[00:00.000 --> 00:15.680]  Okay, welcome to the next session.
[00:15.680 --> 00:22.640]  So I will be talking about KuxaWall and in vehicle access to standard VSS signals.
[00:22.640 --> 00:24.080]  I will tell you what it is.
[00:24.080 --> 00:28.040]  I hope I can convince you that it's a good thing and you want it, but let's see.
[00:28.040 --> 00:29.040]  I'm Sebastian.
[00:29.040 --> 00:33.960]  I'm part of the Kuxa project and when I'm working, I'm working for Eters on vehicle
[00:33.960 --> 00:34.960]  software.
[00:34.960 --> 00:35.960]  So Eters belongs to Bosch.
[00:35.960 --> 00:39.120]  If that is something that's more familiar to you.
[00:39.120 --> 00:42.040]  So yeah, this is about automotive software.
[00:42.040 --> 00:43.040]  So let's get started.
[00:43.040 --> 00:45.960]  We will start like very high, you know, like sky high.
[00:45.960 --> 00:48.480]  And then I promise we go down to code.
[00:48.480 --> 00:50.960]  So there should be something for everyone.
[00:50.960 --> 00:51.960]  First thing is what's Kuxa.
[00:51.960 --> 00:53.160]  It's an open source software project.
[00:53.160 --> 00:56.040]  So I'm not totally at the wrong place here.
[00:56.040 --> 01:00.240]  First time for me, first time for Kuxa, I think.
[01:00.240 --> 01:02.760]  Kuxa doesn't stand alone.
[01:02.760 --> 01:06.280]  Actually it's part of the Eclipse software defined vehicle working group.
[01:06.280 --> 01:11.640]  So Eclipse is one of those many happy homes that exist for open source software.
[01:11.640 --> 01:17.080]  And the Eclipse SDV working group, that's basically a bunch of companies and people
[01:17.080 --> 01:20.840]  interested in automotive open source software and a couple of other interesting projects
[01:20.840 --> 01:21.840]  beside Kuxa.
[01:21.840 --> 01:24.080]  But we're focusing on Kuxa.
[01:24.080 --> 01:28.000]  You could say Eclipse SDV, it shares the software defined vehicle mindset.
[01:28.000 --> 01:29.000]  So what is that?
[01:29.000 --> 01:31.080]  I mean, later just Google it.
[01:31.080 --> 01:34.200]  You will see that's basically the latest and greatest type in automotive.
[01:34.200 --> 01:38.680]  So whenever somebody tries to sell you automotive software these days, they will probably put
[01:38.680 --> 01:41.240]  the SDV stamp on it.
[01:41.240 --> 01:43.000]  So what does it mean?
[01:43.000 --> 01:44.880]  That's also, I can only give you a very broad thing.
[01:44.880 --> 01:47.320]  So it's a little bit of a marketing thing.
[01:47.320 --> 01:49.880]  But what it normally promises is faster updates.
[01:49.880 --> 01:54.160]  Like I mean, today maybe you have a phone and you get a stream of updates for two years
[01:54.160 --> 01:56.920]  and if it stops after two years you're pissed.
[01:56.920 --> 01:58.880]  If you have a vehicle it's a bit different.
[01:58.880 --> 02:02.000]  Maybe if you're lucky after two years you get an update with some emergency patches
[02:02.000 --> 02:05.080]  and yeah, you should feel pleasantly surprised about that.
[02:05.080 --> 02:10.320]  And SDV is a little bit about making this better in cars that you have more like these
[02:10.320 --> 02:13.920]  apps and software functionalities added later and not so much big blob of firmware that
[02:13.920 --> 02:16.160]  we only update in emergencies.
[02:16.160 --> 02:20.280]  It's often you hear this term 10 times faster development, not 10 times faster than you
[02:20.280 --> 02:24.720]  are maybe as IT guys, but 10 times faster than automotive is currently.
[02:24.720 --> 02:29.240]  Because a lot of software there comes rightfully so from the mindset of like deeply embedded
[02:29.240 --> 02:33.560]  stuff, you know, embedded for real men and women, engine controllers, real time issues.
[02:33.560 --> 02:38.160]  And there, I mean, of course it is harder in a slower process to develop software.
[02:38.160 --> 02:41.520]  But somehow it has taken over also to the higher levels of your vehicle now.
[02:41.520 --> 02:44.920]  So even your infotainment doesn't update as fast as maybe your Android phone.
[02:44.920 --> 02:47.720]  And that is something SDV promises to change.
[02:47.720 --> 02:49.400]  Many companies promising that.
[02:49.400 --> 02:53.120]  So that will make you as a user of vehicles more happy, developers more happy because finally
[02:53.120 --> 02:57.200]  they can write software for vehicles or it gets just cheaper, makes corporations happy.
[02:57.200 --> 02:59.080]  So that's, yeah, SDV is awesome.
[02:59.080 --> 03:01.720]  Just Google it, lots of press releases about it.
[03:01.720 --> 03:02.960]  So how do we do it?
[03:02.960 --> 03:06.360]  So I, well, the point is in IT we can already do it.
