Jan Reich

• M. Sc.
• Expert Dynamic Assurances of Connected Autonomous Systems at Fraunhofer Institute for Experimental Software Engineering

Cyber-Physical Systems (CPS) harbor the enormous potential for societal improvement in terms of safety, comfort and economic efficiency. However, these benefits will only be unlocked if the safety of these systems can be assured with a sufficient level of confidence. Traditional safety engineering and assurance approaches alone cannot address the C...

In the automotive industry, modern cyber-physical systems feature cooperation and autonomy. Such systems share information to enable collaborative functions, allowing dynamic component integration and architecture reconfiguration. Given the safety-critical nature of the applications involved, an approach for addressing safety in the context of reco...

Assuring safety is a key challenge for market introduction of many kinds of autonomous systems. This is especially true in cases where data-driven models (DDMs) such as deep neural networks are used to perceive or anticipate hazardous situations. Treating failures of such models in the same way as failures in traditional software appears insufficie...

Assuring an adequate level of safety is the key challenge for the approval of autonomous vehicles (AV). Dynamic Risk Assessment (DRA) enables AVs to assess the risk of the current situation instead of behaving according to worst-case expectations regarding all possible situations. While current DRA techniques typically predict the behavior of other...

Creating a sound argumentation of why a system is sufficiently safe is a major part of the assurance process. Today, compiling a safety case and maintaining its validity after changes are time-consuming manual work. By using the concept provided by Digital Dependability Identities (DDI), we present a systematic approach for creating a model-connect...

Self-adaptive methods have been advocated for addressing challenges related to managing unknowns and uncertainties in autonomous driving, which in turn are caused by, e.g., machine-learning uncertainty, operation in an open context, and cybersecurity. Many works proposed specific vehicle architectures featuring self-adaptation mechanisms. However,...

The hazard analysis and risk assessment (HARA) is a fundamental artifact of safety engineering that requires substantial effort from experienced engineers to conform to standards. The cost combined with today's shortage of trained personnel demands technical solutions to reduce these efforts. Recent advances in generative AI provide new opportuniti...

Developing an Automated Driving System (ADS) is a complex task involving many stakeholders from different domains. Taking up this challenge, the VV Methods project (VVM) https://www.vvm-projekt.de/en/ has developed a general methodology that is proposed as a new common basis to develop and ensure the safety of future Automated Driving Systems (ADS)...

This paper provides an approach for controlling the level of risk when operating highly automated transportation systems like cars, trains and similar. Such systems replace human perception and decision-making by employing highly sophisticated solutions based on electronics, IT, and AI. Such systems have demonstrated the potential for building high...

While current automotive safety standards provide implicit guidance on how unreasonable risk can be avoided, manufacturers are required to specify risk acceptance criteria for Automated Driving Systems (SAE Level 3 and higher). However, the ‘unreasonable’ level of risk of Automated Driving Systems is not yet concisely defined. Solely applying curre...

In safety-critical systems development, managing diverse engineering artifacts using different tools is challenging. The lack of seamless tool integration hinders the traceability of artifacts, which is essential for system safety and dependability. The Digital Dependability Identity (DDI) engineering process improves artifact management by providi...

Accepted for publication @ 42nd International Conference on Computer Safety, Reliability and Security (SAFECOMP) in Toulouse, France 19.-22. September 2023 Automated driving systems (ADS) can improve efficiency in logistics and last-mile delivery, but a major challenge is ensuring safety for operational design domain (ODD) expansion or cross-domai...

Conventional safety engineering is not sufficient to deal with Artificial Intelligence (AI) and Autonomous Systems (AS). Some authors propose dynamic safety approaches to deal with the challenges related to AI and AS. These approaches are referred to as dynamic risk management, dynamic safety management, dynamic assurance, or runtime certification...

