Safety design strategies in highly autonomous drive level 2 – lateral control decomposition concept

Abstract

The paper is based on an experimental study at VSB TUO Ostrava with a DEMOCAR vehicle that simulates a real car with sensor fusion concept and a vehicle gateway to send and coordinate commands to ECUs to realize and manage autonomous driving. In this experimental study of autonomous driving vehicles control, a HARA (Hazard and Risk Analysis, ISO 26262:2018) has been done on vehicle level and strategies have been defined and implemented to manage safety situations where the car lateral control shall be hand over to a driver when in HAD 2 mode. The issue is that the switching to safe state shall not be done immediately but the vehicle has to stay in safe driving mode – fail-operational up to 4 seconds until a driver can take over. The UECE and other relevant studies show that it can take up to 6 seconds if driver/operator is not in the flow (HAD 3) and up to the 2 seconds when driver is in the flow (HAD 1). The paper makes assumptions and proposals about vehicle lateral control strategy to ensure the smooth takeover of the car by driver and its impact on control software development architectures.