Shiro Yamaoka, Ph.D Department Manager, Control Platform Research Dept. Center for Technology Innovation - Controls Hitachi, Ltd. Research & Development Group:
”The cooperation with Fraunhofer IESE regarding a multi-aspect safety engineering method with safeTbox brought about substantial success for Hitachi R&D. We implemented the design method of the functional architecture for autonomous driving systems and analyzed the safety aspect simultaneously.
Many thanks for the effort.”
Safety-critical systems need to be implemented according to safety standards. Such standards do not yet exist for the envisioned vehicles of higher automation levels. However, the automotive industry wants to make these systems a reality and wants to know how to address safety engineering for such systems. Hitachi has therefore decided to rely on the expertise of the Fraunhofer Institute for Experimental Software Engineering IESE. The institute has competencies and project experience in the field of Safety Engineering for Vehicles of Higher Automation Levels. Furthermore, IESE is involved in and connected to ongoing standardization initiatives in this field.
Besides the technical challenges for realizing vehicles of higher automation levels, there are challenges in ensuring the functional safety for such vehicles. Manufactures of vehicles of higher automation levels can only release their products to the market if they can trust that they have been properly engineered and that their introduction will not increase the risk of accidents on the road. Ensuring the latter aspect is the genuine scope of safety engineering. Existing safety standards such as ISO 26262 are, however, not sufficient for considering the full problem scope of automated vehicles. Upcoming standards such as the Safety-Of-The-Intended-Functionality (SOTIF) ISO PAS 21448 initiative attempt to close the gap between the safety engineering currently supported by safety standards and the safety engineering needed for the release of vehicles of higher automation levels. However, it is neither guaranteed that the scope of SOTIF will be sufficient to close that gap nor does a safety engineering process currently exist that includes the necessary safety considerations for vehicles of higher automation levels.
In a joint research cooperation, researchers of Hitachi and Fraunhofer IESE have investigated the necessary scope for future safety engineering and how current safety standards and standard creation initiatives address this necessary scope. Based on the results of this investigation, an initial process and methodology for multiaspect safety engineering with tool support from our safeTbox tool was developed. The results of this project were presented at the International Conference on Computer Safety, Reliability & Security (SafeComp) – one of the most important conferences in the safety engineering community – in Sweden in 2018. Sharing the results with the research community enabled critical reflection on them and contributed to building awareness for the full problem scope of Safety Engineering for Vehicles of Higher Automation Levels.
The joint research activity enables Hitachi and Fraunhofer IESE to anticipate the contents of upcoming safety standards in the field of automated vehicles and to address these contents with a tool supported methodology.