API-first

An API-first approach is a critical enabler of the ./pulse framework, driving modularity, scalability, and seamless collaboration across mechanical, E/E, and digital domains. APIs not only allow for loosely coupled architectures but also foster loosely coupled organizations, enabling diverse teams to innovate at different speeds without breaking system cohesion. To fully leverage APIs, it is essential to understand their types and how they align with the SDVxMBSE architectural layering.

API-first: Lessons Learned from the Internet Folks

APIs - short for Application Programming Interfaces - are seen by many in the industry as the key enabler for the Internet as we know it today. A famous anecdote in the tech world involves then-CEO Jeff Bezos reportedly mandating that all teams at Amazon expose their data and functionality through Application Programming Interfaces (APIs).

The SDV Guide provides a more detailed overview of APIs and how they enable modern microservice architectures.

Types of APIs in Software-Defined Vehicles (SDVs)

Different types of APIs serve specific roles in connecting systems and enabling cross-domain interactions. Vehicle APIs are the foundation for Vehicle Service-oriented Architectures (SOA). The following provides an overview of the different types of Vehicle APIs most commonly found:

1. REST-Based Vehicle-to-Cloud APIs

   • Purpose: Connect the vehicle with external cloud services, enabling remote monitoring, OTA updates, and user applications.

   • Examples: APIs for retrieving vehicle telemetry data, enabling remote start/stop, or scheduling maintenance services.

   • Role in Architecture: Operates at the cloud interface layer, facilitating communication between the vehicle and external ecosystems.

2. Signal-to-Service APIs

   • Purpose: Provide higher-level onboard service abstractions, allowing digital applications to interact with the embedded layer through service-based interfaces.

   • Examples: APIs for high-level functions like "open door" or "adjust climate," which translate user commands into embedded signal operations.

   • Role in Architecture: Resides at the service layer in SDVxMBSE, bridging application logic with embedded system functionality.

3. Embedded-to-Embedded APIs

   • Purpose: Enable communication between embedded systems, such as ECUs, within the vehicle.

   • Examples: APIs facilitating interactions between a door motor controller and the body control module for coordinated functionality.

   • Role in Architecture: Functions within the embedded systems layer, ensuring low-latency and deterministic communication for safety-critical operations.

4. Software-to-Hardware APIs

   • Purpose: Abstract hardware-specific details, allowing software components to interact with actuators, sensors, or other hardware components without requiring hardware-specific knowledge.

   • Examples: APIs for controlling hardware like motors, cameras, or LiDAR systems, abstracting commands into standardized calls.

   • Role in Architecture: Operates at the hardware abstraction layer (HAL), providing a standardized interface to physical components.

For a more detailed discussion, including safety aspects, refer to the SDV Guide.

Aligning API Types with the Vehicle SOA

The Vehicle SOA integrates APIs into a layered architecture to ensure consistency and traceability across the system. Each API type maps to a specific architectural layer in the vehicle SOA:

• Cloud Interface Layer: REST-based APIs connect vehicles to the cloud, enabling external applications to access vehicle functions and data. These APIs are essential for maintaining user-centric features and seamless OTA updates.

• Service Layer: Signal-to-Service APIs provide a high-level abstraction for SDV features, enabling modular digital applications to interact with embedded systems without requiring detailed knowledge of signals or hardware.

• Embedded Systems Layer: Embedded-to-Embedded APIs manage low-level interactions between ECUs, ensuring real-time coordination for safety-critical and functional systems.

• Hardware Abstraction Layer (HAL): Software-to-Hardware APIs allow the digital layer to interact with physical components through standardized interfaces, reducing complexity and enabling modular hardware upgrades.

This alignment ensures that APIs are not designed in isolation but as part of an integrated system architecture, enabling seamless interaction between the code-centric and model-centric layers.

Importance of APIs for Loosely Coupled Architectures

APIs are vital for creating loosely coupled architectures by abstracting system complexity and defining clear interaction boundaries. This decoupling allows individual subsystems to evolve independently, ensuring:

• Parallel Development: Teams working on mechanical, E/E, and digital systems can progress simultaneously, knowing that APIs will standardize integration.

• Rapid Iteration: Faster-moving digital systems can iterate and deploy updates without disrupting slower-moving hardware or embedded systems.

• System Scalability: Modular APIs make it easier to scale features across vehicle platforms or integrate new services without reworking existing components.

Importance of APIs for Loosely Coupled Organizations

In addition to architectural benefits, APIs support loosely coupled organizations by enabling efficient collaboration across diverse teams and suppliers. Key advantages include:

• Clear Collaboration Boundaries: APIs act as contracts between teams, reducing the need for constant cross-team alignment and allowing for independent development.

• Supplier Integration: For OEMs working with multiple suppliers, APIs standardize how third-party components integrate into the broader system, reducing onboarding times and ensuring compatibility.

• Global Coordination: In distributed development environments, APIs provide a shared framework, enabling geographically dispersed teams to work together effectively.

Example: API-First Approach for a Motorized Door System

To illustrate the importance of API-first principles, consider a motorized door system supporting features like passenger welcome sequences and on-site maintenance services.

• REST-Based Vehicle-to-Cloud API: Enables remote control of the door (e.g., opening the door via a mobile app) and provides telemetry data for predictive maintenance.

• Signal-to-Service API: Abstracts the "open door" and "close door" commands into high-level functions, allowing the passenger welcome system to interact seamlessly with the embedded layer.

• Embedded-to-Embedded API: Facilitates communication between the door ECU and the body control module, ensuring that door locking mechanisms synchronize with other safety systems.

