To realize the full potential of SDV, DENSO's vision is to unify SDV application development approaches to deal with mixed safety critical requirements, using cloud native engineering. The software developed and validated using the cloud should have identical behavior when deployed to a real vehicle.

We adopt an opensource time coordination language called Lingua Franca, to define the application behavior precisely. For an application employing this methodology, we can guarantee deterministic execution of workloads using scheduling and associated time primitives. The proposed methodology offers time centric tooling and middleware for actor-based modeling, development and runtime monitoring of SDV applications. Utilizing the wide array of time semantics of Lingua Franca, we specify event behaviors such as scheduling, deadlines, and delays associated with the application workloads. The runtime takes care of enforcing these properties and detecting violations thereof, at every stage of development.

Safety and non-safety workloads could be run in parallel, while enabling cloud native technologies to be combined with automotive functional safety and real-time requirements. To achieve that, we need 1. Hardware agnostic abstractions for application interface using advanced virtualization methods to minimize freedom from interference, and 2. Efficient and deterministic scheduling for handling real-time requirements. The proposed middleware provides:

• An application-level safety envelope defined as per the specification in the system modeling phase

• Deterministic scheduling methods for handling real-time requirements at the application interface
• Detection of safety violations at design time and runtime
• Invocation of appropriate fault handlers dynamically

Through our first SOAFEE Blueprint, we introduce a time centric middleware for modeling, development, and runtime monitoring of SDV applications. We show this approach using Autoware Foundation's open-source Automated Valet Parking (AVP) application software running on Open AD Kit.  The AVP application is considerably complex with several distributed software workloads within the vehicle needing to coordinate in a timely fashion.  Runtime uncertainties such as execution, communication and computation delays and virtualization bring in additional challenges, causing non-deterministic behavior of this application. We show how to develop deterministic SDV applications while maximizing cloud development returns.

The application workloads are deployed across multiple AWS Graviton instances running on SOAFEE’s EWAOL and managed using K3S for container orchestration. Most of this process involving provisioning, configuration and build steps are automated using CI/CD pipelines on the cloud, following SOAFEE’s cloud native principles. Once the application starts, the vehicle follows the path to reach the set goal position in the parking lot. Through efficient handling of dropped/late events in the system, we achieve precise time coordination among the containerized modules, making the application more reliable. As a result, the vehicle completes reverse parking sequence even in the presence of injected stress in the system.  The runtime monitoring tool allows us to inspect the execution traces associated with these distributed workloads. Analyzing the execution schedules, trigger times of various events and duration of the events can help identify bottlenecks in the system.  Application redesign and parameter tuning can then be performed using a continuous integration and deployment process to meet the design specification for a given environment.

Through this work, we hope to solve key SDV challenges - achieving environmental parity and optimal mixed criticality orchestration. Mass adoption of SDV technology is only possible through industry-wide efforts in the scope of best engineering practices, safety, and standardization. We think the industry led open collaboration model such as SOAFEE is an absolute necessity to solve these complex challenges.