[03:06.360 --> 03:08.560]  So it's pretty easy actually.
[03:08.560 --> 03:12.680]  We take all of our favorite text tags we know and laugh which are super productive.
[03:12.680 --> 03:14.280]  We put a bunch of beefy hardware.
[03:14.280 --> 03:17.240]  Okay, we need a little bit more hardware, but that is some understanding that's coming
[03:17.240 --> 03:18.240]  to automotive.
[03:18.240 --> 03:21.960]  It might make sense to invest a little bit more on hardware to get cheaper and more
[03:21.960 --> 03:23.800]  productive on the software side.
[03:23.800 --> 03:28.360]  And we put it all in a vehicle, done.
[03:28.360 --> 03:30.280]  Problem is, I mean, we do it, it's pretty cool, right?
[03:30.280 --> 03:33.560]  I mean, maybe you have your Kubernetes cluster and cars and I'm not joking.
[03:33.560 --> 03:35.200]  People think about that and doing that.
[03:35.200 --> 03:38.000]  So you can probably deploy WordPress easily, right?
[03:38.000 --> 03:43.920]  And if you put good enough hardware, I think your doom frame will be pretty acceptable.
[03:43.920 --> 03:45.800]  Of course, there are challenges, right?
[03:45.800 --> 03:49.520]  I mean, it's a vehicle where you drive around yourself with your family or things like that.
[03:49.520 --> 03:53.280]  So probably thinking about safety and security is a good idea.
[03:53.280 --> 03:57.360]  And we come to that a little bit later in the talk.
[03:57.360 --> 04:01.800]  But the problem is, if you put all these in your computer, if you don't have any access
[04:01.800 --> 04:05.280]  to the vehicle's hardware, if you can't actually interact with the sensors and actuators in
[04:05.280 --> 04:08.600]  the vehicle, yeah, then maybe it ends at deploying WordPress, right?
[04:08.600 --> 04:11.640]  You can't do all these fancy automotive applications you have in mind.
[04:11.640 --> 04:12.800]  And that is sort of the challenge.
[04:12.800 --> 04:17.120]  It doesn't help you just putting all these text-texts on there.
[04:17.120 --> 04:22.480]  What does it, let's see, we're stuck here.
[04:22.480 --> 04:29.160]  Okay, so what does it mean to access vehicle hardware?
[04:29.160 --> 04:33.560]  So mostly the most interesting part on a vehicle is really signal-based on a very low level
[04:33.560 --> 04:38.120]  and you have maybe two kinds of interesting things, sensors, how fast am I, and simple
[04:38.120 --> 04:39.120]  actuators.
[04:39.120 --> 04:43.440]  You want to open the trunk, open the door, engage the vipers.
[04:43.440 --> 04:44.640]  Now you might think, no problem.
[04:44.640 --> 04:45.640]  I read about Linux.
[04:45.640 --> 04:48.720]  It has can interface, automotive, I just enable it and off I go.
[04:48.720 --> 04:53.480]  But of course, it should be pretty clear that it's maybe not a clever way to just let anybody
[04:53.480 --> 04:57.000]  who deploys some software in my vehicle interact with all the bus systems and all the hardware
[04:57.000 --> 04:59.360]  in the vehicle just for safety reasons alone.
[04:59.360 --> 05:01.400]  And of course, you want your vehicle still to move.
[05:01.400 --> 05:03.600]  So that's probably not a good idea.
[05:03.600 --> 05:08.200]  Second challenge is just the way how automotive software evolved in a vehicle.
[05:08.200 --> 05:11.480]  Let's say the serialization, the data formats are very much not standardized.
[05:11.480 --> 05:16.520]  So even a simple concept like vehicle speed, how it's represented in bits and what's the
[05:16.520 --> 05:21.080]  data type and what's the unit and things like that, that is different from each manufacturer
[05:21.080 --> 05:24.120]  to each manufacturer from model to model, from model year to model year.
[05:24.120 --> 05:28.400]  So that's a big pain if you want to write a piece of software that runs in more than
[05:28.400 --> 05:30.240]  just one vehicle.
[05:30.240 --> 05:35.200]  Luckily, because we don't have so much time, challenge two, the second one is solved or
[05:35.200 --> 05:39.520]  it's in the process of being solved, there's something called the Covesa Vehicle Signal
[05:39.520 --> 05:42.240]  Specification link at the end of the talk.
[05:42.240 --> 05:45.280]  So yeah, there's some homework maybe for you.
[05:45.280 --> 05:50.440]  The point is that's a very simple data model describing sickness in a vehicle.
[05:50.440 --> 05:52.720]  It uses identifiers which are based on a tree.
[05:52.720 --> 05:53.720]  That's just an example.
[05:53.720 --> 05:54.960]  In fact, it's much more complex.
[05:54.960 --> 05:58.360]  But you can already, I think, see the gist of it.
[05:58.360 --> 06:02.000]  Like here we have something like path like vehicle chassis, axle, wheel, tire, pressure.
[06:02.000 --> 06:05.000]  So you already have an idea of what it is, what it might be.
