advanced vehicle networking with qorivva mpc5748g...
TRANSCRIPT
External Use
TM
Advanced Vehicle Networking with
Qorivva MPC5748G 32-bit MCUs
FTF-AUT-F0238
A P R . 2 0 1 4
Arturo Inzunza | Automotive Applications Engineer
Rebeca Delgado | Automotive Field Applications Engineer
TM
External Use 1
Agenda
• Introduction
• MPC5748G family
• Networking protocols
• Networking future trends
• Security in communications
• Conclusions
TM
External Use 2
Introduction
• Newer automotive features are quickly increasing the overall
amount of processors in an automotive network
• These processors generate increased data traffic and architectural
complexity on the network
• Audio and video are starting to be part of the vehicle networking
system, which means higher throughput networks are needed
• As more data is being exchanged between modules on the vehicle,
the risk of foreign agents tampering with the network increases
TM
External Use 3
Objectives
After completing this session, you will be able to:
• Understand the automotive communications trends
• Evaluate if the Qorivva MPC5748G family is suitable for your
project
• Understand in more detail CANFD and Ethernet AVB in automotive
applications
• Understand Freescale’s embedded security modules
applied to communications
TM
External Use 5
New
Integration,
Low Power,
Security
and Safety
Functional Safety and Security Security modules protect ECUs against various attack scenarios and Safety modules ensure robust operation per ISO 26262
Low Power Management New low-power modes, analog comparators, and pretended networking support help meet stringent next generation power budgets
Unprecedented Integration Single-chip solution offering multicore architecture and advanced networking protocols for next generation communication requirements
TM
External Use 6
Highly Integrated Body Control/Gateway MCU
• Performance through Multicore − Up to three e200 cores built on Power
Architecture technology, with up to 160 MHz
performance allows for easy division of tasks in
an integrated BCM/gateway system
• Most Diverse Set of Networking Communication
− Ethernet with AVB support, FlexRay™, MLB,
USB, up to eight CAN with CAN Flexible Data
Rate (FD) up to 18 LIN, SDIO interface, I2S all
supported on a single-chip solution
• Flexible Memory Options − Up to 6 MB Flash and 768 KB of embedded
SRAM provide suitable storage to maintain the
local BCM/gateway application functionality, and
handle message buffering
TM
External Use 7
Qorivva MPC5748G Platform: Next Generation e200 CPUs
• Qorivva MPC5748G offers similar Power Architecture® based e200
cores as Qorivva MPC5646
• Enhancements in frequency, Multiply/Divide, ECC,
prefetch buffers, debug interfaces and peripheral modules
Features z4 (MPC5748) z4 (MPC5646) z2 (MPC5748) z0 (MPC5646) Frequency (in platform) 160 120 80 64
Multiply 2 cycle latency 2 cycle latency 1 cycle latency 1 - 4 cycles latency Divide 4 - 14 clocks 4 - 14 clocks 4 - 14 clocks 5 - 34 clocks
E2E-ECC Yes No Yes No ICACHE 8k 4k No No DCACHE 4k No No No
Prefetch Buffer 8 x 32 bit, fetched as 64 bit double word
8 x 32 bit, fetched as 64 bit double word
4 x 32 bit, fetched as 64 bit double word
4 x 32 bit, fetched as 32 bit word
Nexus level 3+ 3+ 3+ 2+
TM
External Use 9
Qorivva MPC5748G Key Features
Multicore architecture 2x e200z4 + 1x z2 Power Architecture® cores
Floating Point Unit (FPU) on z4 cores for additional
computational algorithm support
High performance
160 MHz max for Z4s and
80 MHz on Z2
TM
External Use 10
Qorivva MPC5748G Key Features
Triple ported Flash and multiple RAM to minimize access time
to memory
TM
External Use 11
Qorivva MPC5748G Key Features
Part of SafeAssure functional safety program: Designed for ISO
26262 ASIL B systems
TM
External Use 12
Qorivva MPC5748G Key Features
Robust security Hardware security module (HSM) option
supports both SHE and EVITA low/medium
security specs.
TM
External Use 13
Qorivva MPC5748G Key Features
USB 2.0 (OTG and host module)
support interfacing to both wireless modems and
infotainment domain.
TM
External Use 14
Qorivva MPC5748G Key Features
Ethernet 10/100 Mb/s for diagnostics, backbone and
audio video bridging (AVB) applications
TM
External Use 15
Qorivva MPC5748G Key Features
Low-Power Unit Innovative LPU provides CAN, LIN, SPI, ADC
functionality in a new low power state.
