-
Toward a Harmonized Approach -- Requirement-based Structuring of a Safety Assurance Argumentation for Automated Vehicles
Authors:
Marvin Loba,
Nayel Fabian Salem,
Marcus Nolte,
Andreas Dotzler,
Dieter Ludwig,
Markus Maurer
Abstract:
Despite the increasing testing operations of automated vehicles on public roads, media reports on incidents show that safety issues caused by automated driving systems persist to this day. Manufacturers face high development uncertainty when aiming to deploy these systems in an open context. In particular, one challenge is establishing a valid argument at design time that the vehicles will exhibit…
▽ More
Despite the increasing testing operations of automated vehicles on public roads, media reports on incidents show that safety issues caused by automated driving systems persist to this day. Manufacturers face high development uncertainty when aiming to deploy these systems in an open context. In particular, one challenge is establishing a valid argument at design time that the vehicles will exhibit reasonable residual risk when operating in its intended operational design domain. While there is extensive literature on assurance cases for safety-critical systems in general, the domain of automated driving lacks explicit requirements regarding the creation of safety assurance argumentations for automated vehicles. In this paper, we aim to narrow this gap by elaborating a requirement-based approach. We identify structural requirements for an argumentation based on published literature and supplement these with structural requirements derived from stakeholder concerns. We apply these requirements to obtain a proposal for a generic argumentation structure. The resulting "safety arguments" address the developed product (product argument), the underlying process (process argument) including its conformance/compliance to standards/laws (conformance/compliance argument), as well as an argumentation's context (context argument) and soundness (soundness argument). Finally, we outline argumentation principles in accordance with domain-specific needs and concepts.
△ Less
Submitted 4 July, 2025; v1 submitted 6 May, 2025;
originally announced May 2025.
-
A Review of Conceptualizations of Safety and Risk in Current Automated Driving Regulation
Authors:
Marcus Nolte,
Leon Johann Brettin,
Hans Steege,
Nayel Salem,
Marvin Loba,
Robert Graubohm,
Markus Maurer
Abstract:
"Safety" and "Risk" are key concepts for the design and development of automated vehicles. For the market introduction or large-scale field tests, both concepts are not only relevant for engineers developing the vehicles, but for all stakeholders (e.g., regulators, lawyers, or the general public) who have stakes in the technology. In the communication between stakeholder groups, common notions of…
▽ More
"Safety" and "Risk" are key concepts for the design and development of automated vehicles. For the market introduction or large-scale field tests, both concepts are not only relevant for engineers developing the vehicles, but for all stakeholders (e.g., regulators, lawyers, or the general public) who have stakes in the technology. In the communication between stakeholder groups, common notions of these abstract concepts are key for efficient communication and setting mutual expectations. In the European market, automated vehicles require Europe-wide type approval or at least operating permits in the individual states. For this, a central means of communication between regulators and engineers are regulatory documents. Flawed terminology regarding the safety expectations for automated vehicles can unnecessarily complicate relations between regulators and manufacturers, and thus hinder the introduction of the technology. In this paper, we review relevant documents at the UN- and EU-level, for the UK, and Germany regarding their (implied) notions of safety and risk. We contrast the regulatory notions with established and more recently developing notions of safety and risk in the field of automated driving. Based on the analysis, we provide recommendations on how explicit definitions of safety and risk in regulatory documents can support rather than hinder the market introduction of automated vehicles.
△ Less
Submitted 10 February, 2025;
originally announced February 2025.
-
Conformal Prediction of Motion Control Performance for an Automated Vehicle in Presence of Actuator Degradations and Failures
Authors:
Richard Schubert,
Marvin Loba,
Jasper Sünnemann,
Torben Stolte,
Markus Maurer
Abstract:
Automated driving systems require monitoring mechanisms to ensure safe operation, especially if system components degrade or fail. Their runtime self-representation plays a key role as it provides a-priori knowledge about the system's capabilities and limitations. In this paper, we propose a data-driven approach for deriving such a self-representation model for the motion controller of an automate…
▽ More
Automated driving systems require monitoring mechanisms to ensure safe operation, especially if system components degrade or fail. Their runtime self-representation plays a key role as it provides a-priori knowledge about the system's capabilities and limitations. In this paper, we propose a data-driven approach for deriving such a self-representation model for the motion controller of an automated vehicle. A conformalized prediction model is learned and allows estimating how operational conditions as well as potential degradations and failures of the vehicle's actuators impact motion control performance. During runtime behavior generation, our predictor can provide a heuristic for determining the admissible action space.
△ Less
Submitted 29 July, 2024; v1 submitted 25 April, 2024;
originally announced April 2024.