[06:05.000 --> 06:09.720]  And the VSS defines then also what would be the data type of it, what would be the unit,
[06:09.720 --> 06:10.720]  maybe hectopascals.
[06:10.720 --> 06:13.200]  I don't know, don't quote me on that.
[06:13.200 --> 06:17.560]  And if you have that, and if your software stack integrates it somehow, then interoperability
[06:17.560 --> 06:20.720]  and portability would get much easier.
[06:20.720 --> 06:22.240]  But the question is, that's a data model.
[06:22.240 --> 06:25.440]  So it's actually a nice, YAML-based file format you convert it to whatever you like,
[06:25.440 --> 06:26.840]  but it's not live software.
[06:26.840 --> 06:29.440]  So how do you bring it to life?
[06:29.440 --> 06:34.040]  And that's a question, where would you use these kind of nice abstracted model?
[06:34.040 --> 06:38.360]  And two things, talk again about these real embedded layer, probably not.
[06:38.360 --> 06:42.160]  Because down there, where you have these super small microcontrollers, few kilobytes of RAM,
[06:42.160 --> 06:47.440]  safety-critical stuff, maybe you can't or don't want to invest in this cost of abstraction.
[06:47.440 --> 06:50.520]  Because that, it costs, I mean, it's nice and neat, but it costs.
[06:50.520 --> 06:55.160]  Then, I mean, all the other way, somewhere in the cloud backend systems that a manufacturer
[06:55.160 --> 06:59.200]  might have, or that a fleet operator might have, there might be a good idea to have an
[06:59.200 --> 07:00.880]  abstracted data model.
[07:00.880 --> 07:06.360]  And that is also the place where VSS is already in production today at several different companies.
[07:06.360 --> 07:09.520]  You can even go to AWS by a generic service for that, if you want.
[07:09.520 --> 07:13.720]  So there are solutions there, because that is where at first has taken root.
[07:13.720 --> 07:18.000]  And the question is, on the way between the sensors, which are very deep in your vehicle,
[07:18.000 --> 07:20.160]  up to the cloud, where would you do this transformation?
[07:20.160 --> 07:25.520]  Where would you move from these proprietary signals and very different variants to the
[07:25.520 --> 07:26.720]  standardized thing?
[07:26.720 --> 07:31.320]  And I think it's no surprise that in SDV, the answer is still in vehicle, because you
[07:31.320 --> 07:33.160]  want to be better in vehicle.
[07:33.160 --> 07:38.480]  But the point is, do it not on a microcontroller, do it in a vehicle computer.
[07:38.480 --> 07:42.520]  I use the term very broadly, but that would be any computing unit in your car that actually
[07:42.520 --> 07:47.000]  has a processor and has a real, let's say, POSIX-style operating system.
[07:47.000 --> 07:52.120]  So Linux, for example, maybe the QNX fence here would also work, but not microcontrollers
[07:52.120 --> 07:54.360]  but the microprocessor platform.
[07:54.360 --> 07:56.800]  And that actually is exactly what Cooke-Zawal is.
[07:56.800 --> 08:00.920]  Cooke-Zawal is an open-source software component that can do just that, sit on a vehicle computer
[08:00.920 --> 08:04.480]  and provide access to the standardized signals.
[08:04.480 --> 08:08.520]  How does it look like in an architecture kind of view?
[08:08.520 --> 08:13.120]  So basically, you have something we call the Cooke-Zawal data broker.
[08:13.120 --> 08:17.040]  That's like you can see, like a small server, it can run on your vehicle computer.
[08:17.040 --> 08:21.800]  It provides a GRPC-based interface or network-based interface you can connect to.
[08:21.800 --> 08:25.720]  You can get said, read, subscribe, all these nice signals, these abstracted signals from
[08:25.720 --> 08:26.720]  the VSS tree.
[08:26.720 --> 08:30.360]  So it means the applications on top, yeah, they would be portable.
[08:30.360 --> 08:32.320]  They work on standardized signals.
[08:32.320 --> 08:36.960]  Of course, you need to get them in and out somehow because down there, I mean, we have
[08:36.960 --> 08:38.080]  the non-standardized signal.
[08:38.080 --> 08:43.040]  So there we have something we call it a VSS provider or VSS feeder as a term you'll often
[08:43.040 --> 08:44.840]  see in our documentation.
[08:44.840 --> 08:49.720]  And this is a software component that would transform basically the data from the proprietary
[08:49.720 --> 08:54.760]  things in a given vehicle to the standardized form as required by Cooke-Zawal and as required
[08:54.760 --> 08:56.800]  by VSS.
[08:56.800 --> 08:58.680]  Important some architecture decisions.
[08:58.680 --> 09:02.520]  So this data broker is written in Rust pretty lightweight.
[09:02.520 --> 09:05.640]  It does not have many features, so no history or things like that.
[09:05.640 --> 09:09.200]  I mean, currently, it's like less than four megabytes that's statically compiled, you
[09:09.200 --> 09:11.200]  know, everything all in.
[09:11.200 --> 09:15.280]  And that's how we want to keep it so that it could really run on even the smallest one
[09:15.280 --> 09:16.600]  of these vehicle computers.