TM
External Use 16
Qorivva MPC5748G Key Features
Broad Communications Multiple CAN with FD support, LIN, I²C, I²S
for integrated BCM/gateway applications
TM
External Use 18
Communication Protocols Landscape
price, complexity
bit rate [bits/s]
LIN 20 kBit/sec
master-slave
single wire bus
20k
125k
1M
10M
25M
LS CAN 125 kBit/sec
event triggered
fault tolerant
one/two wire bus
multimedia
domain
50M
100M
150M
HS CAN 1 MBit/sec
event triggered
two wire bus
embedded control
domain
FlexRay 10 MBit/sec
time triggered
fault tolerant, dependable
2x2 wire
MOST25 25 MBit/sec
synchronous
plastic fibre optical
MOST50 50 MBit/sec
synchronous
unshielded twisted-pair
MOST150 150 MBit/sec
synchronous
plastic fibre optical /
unshielded twisted-pair
CAN FD 1 MBit/sec - Arb
8 Mbit/sec - data
two wire bus
Ethernet 100 MBit/sec
synchronous
unshielded twisted-pair
TM
External Use 19
CANFD
CAN FD stands for CAN with Flexible Data-Rate
• CAN FD is a proposal by Bosch to:
− Increase the baud rate of the data portion of a CAN message
− Increase the number of data bytes that can be sent in a single
CAN message to up to 64 (vs. 8 on standard CAN)
− No changes to arbitration field allow for existing
physical layers to be used
TM
External Use 20
Gradual Transition
Backwards compatibility requirement on CAN FD
• CAN and CAN FD messages can coexist
− CAN FD node is able to receive and to transmit CAN messages
according to ISO 11898-1
− Introduction phase: CAN FD use only in specific operation modes
E.g. software download at end of line programming with non CAN FD nodes in
standby
− Use of partial networking for CAN FD traffic in networks with nodes only
ISO11898-1
Concept
− Two bit rates on CANFD transmission, one for the arbitration phase, the
other one for the data phase
TM
External Use 21
Frame Format
• Part of the control field, all the data field and part of the CRC field
are in high bit rates.
TM
External Use 22
Frame Format – EDL and BRS Bits
• EDL: Extended Data Length
− Recessive
− Only exists on CANFD
− Distinguishes standard CAN
vs. CANFD frames
• BRS: Bit Rate Switch
− Indicates if the bitrate should
be changed.
− CANFD node can choose not to
change the bitrate but still send
larger frames.
TM
External Use 23
Data Payload
• CAN
− 0 to 8 bytes
• CANFD
− 0 to 64 bytes
# of
Data Bytes DLC3 DLC2 DLC1 DLC0
CAN and
CANFD
0 0 0 0 0
1 0 0 0 1
2 0 0 1 0
3 0 0 1 1
4 0 1 0 0
5 0 1 0 1
6 0 1 1 0
7 0 1 1 1
CAN only 8 1 0 0 0
CANFD only
8 1 0 0 0
12 1 0 0 1
16 1 0 1 0
20 1 0 1 1
24 1 1 0 0
32 1 1 0 1
48 1 1 1 0
64 1 1 1 1
TM
External Use 25
Ethernet in Automotive is Growing
Ethernet has growing potential in automotive networking applications
Today/Near Future Future (2018+)
Gateway
ECU
Infotainment
Gateway/
Center stack Torque
Management
Driver Interface
(HMI)
Vehicle
Dynamics &
Safety
Body, Security
Lighting
Engine
Transmission
Electric
Motor
Generator
Seats Mirrors Doors Lighting
Navigation Instruments
Multimedia/
Telematics
Entertainment
Driver
Controls
Steering
Dampers ADAS
(Radar, Camera)
Airbags Tensioners
Ped. Protection
Brakes Dynamics
Sensors
Ethernet
Cameras
Diagnostics/
Programming
Gateway
• Potential Applications:
− Vehicle diagnostics
− Vehicle programming
− Interface to infotainment space
− Communications within infotainment space (MLB replacement)
− Ethernet based cameras, etc.
• Potential Applications:
− As today but also as a vehicle networking architecture backbone
TM
External Use 26
Why Ethernet?
Widely used network standard (IEEE 802.3) for LANs
• Several speed grades:
− 10 baseT, 100 baseT, 1000 baseT….
