Multi-aspect Safety Engineering for Highly Automated Driving
Highly automated and autonomous driving is a major trend and vast amounts of effort and resources are presently being invested in the development of corresponding solutions. However, safety assurance is a concern, as established safety engineering standards and methodologies are not sufficient in this context. In this paper, we elaborate the fundamental safety engineering steps that are necessary to create safe vehicles of higher automation levels. Furthermore, we map these steps to the guidance presently available in existing (e.g., ISO26262) and upcoming (e.g., ISO PAS 21448) standards and point out open gaps. We then outline an approach for overcoming the identified deficiencies by integrating three different safety engineering disciplines. This includes (1) creating a safe nominal behavior specification; (2) dealing with functional insufficiencies, and (3) assuring the related performance wrt. functional safety. We exemplify our proposed methodology with a case study from industry.
- 1.Adler, R., Schneider, S., Hoefig, K.: Evolution of fault trees from hardware safety analysis to integrated analysis of software-intensive control systems. In: International Conference on Engineering Sciences and Technologies (2004)Google Scholar
- 3.Kemmann, S.: SAHARA: a structured approach for hazard analysis and risk assessments. Dissertation. TU Kaiserslautern, Kaiserslautern (2015)Google Scholar
- 6.Leveson, N.G.: An STPA primer. http://sunnyday.mit.edu/STPA-Primer-v0.pdf
- 8.Limited, O.C.Y.: GSN community standard version 1 (2011)Google Scholar
- 9.SAE: J3016: Taxonomy and definitions for terms related to driving automation systems for on-road motor vehicles (2016)Google Scholar
- 10.Spanfelner, B., Richter, D., Ebel, S., Wilhelm, U., Branz, W., Patz, C.: Challenges in applying the ISO 26262 for driver assistance systems. Schwerpunkt Vernetzung, 5. Tagung Fahrerassistenz (2012)Google Scholar