrast to other research articles, this paper presents the ISO/SAE DIS 21434 standard, which offers a systematic and structured approach to enhance cybersecurity in the automotive industry, even in the face of emerging wireless threats. In addition, this paper highlights notable examples of attacks on modern cars, where researchers gained access to vehicle systems through wireless vulnerabilities, demonstrating the potential dangers of interconnected car systems to illustrate the real-world implications.

Continue Reading

Reduction of empiricism in the solder joint reliability assessment of QFN packages by using thermo-mechanical simulations

M. van Soestbergen; R. Roucou; M. Rebosolan; J.J. M Zaal

Abstract: To ensure sufficient field life of solder joints, standardized stress tests are performed during the development phase of products, where calibrated thermo-mechanical simulations are frequently used to ensure a potentially sufficient robustness margin. In this work we show how simulations are calibrated for the QFN (Quad Flat No leads) package family. Using thorough failure analysis, we found that for QFN packages two types of solder joint failure modes can occur. The first failure mode is a brittle fracture through the intermetallic region near the solder interface, the other mode is a crack through the bulk of the solder. In the simulations we handle both failure modes using two different failure metrics. For the brittle fractures we analyzed the volumetric strain energy density in a thin region near the interface. For bulk fails we computed the volume-averaged inelastic strain energy density across the whole solder joint. Using both metrics we found a correlation between simulation and experimental results, where Miner’s rule was used to correlate the results of any non-functional anchor joint to the experimental results of the functional joints. The correlation can be used to predict the solder performance upfront in the design phase, and thus reduce the experimental effort during product development.

Continue Reading

A Semiparametric Transition Model for Lifetime Drift of Discrete Electrical Parameters in Semiconductor Devices

Lucas Sommeregger, Horst Lewitschnig

Abstract: In automotive industry, quality and safety are of high importance. Especially with the upcoming development of autonomous vehicles, the topics of predictive health management and estimation of residual useful life have become topics of interest. Semiconductor manufacturers in this area have to guarantee a high standard of quality in shipped devices over their whole lifetime. Electrical parameters of these devices are specified in data sheets and have to be kept within specified limits over the devices’ expected usage time. To simulate the real lifetime, accelerated stress tests are performed on a random sample of parts. During these tests, electrical parameters may drift over time. This is called lifetime drift. To control for lifetime drift, tighter test limits are introduced at production testing. The goal of these limits is to guarantee quality levels in shipped devices while maximizing manufacturers’ yields. The areas between specified limits and test limits are called guard bands. Statistical models for drift calculation and guard banding parameter drift can be used to identify parameters indicating gradual degradation processes and to estimate the expected remaining useful life of the device. Random samples are put to environmental stress tests. In this way, longitudinal data are generated. Several lifetime drift models for continuous parameters have been developed in the past [1], [2]. However, for discrete parameters (logic vectors, bit-flips, counts etc.) these models are not universally applicable. Furthermore, existing models are currently too computationally expensive to monitor parameters in real time in self-driving vehicles. We propose a semiparametric and distribution-free mixed Markov transition model for discrete parameters based on interval estimation of transition probabilities from sparse data. Drift group formation is considered via clustering and mixture modelling. The method assumes homogenous behavior in the distribution of differences between successive readout points and can be extended to cover several types of interpolating behaviours. The guard banding algorithm is performed using efficient matrix multiplication with intelligent warm starts for the two-dimensional integer optimization problem. For the calculation of residual useful life, we propose one model based on interval estimations from quantile regression on the whole sample and further show how to extend the transition Markov chain model into unobserved time periods. The results are verified via simulation studies and compared to adapted state-of-the-art models for continuous parameters. The work has been performed in the project ArchitectECA2030 under grant agreement No 877539. The project is co- funded by grants from Germany, Netherlands, Czech Republic, Austria, Norway and - Electronic Component Systems for European Leadership Joint Undertaking (ECSEL JU). All ArchitectECA2030 related communication reflects only the author’s view and ECSEL JU and the Commission are not responsible for any use that may be made of the information it contains.