Autonomous control systems are used in an open environment where humans exist. Therefore, a safety design needs to be created corresponding to evolutions and changes in the behavior of humans and machines in accordance with an open changing environment. In this study, we propose a structure and derivation method of safety rules based on a pairing s...

Automated driving systems (ADS) can improve efficiency in logistics and last-mile delivery, but a major challenge is ensuring safety for operational design domain (ODD) expansion or cross-domain deployment. Various ontologies and formats exist for modeling and representing the operational environment. However, their structuring schemes are not suit...

Autonomous driving enables future mobility-of-demand services, especially for the last mile between service or shopping centers and residential areas. However, the deployment of self-driving systems in pedestrians zones is associated with enormous risks: Often the driving conditions are cramped, and numerous people move close to the vehicle. Theref...

While current automotive safety standards provide implicit guidance on how unreasonable risk can be avoided, manufacturers are required to specify risk acceptance criteria for automated driving systems (SAE Level 3+). However, the 'unreasonable' level of risk of automated driving systems (SAE Level 3+) is not yet concisely defined. Solely applying...

Assuring safety of automated vehicles (SAE Level 3+) requires specifying and validating the behavior of such a vehicle in its operational environment. In order to argue and support assumptions that are made during the behavior specification within scenarios, a traceable documentation of design decisions is required. With the introduction of the sem...

Autonomous driving enables future mobility-of-demand services, especially for the last mile between service or shopping centers and residential areas. However, the deployment of self-driving systems in pedestrians zones is associated with enormous risks: Often the driving conditions are cramped, and numerous people move close to the vehicle. Theref...

Coexistence or even cooperation of autonomous mobile robots (AMR) and humans is a key ingredient for future visions of production, warehousing and smart logistic. Before these visions can become reality one of the fundamental challenges to be tackled is safety assurance. Existing safety concepts have significant drawbacks, they either physically se...

To enable resilient, innovative, and sustainable industrialization, adopting the Industry 4.0 (I4.0) paradigm is essential, as it enables distributed, reconfigurable production environments. Fast reconfiguration, and hence flexibility, is further achieved by employing human-robot-collaborations—but this poses challenges with respect to human worker...

The use of Unmanned Arial Vehicles (UAVs) offers many advantages across a variety of applications. However, safety assurance is a key barrier to widespread usage, especially given the unpredictable operational and environmental factors experienced by UAVs, which are hard to capture solely at design-time. This paper proposes a new reliability modeli...

Data-driven models (DDM) based on machine learning and other AI techniques play an important role in the perception of increasingly autonomous systems. Due to the merely implicit definition of their behavior mainly based on the data used for training, DDM outputs are subject to uncertainty. This poses a challenge with respect to the realization of...

Coexistence or even cooperation of autonomous mobile robots (AMR) and humans is a key ingredient for future visions of production, warehousing and smart logistic. Before these visions can become reality one of the fundamental challenges to be tackled is safety assurance. Existing safety concepts have significant drawbacks, they either physically se...

Considering information as the basis of action, it may be of interest to examine the flow and acquisition of information between the actors in traffic. The central question is: Which signals does an automated driving system (which will be referred to as an automaton in the remainder of this paper) in traffic have to receive, decode or send in road...

The use of Unmanned Arial Vehicles (UAVs) offers many advantages across a variety of applications. However, safety assurance is a key barrier to widespread usage, especially given the unpredictable operational and environmental factors experienced by UAVs, which are hard to capture solely at design-time. This paper proposes a new reliability modeli...

Data-driven models (DDM) based on machine learning and other AI techniques play an important role in the perception of increasingly autonomous systems. Due to the merely implicit definition of their behavior mainly based on the data used for training, DDM outputs are subject to uncertainty. This poses a challenge with respect to the realization of...

Assuring an adequate level of safety is the key challenge for the approval of autonomous vehicles (AV). Dynamic Risk Assessment (DRA) enables AVs to assess the risk of the current situation instead of behaving according to worst-case expectations regarding all possible situations. While current DRA techniques typically predict the behavior of other...

