In this paper, we present a method to assess functional safety of architectures for Automated Driving Systems (ADS). The ISO 26262 standard defines requirements and processes in support of achieving functional safety of passenger vehicles, but does not address in particular autonomous driving functions. Autonomous driving will bring with it a number of fundamental changes affecting functional safety. First, there will no longer be a driver capable of controlling the vehicle in case of a failure of the ADS. Second, the hardware and software architectures will become more complex and flexible than those used for conventional vehicles. We present an automated method to assert functional safety of ADS systems in the spirit of ISO 26262 in light of these changes. The approach is model-based and implemented in the QuantUM analysis tool. We illustrate its use in functional safety analysis using a proposed practical ADS architecture and address, in particular, architectural variant analysis.
展开▼
机译:在本文中,我们提出了一种评估自动化驾驶系统(广告)架构功能安全的方法。 ISO 26262标准定义了支持实现乘用车功能安全性的要求和流程,但没有涉及特定的自主驾驶功能。自动驾驶将带来一些影响功能安全的许多根本变化。首先,在广告故障的情况下,将不再能够控制车辆的驱动程序。其次,硬件和软件架构将比传统车辆用于传统车辆的硬件和软件架构更复杂和灵活。我们提出了一种自动化方法,以根据这些变化,以ISO 26262的精神断言ADS系统的功能安全性。该方法是基于模型和在量子分析工具中实现的。我们使用建议的实用广告架构和地址,特别是架构变体分析来说明其在功能安全分析中的用途。
展开▼