• Software-to-Hardware API: Abstracts control of the door motor, providing a standardized interface for adjusting speed or force thresholds during door operation.

This example highlights how APIs align with the architectural layers and enable decoupling. For instance, freezing the Embedded-to-Embedded API and the Software-to-Hardware API early ensures stability for hardware and embedded systems, while allowing the REST-based and Signal-to-Service APIs to evolve rapidly to support new digital features.

For more details, refer to the SDV Guide

The Evolution of Vehicle API Adoption by OEMs

As software-defined vehicles (SDVs) become more advanced, automakers are increasingly adopting APIs to enable connectivity, automation, and new business models. This evolution has occurred in distinct stages, each introducing new opportunities and challenges.

1. Internal API Use: Vehicle-to-Cloud and On-Board APIs

The first stage of vehicle API adoption focuses on internal use by the OEM, primarily for improving operational efficiency and delivering cloud-based services.

• Vehicle-to-Cloud (V2C) APIs are typically the first to be implemented. They enable secure data exchange between the vehicle and OEM-operated cloud services, supporting features such as predictive maintenance, remote diagnostics, over-the-air (OTA) updates, and fleet management.

• On-Board APIs, such as those based on the COVESA Vehicle Signal Specification (VSS), provide a structured way to interact with vehicle data and functions. However, their adoption is often slower due to their deep integration with vehicle electronics and electrical (E/E) architectures.

At this stage, APIs remain private, ensuring that only OEM-approved software interacts with vehicle systems.

2. Selective API Access for Partners

The next stage involves opening API access to a limited number of external partners, enabling new business models while maintaining control over security and compliance.

• A common use case is usage-based insurance (UBI), where an OEM provides an insurance company with access to vehicle telematics to determine policy pricing based on driving behavior.

• Other potential partners include roadside assistance providers, fleet operators, and smart home integrations, which require controlled access to specific vehicle data points.

Since exposing APIs introduces security and liability risks, OEMs typically grant access only to a small number of trusted partners, often large corporations that have the financial and legal standing to be held accountable. This cautious approach ensures that potential misuse or vulnerabilities can be managed effectively.

3. Open Vehicle App Stores and Third-Party Application Deployment

As consumer demand for in-vehicle digital services grows, OEMs are moving toward vehicle app stores, allowing third-party developers to create and deploy applications directly onto vehicles. This shift requires:

• A secure application runtime environment that ensures apps cannot interfere with core vehicle functions or compromise safety.

• Granular API access controls, where applications only receive the specific data and functionality they require.

• A structured approval process to validate applications before deployment, similar to mobile app stores.

At this stage, automakers must balance innovation and security, ensuring that opening API access does not expose vehicles to cyber threats or operational risks.

4. Bring Your Own Device (BYOD) and the Integration of Custom Hardware Gadgets

The most advanced stage of API adoption extends beyond software, allowing consumers to integrate custom hardware gadgets with their vehicles. This approach, often seen in consumer electronics brands like Xiaomi with the SU7, combines:

• A software app store that enables third-party apps to interact with vehicle APIs.

• Custom hardware modules that connect to the vehicle, either through standard interfaces (such as USB-C or Bluetooth) or through OEM-provided expansion slots.

This model transforms vehicles into platforms for both software and hardware innovation, enabling users to personalize their driving experience with aftermarket components, from custom infotainment systems to smart driving assistants.

Conclusion

The adoption of vehicle APIs by OEMs follows a clear progression, from internal use to selective partnerships, open application ecosystems, and finally, consumer-driven hardware integration. Each stage requires increasing levels of security, regulatory compliance, and business model adaptation. As the industry moves toward fully software-defined and connected vehicles, API strategy will become a core differentiator for OEMs, determining their ability to support innovation while ensuring safety and reliability.

Alignment with the ./pulse Framework

The API-first approach aligns closely with other elements of the ./pulse framework, ensuring consistency and efficiency across domains:

1. LeanRM APIs streamline requirements management by acting as a bridge between high-level requirements and technical implementation. This reduces redundancy and simplifies traceability, ensuring that only high-value requirements are prioritized.

2. LeanSE (Systems Engineering) By defining clear interaction boundaries, APIs reduce complexity in systems engineering and enable cross-domain alignment. They act as a common language between mechanical, E/E, and digital systems, facilitating integration.

3. Freeze Points APIs serve as stable interaction points between subsystems, allowing hardware and slower-evolving domains to freeze their designs while enabling continuous iteration in faster-moving digital layers. For instance, an API for door control can be frozen early, even if the digital services leveraging it continue to evolve.

4. CI/CD/CT Automation and Engineering Intelligence APIs enable automated integration and testing pipelines by providing well-defined interfaces for validation. They support virtual validation and simulation, accelerating development and ensuring quality.

5. Continuous Homologation (CoHo) APIs simplify homologation by providing a consistent framework for mapping feature updates to regulatory requirements, enabling faster and more reliable compliance validation.

6. Measure / Learn By exposing telemetry and diagnostic data through APIs, teams can create real-time feedback loops to optimize system performance and user experience.

Conclusion

An API-first approach is a foundational element of the ./pulse framework, enabling modularity, scalability, and collaboration across architectures and organizations. By defining APIs across the cloud interface, service, embedded, and hardware abstraction layers, the framework ensures seamless interaction between the code-centric and model-centric worlds. This approach supports loosely coupled architectures, allowing subsystems to evolve independently, and loosely coupled organizations, enabling diverse teams to collaborate efficiently. As SDVs continue to evolve, API-first principles will remain essential for driving innovation while maintaining system coherence and agility.

4o