In the future, AI will increasingly find its way into systems that can potentially cause physical harm to humans. For such safety-critical systems, it must be demonstrated that their residual risk does not exceed what is acceptable. This includes, in particular, the AI components that are part of such systems' safety-related functions. Assurance ca...

- Dynamic Risk Management Architectures differ heavily wrt. goal of runtime monitoring - Safety Case Evidence Generation and Assumption Monitoring demands a socio-technical architecture - Dynamic Performance Improvement demands intelligent multi-layer safety monitoring based on collaborative perception

Assuring an adequate level of safety is the key challenge for the approval of autonomous vehicles (AV). Dynamic Risk Assessment (DRA) enables AVs to assess the risk of the current situation instead of behaving according to worst-case expectations regarding all possible situations. While current DRA techniques typically predict the behavior of other...

If we consider information as the basis of action, it may be of interest to examine the flow and acquisition of information between the actors in traffic. The central question is, which signals an automaton has to receive, decode or send in road traffic in order to act safely and in a conform manner to valid standards. The phenomenon-signal-model i...

Digital transformation fundamentally changes established practices in public and private sector. Hence, it represents an opportunity to improve the value creation processes (e.g., “industry 4.0”) and to rethink how to address customers' needs such as “data-driven business models” and “Mobility-as-a-Service”. Dependable, collaborative and autonomous...

Autonomous driving on highways can be dangerous because other vehicles may perform a cut-in maneuver in front of the ego vehicle, which requires an immediate emergency reaction. To enable dynamic risk assessment frameworks like Situation-Aware Dynamic Risk Assessment (SINADRA) to pro-actively consider such behaviors before they are observable, lane...

Dynamic safety assurance is a quite new research field, which contributes to addressing the new challenges emerging from new technologies such as ML and new system responsibilities due to the transition from driver to passenger. As new as the field is, as versatile are the different problem aspects that can be addressed with dynamic assurance techn...

Autonomous commercial vehicles have enormous potential to make our lives more sustainable, more comfortable, and more economical. Artificial intelligence and connectivity enable autonomous behavior, but often stand in the way of market launch. Traditional engineering techniques are no longer sufficient to achieve the desired dependability, and cur...

Autonome Nutzfahrzeuge haben enormes Potenzial, Nachhaltigkeit, Komfort und Wirtschaftlichkeit zu erhöhen. Künstliche Intelligenz und Vernetzung ermöglichen autonomes Verhalten, stehen aber der Markteinführung oft im Weg. Traditionelle Entwicklungsverfahren reichen nicht mehr aus, um die gewünschte Verlässlichkeit zu erreichen, und aktuelle gesetzl...

Creating and maintaining a safety case with all its supporting modeling artifacts such as architecture, failure logic or safety requirements is a tedious task, particularly when multi-tier supply chains must be bridged, and different safety engineering tools are used. Digital Dependability Identities (DDI) are model-based abstractions of the safety...

Nowadays, safety for autonomous vehicles cannot be ensured with standardized safety processes in the automotive industry, due to the uncontrolled environment of the real-world traffic and the complexity of the system. A new approach to guarantee safety is to allow operation only in specified safe situations. These situations are specified within th...

Cyber-Physical-Systems (CPS), such as smart cars and implanted medical devices, are systems of collaborating computational entities. The open and cooperative nature of CPS poses a significant new challenge in assuring dependability. The DEIS project addresses this important and unsolved challenge through its key innovation which is the concept of a...

Cyber-Physical Systems (CPS) harbor the enormous potential for societal improvement in terms of safety, comfort and economic efficiency. However, these benefits will only be unlocked if the safety of these systems can be assured with a sufficient level of confidence. Traditional safety engineering and assurance approaches alone cannot address the C...