• Auto qualified physical layer based on unshielded twisted pair (TP) wire
• Multiple PHY to MAC Interfaces
− MII, MII_Lite, RMII, GMII, RGMII, ....
• Duplex and Half duplex communication
• Ethernet already established in vehicle
− Diagnostics, Ethernet camera
− Ethernet AVB being introduced
• Broad offering of software stacks, tools,
expertise makes use of Ethernet cost attractive
TM
External Use 28
Ethernet AVB
• Ethernet Audio Video Bridging (AVB) is a set of technical
standards that allow time-synchronized low latency streaming
services through IEEE 802 networks
• Specifications required:
− IEEE 1722 Layer 2 Transport Protocol
− IEEE 802.1AS Timing and Synchronization
• Further specifications, that can either be optional
or will not be used
− IEEE 802.1Qat: Stream Reservation Protocol (SRP)
− IEEE 802.1Qav: Forwarding and Queuing for Time-Sensitive Streams (FQTSS)
− IEEE 802.1BA: Audio Video Bridging Systems
− IEEE 1722.1 Device Discovery, Enumeration, Connection Management and
Control Protocol (DECC)
TM
External Use 29
IEEE 802.1AS Timing and Synchronization
• Subset of IEEE 1588 Precision Time Protocol
• Common "application clock" between the sources and sinks
• IEEE 802.1 AS adds a time stamp for the Ethernet packages.
The actual protocol is implemented in SW!
• System clock accuracy requirements determine whether time
stamping needs to be implemented in HW
− Clock requirements of less than hundreds of µs accuracy
do NOT require any time stamping HW
− Clock requirements of sub 1 µs (down to something between 50-200 ns)
do require dedicated time stamping HW.
Available on Qorivva MPC5604E, Qorivva MPC574xG, Vybrid, i.MX53, i.MX6x
TM
External Use 30
IEEE 1722 Layer 2 Transport Protocol
• Layer 2 Transport Protocol for encapsulation of streaming data
• Implementation at Layer 2 allows for efficient HW implementation
• This protocol is implemented in the Ethernet Streaming Software
from Freescale
TM
External Use 31
Surround Camera Application
• Application is
latency sensitive
• Physical space
• Cost target
• Rough environment
Camera 1
I
M
A
G
E
R
P
S
U
µC
MAC
HW
ENC
CAM µC Unit
MAGNPHY
BROADREACH
Camera 2
I
M
A
G
E
R
P
S
U
µC
MAC
HW
ENC
CAM µC Unit
MAGNPHY
BROADREACH
Camera 3
I
M
A
G
E
R
P
S
U
µC
MAC
HW
ENC
CAM µC Unit
MAGNPHY
BROADREACH
Camera 4
I
M
A
G
E
R
P
S
U
µC
MAC
HW
ENC
CAM µC Unit
MAGN PHY
BROADREACH
MAGN PHY
BROADREACH
MAGN PHY
BROADREACH
MAGN PHY
BROADREACH
MAGN PHY
BROADREACH
CENTRAL VIDEO UNIT
PSU
MAGN PHY
BROADREACH
6 PORT
GBIT
SWITCH
LOGIC
5 PORT SWITCH SYSTEM
with. HOST INTERFACE
µC
Gbit
MAC
(AVB)
VIDEO
DECODE
ENGINE
CENTRAL VIDEO
µC SYSTEM
ANALOG
VIDEO
Camera 5
I
M
A
G
E
R
P
S
U
µC
MAC
HW
ENC
CAM µC Unit
MAGN PHY
BROADREACH
ANALOG VIDEO OUT
( to Front Display)
CAN Connection
CAR POWER SUPPLY
5V CAMERA POWER SUPPLY
TM
External Use 33
Future Trends
• Cross-domain car communication
− Increasing safety enabled by data interaction between active safety and
advanced driver assistance functions
• Networking of Cars and Environment
− Car2car communication for efficient organization of traffic flow
• More comfort and safety features in the car
− Camera’s, TFT displays, connectivity, functional safety
− Example for average car
~40 electric/electronic systems
50-100 MCUs
>100 sensors
• Memory and performance on the increase
− Modern car up to 50Mbyte (excludes infotainment)
TM
External Use 34
Future Trends
• Move to integrate more functions into larger “domain controllers”
− Reduce costs, integration complexity and wiring harness weight
• High bandwidth backbone interconnect network needed
− Manage the network complexity to reduce the development effort and increase fault tolerance and robustness of the network
− Higher demand on bandwidth and quality of service
TM
External Use 35
Future Trends
• Ethernet already introduced
into vehicle
• Cost of Ethernet reducing
• Increased bandwidth options
(scalability)
• Possible to stay below
electromagnetic compatibility (EMC)
emissions limit with low cost UTSP
• Ethernet is a well-known and mature
network structure
• Many developers have
Ethernet experience
• Simple integration of
consumer devices
• Availability of hardware, software
and low-cost and freeware tools
TM
External Use 37
Qorivva MPC5748G Hardware Security Module
Overview
− Hardware security module (HSM) was developed by FSL to address
the HIS-SHE and EVITA low/medium security specs.
