https://www.mdu.se/

mdu.sePublikationer
Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
System Architecture and Application-Specific Verification Method for Fault-Tolerant Automated Driving System
Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system. TTTech Auto AG, Vienna, Austria.
TTTech Computertechnik AG, Austria.
TTTech Auto AG, Vienna, Austria.
Mälardalens högskola, Akademin för innovation, design och teknik, Inbyggda system.ORCID-id: 0000-0001-5269-3900
2019 (Engelska)Ingår i: IEEE Intelligent Vehicles Symposium workshops IEEE IVS 2019 WS, 2019, s. 39-44Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Automated vehicles come with promises for higher comfort and safety compared to the standard human-driven vehicles. Various demonstrator vehicles with fully automated driving capabilities have been already presented with success. Yet, there is a large number of technical challenges to be solved until the safety levels comply with those required from safety standards, and most importantly with those for public acceptance. In this paper, we introduce the technical challenges resulting from the need for fault-tolerant capabilities of automated vehicles with no fallback-ready drivers. We then propose a concrete solution to these challenges. This includes a fault-tolerant architecture for automated driving systems. Also, the safety co-pilot, that is a safety mechanism that ensures the coordinated operation of two or more redundant ADS, by means of novel application-specific verification methods. We conclude our work with experimental proof of concept results of the proposed solution.

Ort, förlag, år, upplaga, sidor
2019. s. 39-44
Nationell ämneskategori
Teknik och teknologier Datorsystem
Identifikatorer
URN: urn:nbn:se:mdh:diva-43943DOI: 10.1109/IVS.2019.8813824ISI: 000508184100008Scopus ID: 2-s2.0-85072287264OAI: oai:DiVA.org:mdh-43943DiVA, id: diva2:1328320
Konferens
IEEE Intelligent Vehicles Symposium workshops IEEE IVS 2019 WS, 09 - 12 Jun 2019, Paris, France
Projekt
RetNet - The European Industrial Doctorate Programme on Future Real-Time NetworksTillgänglig från: 2019-06-20 Skapad: 2019-06-20 Senast uppdaterad: 2021-01-04Bibliografiskt granskad
Ingår i avhandling
1. Runtime Monitoring of Automated Driving Systems
Öppna denna publikation i ny flik eller fönster >>Runtime Monitoring of Automated Driving Systems
2019 (Engelska)Licentiatavhandling, sammanläggning (Övrigt vetenskapligt)
Abstract [en]

It is the period of the World's history, where the technological progress reached a level that enables the first steps towards the development of vehicles with automated driving capabilities. The swift response from the significant portion of the industry resulted in a race, the final line set at the introduction of vehicles with full automated driving capabilities.

Vehicles with automated driving capabilities target making driving safer, more comfortable, and economically more efficient by assisting the driver or by taking responsibilities for different driving tasks. While vehicles with assistance and partial automation capabilities are already in series production, the ultimate goal is in the introduction of vehicles with full automated driving capabilities. Reaching this level of automation will require shifting all responsibilities, including the responsibility for the overall vehicle safety, from the human to the computer-based system responsible for the automated driving functionality (i.e., the Automated Driving System (ADS)). Such a shift makes the ADS highly safe-critical, requiring a safety level comparable to an aircraft system.

It is paramount to understand that ensuring such a level of safety is a complex interdisciplinary challenge. Traditional approaches for ensuring safety require the use of fault-tolerance techniques that are unproven when it comes to the automated driving domain. Moreover, existing safety assurance methods (e.g., ISO 26262) suffer from requirements incompleteness in the automated driving context. The use of artificial intelligence-based components in the ADS further complicate the matter due to their non-deterministic behavior. At present, there is no single straightforward solution for these challenges. Instead, the consensus of cross-domain experts is to use a set of complementary safety methods that together are sufficient to ensure the required level of safety.

In the context of that, runtime monitors that verify the safe operation of the ADS during execution, are a promising complementary approach for ensuring safety. However, to develop a runtime monitoring solution for ADS, one has to handle a wide range of challenges. On a conceptual level, the complex and opaque technology used in ADS often make researchers ask the question ``how should ADS be verified in order to judge it is operating safely?".

Once the initial Runtime Verification (RV) concept is developed, researchers and practitioners have to deal with research and engineering challenges encountered during the realization of the RV approaches into an actual runtime monitoring solution for ADS. These challenges range from, estimating different safety parameters of the runtime monitors, finding solutions for different technical problems, to meeting scalability and efficiency requirements.

The focus of this thesis is to propose novel runtime monitoring solutions for verifying the safe operation of ADS. This encompasses (i) defining novel RV approaches explicitly tailored for automated driving, and (ii) developing concepts, methods, and architectures for realizing the RV approaches into an actual runtime monitoring solution for ADS. Contributions to the former include defining two runtime RV approaches, namely the Computer Vision Monitor (CVM) and the Safe Driving Envelope Verification. Contributions to the latter include (i) estimating the sufficient diagnostic test interval of the runtime verification approaches (in particular the CVM), (ii) addressing the out-of-sequence measurement problem in sensor fusion-based ADS, and (iii) developing an architectural solution for improving the scalability and efficiency of the runtime monitoring solution.