[09:16.600 --> 09:22.160]  There's also, I'm not sure if we have old Cooke-Zawal users there, there's a version
[09:22.160 --> 09:27.120]  of Cooke-Zawal in C++, but currently, I'm focusing on the Rust version for this talk.
[09:27.120 --> 09:29.080]  But architecture is the same.
[09:29.080 --> 09:33.120]  So how would it look like, let's say, if you really want to write an application that can
[09:33.120 --> 09:35.320]  basically open your trunk, pretty simple, right?
[09:35.320 --> 09:38.560]  User presses the button, open the trunk, and you maybe also want to see whether the trunk
[09:38.560 --> 09:40.040]  is open or not.
[09:40.040 --> 09:41.560]  And VSS terms is pretty simple.
[09:41.560 --> 09:45.280]  I mean, you talk to Cooke-Zawal data broker, you say, I want to subscribe to the state
[09:45.280 --> 09:49.800]  of the trunk, because you can show this fancy graphic if it changes.
[09:49.800 --> 09:54.440]  You might, if the user presses that he wants to open the trunk in this app, or somewhere,
[09:54.440 --> 09:56.720]  you want to set the target position of the trunk.
[09:56.720 --> 10:01.360]  So you want to, yeah, state the intent that you want the trunk to be opened.
[10:01.360 --> 10:02.360]  If it ends there, nice.
[10:02.360 --> 10:05.880]  I mean, you talk to a database, nothing happens.
[10:05.880 --> 10:08.760]  So in the end, you need these two VSS providers.
[10:08.760 --> 10:10.880]  We talk about feeder and control service.
[10:10.880 --> 10:14.440]  So feeder would be the component that checks actually what is the state of the trunk.
[10:14.440 --> 10:19.360]  It's back to Cooke-Zawal, so everybody can get an updated state of subscribe.
[10:19.360 --> 10:22.160]  And the control service would run the other way around.
[10:22.160 --> 10:25.120]  If the target value is set, the control service would be triggered.
[10:25.120 --> 10:27.600]  And then it can do basically something, right?
[10:27.600 --> 10:31.560]  I mean, you can write a can frame or some IP that some of these standards, which are
[10:31.560 --> 10:34.480]  an automotive.
[10:34.480 --> 10:38.960]  I can make it a little bit more specific because for these toy examples, because now it's just
[10:38.960 --> 10:43.120]  PowerPoint engineering, but I think people sitting here, they want to see code, or at
[10:43.120 --> 10:45.440]  least want to see if it exists.
[10:45.440 --> 10:51.160]  So the point is, how would we make this feeder, and how would we make this provider?
[10:51.160 --> 10:54.000]  And I show you examples now in Python, two reasons.
[10:54.000 --> 10:55.280]  Python is compatible with PowerPoint.
[10:55.280 --> 10:58.200]  I can fit every single one slight.
[10:58.200 --> 11:01.560]  And second, we have a very nice Python library on Cooke-Zawal that makes it easy.
[11:01.560 --> 11:05.360]  But as I said before, the interface actually is GRPC-based, and that you can generate
[11:05.360 --> 11:06.440]  in virtual every language.
[11:06.440 --> 11:11.520]  So if you want to write this in Rust or C++ or C, or Go, or whatever, you can just generate
[11:11.520 --> 11:12.520]  it.
[11:12.520 --> 11:16.360]  So feeder example, pretty simple.
[11:16.360 --> 11:19.680]  So here in this example, because then you can run it on your computer, we just simulate
[11:19.680 --> 11:20.680]  the vehicular access.
[11:20.680 --> 11:24.320]  Normally there, you will need to have some interface to can or some autosite API or something
[11:24.320 --> 11:25.320]  like that.
[11:25.320 --> 11:28.760]  So we just pretend whether there's a file or not that states whether the trunk is open
[11:28.760 --> 11:29.760]  or not.
[11:29.760 --> 11:31.680]  We just uncheck for that.
[11:31.680 --> 11:36.520]  And if it changes, we just set this vehicle body trunk rear as open data point to the
[11:36.520 --> 11:37.720]  current state.
[11:37.720 --> 11:41.160]  And that is literally, I mean, this code, if you get the slide there, you can't copy
[11:41.160 --> 11:42.160]  it.
[11:42.160 --> 11:43.160]  You can't type it.
[11:43.160 --> 11:46.360]  You know, like in the magazines 20 years ago, you can type the code and run it.
[11:46.360 --> 11:47.360]  But this code will run.
[11:47.360 --> 11:50.280]  So I didn't leave anything out for simplicity.
[11:50.280 --> 11:51.280]  Maybe error handling.
[11:51.280 --> 11:53.760]  But if you do everything right, it will run.
[11:53.760 --> 11:55.600]  Control service is basically the same thing.
[11:55.600 --> 11:59.080]  The control service is now that thing where we say we want to listen whether actually
[11:59.080 --> 12:02.200]  somebody wants to change the state of the trunk.
