No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
Model-based decomposition and Backtracking Framework for Probabilistic Risk Assessment in Automated Vehicle Systems
Abstract
Unlike the simpler and more limited vehicle automation systems of earlier generations, for which operation and safety could be defined by standards such as the Functional Safety Standard (ISO 26262), novel automated systems become increasingly complex to analyze due to the exploding number of possible Operational esign omain (O) configurations. To solve this problem, we propose a model-based validation framework that helps to build the safety argument for particular challenging scenarios. The proposed method combines a functional hierarchical decomposition approach that helps to understand the system's functioning principles and a dynamic probabilistic risk assessment algorithm to perform risk analysis. This methodology is tested in a complex system that consists of two automated vehicles that travel together as a platoon on a highway. Three relevant scenarios from this system are chosen and analyzed using the proposed method. Finally, we identify risks associated with the choice of acceleration/deceleration parameters, the presence of a communication link, and external vehicles interfering with the platoon.
... A simplified geometric sector is additionally employed to represent the field of view (FOV) of the e-scooter. Only Algorithm 1: Backtracking Process Algorithm modified from [22] Result: Sequential system state transition paths with probability higher than truncation value: ε Initialization steps: Define L as the continuous system states; Define M as the system configuration states; Construct distinct intervals of the continuous states J = J 1 · · · J l · · · J L (l = 1, · · · , L); Locate TopEvent in the proposed system at the last time step in each simulation episode; Define k as the number of depths for backtracking search ; Set probability P k j = 1 at time t = k∆t; Acquire system state-to-state transition probability g(c x f |c x 0 , c s 0 , ∆t) ; Acquire system configuration transition probability h(c s f |c s 0 , c x 0 , ∆t) ; while k > 1 do ...
... To show the backtracking process, we use the one-vehicle crossing scenario as a case study for risk validation. Following the backtracking process in [22], the continuous statespace of the VEI process is firstly discretized and partitioned into sets of magnitude intervals (cell). To maintain computational efficiency, we use three system states to simplify and represent the designed system. ...
... The transition matrix is shown in Eq. 3. Therefore, the system state can be simply represented by C i := (x 1 , x 2 , x 3 ), i ∈ {1, · · · , 546}. Subsequently, the probabilities of transitioning between these 546 identified system states are determined using a cell-to-cell mapping method, as described in [22]. Each cell has a unique combination of the selected system states. ...
... In general, N α is often significantly smaller than N D We conclude this section by emphasizing that the D s and the obtained α-shape are not only embedded with coverage and forward invariance information. The graph G s induces state transitions that could be used for other safety related applications such as fault tree analysis with backtracking process algorithms [20], [32] and information gain justification [19]. The states can also be associated with other safety features available from the raw data such as human driver engagement (e.g., a human may tend to engage within a certain subset of the obtained covering set) and system signals (e.g., the forward collision warning may only be triggered in a certain subregion). ...
A connected and automated vehicle safety metric determines the performance of a subject vehicle (SV) by analyzing the data involving the interactions among the SV and other dynamic road users and environmental features. When the data set contains only a finite set of samples collected from the naturalistic mixed multi-modal traffic driving environment, a metric is expected to generalize the safety assessment outcome from the observed finite samples to the unobserved cases by specifying in what domain the SV is expected to be safe and how safe the SV is, statistically, in that domain. However, to the best of our knowledge, none of the existing safety metrics is able to justify the above properties with an operational domain specific, guaranteed complete, and provably unbiased safety evaluation outcome. In this paper, we propose a novel safety metric that involves the -shape and the -almost robustly forward invariant set to characterize the SV's almost safe operable domain and the probability for the SV to remain inside the safe domain indefinitely, respectively. The empirical performance of the proposed method is demonstrated in several different operational design domains through a series of cases covering a variety of fidelity levels (real-world and simulators), driving environments (highway, urban, and intersections), road users (car, truck, and pedestrian), and SV driving behaviors (human driver and self driving algorithms).
