One of the toughest challenges for manufacturers in the automotive sector is the complexity of new car architectures which are leading to the consolidation of independent applications into a single powerful Integration MCU and typically involves choosing either determinism or virtualization.
Stellar Integration MCUs have been designed with the necessary computing power to significantly simplify the concurrent and deterministic execution of multiple-sourced software while guaranteeing the highest levels of safety and performance. These capabilities meet system requirements in the electrics/electronics (E/E) architecture of the next generation of connected cars.
Stellar has introduced features that include a state-of-the-art processor with hardware support for virtualization, quality of service settings, the ability to firewall peripherals, and perform resource separation at interconnect levels. These features allow independent applications, or Virtual ECUs, to coexist in the same physical MCU by guaranteeing freedom from interference and secure compartmentalization of software functions while supporting concurrent multiple ASIL safety levels.
ST has developed this new technology with Bosch, the well-known tier-one automotive electronic module supplier, to meet future OEM integration demands.
“We designed Stellar to meet the demands of future Domain/Zone architectures and service-oriented communication needs, setting aggressive real-time performance, safety, and determinism goals,” said Luca Rodeschini, Strategy & Automotive Processors and RF Division General Manager, STMicroelectronics. “The setup, evaluations and validations performed by Bosch now provide expert confirmation, showing that our teams’ integration of outstanding real-time performance, embedded PCM non-volatile memory, and comprehensive virtualization ensure efficient software isolation and compartmentalization that will add to consumers’ safety and convenience in their vehicles.”
Stellar embeds multiple Arm Cortex-R52 cores - some operating in lockstep and some in Split/Lock - and features a 2-level Memory Protection Unit and a low-latency Generic Interrupt Controller. The MCU is suited to hard real-time applications up to the highest safety integrity level, ASIL-D, specified in the automotive functional-safety standard, ISO 26262. There are also multiple powerful accelerators for secure data routing, processing, and mathematical functions, with advanced security support and extensive communication command and control.
The Integration MCU offers a comprehensive virtualization at multiple levels using a Virtual Machine ID (VMID) at the network-on-chip and memory levels. Firewalls ensure complete separation at all interconnect levels including the peripherals.
With its architecture and hardware-based virtualization capabilities, Stellar is able to assure safety through freedom from interference. It also provides significant advantages over software virtualization, including offloading of processor cores and reducing virtualization’s impact on memory.
Stellar is also able to manage increasing software complexity and integration with better utilization of its hardware resources. This reduces total overhead of multiple separate ECUs performing their own housekeeping and managing communication-stack-related latency. In fact, Stellar can support several real-time operating systems (OSes) running independently, without interference. These OSes can separately manage applications with different functional-safety levels and superior processing capabilities for encrypted communication over Ethernet or CAN buses with dedicated AES accelerators to offload the main Hardware Security Modules (HSM) for MACSec, IPSec, and CAN authentication.
Stellar Integration MCUs feature non-volatile Phase-Change Memory (PCM), offering fast read access times, and single-bit alterability that is not available in Flash memory. PCM ensures Over-The-Air (OTA) updates with zero down time, even for full-sized memory updates. In addition to increasing flexibility and erase/write cycles, single-bit alterability at runtime (no erase required) extends safety setup by refreshing bits to eliminate single-bit failures and extend the memory’s lifetime.