[12:02.200 --> 12:07.200]  And if I see somebody wants to open it or close it, then we would enact the changes in
[12:07.200 --> 12:08.560]  the e-architect of the vehicle.
[12:08.560 --> 12:13.240]  And again, we simulate it via the file and let me check.
[12:13.240 --> 12:15.760]  I think we are not so bad in time.
[12:15.760 --> 12:18.520]  So I think I can, I didn't dare to show it live.
[12:18.520 --> 12:28.400]  I'm not that, how to say, crazy here, but I can show you semi-life.
[12:28.400 --> 12:36.120]  Same code you have just seen.
[12:36.120 --> 12:41.080]  So we start off by just starting data broker, so this component that will always run.
[12:41.080 --> 12:44.640]  Then we use something called the data broker CLI, so you can just simulate what an app
[12:44.640 --> 12:45.640]  would do.
[12:45.640 --> 12:46.740]  I mean, it's CLI for that.
[12:46.740 --> 12:50.280]  So you see, I will just query the state of the trunk.
[12:50.280 --> 12:54.640]  And it's not surprising that it will say, I don't know, because we just started the
[12:54.640 --> 12:57.560]  Cooks-Avile bookhouse, should it know.
[12:57.560 --> 12:59.480]  We can now simulate feeding this value.
[12:59.480 --> 13:00.480]  I mean, it's against CLI.
[13:00.480 --> 13:03.960]  We just pretend that the trunk might be open.
[13:03.960 --> 13:06.040]  So I said that.
[13:06.040 --> 13:08.280]  And it says, OK, that's a good sign normally.
[13:08.280 --> 13:10.280]  And now if I query it again, OK, the data is there.
[13:10.280 --> 13:13.800]  So yeah, hell yeah, we can make a database.
[13:13.800 --> 13:14.800]  Now let's look again.
[13:14.800 --> 13:18.040]  That is exactly the code you saw before on the slide.
[13:18.040 --> 13:23.400]  We simulate whether the trunk is open or not, depending on whether this file in temp
[13:23.400 --> 13:25.440]  exists.
[13:25.440 --> 13:27.400]  And you see, there's no extra code.
[13:27.400 --> 13:30.680]  I just, I'm just running it now.
[13:30.680 --> 13:34.480]  It actually says trunk is not open anymore, because we don't have this file.
[13:34.480 --> 13:36.480]  We don't have this file.
[13:36.480 --> 13:41.040]  And if we query again in the CLI, you see, yeah, that is reflected already.
[13:41.040 --> 13:44.360]  Now we can also, I mean, now assume you have a user and a vehicle, right?
[13:44.360 --> 13:45.360]  I mean, he opens the trunk.
[13:45.360 --> 13:47.240]  He closes the trunk, something like this.
[13:47.240 --> 13:51.160]  So again, we do this here with our mockup.
[13:51.160 --> 13:52.920]  And you see this is immediately picked up.
[13:52.920 --> 13:54.880]  You can see from the locks of the feeder.
[13:54.880 --> 13:59.120]  And again, on the CLI, you see that the state changes.
[13:59.120 --> 14:02.240]  And that would already be all you need if you want to have these fancy graphics in there,
[14:02.240 --> 14:03.240]  right?
[14:03.240 --> 14:04.920]  So let me show you what is.
[14:04.920 --> 14:09.760]  I can do the same stuff now with the control service, also the same code as you saw on
[14:09.760 --> 14:10.760]  the PowerPoint.
[14:10.760 --> 14:13.600]  Basically, it subscribes for state changes.
[14:13.600 --> 14:14.600]  That's important.
[14:14.600 --> 14:18.640]  We always have the differentiation between current value and target value.
[14:18.640 --> 14:25.400]  Because that's important to see, because some operations take longer and we start it.
[14:25.400 --> 14:29.680]  Of course, first, nothing happens, because nobody requests anything.
[14:29.680 --> 14:31.560]  But now, again, we are back in the CLI.
[14:31.560 --> 14:36.680]  So now I can do a set call, which basically is telling me I have the intent now to open
[14:36.680 --> 14:37.680]  the trunk.
[14:37.680 --> 14:41.720]  I'm not good at slower typing.
[14:41.720 --> 14:42.720]  There it is.
[14:42.720 --> 14:43.720]  I type it.
[14:43.720 --> 14:44.720]  But now it's fast.
[14:44.720 --> 14:45.720]  Yeah.
[14:45.720 --> 14:46.720]  And don't blink.
[14:46.720 --> 14:48.120]  So you see the trunk control service sort immediately.
[14:48.120 --> 14:49.120]  Open the trunk.
[14:49.120 --> 14:53.200]  You could see the feeder also picked it up immediately, because in this example, it worked.
[14:53.200 --> 14:56.720]  And then, of course, we can, again, get the state in CLI.
[14:56.720 --> 14:57.880]  Now we're closing the trunk.
[14:57.880 --> 14:58.880]  Our trunk is fancy.
[14:58.880 --> 15:00.840]  It can close by itself.
[15:00.840 --> 15:03.160]  Then pick it up.
[15:03.160 --> 15:05.240]  The feeder picked it up and you see it.