Autonomous Vehicle (AV) technology has advanced rapidly in recent years with some automated features already available in vehicles on the market. AVs are expected to reduce traffic crashes as the majority of crashes are related to driver errors, fatigue, alcohol, or drugs. However, very little research has been conducted to estimate the safety impact of AVs. This paper aims to investigate the safety impacts of AVs using a simulation-based surrogate safety measure approach. To this end, safety impacts are explored through the number of conflicts extracted from VISSIM traffic micro-simulator using Surrogate Safety Assessment Model (SSAM). Behaviours of Human-driven Vehicles (HVs) and AVs (level 4 automation) are modelled within the VISSIM’s car following model. The safety investigation is conducted for two case studies, including a signalised intersection and a roundabout, under various AV penetration rates. Results suggest that AVs improve safety significantly with high penetration rates, even when they travel with shorter headways to improve road capacity and reduce delay. For the signalised intersection, AVs reduce the number of conflicts by 20% to 65% with the AV penetration rates of between 50% and 100% (statistically significant at p<0.05). For the roundabout, the number of conflicts is reduced by 29% to 64% with the 100% AV penetration rate (statistically significant at p<0.05).
Driving test is critical to the deployment of autonomous vehicles. It is necessary to review the related works since the methodologies summaries are rare, which will help to set up an integrated method for autonomous driving test in different development stages, and help to provide a reliable, quick, safe, low cost and reproducible method and accelerate the development of autonomous vehicle. In this paper, we review the related autonomous driving test works, including autonomous vehicle functional verification, vehicle integrated testing, system validation in different architectures. This review work will be helpful for autonomous vehicle development.
With an increasing number of vehicles equipped with adaptive cruise control (ACC), the impact of such vehicles on the collective dynamics of traffic flow becomes relevant. By means of simulation, we investigate the influence of variable percentages of ACC vehicles on traffic flow characteristics. For simulating the ACC vehicles, we propose a new car-following model that also serves as the basis of an ACC implementation in real cars. The model is based on the intelligent driver model (IDM) and inherits its intuitive behavioural parameters: desired velocity, acceleration, comfortable deceleration and desired minimum time headway. It eliminates, however, the sometimes unrealistic behaviour of the IDM in cut-in situations with ensuing small gaps that regularly are caused by lane changes of other vehicles in dense or congested traffic. We simulate the influence of different ACC strategies on the maximum capacity before breakdown and the (dynamic) bottleneck capacity after breakdown. With a suitable strategy, we find sensitivities of the order of 0.3, i.e. 1 per cent more ACC vehicles will lead to an increase in the capacities by about 0.3 per cent. This sensitivity multiplies when considering travel times at actual breakdowns.
The homologation of automated vehicles, being safety-critical complex systems, requires sound evidence for their safe operability. Traditionally, verification and validation activities are guided by a combination of ISO 26262 and ISO/PAS 21448, together with distance-based testing. Starting at SAE Level 3, such approaches become infeasible, resulting in the need for novel methods. Scenario-based testing is regarded as a possible enabler for verification and validation of automated vehicles. Its effectiveness, however, rests on the consistency and substantiality of the arguments used in each step of the process. In this work, we sketch a generic framework around scenario-based testing and analyze contemporary approaches to the individual steps. For each step, we describe its function, discuss proposed approaches and solutions, and identify the underlying arguments, principles and assumptions. As a result, we present a list of fundamental considerations for which evidences need to be gathered in order for scenario-based testing to support the homologation of automated vehicles.
Automated systems are developed to successfully handle each situation that occurs while the system is in operation. This chapter discusses definitions of scenarios and the usage of scenarios for various application domains. It proposes a harmonized definition of scenario class.
