Mitigating Unintended Acceleration and Deceleration Hazards by Defining Drive Torque Command Tolerance Criteria for Commercial Truck Electric Motor Propulsion Control Systems-Reference-Cited by-同舟云学术

Mitigating Unintended Acceleration and Deceleration Hazards by Defining Drive Torque Command Tolerance Criteria for Commercial Truck Electric Motor Propulsion Control Systems

Published:2023-04-11 Issue: Volume: Page:
ISSN:0148-7191
Container-title:SAE Technical Paper Series
language:
Short-container-title:

Author:

Jones Darren Keith,Srivastava Prakhar,Rivera Ruiz Luis,Gangadhar Pavankumar,McGrail Randall

Abstract

<div class="section abstract"><div class="htmlview paragraph">A commercial truck electric motor propulsion control system may require hundreds of inputs to optimize the drive torque command. As a safety-related signal, the drive torque command requires protections ensuring its integrity. Similarly, the inputs used by the control system to determine the drive torque command also require protections. To define these protections, the ISO 26262:2018 series of standards prescribe the development of safety requirements and associated Automotive Safety Integrity Levels (ASILs). Safety requirements ensure safe system output, in part, by protecting system inputs. Satisfying these safety requirements to their ASILs adds complexity and cost to commercial truck electric motor propulsion control systems. The greater the safety-related signal count, the greater the complexity and cost added.</div><div class="htmlview paragraph">This paper introduces a standardized 5-step approach to defining tolerances for the drive torque command within which drive torque causes neither unintended acceleration nor unintended deceleration hazards. First, derive a simplified drive torque calculation (SDTC) as the basis for the tolerance. The SDTC utilizes only a small subset of the inputs used to determine the optimized drive torque command (ODTC). Second, determine the maximum difference between optimized and simplified drive torque during un-faulted truck operation using model-in-the-loop (MIL) simulations. Third, determine the ODTC error required for the onset of unintended acceleration and unintended deceleration hazards using vehicle-level simulations. Fourth, express the drive torque command tolerance formulaically using results from steps 1 through 3. Fifth and finally, validate the drive torque command tolerance by determining truck acceleration and deceleration during vehicle-level fault insertion testing. Using the simplified drive torque calculation as the basis for drive torque command tolerance supports ISO 26262 compliance while reducing the number of safety-related input signals. Thereby, this standardized method reduces the complexity and cost for implementing safe commercial truck electric motor propulsion control systems.</div></div>

Publisher

SAE International

Reference11 articles.

1. International Organization for Standardization Jul. 2018

2. International Organization for Standardization Jul. 2018

3. Zhu , D. and Pritchard , E. NCSU Year Three Final Technical Report SAE Technical Paper 2014-01-2907 2014 https://doi.org/10.4271/2014-01-2907

4. Wu , Z. , Lu , K. , Zhu , Y. , Lei , X. et al. Functional Safety and Secure CAN in Motor Control System Design for Electric Vehicles SAE Technical Paper 2017-01-1255 2017 https://doi.org/10.4271/2017-01-1255

5. Sabbella , R.R. and Arunachalam , M. Functional Safety Development of Motor Control Unit for Electric Vehicles 2019 IEEE Transportation Electrification Conference (ITEC-India) 2019 1 6 10.1109/ITEC-India48457.2019.ITECINDIA2019-270