Your Selections

Safety critical systems
Show Only


File Formats

Content Types










   This content is not included in your SAE MOBILUS subscription, or you are not logged in.

Safety assurance concepts for automated driving systems

University of Melbourne-Stuart Ballingall, Majid Sarvi, Peter Sweatman
  • Technical Paper
  • 2020-01-0727
To be published on 2020-04-14 by SAE International in United States
Automated Driving Systems (ADSs) for road vehicles are being developed that can perform the entire dynamic driving task without a human driver in the loop. However, current regulatory frameworks for assuring vehicle safety may restrict the deployment of ADSs that can use machine learning to modify their functionality while in service. A review was undertaken to identify and assess key initiatives and research relevant to the safety assurance of adaptive safety-critical systems that use machine learning, and to highlight assurance concepts that could benefit from further research. The primary objective was to produce findings and recommendations that can inform policy and regulatory reform relating to ADS safety assurance. Due to the almost infinite number and combination of scenarios that an ADS could encounter, the review found much support for concepts that involve the use of simulation data as virtual evidence of safety compliance, with suggestions of a need to assure simulation tools and models. Real-world behavioural competency testing was also commonly proposed, although noting this concept has its limitations. The concept of whole-of-life assurance was…
   This content is not included in your SAE MOBILUS subscription, or you are not logged in.

Effect of Flange radius and width on the Fatigue Life of wheel hub under Cornering Loads

Mahindra & Mahindra Ltd.-Srikrishna Koduri, Durgaprasad Mohapatra, Suhas Kangde
  • Technical Paper
  • 2020-01-1232
To be published on 2020-04-14 by SAE International in United States
Automotive Wheel Hub is a safety critical component. Integrated Wheel hub design is improved from 1st generation to 3rd generation to meet the durability targets with less weight. Lateral loading is critical parameter for designing wheel hub. Cornering test is performed at vehicle level to evaluate wheel hub. Cornering test has combination of three types of tracks. In Wheel hub design, flange radius and flange width are two important design parameters to meet the durability life for cornering loads. We have considered the combination of different flange radius and flange width to understand the effect of these two parameters on wheel hub fatigue life. These three-wheel hubs are tested till failure and life scatter is plotted. Strain data is acquired at flange radius on wheel hub for all cornering test tracks. Using Wheel Force Transducers (WFT), Forces and moments are acquired at wheel center for all cornering test tracks. Duty cycle is derived from measured loads. FE model of Wheel end simulation contains Wheel hub, Wheel rim, Knuckle, drive shaft and wheel nut. FE Analysis…
   This content is not included in your SAE MOBILUS subscription, or you are not logged in.

Virtual Switches and Indicators in Automotive Displays

General Motors LLC-Scott Rush
  • Technical Paper
  • 2020-01-1362
To be published on 2020-04-14 by SAE International in United States
Over the last decade, graphical and touch displays have become commonplace in automobile cockpits. Such displays have been used mainly for convenience functions such as navigation, radio, driver information, and vehicle settings. Automakers are now using these displays to generate “virtual” indicators that replace regulated and/or safety-critical physical indicators, such as gear position indication or the Malfunction Indicator Light [MIL]. Automakers are also replacing physical switches and controls, such as heating, ventilation, and air conditioning [HVAC] controls, with “virtual” controls rendered on the cockpit touch-screen. Many of these indicators and controls have regulatory and/or functional safety requirements that have been met using such methods as redundant terminals in a safety-critical switch, or by monitoring the electrical State-of-Health [SOH] of discrete LED indicators. Meeting these requirements with “virtual” graphical elements requires new electronic hardware and software technologies. This paper discusses recent advances in electronic hardware and System-on-Chip [SoC] solutions, operating systems, and supporting software architecture implementation of regulatory and/or functional safety graphics within cockpit displays. Application of the ISO 26262 standard, particularly section 5, and considerations…
   This content is not included in your SAE MOBILUS subscription, or you are not logged in.

Bridging the Gap Between ISO 26262 and Machine Learning: A Survey of Techniques for Developing Confidence in Machine Learning Based Systems.

Critical Systems Labs Inc.-Jose Serna, Simon Diemert, Laure Millet, Jeffrey Joyce
General Motors LLC-Rami Debouk, Ramesh S
  • Technical Paper
  • 2020-01-0738
To be published on 2020-04-14 by SAE International in United States
Machine Learning (ML) based technologies are increasingly being used to fulfill safety-critical functions in autonomous and advanced driver assistance systems (ADAS). This change has been spurred by recent developments in ML and Artificial Intelligence techniques as well as rapid growth of computing power. It is clear that ML-enabled systems can deliver value as part of a production ADAS program. However, demonstrating that ML-based systems are capable of achieving the necessary level of safety integrity remains a challenge. Current research and development work focused on establishing the reliable and safe operation of ML-based systems is disjoint and typically presents individual techniques that might be used to gain confidence in these systems. As a result, there is minimal guidance for adapting an established ISO 26262 compliant automotive engineering program to enable the development of ML-based systems. This paper presents a literature survey of recent ML literature to identify techniques and methods that can contribute to meeting ISO 2626 requirements. The surveyed literature is mapped onto the ISO 26262 V-model and the applicability of individual techniques and methods…
   This content is not included in your SAE MOBILUS subscription, or you are not logged in.

