Article By : Alex Bormuth & Guido Dornbusch, Molex
V2X requires fast and efficient internal and external communications. since vehicles are part of the networked world, and cybersecurity is critical.
The worldwide automotive industry is in the midst of its biggest transformation in decades, with two concurrent megatrends — fundamental changes in drive technology, and vehicle networking. Actually, the word trend falls short here, as vehicle networking is a necessary and basic step on the way to fully or partially automated driving. In fact, even before taking automated driving into account, connectivity is already playing a decisive role for OEMs as a key to new business and service models.
There are numerous use cases, and they underline the importance of consistently pushing this concept forward in all areas. This is because vehicle networking is a blanket term for a wide variety of technologies that collectively determine the next level of automotive evolution. A special aspect here is that some concepts and innovations dig deep into the DNA of the decades-old vehicle architecture and rethink it.
This is important because the challenge of achieving fully networked and automated vehicles can only be met with solutions that depart from existing structures. Three topics are considered in more detail below. The first is internal communication, which is characterized by automotive Ethernet and the advent of a new vehicle architecture.
The second is external communication, in the form of the new mobile communication standard 5G and the changes in antenna technology it makes necessary.
Finally, there is the issue of cybersecurity, a key consideration for the sustained success of the vehicle networking trend. After all, the vision of safe automated driving can only become reality if internal and external networking both rest on a secure foundation.
Internal communication: lightning-fast and efficient All initiatives related to networking, up to and including automated driving, make one thing clear: successful implementation requires fundamental rethinking of many established concepts. This applies in particular to the vehicle architecture.
Up until now, it has adapted to constantly rising requirements, becoming increasingly complex and inflexible in the process. This development is now reaching its limits. The solution is about to change to a new, multizonal architecture.
The underlying idea of this is to divide the vehicle into several zones. This would enable the zonewise incorporation of safety-relevant control units essential for connectivity, as well as routing of the information flow through the zone segments. A conceivable approach is to divide the vehicle into two to six zones with individual zonal processing units, which are interconnected by a ring-topology cable. This creates redundancies so that the vehicle can continue operating even in the event of a fault in one of the modules or in a connecting cable. A computer in each individual zone of the vehicle would handle data processing within the zone and send the relevant data to the main computer. The main computer is connected to the cloud to enable further analyses to be carried out.
Compared to the traditional vehicle architecture that has developed over time, the multizonal arrangement is distinguished by its scalability and optimized structure. Data is collected where it occurs, aggregated, and then sent to the main computer over automotive Ethernet. This enables a drastic reduction in system complexity. Another advantage is that functions that are currently handled by hardware using a control unit can in the future be mapped by individual software solutions within the zone. Today’s vehicles can have more than 100 installed control units with complex mutual dependencies. This number can be reduced considerably with the multizonal architecture.
The previously mentioned automotive Ethernet is another milestone on the way to increasing the bandwidth of internal communication while at the same time reducing system complexity. Greater bandwidth is necessary because an automated vehicle must independently map driving functions with its own sensors (which constantly generate data) and actuators, without relying on the data of other road users or the infrastructure. The vehicle therefore needs an agile nerve system that distributes the data to the processing units deployed in the vehicle. This is available in the form of automotive Ethernet.
This technology, originating from the IT world, is regarded as future-proof and enables large bandwidths and fast signal processing within the vehicle. Automotive data networks up to 10 Gbps are currently available. The first solutions for this were presented at CES 2019 in Las Vegas.
An important aspect is that the automotive Ethernet must be fail-safe and reliable in operation. As already mentioned, the solution is to use redundant cable harnesses that can compensate for partial failures and ensure ongoing operation of the overall system. A key task of the Ethernet is fast transmission of safety-critical data from the vehicle sensors to the processing units, so that (for example) the vehicle can operate independently in urban traffic.
Further data to increase the comfort and convenience of the automated vehicle comes from the outside through the antenna. It must also fulfill specific requirements so that external data can be delivered quickly to the computers in the vehicle. This brings us to the second topic or trend: external communication.
