Back to Blog
FeaturedEmbedded SystemsAutonomous VehiclesISO26262Best Practices

Building Production-Grade Embedded Systems: Lessons from Waymo and Brembo

Key insights and best practices from my experience building safety-critical embedded systems for autonomous vehicles and automotive applications.

Karthik SriramJanuary 15, 20263 min read

After years of building embedded systems at companies like Waymo and Brembo, I've learned that production-grade systems require a fundamentally different approach than prototypes. Here are the key lessons I've learned.

1. Safety-Critical Design Patterns

When building systems that could affect human safety, every design decision matters. At Waymo, we followed ISO26262 guidelines religiously, and at Brembo, ASPICE compliance was mandatory.

Watchdog Timers Are Non-Negotiable

Every safety-critical task needs a watchdog. If your code hangs, the system must recover gracefully:

void safety_critical_task(void) {
    while (1) {
        // Kick the watchdog at the start
        watchdog_feed();
        
        // Do the actual work
        process_sensor_data();
        
        // Verify the work completed correctly
        if (!validate_output()) {
            trigger_safe_state();
        }
        
        vTaskDelay(pdMS_TO_TICKS(10));
    }
}

2. Sensor Fusion Architecture

One of my proudest achievements at Waymo was improving the sensor fusion pipeline by 33% for emergency vehicle detection. The key insight? Don't process sensors independently.

Multi-Modal Fusion

Combine data at the feature level, not the decision level:

  • Camera: Provides rich visual features (colors, shapes)
  • LiDAR: Provides accurate depth and 3D geometry
  • Audio: Provides omnidirectional awareness (sirens, horns)

The fusion algorithm weights each sensor based on confidence and environmental conditions. In fog, LiDAR gets higher weight. At night, audio becomes more critical.

3. Real-Time Operating System Best Practices

RTOS development is an art. Here's what I've learned about FreeRTOS and similar systems:

Priority Inversion Prevention

Always use priority inheritance mutexes for shared resources:

// Create mutex with priority inheritance
SemaphoreHandle_t xMutex = xSemaphoreCreateMutex();

// In your task
if (xSemaphoreTake(xMutex, portMAX_DELAY) == pdTRUE) {
    // Critical section
    access_shared_resource();
    xSemaphoreGive(xMutex);
}

Stack Sizing

Measure, don't guess. Use uxTaskGetStackHighWaterMark() during development:

void vTaskMonitor(void *pvParameters) {
    while (1) {
        UBaseType_t stackRemaining = uxTaskGetStackHighWaterMark(NULL);
        printf("Stack remaining: %u words\n", stackRemaining);
        vTaskDelay(pdMS_TO_TICKS(1000));
    }
}

4. The Power of Zero-Copy IPC

At Cerulion, we achieved sub-nanosecond IPC using zero-copy techniques. The secret? Shared memory with careful synchronization:

"The fastest data transfer is no data transfer at all."

Instead of copying data between processes, share memory regions and pass only pointers. Combined with lock-free data structures, this eliminates most latency.

5. Testing in Production Conditions

The most important lesson: test in conditions that match production. This means:

  • Temperature cycling (-40°C to +85°C)
  • EMI/EMC testing
  • Power brown-out scenarios
  • Sensor degradation simulation

At Brembo, we had a testing rig that could simulate every failure mode we'd seen in the field. It caught bugs that would have been impossible to find in a lab.

Conclusion

Building production embedded systems is challenging but deeply rewarding. The key is to:

  1. Design for safety from day one
  2. Embrace the constraints of real-time systems
  3. Test relentlessly in realistic conditions
  4. Learn from every field issue

If you're working on similar systems or have questions, feel free to reach out. I love discussing embedded systems challenges!