The future will encompass heavily interconnected, distributed, heterogeneous and intelligent systems which are bound to have a significant economic and social impact. Cyber physical systems (CPS) such as autonomous cars, smart electric grid, implanted medical devices and smart manufacturing are some practical examples of these intelligent systems....

Assuring an adequate level of safety is the key challenge for the approval of autonomous vehicles (AV). The full performance potential of AV cannot be exploited at present because traditional assurance methods at design time are based on a risk assessment involving worst-case assumptions about the operating environment. Dynamic Risk Assessment (DRA...

Ensuring appropriate dependability of modern industrial systems is becoming more and more challenging due to the raising complexity of modern embedded systems and the introduction of connectivity, possibly leading to ad-hoc creation of systems' configuration. State-of-the-art dependability analysis techniques, applied during design phase, provide l...

Autonomous driving has become a broad �eld of research and development of new vehicles in recent years. Conventionally, safety in such systems is ensured during vehicle development through processes such as Hazard Analysis and Risk Assessment (HARA). However, these processes assume a worst-case scenario and therefore lead to autonomous vehicles tha...

Creating a sound argumentation of why a system is sufficiently safe is a major part of the assurance process. Today, compiling a safety case and maintaining its validity after changes are time-consuming manual work performed by safety experts based on their experience and knowledge. This work is further complicated when supplier components need to...

Cyber-Physical-Systems (CPS) are systems of collaborating computational entities. Concepts such as autonomous cars, smart electric grid, implanted medical devices and smart manufacturing are some practical examples of CPS. However, the open and cooperative nature of CPS poses a significant new challenge in assuring dependability. The DEIS project a...

Safety engineering lifecycle starts with hazard analysis to identify the risks, following by safety analysis to determine the causes of hazardous events. Safety concept of the system as a result of these activities form the safety specification and requirements. In the course of safety-critical development, many safety products are produced by the...

With conditional safety certificates (ConSerts) a method has been developed for assuring functional safety of collaborations between open adaptive systems at runtime. The development process of such safety-critical systems provides that the development artifacts are verified and validated regarding their correctness. Since both system engineering m...

Cooperative Automated Systems enable new kinds of applications and services. Corresponding visions stretch across virtually any domain of embedded systems and it is obvious that there lies a huge potential for economic, ecologic and societal improvements and success. However, to unlock this potential we first need to overcome diverse engineering ch...

Refactoring is a technique that is already established for software design and code implementation. It improves maintainability and extendibility of software through structure changes while preserving the external behavior. The support of performing typical refactoring patterns automatically in IDEs improves development efficiency. Furthermore, the...

System assurance cases are used to demonstrate confidence in system properties of interest (e.g. safety and/or security). They are key artefacts for safety and/or security acceptance for systems before they become operational. Cyber-Physical Systems (CPS) form a new technological frontier for their vast economic and societal potentials in various d...

Future automotive systems will exhibit ever-higher grades of automation up to the point of autonomy. The full potential in automation can only be unlocked when combining it with the capability of cooperation, leading to the vision of comprehensively networked cooperative autonomous systems (CAS). To enable a safe CAS cooperation at runtime, we intr...

The visualization approach for Component Fault Trees (CFTs) realized in this work was implemented as an extension of the safeTbox modeling tool (safeTbox.iese.fraunhofer.de). Its goal is to enhance the understandability of compositional and hierarchical models while facilitating reviewing purposes. Safety Analysts makes use of CFTs to perform fault...

Recently, conditional safety certificates (ConSerts) have been proposed as a novel means for the safety assurance of collaborations between open adaptive systems. Since the innovation potential of such collaborations has been recognized in many different application domains, it deemed desirable to demonstrate the general applicability of the ConSer...

Traditionally, safety engineering has been a matter of tables and textual documents and even of pen and paper. Even in the age of computerization, this did has not really changed significantly, as the state of the practice in safety engineering is nowadays dominated by Excel sheets and Word files. Nevertheless, a range of computer-aided safety anal...