Continue Reading

Bits, Flips and RISCs

Nicolas Gerlin, Endri Kaja, Fabian Vargas, Li Lu, Anselm Breitenreiter, Junchao Chen, Markus Ulbricht, Maribel Gomez, Ares Tahiraga, Sebastian Prebeck, Eyck Jentzsch, Milos Krstic, Wolfgang Ecker

Abstract: Electronic systems can be submitted to hostile environments leading to bit-flips or stuck-at faults and, ultimately, a system malfunction or failure. In safety-critical applications, the risks of such events should be managed to prevent injuries or material damage. This paper provides a comprehensive overview of the challenges associated with designing and verifying safe and reliable systems, as well as the potential of the RISC-V architecture in addressing these challenges.We present several state-of-the-art safety and reliability verification techniques in the design phase. These include a highly-automated verification flow, an automated fault injection and analysis tool, and an AI-based fault verification flow. Furthermore, we discuss core hardening and fault mitigation strategies at the design level. We focus on automated SoC hardening using model-driven development and resilient processing based on sensing and prediction for space and avionic applications.By combining these techniques with the inherent flexibility of the RISC-V architecture, designers can develop tailored solutions that balance cost, performance, and fault tolerance to meet the requirements of various safety-critical applications in different safety domains, such as avionics, automotive, and space. The insights and methodologies presented in this paper contribute to the ongoing efforts to improve the dependability of computing systems in safety-critical environments.

Continue Reading

A Continuously Updated Package-Degradation Model reflecting Thermomechanical Changes at Different Thermo-Oxidative Stages of Moulding Compound

Adwait Inamdar, Michiel van Soestbergen, Amar Mavinkurve, Willem van Diel, GuoQi Zhang

Abstract: Moulding compounds used for encapsulating electronics typically occupy a large portion of package volume and are most exposed to the external environment. Under harsh conditions such as high temperature, humidity, and mechanical vibrations, constituent materials of electronic components degrade, resulting in a change in their thermal, mechanical, electrical, and chemical behaviour. High-temperature ageing of electronic packages causes the oxidation of epoxy moulding compounds (EMC), forming a layer exhibiting significantly different thermomechanical properties. This reflects in the modified mechanical behaviour of the entire package, which accelerates certain failure modes and affects component reliability. Thus, it is crucial to consider gradual degenerative changes in EMC for a more accurate estimation of the component lifetime. This paper proposes a three-step modelling approach to replicate thermo-chemical changes in package encapsulation. A parametric geometry of a test package was incorporated with the ageing stage-dependent changes in thermomechanical properties of the oxidized layer. The mechanical behaviour of oxidized EMC at multiple stages of thermal ageing (at 150°C for up to 3000 hours) was first experimentally characterized and then validated using warpage measurements on thermally aged test packages and Finite Element (FE) simulations. Lastly, a trend-based interpolation of material model parameters for intermediate stages of ageing was followed, and a continuously updated degradation model (physics-based Digital Twin) was achieved. The proposed model is capable of reproducing degraded stages of the test package under thermal ageing along with its modified thermomechanical behaviour. Its limitations and significance in the domain of health monitoring of microelectronics are also discussed.

Continue Reading

Analysing Residual Risks when Introducing Monitoring and Diagnosis into Systems

Thomas Hirsch, Franz Wotawa

Abstract: Systems under operation come with risks, i.e., a likelihood that a fault causes unwanted events or even harm. In the case of safety-critical systems like cars or airplanes, identifying and mitigating risks is essential for avoiding such critical events. Measures for mitigation, including monitoring and property checking, also come with risks. Not being able to classify a failure correctly or coming up with errors or warnings without reason may cause trouble, too. Therefore, it is evident to analyze the remaining risks (i.e., the residual risks) and compare them with the original ones. This paper presents a framework for analyzing such risks, show their application when introducing monitoring and mitigation, and presents a case study using concrete values

Continue Reading

Impact of Temperature Cycling Conditions on Board Level Vibration for Automotive Applications

Varun Thukral, Irene Bacquet, Michiel van Soestbergen, Jeroen Zaal, Romuald Roucou, Rene Rongen, Willem D. Van Driel, GuoQi Zhang

Abstract: Board level vibration testing is a commonly used method to predict the solder joint reliability of surface-mounted components seated onto printed circuit boards (PCB). Current board level vibration test methods are mainly developed from a solely mechanical stress application standpoint. This makes such stress tests one dimensional in nature and translation from experimentally obtained test results to the field life of components experiencing combined stress environments become ambiguous. This investigation provides insights to develop a highly accelerated vibration test approach to cover simultaneous vibration and temperature loading situations in the field. In this paper, test board layouts from the board level drop test method, JESD22-B111 (rectangular PCB), and JESD22-B111A (square PCB), prescribed by the Joint Electronic Device Engineering Council (JEDEC), are used to understand the combined stress applied to the solder interconnects. The evaluation process is carried out by means of simulations, supported by targeted experiments on ball grid array (BGA) packages with dimensions sizing from 12x12mm to 15x15mm. The results on rectangular test board assembly show reduced characteristic lifetime of solder joints when stressed under combined temperature-vibration test conditions. On the other hand, the square-shaped board type exhibits a different acceleration factor with a longer solder fatigue lifetime than that of the rectangular-shaped PCB type. Finite element simulation results complement well with this finding.

