Approach to functional safety-compliant ECU design for electro-mechanical brake systems

  • K. J. Lee
  • Y. H. Ki
  • J. S. Cheon
  • G. Hwang
  • H. S. AhnEmail author


In this paper, we propose a design approach to a functional safety-compliant ECU for an electro-mechanical brake (EMB) control system or an electronic wedge brake (EWB) control system. Brake actuators in a brake-by-wire (BBW) system such as EMB or EWB are characterized by the safety-critical functions which are now executed by using many electric and electronic devices with application software. Based on hazard analysis and risk assessments of the automotive functional safety standard ISO 26262, the proposed EMB control system should be ASIL-D-compliant, which is the highest ASIL level. To this end, a hardware and a software design method is introduced to implement functionl safety-oriented monitoring functions which are based on an asymmetric dual-core architecture with an external watchdog processor. It is shown by using EMB hardware-In-the-Loop-Simulation (HILS) that the proposed ECU design approach is very effective when a hardware fault or software execution faults occur in the EMB ECU, moreover, this functional safety-compliant design can be well combiled with the sensor fault-tolerant control logic.

Key Words

Functional safety ISO 26262 Electro-Mechanical Brake (EMB) Brake-by-Wire (BBW) 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. Cheon, J., Kim, J., Jeon, J. and Lee, S. (2011). Brake By wire functional safety concept design for ISO/DIS 26262. SAE Paper No. 2011-01-2357.CrossRefGoogle Scholar
  2. Christiaens, S., Ogrzewalla, J. and Pischinger, S. (2012). Functional safety for hybrid and electric vehicles. SAE Paper No. 2012-01-0032.CrossRefGoogle Scholar
  3. IEC 61508 (2010). Functional Safety of Electrical/Electronic /Programmable Electronic Safety-related Systems. International Electrotechnical Commission.Google Scholar
  4. Infineon Technologies AG (2009). TC1797 User’s Manual.Google Scholar
  5. Infineon Technologies AG (2012). SafeTcore Safety Driver.Google Scholar
  6. Infineon Technologies AG (2012). CIC61508 User’s Manual.Google Scholar
  7. ISO 26262, Road Vehicles (2011). Functional Safety. International Organization for Standardization.Google Scholar
  8. Ki, Y., Ahn, H. and Cheon, J. (2012). Fault-tolerant control of EMB systems. SAE Paper No. 2012-01-1795.CrossRefGoogle Scholar
  9. Kwak, J. (2005). Modeling and Control of an Electromechanical Brake (brake-by-wire) System. Ph. D. Dissertation. School of Mechanical Engineering of Purdue University.Google Scholar
  10. Line, C., Manzie, C. and Good, M. (2004). Control of and Electromechanical Brake for automotive brake-by-wire systems with an adapted motion control architecture. SAE Paper No. 2004-01-2050.CrossRefGoogle Scholar
  11. Maron, C., Dieckmann, T., Hauck, S. and Prinzler, H. (1997). Electromechanical brake system: Actuator control development system. SAE Paper No. 970814.CrossRefGoogle Scholar
  12. Sundaram, P. and D’Ambrosio, J. (2006). Controller integrity in automotive failsafe system architectures. SAE Paper No. 2006-01-0840.CrossRefGoogle Scholar
  13. Van Eikema Hommes, Q. (2012). Review and assessment of the ISO 26262 draft road vehicle — Functional safety. SAE Paper No. 2012-01-0025.CrossRefGoogle Scholar
  14. Zhai, Z. and Corbiere, T. (2009). Achieving ASIL D for microcontroller in safety-critical drive-by-wire system. SAE Paper No. 2009-01-0759.CrossRefGoogle Scholar

Copyright information

© The Korean Society of Automotive Engineers and Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • K. J. Lee
    • 1
  • Y. H. Ki
    • 2
  • J. S. Cheon
    • 2
  • G. Hwang
    • 3
  • H. S. Ahn
    • 1
    Email author
  1. 1.Department of Electronics EngineeringKookmin UniversitySeoulKorea
  2. 2.Technical Research InstituteHyundai MobisGyeonggiKorea
  3. 3.Infineon Technologies Korea Co. Ltd.SeoulKorea

Personalised recommendations