volvo car group | jonn lantz - mathworks€¦ · agile by models, jonn lantz,...

22
1 Agile by Models, Jonn Lantz, [email protected] Challenge Scaling agile model driven development of AUTOSAR embedded software. Lift the abstraction level of in-house development. Create reliable, automated test. Solution In-house model driven engineering (MDE) Agile development enabled by plant models Domain specific languages (DSL) Scaling scripts? Scaling model architectures? Results Increased development speed, but delayed testing Investments on plant models pay off! Physical modelling languages facilitates modelling and reuse, but still unclear scaleability (for virtual verification on system level) Volvo Car Group | Jonn Lantz Agile by Models

Upload: others

Post on 26-May-2020

6 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

1Agile by Models, Jonn Lantz, [email protected]

Challenge

Scaling agile model driven development of AUTOSAR

embedded software. Lift the abstraction level of in-house

development. Create reliable, automated test.

SolutionIn-house model driven engineering (MDE)

Agile development enabled by plant models

Domain specific languages (DSL)

Scaling scripts? Scaling model architectures?

Results Increased development speed, but delayed testing

Investments on plant models pay off!

Physical modelling languages facilitates modelling and reuse, but still

unclear scaleability (for virtual verification on system level)

Volvo Car Group | Jonn LantzAgile by Models

Page 2: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

2Agile by Models, Jonn Lantz, [email protected]

About Volvo Car Group

Software

Mechanics

(Mechatronics)

Power

Electronics

Volvo Car Group – Green, safe, premium cars!

Climat change…

Exponential increase of software in cars…

Modern cars are complex distributed software in

moving, safety critical, (high voltage) mechatronics

Quantum

Physicist

-2005

Teacher

-2007

Sw developer & change driver

at Volvo Cars -2013

Technical Expert

Continuous Integration

Research collaboration

About meTechnical Expert,

Electric Propulsion Systems

Volvo Cars

A trinity for sustainable automotive business!?

Page 3: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

3Agile by Models, Jonn Lantz, [email protected]

BackgroundFrom requirement engineering to in-house software development!

Requirements

(wishes, ideas, …)

System design

(architecture attempt)Detailed requirements

(solution attempt, in word)

Send to supplier

Wait… Test if it works

(as you want).

From requirement engineering

(with requirement as core object)

Page 4: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

4Agile by Models, Jonn Lantz, [email protected]

BackgroundFrom requirement engineering to in-house software development!

Research

Test vehicle

Virtual

test

(MIL/HIL)

ECU & SW

Supplier (Tier1)

Feedback!

Lost knowledge if

supplier is

replaced!

Development

… to in-house development,

but still struggling with slow feedback

Page 5: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

5Agile by Models, Jonn Lantz, [email protected]

BackgroundFrom requirement engineering to in-house software development!

Executable model

as core object!

Architecture (moderating role)

High level

requirements

MIL, HIL test, integration

Test vehicles

ECU

supplier

Photo: dSpace

... and aiming for Continuous Integration with control

models as the core objects for development.

Page 6: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

6Agile by Models, Jonn Lantz, [email protected]

Model Driven Engineering

Approaching MDE

• Define modelling domains, build competence and knowledge

• Reach platform independent development (utilizing AUTOSAR)

• Combine “local” MDE with Virtual System Integration

Controller

(ECU)

Device

Domain

experts as

developers

Supplier(s)

Power supply,

Network,…

Realistic functional

test results, early

Realistic system test

results, early

2. Platform models

3. Plant &

Environment models

1. System models

Platform

independence?

Page 7: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

7Agile by Models, Jonn Lantz, [email protected]

2 aspects of Model based/driven engineering

Early virtual integration and Development by Domain Experts

• High level Domain Specific [programming] Languages (DSL), like Simulink or Stateflow,

will allow domain experts to develop code. A common way to start using MDE.

• Virtual integration requires Plant models and System models.

Enable closed loop simulation and Model Driven Development

This require investments in tools and competence

The goal is to combine these techniques

(and to add real continuous integration).

Controller

(ECU)

Device

Developers

Supplier(s)

Power supply,

Network,…

DSL

programmingPlant

Models

+ -

Environment

models

Note: Plant models are primarily useful

where closed loops (controller-

device/env.) exists

Page 8: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

8Agile by Models, Jonn Lantz, [email protected]

The Model Driven short circuitRe-invent the V-model!

