In order to guide a vehicle to the destination of a driving mission, various tasks shall be performed. These tasks include tactical and strategic planning of the driving mission and longitudinal and lateral vehicle motion control.
Driver assistance systems support a human vehicle driver in performing these tasks. If faults occur in these systems, the vehicle driver is informed of the system limitations and shall take over the control of the vehicle.
This fallback to a human driver is not an option in automated vehicles.
If system limitations occur in these vehicles, a automated fallback level shall take over vehicle control. The automated driving system shall therefore be fail-safe. Fail-safe means that when faults occur, the automated driving system no longer has any function to perform a driving mission, but shall maintain the vehicle in a safe state and transition the vehicle into a Minimal Risk Condition (MRC). For this purpose, a situation-dependent MRC is selected. It is characterized by the global MRC concerning the length of the maneuver and the residual risk of the MRC itself. For the research project UNICARagil, the concept Safe Halt is proposed. This concept is intended to satisfy the requirements mentioned above. In the state of the art, an evaluation of this concept had not been included. This missing evaluation is performed in this thesis. The concept relies on pre-planned implicit emergency trajectories generated by a planning module.
A unique concept feature is an independent environment perception system to ensure the Minimal Risk Maneuver (MRM) up to the MRC. Based on the pre-planned implicit emergency trajectory and the data of the independent environment perception system, Safe Halt plans trajectories up to the MRC.
Thus, with this concept, even in the presence of failures to the environment perception system and to the strategic and tactical planning of an automated driving system, the safe state can be maintained, and the vehicle can be transitioned to a MRC. A methodology is presented to evaluate the concept of Safe Halt. For this purpose, the fault tolerance regimes of an automated vehicle are defined. Next, a reference implementation for Safe Halt is provided. For this, requirements for a Safe Halt in a generic automated driving system are identified first. These are supplemented by specific requirements from the application in the UNICARagil automated driving system. Finally, concepts and a synthesized reference solution are created for a Safe Halt in the UNICARagil ADS. The solution is verified with test criteria and test cases. A final evaluation of the Safe Halt concept shows a high effectiveness for the size of the subset of fault combinations of an automated driving system for which Safe Halt enables a fail-safe property.
The requirements for Safe Halt are verified, and the specific requirements are met by the reference solution. The concept Safe Halt is thus suitable for an automated driving system to maintain a safe state. Validation of the concept in public road traffic is recommended
