Develop a By-Wire Braking System for L4 Autonomy Trucks Based on Model-Based Design

For L4 autonomy, ASIL D is necessary for most of the critical control path, especially the braking system. We are developing a complex safety mechanism based on Model-Based Design to avoid any potential failures in the software. For example, there are high ASIL requirements for both unintended braking and lack of braking, so we have to design comprehensive "arbitration" logic to meet the requirements of those two cases. First, we developed safety modules based on model references with different mechanisms. Second, the MIL testing is essential, and we are using a truck model to test the normal cases and do the fault injection testing as well. Third, since we have a dual VCU setting up, we use the HIL bench to test the coordination between two VCUs and do most of the fail-safe and fail operation testing.