[15:05.240 --> 15:06.480]  So that's round trip.
[15:06.480 --> 15:09.200]  But yeah, that you can also do at home.
[15:09.200 --> 15:19.400]  So it's all the links you need are in it.
[15:19.400 --> 15:24.560]  Now I need to get my mouse back to sit.
[15:24.560 --> 15:25.560]  So that we just saw.
[15:25.560 --> 15:30.360]  So now, I think one important thing I want to talk about is now, I mean, that's fine
[15:30.360 --> 15:31.360]  and it works.
[15:31.360 --> 15:34.400]  And I mean, probably you believe me, it could also work if you know the magic can command
[15:34.400 --> 15:35.400]  or something like this.
[15:35.400 --> 15:39.800]  But the question is, would you want to run this in your vehicle or should you do it?
[15:39.800 --> 15:45.960]  So the question of safety and security, I think, is very important.
[15:45.960 --> 15:51.280]  So the thing is, no matter what applications, at one point, you need to think about it.
[15:51.280 --> 15:54.600]  I mean, security is already the aspect that probably you don't even want to give all
[15:54.600 --> 15:57.520]  applications access to all the data you might have.
[15:57.520 --> 16:02.320]  If you support the whole VSS tree, I think it has like 700 to 1,000 signals already,
[16:02.320 --> 16:03.320]  just in the standard thing.
[16:03.320 --> 16:05.400]  So maybe not every app should access it.
[16:05.400 --> 16:09.520]  And the other thing is, again, like opening a trunk is maybe not a good idea if you're
[16:09.520 --> 16:12.560]  on the highway and driving this 100 kilometers per hour.
[16:12.560 --> 16:18.200]  And so I'm very sorry to tell you that I cannot magically solve it to you.
[16:18.200 --> 16:21.520]  I would love to tell you download CookServal and everything is fine.
[16:21.520 --> 16:22.680]  Of course not.
[16:22.680 --> 16:24.520]  But it's important to look at the architecture.
[16:24.520 --> 16:29.400]  So the CookServal, it's written that something in automotive, we call it SQM domain.
[16:29.400 --> 16:32.800]  That's basically, yeah, maybe it's a well-tested software, but we don't trust it much for
[16:32.800 --> 16:35.080]  any safety-related things.
[16:35.080 --> 16:37.920]  So what we do there is, OK, we can have authorization, right?
[16:37.920 --> 16:41.920]  An application needs to prove that I am allowed to write this value or read this value or things
[16:41.920 --> 16:42.920]  like that.
[16:42.920 --> 16:45.760]  That's a security aspect.
[16:45.760 --> 16:50.040]  Same like now these feeder and service we saw in the example.
[16:50.040 --> 16:54.240]  Of course you could add some extra security there if you want, but the ones I showed
[16:54.240 --> 17:00.080]  you, the Python things, not, yeah, they cannot give you any safety, at least not in the midterm.
[17:00.080 --> 17:06.960]  I think now there are some, let's say, activities to try to make a safe Linux kernel.
[17:06.960 --> 17:09.280]  And of course, I mean, the data broker is written Rust.
[17:09.280 --> 17:10.400]  You could test a lot of it.
[17:10.400 --> 17:12.760]  You can wait until you have certified Rust compilers.
[17:12.760 --> 17:16.920]  Maybe something in the future that could be also carry some safety load, but for now it's
[17:16.920 --> 17:20.400]  just hopefully a well-tested Linux software.
[17:20.400 --> 17:23.960]  But the point is once you go into, let's say now you're right on the canvas or something,
[17:23.960 --> 17:24.960]  right?
[17:24.960 --> 17:26.720]  Or you do a summary request.
[17:26.720 --> 17:30.640]  So then you cross this boundary and then there are several patterns that might happen.
[17:30.640 --> 17:35.120]  So maybe you talk to some deeply embedded ECU that actually is controlling the trunk
[17:35.120 --> 17:37.080]  lock or the door lock or something like this.
[17:37.080 --> 17:40.000]  Those things already have safety guard rails in them, right?
[17:40.000 --> 17:43.760]  They, I mean, even today when this is the same automotive, it's not that they would just
[17:43.760 --> 17:46.800]  blindly do whatever you tell them.
[17:46.800 --> 17:50.800]  So there would already be something in it that will check, I don't do it if I am on
[17:50.800 --> 17:53.360]  a highway with 100 kilometers per hour.
[17:53.360 --> 17:56.600]  Of course, in line of this architecture, you might, to rethink if it really captures
[17:56.600 --> 17:57.600]  all the things.
[17:57.600 --> 17:59.600]  But anyway, on this layer you have it.
[17:59.600 --> 18:04.640]  Another thing is, since the interface is GIPC, it's just a network-based interface.
[18:04.640 --> 18:09.960]  So these feeder and the service, so the things that do the actual conversion, instead of
[18:09.960 --> 18:15.320]  running them on the same Linux domain, the same Linux machine, you could of course also
[18:15.320 --> 18:19.440]  run them on a more powerful vehicle computer that might be able to carry safety load.