Continue Reading

Simulation of Foreign Object Detection Using Passive Inductive Sensors in a Wireless Charging System for Electric Vehicles

Uwe Hentschel, Martin Helwig, Anja Winkler, Niels Modler

Abstract: During wireless charging of the traction battery of electrically powered vehicles, the active area between the ground and vehicle assemblies must be monitored for inductive power transfer. If metallic foreign objects enter this area, they interact with the magnetic field and can heat up strongly, and thus become a potential source of hazard. To detect such foreign objects, measurements based on passive inductive sensors have already been carried out in advance. However, a large number of factors influence the detectability of metallic foreign objects, such as the characteristics of the magnetic field of the ground assembly coil, the size, shape, position, orientation, and material composition of the foreign objects, or the design of the sensor coils. The related practical testing effort can be reduced if the characteristics of the charging system and the foreign object detection system can be simulated. Therefore, simulation models were developed within the scope of this work and validated with the help of practical measurements. These models were used in the next step to analyze new test arrangements that had not yet been investigated by measurement. In the simulations described here, precision in the range of 1 mV could be achieved. Cumulatively, many influencing factors can be easily investigated, and results can be generated in a largely automated manner and typically in a wider variety than with practical measurements.

Continue Reading

Smart Monitoring for Safety-Assurance in Autonomous Driving

Georg Stettinger, Franz Wotawa

Abstract: Monitoring the functionality of systems during opera- tion is vital for detecting faults and preventing their conse- quences. In autonomous driving, monitoring is even more critical because of hardly being able to verify all imple- mented functionality. Today, systems comprise many inter- acting components making centralized monitoring less fea- sible and hard to handle. Hence, we suggest a distributed but connected monitoring system that reflects the system’s conceptual structure. In this paper, we outline the foun- dations of a monitoring system, present some applications and show how we use concepts like the operational design domain and requirements for obtaining the required mon- itoring knowledge in the application area of autonomous driving.

Continue Reading

Risk Monitoring and Mitigation for Automated Vehicles: A Model Predictive Control Perspective

Kilin Tong, Fengwei Guo, Selim Solmaz, Martin Steinberger, Martin Horn

Abstract: Despite recent advances in algorithms and technology, self-driving vehicles are still susceptible to errors that can have severe consequences. As a result, effective risk monitoring and mitigation measures for autonomous driving systems are in high demand. To overcome this issue, several specifications and standards have been developed. However, a theoretical framework for dealing with autonomous vehicle hazards has rarely been presented. This study suggests a risk modeling method inspired by ideas from control theory and introduces a Model Predictive Control (MPC) Framework to deal with risks in general. Two application examples are presented. The first example shows how MPC parameters may affect the aggressiveness of the response. In the second example, our proposed risk monitoring and mitigation module is integrated into a visionbased Adaptive Cruise Control (ACC) system. Simulation results indicate a significant improvement in collision avoidance rate (from 0% to 47% in edge scenarios) during the Euro NCAP ACC Car-to-Car tests with a stationary target, which demonstrates the utility of our approach for addressing various types of hazards faced by autonomous vehicles. Index Terms—automated vehicles, model predictive control, risk monitoring, risk mitigation, functional safety

Continue Reading

Acknowledgement

ArchitectECA2030 has been accepted for funding within (ECSEL JU) in collaboration with the European Union’s H2020 Framework Programs under grant agreement No 877539.

The project will receive an ECSEL JU funding up to 4 M€ completed with national budgets from national funding authorities in Germany, Netherlands, Czech Republic, Austria and Norway.  

Project Facts

Short Name: ArchitectECA2030

Full Name: Trustable architectures with acceptable residual risk for the electric, connected and automated cars

Duration:  01/07/2020- 30/06/2023

Total Costs: ~ € 13,6 Mio.

Consortium: 20 partners from 8 countries

Coordinator: Infineon Technologies AG

Funding

 

Horizon 2020
Horizon 2020

 

    

National Funding

National Funding

 


Social

Twitter

Twitter

    

LinkedIn

LinkedIn

 

Information

Impress

Imprint

   

Impress

Privacy Policy


 


Contact

Twitter
Contact