Refine Your Search

Search Results

Viewing 1 to 10 of 10
Research Report

Unsettled Topics Concerning Airworthiness Cybersecurity Regulation

2020-08-31
EPR2020013
Its extensive application of data networks, including enhanced external digital communication, forced the Federal Aviation Administration (FAA), for the first time, to set “Special Conditions” for cybersecurity. In the 15 years that ensued, airworthiness regulation followed suit, and all key rule-, regulation-, and standard-making organizations weighed in to establish a new airworthiness cybersecurity superset of legislation, regulation, and standardization. ...In the 15 years that ensued, airworthiness regulation followed suit, and all key rule-, regulation-, and standard-making organizations weighed in to establish a new airworthiness cybersecurity superset of legislation, regulation, and standardization. The resulting International Civil Aviation Organization (ICAO) resolutions, US and European Union (EU) legislations, FAA and European Aviation Safety Agency (EASA) regulations, and the DO-326/ED-202 set of standards are already the de-facto, and soon becoming the official, standards for legislation, regulation, and best practices, with the FAA already mandating it to a constantly growing extent for a few years now—and EASA adopting the set in its entirety in July 2020.
Journal Article

A Novel Assessment and Administration Method of Autonomous Vehicle

2020-04-14
2020-01-0708
As a promising strategic industry group that is rapidly evolving around the world, autonomous vehicle is entering a critical phase of commercialization from demonstration to end markets. The global automotive industry and governments are facing new common topics and challenges brought by autonomous vehicle, such as how to test, assess, and administrate the autonomous vehicle to ensure their safe running in real traffic situations and proper interactions with other road users. Starting from the facts that the way to autonomous driving is the process of a robot or a machine taking over driving tasks from a human. This paper summarizes the main characteristics of autonomous vehicle which are different from traditional one, then demonstrates the limitations of the existing certification mechanism and related testing methods when applied to autonomous vehicle.
Journal Article

uACPC: Client-Initiated Privacy-Preserving Activation Codes for Pseudonym Certificates Model

2020-07-27
Abstract With the adoption of Vehicle-to-everything (V2X) technology, security and privacy of vehicles are paramount. To avoid tracking while preserving vehicle/driver’s privacy, modern vehicular public key infrastructure provision vehicles with multiple short-term pseudonym certificates. However, provisioning a large number of pseudonym certificates can lead to an enormous growth of Certificate Revocation Lists (CRLs) during its revocation process. One possible approach to avoid such CRL growth is by relying on activation code (AC)-based solutions. In such solutions, the vehicles are provisioned with batches of encrypted certificates, which are decrypted periodically via the ACs (broadcasted by the back-end system). When the system detects a revoked vehicle, it simply does not broadcast the respective vehicle’s AC. As a result, revoked vehicles do not receive their respective AC and are prevented from decrypting their certificates.
Research Report

Unsettled Legal Issues Facing Automated Vehicles

2020-02-28
EPR2020005
This SAE EDGE Research Report explores the many legal issues raised by the advent of automated vehicles. While promised to bring major changes to our lives, there are significant legal challenges that have to be overcome before they can see widespread use. A century’s worth of law and regulation were written with only human drivers in mind, meaning they have to be amended before machines can take the wheel. Everything from key federal safety regulations down to local parking laws will have to shift in the face of AVs. This report undertakes an examination of the AV laws of Nevada, California, Michigan, and Arizona, along with two failed federal AV bills, to better understand how lawmakers have approached the technology. States have traditionally regulated a great deal of what happens on the road, but does that still make sense in a world with AVs? Would the nascent AV industry be able to survive in a world with fifty potential sets of rules?
Technical Paper

Integrating STPA into ISO 26262 Process for Requirement Development

2017-03-28
2017-01-0058
Developing requirements for automotive electric/electronic systems is challenging, as those systems become increasingly software-intensive. Designs must account for unintended interactions among software features, combined with unforeseen environmental factors. In addition, engineers have to iteratively make architectural tradeoffs and assign responsibilities to each component in the system to accommodate new safety requirements as they are revealed. ISO 26262 is an industry standard for the functional safety of automotive electric/electronic systems. It specifies various processes and procedures for ensuring functional safety, but does not limit the methods that can be used for hazard and safety analysis. System Theoretic Process Analysis (STPA) is a new technique for hazard analysis, in the sense that hazards are caused by unsafe interactions between components (including humans) as well as component failures and faults.
Technical Paper