High level

reqs. CAR testRIG

HIL

Vehicle

integrationSystem design tool

(database)

Developed by Tier1 from

requirements

System

ECU

SW Component

MIL

(SIL)

System

MIL

Unit

test

SW

Design

code

gen

Simulink & Simscape

Architecture

Simulink

HIL short loop 24h

ECU integration

Page 9: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

9Agile by Models, Jonn Lantz, [email protected]

… and in real life

High level

reqs.

ECU

integrations

System design tool

(database)

System

ECU

SW ComponentSW

Design

Simulink & Simscape

ECU

ready!

Vehicle

ready!

CAR

test

Vehicle

integra-

tions

RIG

HIL(continuous ECU-integration

possible)

Assumptions verifiedHW Assumptions made

Page 10: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

10Agile by Models, Jonn Lantz, [email protected]

Time/readiness

Agile process

knowledge

Decisions!

syste

mcom

ponent

Agile development

Pay to learn early

Gain knowledge early in projects to avoid workload peaks near deadlines!

V-model

”waterfall” process

Succ.

handovers

Time/readiness

syste

m

knowledge

decision

com

ponent

is verified

Page 11: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

11Agile by Models, Jonn Lantz, [email protected]

Simulink

Learn early by making plant models!

Model Driven Development – Create virtual verification environments!

Although the mechanics, ECU-platform and other mechatronics are not yet delivered, plant models

can be designed – using the best knowledge – and used for early continuous virtual integration.

Some assumptions will be proven faulty, but we learn much faster (compared to not use MDE)

(Ulf Eliasson et. al, to be published in MODELS 2014)

Kn

ow

led

ge

time

still a knowledge gap,

but much smaller!

modelling,

delivers

knowledge

development based

on assumptions

first

integration

subsystem

control sw

plant

model

Page 12: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

12Agile by Models, Jonn Lantz, [email protected]

Scaling Model design

U0

L R

Controller

(PWM)V(t)

If we want to model more of the system – mechanics, electronics, fluid mechanics,…, then a

single DSL (like standard Simulink) may not be sufficient

A promising solution is to use different Domain Specific Languages (DSL) specialized for the different domains.

Electric Propulsion at VCG has tried out Simscape now for 3 years. Other sections are using other languages.

Local DSLs will allow local organizations to develop faster with better reuse and understanding. The design scales!

Page 13: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

13Agile by Models, Jonn Lantz, [email protected]

DSL example: modelling mechatronics

Mathematical representation

U0 =V(t)+ RI + LI

dI

dt=

1

L(U0 -V(t)- RI )

Control

V(t)

U0

L R

Controller

(PWM)

Graphical representation

V(t)

Model using c-code…

real MyCircuit_dIdt(t,I,V,R,L,U0) {

return (U0 – V – R*I) / L;

}

/* Use with proper ODE solver */

for(t=0, t =+ dt, t < t_end) {

Model representation in Simulink

Model representation in Physical DSL

Page 14: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

14Agile by Models, Jonn Lantz, [email protected]

Then add one little component…

DSL example: modelling mechatronics

Page 15: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

15Agile by Models, Jonn Lantz, [email protected]

Mathematical representation

U0 = V(t)+ RI 0 + LI 0

I d = f (V(t))

I = I 0 + I d

dI i

dt= ...

Control

V(t)

Model representation in Physical DSL

U0

L R

V(t)

Model representation in Simulink

Rewrite completely

> 2x no of blocks

Model using c-code…

real MyCircuit_dIdt(t,I,V,R,L,U0) {

return (U0 – V – R*I) / L;

}

/* Use with proper ODE solver */

for(t=0, t =+ dt, t < t_end) {

Rewrite completely

> 2x lines of code

DSL example: modelling mechatronics

U0

L R

Controller

(PWM)

Graphical representation

V(t)

Page 16: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

16Agile by Models, Jonn Lantz, [email protected]

A use case: developing dog clutch control software

Auto generated

AUTOSAR ECU model

Test bench

(combined with test tool)

Plant model (Simscape)

Results:

Although the first versions of the clutch model had

numerous faulty assumptions, these where easy to

correct – since the developers now understood the

system!

model

reference library

function developers

CAE developers

test

developers

automated

regression test

Page 17: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

17Agile by Models, Jonn Lantz, [email protected]

my device

controller

device

The Importance of Testing

Some people believe that a graphical, high level control model, looking sort of like

an executable specification, is so descriptive, so simple that no unit test or

regression test is required.

