Autonomous vehicles increasingly depend on AI technologies for automated driving. There is a large semantic gap between sensor data processing and fusion, perception chains, and planning in automated driving and high-level safety requirements. Both, traditional requirements engineering methods and traditional methods to verify and validate that automated driving systems meet their specified requirements face new challenges. One approach to guaranteeing acceptable safety of automated driving is the concept of the operational design domain (ODD), the safety of intended functionality (SOTIF) and scenario-based verification. An ODD description specifies conditions for which safe operation of a particular system is guaranteed. For road traffic this can be weather and road conditions, but can also consider geographic constraints such as limitations to certain quarters of a city. Checking the ODD conditions at runtime is then one building block in the safety concept of automated driving in that a violation of the conditions should trigger safety operations such as minimum risk manoeuvres. The ODD concept can be the basis of gradual introduction and continuous improvements of the driving function based on the analysis of data from operation time when some ODD conditions have been violated. If automated driving is brought to public roads or targets passenger transportation, there is the additional demand for trustworthiness of the AI-based driving system. There are proposals to complement the verification and validation of AI-based driving systems with monitoring and shielding mechanisms that detect situations and scenarios that need attention of the operators or developers, e. g. , based on world knowledge such as physical plausibility of data provided by the perception chain. The approach of scenario-based verification and validation of driving systems has led to the development of specific formalisms to abstractly capture and specify driving behaviour, e. g. , to formalise traffic rules and regulations related to driving. One such formalism is Traffic Sequence Charts (TSC), originally developed for autonomous driving on roads, and recently adapted to the maritime domain. We present emerging work on how abstract scenario specification formalisms from the discipline of Requirements Engineering can be used to devise procedures for continuous safeguarding and improvement of autonomous driving systems towards increased reliability, safety, and trustworthiness.
Saxena et al. (Mon,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: