Perception Safety Requirements and Multi Sensor Systems for Automated Driving Systems 2020-01-0101
One major challenge designing vehicles with automated driving systems (ADS) at SAE Level 4 and 5 is the deduction of technical requirements for the perception system given a set of safety requirements. For example, the safety requirements can only be fulfilled by redundancy in the sensor hardware. It is however difficult to specify the amount of redundancy that is required in the sensor system for safe ADS operation. Already nominal ADS operation might require redundancy. Consequently, the use of redundant data must be carefully analyzed to decide if it is available for safety argumentation in the case it is already used for nominal operation.
Today the safety requirements for advanced driver assistance systems (ADAS) allow automatic driving relying on suitable perception systems. Their safety case usually argues that in case of a failing sensor array, the human driver is always ready to take control of the vehicle. This argumentation is not possible when developing L4 or higher automation.
The paper investigates prerequisites for applying a systematic methodology for analyzing redundancy in a multi-sensor system in relation to a conceptual ADS functional architecture. The analysis must address the complexity that comes with partly overlapping sensor data from different sensors and consider variations in performance and characteristics due to changes in the environmental conditions. A systematic methodology for analyzing redundancy aims at providing the arguments on how several sensors in a system, when appropriately combined, together meet an assigned safety requirement on a higher level. Each sensor will then be assigned a certain responsibility and contributes with pieces of information. A set of questions of importance to address as a foundation for such a methodology is defined and discussed. The definition of redundancy and independence between sensors are discussed as well as the application of statistical methods for probabilistic sensor data.
Anders Cassel, Carl Bergenhem, Ole Martin Christensen, Hans-Martin Heyn, Susanna Leadersson-Olsson, Mario Majdandzic, Peng Sun, Anders Thorsén, Jörgen Trygvesson
Qamcom Research and Technology AB, Volvo Technology AB, Veoneer Sweden AB, Semcon Sweden AB, RISE Research Institutes of Sweden, Comentor AB