Adopting Aviation Safety Knowledge into the Discussions of Safe Implementation of Connected and Autonomous Road Vehicles

2021-04-06
2021-01-0074
The development of connected and autonomous vehicles (CAVs) is progressing fast. Yet, safety and standardization-related discussions are limited due to the recent nature of the sector. Despite the effort that is initiated to kick-start the study, awareness among practitioners is still low. Hence, further effort is required to stimulate this discussion. Among the available works on CAV safety, some of them take inspiration from the aviation sector that has strict safety regulations. The underlying reason is the experience that has been gained over the decades. However, the literature still lacks a thorough association between automation in aviation and the CAV from the safety perspective. As such, this paper motivates the adoption of safe-automation knowledge from aviation to facilitate safer CAV systems.
Technical Paper

Leveraging Systems Theoretic Process Analysis (STPA) for Efficient ISO 26262 Compliance

2021-04-06
2021-01-0067
There has been a significant increase - both in the content of electronics and software in vehicles as well as in recalls attributed to these components and systems. The advanced features, including the onset of autonomous vehicles accompanied by millions of lines of code in software have exponentially increased the complexity of vehicle systems and decreased effectiveness of many of the safety analysis techniques being used to identify hazards and safety requirements - for example, FMEA, FTA, ETA, etc.- which were invented decades before the existence of complexities of such magnitude. This paper examines a new hazard identification technique formalized by Nancy G Leveson of Massachusetts Institute of Technology (MIT), USA in her book “Engineering a Safer World” and further elaborated in the STPA Handbook co-authored with John P Thomas in March 2018.
Technical Paper

Putting Safety of Intended Functionality SOTIF into Practice

2021-04-06
2021-01-0196
The increase of autonomy demand in the automotive industry made the usage of AI models inevitable. However, such models introduce a variety of threats to automobile safety and security. ISO/PAS 21448 SOTIF is a safety standard that is designed to deal with risks due to non-electrical and non-electronic failures. In this paper we put SOTIF into practice. In our work we introduce a conceivable safety critical scenario that targets the lane keep assist function. We use the suggested modelling techniques in the SOTIF standard to analyze the scenario and extract the trigger event. In result, we propose a contextual based predictive ML model to monitor the intervention between the driver and lane keep assist system. Our approach followed the SOTIF verification and validation guidelines. Empirically, we use a real safety critical scenario dataset as well as an augmented dataset.
Technical Paper

Enabling Efficient Functional Safety Audits - The Missing Link between ISO 26262 and Automotive SPICE

2019-04-02
2019-01-0144
In the field of electric and electronic (E/E) design for the automotive industry, there are separate traditions related to functional safety and software quality assurance. Both relying on the evaluation of the processes used; Automotive SPICE provides detailed guidance on how to perform this evaluation whilst ISO 26262 does not and simply mention Automotive SPICE as one possible solution. ISO 26262 additionally requires for an evaluation of the functional safety achieved by the product and uses the process evaluation (or functional safety audit in ISO 26262 terms) to support the final functional safety assessment. The purpose is to evaluate the implementation of the necessary safety processes according to the claimed scope defined in the safety plan. Automotive SPICE does not make a distinction on whether the application of the software under evaluation is safety related or not.
Standard

Taxonomy and Definitions for Terms Related to Cooperative Driving Automation for On-Road Motor Vehicles

2020-05-07
CURRENT
J3216_202005
This document describes machine-to-machine (M2M) communication to enable cooperation between two or more participating entities or communication devices possessed or controlled by those entities. The cooperation supports or enables performance of the dynamic driving task (DDT) for a subject vehicle with driving automation feature(s) engaged. Other participants may include other vehicles with driving automation feature(s) engaged, shared road users (e.g., drivers of manually operated vehicles or pedestrians or cyclists carrying personal devices), or road operators (e.g., those who maintain or operate traffic signals or workzones). Cooperative driving automation (CDA) aims to improve the safety and flow of traffic and/or facilitate road operations by supporting the movement of multiple vehicles in proximity to one another. This is accomplished, for example, by sharing information that can be used to influence (directly or indirectly) DDT performance by one or more nearby road users.
X