Integration of a Vehicle Operating Mode Management into UNICARagil’s Automotive Service-oriented Software Architecture

Automated vehicles require a central decision unit in order to coordinate the responsibility for the driving task between multiple operating modes. Additionally, other nondriving related tasks such as operation of an automatic door system must be coordinated as well. In this paper, we will motivate the usefulness of such a central decision unit at the example of the operating mode management of the UNICARagil project. We will describe its integration with UNICARagil’s Automotive Service-oriented Software Architecture and how modularity of this service-oriented software architecture is ensured. An example from the project’s context will further illustrate the functioning principle of the operating mode management in combination with the service orchestration of the Automotive Service-oriented Software Architecture

Towards model-based integration of component-based automotive software systems

The increasing complexity of automotive software systems and the desire for more frequent software and even feature updates require new approaches to the design, integration and testing of these systems. Ideally, those approaches enable an in-field updatability of automotive software systems that provides the same degree of safety guarantees as the traditionally labbased deployment. In this paper, we present a layered modelling approach that formalises the integration procedure of automotive software systems using graph-based models and formal analyses

Self-awareness in autonomous automotive systems

Self-awareness has been used in many research fields in order to add autonomy to computing systems. In automotive systems, we face several system layers that must be enriched with self-awareness to build truly autonomous vehicles. This includes functional aspects like autonomous driving itself, its integration on the hardware/software platform, and among others dependability, real-time, and security aspects. However, self-awareness mechanisms of all layers must be considered in combination in order to build a coherent vehicle self-awareness that does not cause conflicting decisions or even catastrophic effects. In this paper, we summarize current approaches for establishing self-awareness on those layers and elaborate why self-awareness needs to be addressed as a cross-layer problem, which we illustrate by practical examples

Towards Safety Concepts for Automated Vehicles by the Example of the Project UNICARagil

Striving towards deployment of SAE level 4+ vehicles in public traffic, researchers and developers face several challenges due to the targeted operation in an open environment. Due to the absence of a human supervisor, ensuring and validating safety while driving automatically is one of the key challenges. The arising complexity of the technical system must be handled during the entire research and development process. In this contribution, we outline the coherence of different safety-activities in the research project UNICARagi/. We derive high-level safety requirements and present the central safety mechanisms applied to automated diriving. Moreover, we outline the approaches of the project UNICARagi/ to address the validation challenge for automated vehicles. In order to demonstrate the overall approach towards a coherent safety argumentation, the connection of high-level safety requirements, safety mechanisms, as weil as validation approaches is illustrated by means of a selected example scenario

UNICARagil - Disruptive Modular Architectures for Agile, Automated Vehicle Concepts

This paper introduces UNICARagil, a collaborative project carried out by a consortium of seven German universities and six industrial partners, with funding provided by the Federal Ministry of Education and Research of Germany. In the scope of this project, disruptive modular structures for agile, automated vehicle concepts are researched and developed. Four prototype vehicles of different characteristics based on the same modular platform are going to be build up over a period of four years. The four fully automated and driverless vehicles demonstrate disruptive architectures in hardware and software, as well as disruptive concepts in safety, security, verification and validation. This paper outlines the most important research questions underlying the project

Automation of the UNICARagil Vehicles

The German research project UNICARagil is a collaboration between eight universities and six industrial partners funded by the Federal Ministry of Education and Research. It aims to develop innovative modular architectures and methods for new agile, automated vehicle concepts. This paper summarizes the automation approach of the driverless vehicle concept and its modular realization within the four demonstration vehicles to be built by the consortium. On-board each vehicle, this comprises sensor modules for environment perception and modelling, motion planning for normal driving and safe halts, as well as the respective control algorithms and base functionalities like precise localization. A control room and cloud functionalities provide off-board support to the vehicles, which are additionally addressed in this paper

A Taxonomy to Unify Fault Tolerance Regimes for Automotive Systems: Defining Fail-Operational, Fail-Degraded, and Fail-Safe

This paper presents a taxonomy that allows defining the fault tolerance regimes fail-operational, fail-degraded, and fail-safe in the context of automotive systems. Fault tolerance regimes such as these are widely used in recent publications related to automated driving, yet without definitions. This largely holds true for automotive safety standards, too. We show that fault tolerance regimes defined in scientific publications related to the automotive domain are partially ambiguous as well as taxonomically unrelated. The presented taxonomy is based on terminology stemming from ISO 26262 as well as from systems engineering. It uses four criteria to distinguish fault tolerance regimes. In addition to fail-operational, fail-degraded, and fail-safe, the core terminology consists of operational and fail-unsafe. These terms are supported by definitions of available performance, nominal performance, functionality, and a concise definition of the safe state. For verification, we show by means of two examples from the automotive domain that the taxonomy can be applied to hierarchical systems of different complexity.Comment: 12 pages, 4 figures, 1 table, accepted to appear in IEEE Transactions on Intelligent Vehicle