Software-based electronic control systems are increasingly being used in the automobile industry to control active safety and autonomous driving features that impact the motion and dynamic stability of the vehicle. As the levels of control intelligence, automated decision making, and control authority over actuators implemented in software continues to increase, these control systems become more and more critical. The software, hardware, and system architectures of these control systems must therefore be fault-tolerant, and in some cases, even fail-operational. This requires that redundant software, computing hardware, sensors, actuators, and network communication components must be designed into the system so that if one component fails, another component is available to continue to provide a safe level of functionality, whether in a full-performance mode or in a degraded-performance mode.
Redundant hardware components must be statically designed into the system, because one cannot easily add new hardware (sensors, actuators, computers, communication links, wiring harnesses) into a vehicle that is in the middle of a driving cycle. For this reason, the various control systems of the vehicle may be distributed across a plurality of hardware devices, where a single hardware failure may not cripple the entire vehicle operation. Redundant software components, on the other hand, may be either statically or dynamically allocated into the system.