Lifecycle Management of Automotive Safety-Critical Over the Air Updates: A Systems Approach

With the increasing importance of Over The Air (OTA) updates in the automotive field, maintaining safety standards becomes more challenging as frequent incremental changes of embedded software are regularly integrated into a wide range of vehicle variants. This necessitates new processes and methodologies with a holistic view on the backend, where the updates are developed and released, and the frontend (vehicle), to which the updates are deployed. In this paper, we introduce an approach, including a process and a methodology, for continuous contract-based design, validation and deployment of modular updates for variant-rich automotive systems. The approach considers the vehicle as part of its connected environment enclosing a backend and concentrates on safety-critical applications. In addition, we present the UPDateable Automotive Test dEmonstratoR (UPDATER), which is a mock-up for modern Electric/Electronic architectures including a backend and a frontend part. It serves as a prototype for developing, deploying and monitoring automotive OTA updates. In a case study based on UPDATER, we apply the approach to three exemplary updates of a variable Advanced Driver Assistance System (ADAS). We show how the updates development and management may be achieved in an efficient and agile way.