An Approach to Verification of Interference Concerns for Multicore Systems (CAST-32A)

Rapita Systems, Inc., Ltd.-Steven H. VanderLeest, Christos Evripidou
  • Technical Paper
  • 2020-01-0016
To be published on 2020-03-10 by SAE International in United States
The avionics industry is moving towards the use of multicore systems to meet the demands of modern avionics applications. In multicore systems, interference can affect execution timing behavior, including worst case execution time (WCET), as identified in the FAA CAST-32A position paper. Examining and verifying the effects of interference is critical in the production of safety-critical avionics software for multicore architectures. Multicore processor hardware along with aerospace RTOS providers increasingly offers robust partitioning technologies to help developers mitigate the effects of interference. These technologies enable the partitioning of cores for different applications at different criticalities and make it possible to run multiple applications on one specific core. When incorporated into system-design considerations, these partitioning mechanisms can be used to reduce the effects of interference on software performance. In this paper we describe a novel approach to verifying the effectiveness of RTOS interference mitigation on the final hosted software. We showcase the use of the proposed approach on the NXP T2080 multicore board. The approach follows a V-model based methodology in which high- and low-level requirements…
   This content is not included in your SAE MOBILUS subscription, or you are not logged in.


Automotive Engineering: January/February 2020

Lindsay Brooke
  • Magazine Article
  • 20AUTP02_01
Published 2020-01-01 by SAE International in United States

While engineers debate the use of thermal-imaging sensors for ADAS, their capability and value are being proven for AVs of all levels.

What specific sensor types will comprise the advanced driver-assistance systems (ADAS) of the 2020s? That's a controversial subject among engineers who are developing SAE Level 2 and 3 (and the so-called “L2+”) ADAS sensing suites for new vehicles. Many of them believe that visible-light cameras fused with radar will suffice to deliver the object-identification accuracy, redundancy-and cost effectiveness-that OEMs and the driving public expect of ADAS-equipped vehicles.

Annotation ability available
   This content is not included in your SAE MOBILUS subscription, or you are not logged in.

Localization Requirements for Autonomous Vehicles

SAE International Journal of Connected and Automated Vehicles

Ford Autonomous Vehicles, LLC, USA-Sarah E. Houts, Robert Cammarata, Graham Mills, Siddharth Agarwal, Ankit Vora
Ford Motor Company, USA-Tyler G.R. Reid, Gaurav Pandey
  • Journal Article
  • 12-02-03-0012
Published 2019-09-24 by SAE International in United States
Autonomous vehicles require precise knowledge of their position and orientation in all weather and traffic conditions for path planning, perception, control, and general safe operation. Here we derive these requirements for autonomous vehicles based on first principles. We begin with the safety integrity level, defining the allowable probability of failure per hour of operation based on desired improvements on road safety today. This draws comparisons with the localization integrity levels required in aviation and rail where similar numbers are derived at 10−8 probability of failure per hour of operation. We then define the geometry of the problem where the aim is to maintain knowledge that the vehicle is within its lane and to determine what road level it is on. Longitudinal, lateral, and vertical localization error bounds (alert limits) and 95% accuracy requirements are derived based on the United States (US) road geometry standards (lane width, curvature, and vertical clearance) and allowable vehicle dimensions. For passenger vehicles operating on freeway roads, the result is a required lateral error bound of 0.57 m (0.20 m, 95%),…
This content contains downloadable datasets
Annotation ability available

Spotting Objects Amid Clutter

  • Magazine Article
  • TBMG-35164
Published 2019-09-01 by Tech Briefs Media Group in United States

A new MIT-developed technique enables robots to quickly identify objects hidden in a three-dimensional cloud of data, reminiscent of how some people can make sense of a densely patterned “Magic Eye” image if they observe it in just the right way.

   This content is not included in your SAE MOBILUS subscription, or you are not logged in.

EDITORIAL: There is no substitute for ‘Automotive Grade’

Automotive Engineering: September 2019

Editor-in-Chief-Lindsay Brooke
  • Magazine Article
  • 19AUTP09_05
Published 2019-09-01 by SAE International in United States

When you get in a vehicle and push the ‘start’ button, you're betting that the machine will get you to your destination safely and reliably, regardless of the driving conditions. Lives are at stake the moment you lift off the brake pedal.

Annotation ability available
   This content is not included in your SAE MOBILUS subscription, or you are not logged in.

The Navigator

Autonomous Vehicle Engineering: September 2019

  • Magazine Article
  • 19AVEP09_02
Published 2019-09-01 by SAE International in United States

No trust in AI systems without data protection

When people surround themselves with microphones and cameras, others will be listening and watching. This reality shouldn't come as a surprise, but remarkably it does. The advent of automated driving will dramatically expand this activity. In fact, it is already creating controversy.

Annotation ability available