Functional Safety and Open Source in NDS: zserio tips for OSS developers

19. December 2024

Let’s be honest: we all want to become faster, more efficient and better, don’t we? This is exactly what open-source software addresses with its promise to accelerate automotive innovations while streamlining development processes and reducing costs. The problem: Open-Source Software (OSS) can sometimes lack functional safety aspects, especially when it is used in critical systems like automated driving. Functional safety refers to the software’s ability to operate without causing any unacceptable risk of physical injury or damage. Meeting these standards in open-source projects presents unique challenges.

At this year’s ELIV Conference, Fabian Klebert, CEO at Klebert Engineering and NDS Technical Lead, addressed this important topic, concentrating on the areas of “Functional Safety and Open Source in NDS” and zserio.

The ELIV Conference (Electronics In Vehicles) is a prominent industry event held in Germany, primarily focused on the latest developments and innovations in automotive electronics and software. Organized by the VDE Association for Electrical, Electronic and Information Technologies, it gathers automotive manufacturers, suppliers, and technology providers from around the world. ELIV serves as a platform for discussing and showcasing advancements in vehicle electronics, with a strong emphasis on emerging technologies, regulatory changes, and new solutions in the field of automotive electronics.

Open-Source Software (OSS) often lacks functional safety requirements because it’s often developed without the rigorous testing, certification, and documentation required for safety-critical applications. This topic is also relevant for the members of the NDS Association, because security and reliability play an essential role in the automotive environment, not only on the road or in the car, but also in the handling of data and information.

NDS standardizes map format for HD maps and other maps relevant to navigation and modern mobility. NDS members and experts jointly develop tools like Map Viewer and software components for serialization and deserialization like zserio.

Today, map data in the NDS format is used in millions of vehicles of over
40 automotive brands globally, including L2+ and L3 automation systems. Functional safety plays an essential role, particularly in the area of L3 automated driving.

What is zserio all about?

zserio is an open-source, high-performance serialization framework and interface definition language (IDL) designed to produce efficient code across multiple programming languages based on specified data structures.

NDS has chosen zserio over other serialization mechanisms (e.g. Protocol Buffers) because it is faster, it allows more advanced schemas, it is ASIL-ready. Companies outside the navigation sector are also increasingly interested in zserio as a serialization format.

How zserio supports functional safety

zserio supports functional safety in several ways, making it suitable for use in safety-critical applications:

1. Static Code Generation: zserio generates highly optimized and predictable code for serialization and deserialization, which is easier to analyze, test, and verify. This static code generation reduces the risk of runtime errors, supporting safer and more deterministic operation, which is essential for functional safety.
2. Data Integrity and Validation: The framework enforces strict data schema definitions, preventing incorrect data formats and supporting error detection during serialization and deserialization. This validation process helps ensure data integrity, which is crucial in safety-critical environments.
3. Language Interoperability: By generating code for multiple languages (C++, Java, Python, etc.), zserio allows interoperability across systems while maintaining strict type safety and structural consistency. This reduces the likelihood of interface-related errors that could compromise functional safety.
4. Simplified Dependency Management: zserio supports packages, imports, and dependencies, which help organize and manage complex data structures in a controlled way.
5. Predictability: The performance-focused design of zserio ensures that the generated code executes quickly and predictably. Low latency and reduced processing time can be vital in safety-critical systems, where timely responses are essential.

How NDS got zserio into a L3 system

• To successfully integrate zserio into a Level 3 (L3) system, the developers followed a structured approach that ensured both functionality and safety standards were met. To get things going they focused on the safety requirements of the first project who would bring zserio into a L3 system on the road, laying the groundwork for future integration into more L3 systems.

• First, they focused on increasing test coverage to 100 percent (line and branch coverage), ensuring that all features and functionalities were thoroughly validated, which is crucial for achieving the necessary level of safety and performance.

• Additionally, they implemented static code analysis for the runtime and generated code, performing any necessary fixes to ensure the code met the rigorous quality standards expected in L3 systems.

• Finally, steps were taken to improve the documentation, particularly in areas like the use of exceptions, to make the system more maintainable and robust, providing clear guidelines for future development and support.

Through this approach, one NDS member successfully integrated zserio into their L3 system, ensuring it met the critical safety and functional requirements needed for deployment.

Fabian Klebert explains: “More OEMs and Tier 1 suppliers (NDS members) are now implementing safety-relevant systems with zserio, despite having slightly different requirements and using various static code analysis tools with differing sets of checks.”

In his Audience Choice Award-winning presentation at this year’s ELIV Conference, Fabian delivered a compelling message to the automotive industry: “If you want open-source software in safety-critical systems, the industry must align on a unified set of tools and processes that OSS developers can follow. Make it easy and appealing to earn a functional safety badge for your code – perhaps  even consider offering it as a free SaaS solution. It’s time to come together and establish one standardized approach for the open-source community to follow when addressing functional safety in automotive systems.”

Best Practice for OSS developers

Klebert has compiled the following tips for OSS developers:

1. Get your test coverage to 100 percent line and branch coverage
2. Use at least some sort of free Static Code Analysis Checker
   (e.g. CodeQL, SonarCloud, CoverityScan etc.) that provides checks based on

2. AutoSAR C++14 guidelines
3. MISRA C++ 2023
4. Use Sanitizers during development (AddressSanitizer, UndefinedBehavior)
5. Maintain comprehensive documentation on all of the above and also document exception/error handling, etc.

zserio: What’s next?

NDS will officially hand over zserio to the Eclipse Foundation SDV, marking an important step in the framework’s continued development. While the ownership will be with the Eclipse Foundation, NDS remains the maintainer of the project, continuing to fund development and provide essential support to NDS members with urgent hotfixes and other critical updates.

This move also allows NDS to benefit from the industry-wide efforts aimed at improving functional safety requirements for open-source software, ensuring that zserio stays aligned with evolving safety standards.

Additionally, NDS is committed to sharing its experience gained throughout the process to help further the development of functional safety in the open-source ecosystem.

To learn more about NDS.Live, please visit the NDS.Live Developer Portal.

Back to news →