Safety design strategies in highly autonomous drive level 2 - Lateral control decomposition concept

Abstract

The paper is based on an experimental study at VSB TUO Ostrava with a DEMOCAR vehicle that simulates a real car with sensor fusion concept and a vehicle gateway to send and coordinate commands to ECUs to realize and manage autonomous driving. In this experimental study of autonomous driving vehicles control, a HARA (Hazard and Risk Analysis, ISO 26262:2018) has been done on vehicle level and strategies have been defined and implemented to manage safety situations where the car lateral control shall be hand over to a driver when in HAD 2 mode. The issue is that the switching to safe state shall not be done immediately but the vehicle has to stay in safe driving mode - fail-operational up to 4 seconds until a driver can take over. The UECE and other relevant studies show that it can take up to 6 seconds if driver/operator is not in the flow (HAD 3) and up to the 2 seconds when driver is in the flow (HAD 1). The paper makes assumptions and proposals about vehicle lateral control strategy to ensure the smooth take-over of the car by driver and its impact on control software development architectures.