Method for mixed criticality system architecture development

The challenge: develop an driver assistance system with which three trucks can follow each other automatically and safely at 85 km/h with only a minimal inter-truck distance. Such a platooning system reduces the workload of the drivers, yields significant fuel savings, and improves traffic safety. Boundary conditions are the safe operation of the system throughout its entire operating range, and applicability to all brands of vehicles.

TNO-ESI is specialised in research and development of generic, multi-disciplinary, methods and model-based techniques for the high tech industry. This means that instead of trucks TNO-ESI rather thinks in building blocks or units. These trucks could also have been parcels, or printing systems. The essence of TNO-ESI’s multi-disciplinary methods and models is to enable objective analysis, from a helicopter view, to identify consequences of design choices and trade-offs through systematic reasoning from multiple perspectives and disciplines.


For the truck platooning system, the analysis was performed along these four relevant perspectives:

  • Functionality
  • Reliability
  • Timing performance
  • Functional safety

Together with a team of specialists and partner stakeholders in the platooning project, suitable criteria were selected. Specialists were asked to make a selection of relevant system concepts and patterns to be considered. Each of these concepts and patterns was later evaluated on basis of the defined criteria.

Through systematic evaluation, weaknesses were found in the old demonstrator system for each of the four perspectives. One of the boundary conditions of truck platooning is to keep the inter-truck distance constant, i.e. a form of cruise control. Consequence is that also the behaviour of the leading truck (and not only the following ones) is essential –teamwork between trucks is a must. The multidisciplinary analysis and design method led to a new (system-of-)system architecture and a successful new 3 truck platooning system.

Next step is to test this method in other application areas. The EcoTwin3 project – the 3 platooning trucks – now can continue to industrialise its results towards a system suitable for series production. This still requires a number of consolidation steps since the control algorithms are complex and need high computing capacity, hence are still costly.

Link to TNO report R10794, project EMC2


Acknowledgement: This work by TNO-ESI was partially funded by the Artemis EMC2 project (,
ARTEMIS, grant agreement no: 621429).[TH1] 

Wouter Leibbrandt

Director Science and Operations
+31 88 866 55 60

“Continuous innovation in methodologies, system architecture thinking and cross-disciplinary ways of working to master the ever increasing complexity are crucial to maintain and extend Europe’s and Dutch competitiveness in this strategic domain.”