− Security module that is freely programmable by the customer,
additional security algorithm could be implemented in software
Features
− Power Architecture e200z0h core
− Secure Debugger Interface
− Cryptographic Modules with AES-128, Random Number Generator, DMA
− Sensor Interface – monitor for voltage, temperature and clock
− Secure Flash and RAM Memory for key and code storage
TM
External Use 38
HSM
• The HSM implements
user defined code
• Common use case is
to implement AES-128
algorithm
• Data can be serially
encrypted and shifted
out on a communication
protocol
TM
External Use 39
AES-128
AES
Developed by Vincent Rijmen
Joan Daemen
Standardized
since 2002
Block size [bits] 128 (16 bytes)
Key size [bits] 128, 192 or 256
Algorithm Type Symmetric
Scheme One key for encoding and
decoding
Pros
Compact implementation
High performance
Key length (<512 bits)
Cons Key exchange problem
Alice Bob
Symmetric
Key
TM
External Use 40
Cipher Modes
Electronic codebook (ECB) Cipher-block chaining (CBC)
Scheme Each block is encoded/decoded
indecently from the others
Previous result is XORed with actual
plaintext
Diagram
Pros Random access possible Secure for messages longer as block
size
Cons Insecure for message longer as the
block size (statistical analysis)
No random access possible, (before
the last block can be decode all other
must be decode)
Example
Block Cipher
Encryption
Ciphertext
Plaintext
Key Key
Block Cipher
Encryption
Ciphertext
Plaintext
Block Cipher
Encryption
Ciphertext
Plaintext
IV
ECB TM
CBC TM
TM
External Use 41
Secure Communication
• Random number: protects against replay attacks
• Encryption: protects against eavesdropping
• Random number and encryption: ensures data integrity and authenticity
AES-128
Random
number
generators
Unique ID
CSE module
Keys
Encrypted
(sensor value;RND)
Central ECU with MPC5646C
AES-128
Random
number
generators
Unique ID
CSE module
Keys
Sensor ECU
E.g.
CAN Key #x
Sensor value
Decrypted
(sensor value;RND)
Step 2: Sensor ECU reads
sensor value and asks
CSE module to encrypt it
and the received random
number (using key #x)
Step 3: Sensor ECU sends
encrypted message to
central ECU.
Step 4: Central ECU asks
CSE module to decrypt
received message (using
key #x).
Step 5: Central ECU
checks sent random
number vs.
received/decrypted random
number.
Step 1: Central ECU
obtains random number
and sends it to sensors
ECU (e.g., after power-on
of car)
RND
Keys
Key #x
TM
External Use 42
Conclusions Qorivva MPC5748G Family for high end communications applications Supports CAN + FD, dual ENET + SWITCH, USB (Host + OTG), LIN, SPI, etc.
CANFD Allows faster data transfer (8 mbps) and larger payloads (64 bytes)
Ethernet AVB Standards that allow timely distribution of media packets to several clients
Trends Wireless communications and higher bandwidth
Security HSM allows for on-the-fly encryption and decryption of data
TM
External Use 43
Recommended!
• FTF-AUT-F0347 - A Cost-Effective Solution for Secure Over-the-Air
Updates Using MPC5748G (W 5:15)
• FTF-AUT-F0207 - Qorivva MPC5748G 32-bit MCUs Offer Low-
Power Features for Central Body Control and Gateway Applications
(Th 4:15)
• FTF-AUT-F0262 - CAN Transceiver Trends and Solutions for
Higher Data Rate and Energy Savings (Th 5:15)
• FTF-AUT-F0081 - Automotive Microcontrollers in a Fast-Changing
Environment (T 4:45)
TM
© 2014 Freescale Semiconductor, Inc. | External Use
www.Freescale.com