Although complexity is hidden from the user in Simulink,

it will be revealed in the generated code.

Unit Test, (functional) Regression Test and coverage metrics

are absolutely essential!

This is completely wrongvehicle

integration

test

unit test

functional test

automated

regression test

Page 18: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

18Agile by Models, Jonn Lantz, [email protected]

Note about testing: use the same language!

We know from experience that developers prefer to conduct testing using the same

language as they use for development

Thus, if we develop control code using Simulink, we should develop test cases using Simulink – or in a tool

integrated in Simulink with syntax familiar to Simulink users.

This turns out to be tricky…

Formal verification looks very promising! However, Design Verifier (the dedicated toolbox for Simulink) should be integrated in the base product and used by developers.

Why not fully integrate testing in the modelling language?

Test vector design and regression test automationTools for ”Signal builder like” testing, but with assert handling

• yes/no returned for each test case!

• efficient test suite management, parameter set & test execution

• fast simulation (minimize compile time, parallel computing, cloud simulation, …) in normal mode (enabling coverage metrics)

Static analysis Important, but not facilitated yet! Why not integrate this also? The language should help, not trust, the designer…

Page 19: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

19Agile by Models, Jonn Lantz, [email protected]

Scaling Virtual Integration

subsystem

control sw

plant

models

subsystem

control sw

plant

models

subsystem

control sw

plant

models

subsystem

control sw

plant

models

Scaling Model Driven Engineering! Full product simulation – in SimulinkAppealing idea, but comes with considerable challenges:

• Multi domain architecture (combine hw and sw architectures)

• Multi domain modelling (integrating electronics, cooling, data, mechanics…)

• Multiple DSLs has to be integrated (in a base simulink model)

multi domain bus

Page 20: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

20Agile by Models, Jonn Lantz, [email protected]

Looking forward

– approaching product based development

The virtual product

Automotive development is usually project based: massive parallel development and big bang integrations.

Early system test is difficult, if possible at all.

Using large and partly auto-created Simulink models we can cheat and create a virtual product, which is ahead

of the main project.

With an existing product (although virtual)

new features can be faster(!) and distributed

over time to avoid interferencedevelopment on multiple

parallel sub-systems

(ad hoc reuse)

Big Bang

integration

product product

Page 21: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

21Agile by Models, Jonn Lantz, [email protected]

… and in real life

High level

reqs.

ECU

integrations

System design tool

(database)

System

ECU

SW ComponentSW

Design

Simulink & Simscape

ECU

ready!

Vehicle

ready!

CAR

test

Vehicle

integra-

tions

RIG

HIL(continuous ECU-integration

possible)

Assumptions validatedHW Assumptions made

• When available – frequent (continuous)

integration on target, with high coverage

regression test is essential!

• Virtual test is for early learning, real test is for

real knowledge! (Thus, HIL must be extended

with real mechatronics…)

• MDE can be successfully combined with

Continuous Integration, but tailor-made tools

must be developed (in-house scripts!)

Page 22: Volvo Car Group | Jonn Lantz - MathWorks€¦ · Agile by Models, Jonn Lantz, jonn.lantz@volvocars.com About Volvo Car Group Software Mechanics (Mechatronics) Power Electronics Volvo

22Agile by Models, Jonn Lantz, [email protected]

Conclusions

• Volvo Car Group has successfully combined Model Driven Engineering with methods

of Agile Software development.

• Use cases demonstrate that MDE is an enabler for Agile in complex mechatronic

systems.

• Continuous Integration (target builds, regression test) is working well, but suitable

tools for testing and test automation in matlab/simulink are still missing.

• Physical Modelling using DSL (Simscape) has been used for several years in Hybrid

system development.

• Physical Modelling is useful for readable, reusable and scalable modelling of physical

systems, but challenging for large scale MIL testing (due to increased complexity and

code generation issues)

• Current Challenge #1: The complete system MIL simulation; the virtual product testing,

reaching Virtual Continuous Integration.

• Current Challenge #2: Enable platform independent and uniform-ish modelling in the

R&D organization