External communication: vehicles as part of the networked world
Antennas play a decisive role in a networked vehicle. For smooth networking with other vehicles and the infrastructure, they must provide high performance, have a large range, and at the same time support fast transmission of signals to the processing units in the vehicle.
The challenge for antenna technology is basically that the rollout of the new 5G mobile communication standard expands the frequency bands from below 7 GHz now to as high as 52.6 GHz in the future. The higher attenuation of high-frequency signals leads to reduced range, which in turn creates problems with non-directional antennas due to their limited capacity to send and receive signals.
The solution is to use several directional antennas instead of an antenna with an omnidirectional radiation pattern. These antennas can continuously steer their beam in a particular direction to increase the range, even while the vehicle is moving. This is necessary to receive signals from other vehicles on the road and to transmit the vehicle’s own signals. In addition, they must be networked with each other and with the vehicle’s computers. This in turn requires the above-mentioned automotive Ethernet for fast data transmission.
Another challenge relates to the topic of bandwidth. For example, sensor data is presently transmitted in a highly processed form because the available bandwidth is only a few megabits per second. This is sufficient now, but with an eye to future use cases with automated driving it is inadequate, because in some cases unprocessed sensor data must be received and sent in order to map new smart functions.
Antennas must cover a larger frequency range in order to provide the necessary bandwidth. This requires extension of the existing standard, and various groups are presently working on this. In the 5.9 GHz band, there are different bandwidths allocated for this in the U.S., Europe, and China regions. Particularly in Europe and China, these are already fully utilized with the rollout of safety-related applications, leaving insufficient or no bandwidth for 5G V2X.
OEMs are presently working on a way to compress data enough that the available bandwidth in the 5.9 GHz band is adequate. There is also a tense situation in Europe, where a frequency range in the 60 GHz band is reserved for V2X. This range is technically demanding. There is a physical problem because the resonant frequency of oxygen molecules lies in this range. When these molecules start oscillating, they draw energy from the radio waves, causing the range to drop to a few meters and strongly limiting the range of applications such as communication between different vehicles and the infrastructure.
This is a striking illustration of the fact that growing networking on and off the road is affected by numerous details in the development of new components for antenna technology, which is essential for external communication.
Cybersecurity: always on, but safe
Security is a very important factor for the sustained success of overall vehicle networking. Cybercriminals have long since earmarked networked vehicles, and in the future automated vehicles, as potential attack targets. Basically, the chances of an attack increase with the number of interfaces to the outside world. This means that OEMs and suppliers must respond quickly and flexibly to new threat situations.
One way to quickly, reliably and easily roll out updates to vehicles is firmware over the air (FOTA), which means updating software via the mobile communication interface. This method could potentially allow weaknesses to be remedied continuously and quickly by patches, new functions to be integrated, and cryptographic algorithms to be updated.
With this approach, a control unit equipped with a mobile communication interface acts as an intermediary between the backend and the devices to be updated in the vehicle. It receives all software packages over the wireless interface and distributes them to the target devices. In addition, a processing unit acting as master monitors and coordinates the entire update process.
A decisive aspect here is that the FOTA process must be implemented so that it is not a gateway for attacks. A prerequisite for this is that the wireless interface is cryptographically secured, for example by encryption with the TLS protocol. The keys and certificates necessary for this must be loaded into the device using confidential and manipulation-proof methods and stored in a protected memory region in the device.
A dedicated hardware security module (HSM) is important to realize secure storage and enable secure execution of cryptographic algorithms. Unauthorized installation of manipulated software can be prevented by a secure installation process and security checking when the device software boots up. With both of these methods, digital signatures are used to validate the authenticity of the software. Development interfaces such as UART, USB, or JTAG must either be disabled in series production or safeguarded by cryptographic methods to prevent penetration of the device.
Finally, it should be noted that the mega trend of vehicle networking is composed of numerous parts, each of which presents its own particular challenges. As a supplier, we help meet these challenges one by one in collaboration with manufacturers to open a new chapter in automotive history.
About the authors
Alex Bormuth is the director of business development for Molex’s Connected Mobility Solutions business unit.
Guido Dornbusch is the director of network connected devices for Molex’s Connected Mobility Solutions business unit.