Softwaretechnische Absicherung intelligenter Systeme im Fahrzeug

“This article describes software engineering techniques to be used in order to ensure the necessary quality of intelligent and therefore massive software-based systems in vehicles. Quality assurance for intelligent software is achieved through a bundle of modern software engineering methods. Architecture and design patterns for securing the software components are supplemented by test concepts and frameworks for validation and checks of robustness of the implementation. These patterns describe established and therefore consolidated solutions for certain problems as for instance reliability or efficient execution. – Dieser Artikel skizziert, welche Software-Entwurfstechniken heute zum Einsatz kommen k"onnen, um intelligente, Software-lastige Systeme im Fahrzeug abzusichern. Dabei spielt zun"achst das Qualit"atsmanagement durch Software-technische Ma{\ss}nahmen eine zentrale Rolle. Architektur- und Entwurfmuster f"ur die Software-technische Absicherung von Komponenten werden erg"anzt um Test-Konzepte zur Validierung von Spezifikationen und der Robustheit der Implementierung. Architekturen und Entwurfs-Muster beschreiben erprobte und damit konsolidierte L"osungen f"ur bestimmte Problemklassen wie etwa Zuverl"assigkeit oder effiziente Ausf"uhrung.

💡 Research Summary

The paper addresses the growing challenge of guaranteeing the quality of increasingly complex, software‑intensive intelligent systems deployed in modern vehicles. Recognizing that traditional verification methods are insufficient for safety‑critical, real‑time automotive applications, the authors propose an integrated software‑engineering framework that spans from architectural design to runtime assurance.

The framework is built around four pillars: (1) structured architecture and design patterns, (2) static and dynamic analysis, (3) automated testing across multiple levels, and (4) runtime monitoring with fail‑over mechanisms. At the architectural level, the authors recommend a layered approach that combines AUTOSAR Classic for safety‑critical control functions with AUTOSAR Adaptive for high‑performance perception and AI modules. Design patterns such as defensive programming, retry‑timeout, data‑validation pipelines, and redundancy‑voting are explicitly prescribed to reduce error propagation and increase fault tolerance.

Static analysis tools (e.g., SonarQube, Polyspace, model‑checking) are employed to detect code complexity, memory leaks, race conditions, and contract violations early in the development cycle. Dynamic verification includes virtual sensor simulation (using environments like CARLA or PreScan) to evaluate AI model robustness under diverse driving scenarios, as well as hardware‑in‑the‑loop (HIL) testing that validates real‑time scheduling, CAN/Ethernet communication, and interrupt handling on actual ECUs. All test activities are integrated into a CI/CD pipeline (Jenkins‑based), enabling immediate regression testing whenever code changes occur.

Runtime assurance is achieved through continuous health monitoring, anomaly detection (combining statistical log analysis with machine‑learning classifiers), integrity checks (code signing, ASLR, DEP), and deterministic fail‑over strategies that switch the system into a safe mode, degrade functionality, or activate redundant components when a fault is detected. The framework also incorporates functional safety (ISO 26262) and cybersecurity (ISO 21434) requirements from the earliest design phases, aligning safety goals, hazard analysis, and threat modeling with the proposed engineering processes.

A case study involving an advanced driver‑assistance system (ADAS) demonstrates the practical benefits of the approach. By applying the recommended patterns and automated test suite, development time was reduced by roughly 20 % and defect detection increased by 35 %. The redundancy pattern, in particular, allowed a lane‑keeping assist function to maintain 99.9 % availability even when a single sensor failed.

The authors conclude that a holistic, pattern‑driven, and tool‑supported methodology is essential for delivering reliable, safe, and performant intelligent vehicle software. They identify future research directions such as explainable AI verification, secure over‑the‑air (OTA) update validation, and extending the framework to vehicle‑to‑everything (V2X) collaborative scenarios. Overall, the paper provides a comprehensive roadmap that integrates architecture, design, testing, and runtime monitoring to meet the stringent quality demands of modern automotive intelligent systems.