Ort, förlag, år, upplaga, sidor
Västerås: Mälardalen University, 2019
Serie
Mälardalen University Press Licentiate Theses, ISSN 1651-9256 ; 281
Nyckelord
Runtime Monitoring, Automated Driving Systems
Nationell ämneskategori
Inbäddad systemteknik
Forskningsämne
datavetenskap
Identifikatorer
urn:nbn:se:mdh:diva-45068 (URN)978-91-7485-434-3 (ISBN)
Presentation
2019-10-17, Delta, Mälardalens högskola, Västerås, 13:15 (Engelska)
Opponent
Handledare
Projekt
RetNet
Tillgänglig från: 2019-08-28 Skapad: 2019-08-26 Senast uppdaterad: 2020-10-29Bibliografiskt granskad
2. Runtime Monitoring for Safe Automated Driving Systems
Öppna denna publikation i ny flik eller fönster >>Runtime Monitoring for Safe Automated Driving Systems
2020 (Engelska)Doktorsavhandling, sammanläggning (Övrigt vetenskapligt)
Abstract [en]

Mass-produced passenger vehicles are one of the greatest inventions of the 20th century that significantly changed human lives. Several safety measures such as traffic signs, traffic lights, mandatory driver education, seat belts, airbags, and anti-lock braking systems were introduced throughout the years. Today, a further increase in safety, comfort, and efficiency is being targeted by developing systems with automated driving capabilities. These systems range from those supporting the driver with a particular function (e.g., ensuring vehicle drives with constant speed while keeping a safe distance to other road participants) to taking all driving responsibilities from the driver (i.e., full driving automation). The development and series production of the former has already been accomplished, whereas reaching full driving automation still presents many challenges.

The main reason is the shift of all driving responsibilities, including the responsibility for the overall vehicle safety, from the human driver to a computer-based system responsible for the automated driving functionality (i.e., the Automated Driving System (ADS)). Such a shift makes the ADS highly safety-critical, and the consensus of cross-domain experts is that there is no “silver bullet” for ensuring the required levels of safety. Instead, a set of complementary safety methods are necessary.

In this context, runtime monitoring that continuously verifies the safe operation of the ADS, once deployed on public roads, is a promising complementary approach for ensuring safety. However, the development of a runtime monitoring solution is a challenge on its own. On a conceptual level, the complex and opaque technology used in ADS often makes researchers doubt “what” a runtime monitor should verify and “how” such verification should be performed.

This thesis proposes novel runtime monitoring solutions for verifying the safe operation of ADS. On a conceptual level, a novel Runtime Verification (RV) approach, namely the Safe Driving Envelope- Verification (SDE-V), answers the “what” and “how” of monitoring an ADS. In particular, the SDE-V approach verifies whether the ADS path planner output (i.e., a trajectory) is safe to be executed by the vehicle’s actuators. To perform this verification, the trajectory is checked against the following safety rules: (i) trajectory not leading into collision with obstacles on the road, and (ii) trajectory not leaving the road edge.

Towards realizing the proposed SDE-V concept into an actual solution, additional concepts, methods, and architectural solutions have been developed. Our contributions in this context include : (i) a concept for reducing the false positive rate of SDE-V, (ii) a method for evaluating the quality of runtime monitors by investigating to what extent they can handle faults related to different classes of real accident scenarios, (iii) a modular and scalable fail-operational architecture which enables integration of multiple RV approaches alongside the SDE-V, (iv) estimation of a “forecast horizon” to ensure the timely execution of emergency actions upon an ADS failure detection by SDE-V, and (v) an approach to tackle the out-of-sequence measurement problem in sensor fusion-based ADS. A prototype implementation of SDV-E has been realized on an automotive-grade embedded platform. Based on its promising results, a future industrial implementation Project has been initiated.

Ort, förlag, år, upplaga, sidor
Västerås: Mälardalen University, 2020
Serie
Mälardalen University Press Dissertations, ISSN 1651-4238 ; 324
Nationell ämneskategori
Datorsystem
Forskningsämne
datavetenskap
Identifikatorer
urn:nbn:se:mdh:diva-51850 (URN)978-91-7485-489-3 (ISBN)
Disputation
2020-11-23, Pi +(Online Zoom), Mälardalens högskola, Västerås, 14:15 (Engelska)
Opponent
Handledare
Tillgänglig från: 2020-10-27 Skapad: 2020-10-26 Senast uppdaterad: 2020-11-02Bibliografiskt granskad

Open Access i DiVA

Fulltext saknas i DiVA

Övriga länkar

Förlagets fulltextScopus

Person

Mehmed, AyhanPunnekkat, Sasikumar

Sök vidare i DiVA

Av författaren/redaktören
Mehmed, AyhanPunnekkat, Sasikumar
Av organisationen
Inbyggda system
Teknik och teknologierDatorsystem

Sök vidare utanför DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetricpoäng

doi
urn-nbn
Totalt: 216 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf