Autonomous Driving – How to Apply Safety Principles

We discuss safety principles of autonomous driving road vehicles. First, we provide a comparison between principles and experience of autonomous or automatic systems on rails and on the road. An automatic metro operates in a controlled and well-defined environment, passengers and third persons are separated from driving trains by fences, tunnels, etc. A road vehicle operates in a much more complex environment. Further, we discuss safety principles. The application of safety principles (e.g. fail-safe or safe-life) is used to design and implement a safe system that eventually fulfils the requirements of the functional safety standards. The different responsibility of human driver and technical driving system in different automation levels for autonomous driving vehicles require the application of safety principles. We consider, which safety principles have to be applied using general safety principles and analysing the relevant SAE level based on the experience from projects for the five levels of automated driving as defined by the SAE. Depending on the level of automation, the technical systems are implemented as fail-silent, fails-safe or as safe-life.

1. Bouwman, R., Schäbe, H., Vis, H. (2009), Application of safety principles for a guidance system in public transport, ESREL 2009, Proceedings Reliability, Risk and Safety, vol. 3, p. 2275-2278.

2. Breitinger M. (2016), Kabinett erlaubt teilautomatisiertes Fahren, http://www.zeit.de/mobilitaet/2016- 04/autonomes-fahren-gesetzentwurf-verkehrsrechtalexander-dobrindt, published 13.4.2016, retrieved on 19.10.2017

3. Convention (1973), Convention on Road Traffic, 8.11.1968, European Additional Treaty from 1.5.1071 and Protocol 1.3.1973.

4. Daimler 2017 The Mercedes-Benz Future Bus The future of mobility, https://www.daimler.com/innovation/autonomous-driving/future-bus.html, retrieved on 19.10.2017

5. EK 2017, ETHIK-KOMMISSION AUTOMATISIERTES UND VERNETZTES FAHREN (Ethics Commission for automated and networked driving, in German), Bericht, Juni 2017, WWW.BMVDI.DE

6. EN 50126 Railway applications – The specification and demonstration of Reliability, Availability, Maintainability and Safety (RAMS) (EN 50126), 1999

7. EN 50128 Railway applications — Communication, signaling and processing systems — Software for railway control and protection systems, 2011, correction 2014.

8. EN 50129 Railway applications – Communication, signalling and processing systems – Safety related electronic systems for signalling, 2003

9. Focus (2016) Todesfall im selbstfahrenden EAutoUS-Verkehrsaufsicht prüft Teslas “Autopilot”, http://www.focus.de/auto/elektroauto/todesfall-imselbstfahrenden-auto-us-verkehrsaufsicht-prueft-teslasautopilot_id_5687341.html, 1.7.2016

10. Frog 2017, Website, www.frog.nl, retrieved on 19.10.2017

11. Gayen, J.-T., Schäbe, H. (Miss-) Konzeptionen von Sicherheitsprinzipien, Signal und Draht, 100 Nr. 7+8 (2008) pp. 11-18.

12. Gayen, J.-T. , Schäbe, H. (Mis-) conceptions of safety principles, ESREL 2008, Proceedings Safety, Reliability and Risk analysis, vol. 2, pp. 1283-1291

13. Gräfling, S., Schäbe, H., The agri-motive safety performance integrity level – or how do you call it?, ESREL 2012 / PSAM 11, paper 26 Fr2_1, 10 p.

14. Google car (2016) Google self-driving car hits public bus near Mountain View headquarters http://www.mercurynews.com/2016/02/29/googleself-driving-car-hits-public-bus-near-mountain-viewheadquarters/, retrieved on 19.10.2017.

15. Gülker, J., Schäbe, H., 2006, Physical Principles of Safety, Safety and Reliability for Managing Risk, Proc. of ESREL 2006, pp. 1045-1050.

16. IEC 61508 Functional safety of electrical / electronic / programmable electronic safety-related systems, 2010, parts 1-7,

17. ISO 26262 Road vehicles — Functional safety, 2018, parts 1-10,

18. Lotz, G.O. 2017, Eine Referenzarchitektur für die assistierte und automatisierte Fahrzeugführung mit Fahrereinbindung, Dissertation Technical University Darmstadt, 2017 (A reference architecture for assisted and automatic driving with driver intervention),

19. Machine Directive (2006) DIRECTIVE 2006/42/ EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 May 2006 on machinery, and amending Directive 95/16/EC (recast)

20. Mazzega, J., Köster, F., Lemmer, K.,. Form, T., Absicherung hochautomatisierter Fahrfunktionen, Automobiltechnische Zeitschrift, 118 (2016), no. 10, 48-52 (Safe Implementation of Highly automated Driving Functions)

21. Nahverkehrspraxis (2017), Weltpremiere: Daimler Buses präsentiert autonom fahrenden Stadtbus”, http://www.nahverkehrs-praxis.de/news/nahverkehrspraxis-top-news/article/weltpremiere-daimler-busespraesentiert-autonom-fahrenden-stadtbus/, retrieved on 19.10.2017

22. SAE (2016) Taxonomy and Definitions for Terms Related to Driving Automation Systems for On-Road Motor Vehicles, SAE J3016, September 2016.

23. UITP 2017, International Association of Public Transport. “A global bid for automation: UITP Observatory of Automated Metros confirms sustained growth rates for the coming years”. Belgium, retrieved 19.10.2017

24. UN (2017) Economic Commission for Europe, Inland Transport Committee, World Forum for Harmonization of Vehicle Regulations, Consolidated Resolu tion on the Construction of Vehicles, (R.E.3), Revision 6, 11.7.2017

25. Vogelpohl, T., Vollrath, M., Kühn, M. Hummel, T. Gehlert, T., (2016), Übergabe von hochautomatisiertem Fahren zu manueller Steuerung, Forschungsbericht Nr. 39, Unfallforschung der Versicherer GDV, August 2016, ISBN 978-3-939163-67-1

26. Short English Version:

27. Vogelpohl, T., Vollrath, M. (2016) UDV (Unfallforschung der Versicherer) Takeover times in highly automated driving Compact accident research, Nr.57, 07/2016

28. Wachenfeld, H. K. (2016), How Stochastic can Help to Introduce Automated Driving, Dissertation, Technical University Darmstadt, 19.10.2016