[18:19.440 --> 18:24.080]  So like in automotive, we say that's maybe an SLB, SLC kind of thing.
[18:24.080 --> 18:27.200]  So maybe something that run Q and X and only certified software.
[18:27.200 --> 18:32.200]  So maybe if you implement your feeder and services there, then they would be able to
[18:32.200 --> 18:33.960]  carry some safety loads.
[18:33.960 --> 18:37.360]  And of course, you can always, I mean, use underlying security concepts as you want.
[18:37.360 --> 18:39.240]  It's always a good idea for defense and death.
[18:39.240 --> 18:45.160]  So the thing is, as I said, we don't give you the magic bullet, but instead of now giving
[18:45.160 --> 18:49.960]  every random application access to any kind of vehicle, hardware, vehicle buses, one
[18:49.960 --> 18:54.840]  thing you have data broker, a single entry point, and basically you can do all the security
[18:54.840 --> 18:56.120]  you want there.
[18:56.120 --> 18:59.880]  And then, since this is your control point, and you control what kind of feeders and services
[18:59.880 --> 19:04.080]  you build, depending on your application, you can see where you need to put some safety
[19:04.080 --> 19:06.280]  loads and where you need to deal with safety.
[19:06.280 --> 19:09.600]  Because there are issues where maybe you don't need to do, because in automotive we have
[19:09.600 --> 19:12.160]  lots of these gateway things everywhere we like them.
[19:12.160 --> 19:16.280]  So if you have an application that just doing telemetry and receives the data from some
[19:16.280 --> 19:20.880]  interface where you basically already have a data data where you can't even write, right?
[19:20.880 --> 19:24.320]  Maybe it's fine to do everything on the Linux one safety side.
[19:24.320 --> 19:30.440]  But the moment you want to actuate something in a vehicle, you need to think about it.
[19:30.440 --> 19:36.040]  That's the most important thing, but I think we give you all the knobs you need.
[19:36.040 --> 19:42.240]  So regarding to enabling SDV, just to repeat it a little bit.
[19:42.240 --> 19:46.600]  So yeah, if you want any application to access vehicle buses, that's probably a pretty stupid
[19:46.600 --> 19:48.600]  or insane thing to do.
[19:48.600 --> 19:52.640]  As you've just seen, at least with Cooke's, you have this single control point where you
[19:52.640 --> 19:57.720]  can already solve the security issues due to this architecture with the feeders and providers
[19:57.720 --> 19:59.800]  and this very generic interface.
[19:59.800 --> 20:05.760]  You can choose where you put those, and you can choose where you put then any safety control
[20:05.760 --> 20:07.040]  points in.
[20:07.040 --> 20:12.320]  So that enables you to really build a safe system depending on your application.
[20:12.320 --> 20:16.520]  Other thing, what we said before, I mean, another big challenge is that the signals
[20:16.520 --> 20:18.480]  in your common vehicle, they are all different.
[20:18.480 --> 20:24.760]  I mean, vehicle speed on five different vehicles is encoded in five different ways.
[20:24.760 --> 20:29.080]  But as in Cooke's, you can use the Covisa VSS specification.
[20:29.080 --> 20:31.120]  You're basically on the safe side there.
[20:31.120 --> 20:32.280]  You can use the standard signals.
[20:32.280 --> 20:33.280]  They're really standardized.
[20:33.280 --> 20:36.480]  You can also describe your own ones if you want.
[20:36.480 --> 20:38.600]  That depends on how you want to apply it.
[20:38.600 --> 20:41.600]  But the point is you have a common language for that, and you can use this throughout your
[20:41.600 --> 20:42.600]  whole tech stack.
[20:42.600 --> 20:46.080]  So if you really go to the cloud or things like that, you do the transformation already,
[20:46.080 --> 20:50.120]  Covisa VSS site on the vehicle, everything else is just piping through, and you don't
[20:50.120 --> 20:55.040]  need to deal with some weird bits and bytes from Canvas up in your cloud level.
[20:55.040 --> 20:59.880]  So that is, I mean, as Covisa, we can't solve everything in the software defined vehicle
[20:59.880 --> 21:04.040]  because we want to leave something for other people, but the interface program that you
[21:04.040 --> 21:09.400]  have, same, safe, and same interfaces in the secure and safe way, I think that's a very
[21:09.400 --> 21:10.560]  good starting point.
[21:10.560 --> 21:15.640]  And the thing is, in the vehicle, everything starts with those low-level signals because
[21:15.640 --> 21:20.240]  the whole data fabric of the vehicle down there is built like this.
[21:20.240 --> 21:24.520]  To learn more, yeah, I mean, you can ask me all you want now or grab me outside.
[21:24.520 --> 21:26.960]  Otherwise, a couple of helpful links.
[21:26.960 --> 21:32.120]  So our GitHub, where the main hooks of our data broker sits.
[21:32.120 --> 21:36.240]  If you don't find me here or don't dare to approach me, you can also click the link,
[21:36.240 --> 21:38.880]  and then you find my contract address.
[21:38.880 --> 21:43.040]  I would invite you to check out Eclipse SDV, as I say, there are other interesting projects
[21:43.040 --> 21:44.040]  in there.