-
Showcasing Automated Vehicle Prototypes: A Collaborative Release Process to Manage and Communicate Risk
Authors:
Marvin Loba,
Robert Graubohm,
Markus Maurer
Abstract:
The development and deployment of automated vehicles pose major challenges for manufacturers to this day. Whilst central questions, like the issue of ensuring a sufficient level of safety, remain unanswered, prototypes are increasingly finding their way into public traffic in urban areas. Although safety concepts for prototypes are addressed in literature, published work hardly contains any dedica…
▽ More
The development and deployment of automated vehicles pose major challenges for manufacturers to this day. Whilst central questions, like the issue of ensuring a sufficient level of safety, remain unanswered, prototypes are increasingly finding their way into public traffic in urban areas. Although safety concepts for prototypes are addressed in literature, published work hardly contains any dedicated considerations on a systematic release for their operation. In this paper, we propose an incremental release process for public demonstrations of prototypes' automated driving functionality. We explicate release process requirements, derive process design decisions, and define stakeholder tasks. Furthermore, we reflect on practical insights gained through implementing the release process as part of the UNICAR$agil$ research project, in which four prototypes based on novel vehicle concepts were built and demonstrated to the public. One observation is the improved quality of internal risk communication, achieved by dismantling information asymmetries between stakeholders. Design conflicts are disclosed - providing a contribution to nurture transparency and, thereby, supporting a valid basis for release decisions. We argue that our release process meets two important requirements, as the results suggest its applicability to the domain of automated driving and its scalability to different vehicle concepts and organizational structures.
△ Less
Submitted 4 April, 2025; v1 submitted 24 April, 2024;
originally announced April 2024.
-
Identifikation auslösender Umstände von SOTIF-Gefährdungen durch systemtheoretische Prozessanalyse
Authors:
Robert Graubohm,
Marvin Loba,
Marcus Nolte,
Markus Maurer
Abstract:
Developers have to obtain a sound understanding of existing risk potentials already in the concept phase of driverless vehicles. Deductive as well as inductive SOTIF analyses of potential triggering conditions for hazardous behavior help to achieve this goal. In this regard, ISO 21448 suggests conducting a System-Theoretic Process Analysis (STPA). In this article, we introduce German terminology f…
▽ More
Developers have to obtain a sound understanding of existing risk potentials already in the concept phase of driverless vehicles. Deductive as well as inductive SOTIF analyses of potential triggering conditions for hazardous behavior help to achieve this goal. In this regard, ISO 21448 suggests conducting a System-Theoretic Process Analysis (STPA). In this article, we introduce German terminology for SOTIF considerations and critically discuss STPA theory in the course of an example application, while also proposing methodological additions. -- --
Um bereits in der Konzeptphase autonomer Fahrzeuge einen fundierten Eindruck bestehender Risikopotenziale zu erhalten, werden im Zuge von deduktiven und induktiven SOTIF-Analysen mögliche auslösende Umstände für gefährliches Verhalten untersucht. In diesem Zusammenhang wird in der ISO 21448 die Durchführung einer systemtheoretischen Prozessanalyse (STPA) vorgeschlagen. In diesem Beitrag führen wir deutsche Terminologie für SOTIF-Betrachtungen ein und setzen uns im Zuge einer Anwendung kritisch mit der STPA-Theorie auseinander, wobei wir begleitend methodische Ergänzungen anregen.
△ Less
Submitted 11 March, 2024;
originally announced March 2024.
-
Interference mitigation with block diagonalization for IRS-aided MU-MIMO communications
Authors:
Wilker de O. Feitosa,
Igor M. Guerreiro,
Fco. Rodrigo P. Cavalcanti,
Tarcisio F. Maciel,
Maria Clara R. Lobão,
Fazal-E-Asim,
Behrooz Makki,
Gábor Fodor
Abstract:
This work investigates interference mitigation techniques in multi-user multiple input multiple output (MU-MIMO) Intelligent Reflecting Surface (IRS)-aided networks, focusing on the base station end. Two methods of precoder design based on block diagonalization are proposed. The first method does not consider the interference caused by the IRS, seeking to mitigate only the multi-user interference.…
▽ More
This work investigates interference mitigation techniques in multi-user multiple input multiple output (MU-MIMO) Intelligent Reflecting Surface (IRS)-aided networks, focusing on the base station end. Two methods of precoder design based on block diagonalization are proposed. The first method does not consider the interference caused by the IRS, seeking to mitigate only the multi-user interference. The second method mitigates both the IRS-caused interference and the multi-user interference. A comparison between both methods within an no-IRS MU-MIMO network with strong direct links is provided. The results show that, although in some circumstances IRS interference can be neglected, treating it can improve system capacity and provide higher spectral efficiency
△ Less
Submitted 29 June, 2023;
originally announced June 2023.