How safe are autonomous vehicles? The answer is critical for determining how autonomous vehicles may shape motor vehicle safety and public health, and for developing sound policies to govern their deployment. One proposed way to assess safety is to test drive autonomous vehicles in real traffic, observe their performance, and make statistical comparisons to human driver performance. This approach is logical, but it is practical? In this paper, we calculate the number of miles of driving that would be needed to provide clear statistical evidence of autonomous vehicle safety. Given that current traffic fatalities and injuries are rare events compared to vehicle miles traveled, we show that fully autonomous vehicles would have to be driven hundreds of millions of miles and sometimes hundreds of billions of miles to demonstrate their reliability in terms of fatalities and injuries. Under even aggressive testing assumptions, existing fleets would take tens and sometimes hundreds of years to drive these miles?an impossible proposition if the aim is to demonstrate their performance prior to releasing them on the roads for consumer use. These findings demonstrate that developers of this technology and third-party testers cannot simply drive their way to safety. Instead, they will need to develop innovative methods of demonstrating safety and reliability. And yet, the possibility remains that it will not be possible to establish with certainty the safety of autonomous vehicles. Uncertainty will remain. Therefore, it is imperative that autonomous vehicle regulations are adaptive?designed from the outset to evolve with the technology so that society can better harness the benefits and manage the risks of these rapidly evolving and potentially transformative technologies.
A backtracking algorithm is proposed for the computationally efficient diagnostic/deductive implementation of the Markov/Cell-to-Cell-Mapping Technique (CCMT). Using a probabilistic mapping of the discretized system space onto itself in discrete time that can account for both epistemic and aleatory uncertainties on a phenomenologically consistent platform, Markov/CCMT allows quantification of probabilistic system evolution in time, as well as tracing of fault propagation throughout the system. The algorithm is illustrated using an example level control system and by identifying possible sequential pathways and risk significant scenarios for a given failure mode of the system. The algorithm allows incremental verification of the fidelity of the model used to represent the physics without increased memory requirements. The results show that the algorithm is scalable to larger systems.
A hierarchical structure that utilizes all the functionalities of
a large-scale system and unifies the dynamics of the system with its
functional behavior is introduced. The proposed hierarchy is formed by
decomposing the physical structure of a system and by associating
knowledge-rich controllers with the structure. The inclusion of
structural information in the hierarchy has several advantages. First,
it presents multifunctional descriptions of portions of the system.
Then, it provides a modular decomposition such that complete
reconstruction of the hierarchy is not required if some parts of the
system change. Most importantly, it enables local failure handling and
replanning. To demonstrate the physical decomposition, task assignment,
and control process, a system with two robot arms and a camera was
considered as an example
On a formal model of safe and scalable selfdriving cars
- S Shalevshwartz
- S Shammah
- A Shashua
S. ShalevShwartz, S. Shammah, and A. Shashua, "On a formal model of safe and scalable selfdriving
cars," arXiv preprint arXiv:1708.06374, 2017.
The safety force field
- H L Nistér
- J Lee
- Y Ng
- Wang
Nistér, H.L. Lee, J. Ng, and Y. Wang, "The safety force field," NVIDIA White Paper, 2019.
Autonomous vehicles meet the physical world: Rss, variability, uncertainty, and proving safety
- P Koopman
- B Osyk
- J Weast
P. Koopman, B. Osyk, and J. Weast, "Autonomous vehicles meet the physical world: Rss, variability,
uncertainty, and proving safety," in International Conference on Computer Safety, Reliability, and Security.
Springer, 2019, pp. 245-253.
Modelbased validation for autonomous systems
- Oztech Inc
Oztech Inc., Modelbased validation for autonomous systems, July 2020 (accessed March 31, 2021), http:
//oztinc.com/projects/modelbasedvalidationforautonomoussystems/.
United States. National Highway Traffic Safety Administration
- W G Najm
- J Smith
- M Yanagisawa
W. G. Najm, J.. Smith, M. Yanagisawa et al., "Precrash scenario typology for crash avoidance research,"
United States. National Highway Traffic Safety Administration, Tech. Rep., 2007.
Tirerelated factors in the precrash phase
- Nhtsa
NHTSA et al., "Tirerelated factors in the precrash phase," DOT HS, Vol. 811, pp. 11-13, 2012.