FlexCAN: An Architecture for Highly Dependable 

Safety-Critical Systems

Electrical and Computer Engineering Department
Kettering University
(formerly General Motors Institute)
 [Kettering University Logo]

FlexCAN Description

FlexCAN is a new architecture based on the CAN protocol suitable for highly dependable safety-critical systems. FlexCAN has a specialized protocol termed SafeCAN that deals with error detection and management of replicated components (buses and nodes).  The design of FlexCAN is based on a holistic approach considering advances and component availablitiy in the following domains: application, embedded systems, protocols and networks, safety and reliability, real-time systems, and systems engineering. FlexCAN has borrowed some design features of other systems such as: ProfiSafe, J1939, MilCAN A, TTCAN, TTP/C, and FlexRay. In terms of functionality for safety-critical applications, FlexCAN is position between CAN and FlexRay.
FlexCAN has the following main architectural features: FlexCAN has been under development at Kettering University for about 3 years and it is currently at a stage that it can be used for evaluation purposes in the designing and implementation of safety-critical systems. Some of the past projects include various aspects of FlexCAN including simulation, implementation, steer-by-wire case study, diagnostics, network management, testing, and verification. It has attracted the attention of researchers at various Universities and the SAE (society of automotive engineers). Work is ongoing on various aspects of the architecture. A number of tools has been also developed. If you are interested in collaborating on the further development of FlexCAN (research or development) please contact Dr. Pimentel.

Literature on FlexCAN

The following is an annotated list of papers published or in preparation that describes some aspects of FlexCAN or some of the underlying issues behind it.

Design of a Safety-Critical Drive-by-Wire system using FlexCAN
Pre-print of a paper to be presented at the SAE 2006 Congress.

Testing, Verification, and Validation of a Steer-by-Wire system using DO-178B
Pre-print of a paper to be presented at the SAE 2006 Congress.

FlexCAN Bus Guardian. PDF
Pre-print of a paper to be presented at the IEEE Int. Workshop on Emerging Technologies in Factory Automation (ETFA05), Catania, Italy, Sept. 2005. It summarizes a simple but effective bus guardian for FlexCAN.

FlexCAN Architecture. PDF
Paper presented at the 3rd Int. Workshop on Real-Time Networks to be held in Catania, Italy, July 2004. It summarizes FlexCAN and SafeCAN and the main architectural components.

SafeCAN Protocol. PDF
The paper that describes the SafeCAN protocol is some detail. Paper published at INCOM'04, 11th IFAC Symp. on Information Control Problems in Manufacturing, April 2004, Salvador, Bahia, Brazil. Additional details of SafeCAN can be found in this paper as well as a summary on a case study involving a steer-by-wire system including some testing and verification issues.

Elements of the FlexCAN Architecture. PDF
Paper presented at the SAE Congress 2004 (Paper Number 2004-01-0714)  that contains a discussion of the main constituent components of FlexCAN particularly a discussion of the "Safeware" paradigm.

Designing Safety-Critical Systems: A Convergence of Technologies. PDF
Paper presented at the 2003 Symposium on Reliable Distributed Systems (SRDS'2003) in Sept. 2003, Florence, Italy. This paper details the holistic approach used to design FlexCAN and SafeCAN.

Deterministic and real-time response of grouped messages on CAN. PDF
Paper presented at the SAE Congress 2003 (Paper Number 2003-01-1199). This paper proves deterministic and real-time behavior for grouped messages in CAN. The title of this paper is a bit of a missnomer.

Evaluation of Reliability and Availability: Components with repair. PDF
A method to numerically evaluate reliability and availability functions using Petri Nets for replicated components within FTU's when failed components are repaired. Paper presented at IECON'03, Blacksburg, Virginia.

Evaluation of Reliability and Availability: Components without repair. PDF
A method to numerically evaluate reliability and availability functions using Petri Nets for replicated components within FTU's when failed components are not repaired. Paper presented at IECON'02, Seville, Spain.

A Fault Management Protocol for TTP/C. PDF
A Fautl Management Protocol that can be implemented using the native TTP/C protocol. Paper presented at IECON'01,  Denver, Colorado.
 

FlexCAN Development

Most work on FlexCAN has been performed at the Distributed Embedded System (DES) laboratory at Kettering University. A number of specific FlexCAN tools are available (contact Dr. Pimentel). The DES laboratory features the following general develpment tools.

Vector CANtech Inc.
CANoe: The comprehensive tool for CAN projects.
CAN-AC2-PCI: A PCI interface card for CAN.
CANcardX: A PCMCIA interface for CAN with a selection of bus drivers.

dSPACE Inc.
DS1103 multiprocessor board and brakeout box.
Control Desk
Target Link.

The Mathworks Inc.
Matlab/Simulink,
Real Time Workshop (RTW)

Other resources
PC workstations with the Windows XP operating system connected to the Internet.
T-boards (ECUs) containing Motorola MCS12 (S12) microcontrollers.
IAR. A windows based software development environment that incudes a C-compiler, assembler, and linker.
Debugging and software download modules (IAR C-Spy with P&E Background debugger module (BDM)).

Dr. Juan R. Pimentel
Computer Engineering Program
Electrical and Computer Engineering Department
Kettering University
1700 W. Third Avenue
Flint, MI 48504		 http://www.kettering.edu/~jpimente/
jpimente@kettering.edu
Phone: 810-762-7990
Toll-Free: 800-955-4464 x7990
Fax: 810-762-9830

last update: July 28,2005.