[21:44.040 --> 21:48.480]  Covisa VSS, which is gaining adoption throughout the industry as a data model, it's a super
[21:48.480 --> 21:50.240]  interesting thing.
[21:50.240 --> 21:54.880]  And some advertising plugs for one of our sister projects in Eclipse SDVs, Eclipse Velocitas.
[21:54.880 --> 22:00.160]  So I show you this very bare-bone Python examples, if you want to have something more fancy in
[22:00.160 --> 22:04.480]  regard to how you write vehicle applications, like a whole development framework with generating
[22:04.480 --> 22:08.760]  deployable containers and things in CI, then Velocitas might be very interesting.
[22:08.760 --> 22:13.560]  Why I make advertisement for this, not only because it's cool people, but they also integrate
[22:13.560 --> 22:14.560]  Covisa.
[22:14.560 --> 22:18.120]  So if you are a Velocitas app developer, you also get everything that Covisa can do.
[22:18.120 --> 22:20.080]  Yeah, that's all I have to say.
[22:20.080 --> 22:24.720]  And if there are any questions, I'm still here for three more minutes, I guess.
[22:24.720 --> 22:30.320]  Okay, so we have a question from the chat room.
[22:30.320 --> 22:34.640]  I'm going to pick one, there's a couple.
[22:34.640 --> 22:40.640]  Are there available CAN or CAN FD data providers for some cars in an open repository?
[22:40.640 --> 22:46.800]  Yes, so what we have is something called a CAN feeder or DBC feeder.
[22:46.800 --> 22:49.840]  That's a very generic component to get CAN signals in.
[22:49.840 --> 22:53.080]  Basically what you need is something called a DBC file that's an industry standard, how
[22:53.080 --> 22:56.000]  you describe CAN signals and do a mapping.
[22:56.000 --> 23:00.840]  And it's always hard in industry to get example traces out, but for the CAN feeder, we have
[23:00.840 --> 23:05.520]  a trace from a Tesla Model 3, not because they give us, but because the community reverse
[23:05.520 --> 23:06.760]  engineered it quite a lot.
[23:06.760 --> 23:10.800]  So basically you get a big trace of a Tesla and the mappings to VSS, which you can try
[23:10.800 --> 23:11.800]  out directly.
[23:11.800 --> 23:29.800]  Okay, I think the question was with regard to OBD, so the answer to that is it is pretty
[23:29.800 --> 23:34.600]  trivial to build an OBD feeder and you can do it at home with let's say the Python examples
[23:34.600 --> 23:38.040]  and if you're in a Python world, yeah, there's something called Python OBD, which is like
[23:38.040 --> 23:44.920]  a very simple library for all the standard on signals, the challenge why we have not,
[23:44.920 --> 23:49.680]  in our repositories is we are all a patchy two license on Eclipse Foundation and the
[23:49.680 --> 23:54.280]  Python OBD, just one example, that's a GPL-based code, so we can't put it in the repo, but
[23:54.280 --> 24:02.120]  you can, I mean, nothing stops you basically to do that.
[24:02.120 --> 24:03.120]  Thank you for the presentation.
[24:03.120 --> 24:07.800]  It's quite inspiring and actually my question is relating to this one.
[24:07.800 --> 24:13.440]  So let's say if I go home and would like to implement something, then what hardware and
[24:13.440 --> 24:19.360]  software I would need and how much it would cost me to start develop something?
[24:19.360 --> 24:24.080]  So if you start with your own vehicle, which is basically your own responsibility, then
[24:24.080 --> 24:28.480]  what we just heard, like if you buy these OBD adapters, like from AliExpress for five
[24:28.480 --> 24:33.560]  bucks, you can get them and you can, with a few lines of code and several languages,
[24:33.560 --> 24:38.520]  get already some interesting information about, let's say, your current vehicle speed, engine
[24:38.520 --> 24:44.640]  load, oil temperatures, yeah, so that would be, I think, the coolest way if you just hack
[24:44.640 --> 24:50.400]  around and we actually have many people, also students who do that, hardware-wise, I mean,
[24:50.400 --> 24:54.240]  if you want to go into real vehicle, I think you need to dare to cut some can lines and
[24:54.240 --> 24:57.160]  go deeper, but then you go into, let's say, if you're not working with...
[24:57.160 --> 25:04.120]  If I would like to use your stack, so I would like to use Cuxar, wow.
[25:04.120 --> 25:09.120]  Basically you can use, so, hardware-wise, I think there's also, Cuxar also has hardware,
[25:09.120 --> 25:15.480]  I hadn't time to present it here, it's Cuxar hardware, which is a base module for Raspberry
[25:15.480 --> 25:22.440]  Pi compute module, and it includes two KNFD interfaces and OBD, currently the challenge
[25:22.440 --> 25:26.880]  is we can't sell them to you yet, because we have the manufacturing files, like online,
[25:26.880 --> 25:31.320]  so if you have electronic shops, you can do it, but yeah, they're not just, you cannot
[25:31.320 --> 25:58.160]  not buy them.