By Carl Anthony, Co-Founder & Managing Editor of AutoVision News
AutoSens in Detroit returns to the Michigan Science Center this November. On the agenda are two presentations about the recently-published Safety First for Automated Driving white paper. Daimler published the white paper along with Aptiv, Audi, Baidu, BMW, Continental, Fiat Chrysler Automobiles (FCA), HERE, Infineon, Intel, and Volkswagen. Speaking at AutoSens about the paper are two of its contributors from FCA: Neil Garbacik, Senior System Safety Engineer, and Dr. Dalong Li, Senior Autonomous Driving Engineer.
Only Treading Water
“If you think about the premise behind developing an automated driving system, the sole purpose is to address the 40,000 fatalities we have on public roads,” Garbacik said. “If we create a safe system, we can definitely begin to reduce that.”
Garbacik is referencing data from the National Safety Council on motor vehicle deaths in the United States. According to the National Safety Council, an estimated 38,800 people died in car crashes in 2019, a two percent decline from 2018 and a four percent decline from 2017. About 4.4 million were injured to the point where they needed medical attention, also a two percent decrease versus 2018.
But experts say the decrease isn’t really a decrease, so much as it is treading water. “38,000 deaths is still unacceptable, even if it is fewer than in years past,” explained Lorraine M. Martin, President and CEO of the National Safety Council. “Roadway deaths can be prevented by doubling down on what works, embracing advancements in technology, and creating a culture of safer driving.”
These grim figures are why engineers in the ADAS community are working so diligently. Time is of the essence; especially as younger generations continue to show an interest in vehicle ownership. As ADAS technology evolves and consumer demands change, engineers are addressing the challenges at every step. Questions like how to ensure safe operation of the system, especially if critical components fail; how to include appropriate safety layers so a system recognizes its limits; how to handle and record data in a law-abiding way; and what is the car owner’s responsibility at the end of the day?
Applying Vital Safety & Security Standards
These central questions are among the “12 Guiding Principles” found in Safety First for Automated Driving. The comprehensive white paper (157 pages in length) provides an overview of the steps for developing and validating an effective automated driving system. The starting point for the white paper revolves around data and key findings from different regulatory publications, legal frameworks, and ethics reports among other sources.
“There are around 50 references or so within this paper,” Garbacik said. “It gives an organized framework to apply three different safety and security standards in existence in the automotive industry right now.”
Among those standards is the importance of cybersecurity, which many in the industry are already concerned about. Another standard addresses the importance of human and machine interactions, and why it’s necessary to examine all possible scenarios. “This has to be considered in order to create a safe driving environment for the user,” Garbacik said.
The third standard consists of two points: making sure the vehicle is operating safely, and designing the environment in such a way that drivers can maintain some control. This particular standard tackles the question of user responsibility, and how best to establish what the expectations of the driver are according to the level of autonomy.
“The paper focuses on Level 3 and Level 4 automated driving systems, which have different elements of user responsibility,” Garbacik explained. “In Level 3, the system is responsible for the dynamic driving task, and does everything until it needs support from the driver. At that point, if the system is reaching the limits of its operating environment, it can request operational-takeover from the driver. In situations like this, we have to make sure user responsibility is understood.”
By contrast, Level 4 is mostly autonomous. The challenge is helping consumers understand the difference between Level 3 and Level 4.
“Level 4 is typically geo-fenced and the driver only needs to interact when they decide to leave their operational design domain, say to exit the city for a country driving experience,” Garbacik continued. “It’s the difference between a system request to takeover and a driver initiating that takeover.”
The Challenges at Hand
In section 3.2 of Safety First for Automated Driving, five challenges concerning verification and validation for Level 3 and Level 4 systems are outlined. Among them are the safety of actuators and electromechanical systems; how to handle software updates over the lifetime of an automated driving system; and what the adverse impact is on a driver’s situational awareness after prolonged use of an autonomous system.
“One of the challenges we discuss in the paper is a balance between a safe system and an available one,” Garbacik said. “If you over-design a safe system, you can potentially reduce its availability.”
The following section of the white paper, V&V Approach for Automated Driving Systems, discusses means in which to validate the safety of automated driving systems relative to the known and established challenges. The paper then outlines a specific test strategy based largely on the “12 Guiding Principles.”
“The challenge is developing the availability of the main functionality you want to deploy that will give society its full benefit,” Garbacik continued. “But defining the safe behavior of that availability is a very delicate balance.”
AutoSens in Detroit 2020: Tickets, Location & More Information
AutoSens Detroit 2020 begins on Tuesday, November 17th at the Michigan Science Center and runs through the 19th. The full agenda for this year can be found here, along with the full list of speakers. Tickets, including discount packages for women in the engineering community, are available now.
Garbacik and Dr. Li are speaking on Thursday, November 19th at 9:00 am and 10:15 am respectively.
“We want to communicate how the paper is structured and how it flows from its 12 guiding principles, down to developing the capabilities of an automated driving system,” Garbacik said. “From there, we want to talk about how to distribute those capabilities through an example architecture, and walk everyone through a brief explanation on how that architecture evolves to support the safety and security of an automated driving system.”
Carl Anthony is Co-Founder & Managing Editor of AutoVision News, a comprehensive content hub for engineers, scientists, vehicle perception technology managers, and the greater ADAS community. He is a member of the Midwest Automotive Media Association, the Society of Automotive Historians, and on the board of directors for the Ally Jolie Baldwin Foundation.
