Core Concepts
An expert-driven framework for online monitoring of an automated vehicle's capabilities based on a Bayesian Network representation of the system's architecture.
Abstract
The paper presents an expert-driven framework for online capability monitoring of automated driving systems. The key steps are:
Deriving a directed acyclic graph (DAG) that captures the relationships between the quality of system elements across different architectural views (capability, functional, logical).
Parameterizing a Bayesian Network based on the DAG structure using Fuzzy Logic to represent expert knowledge about the interdependencies.
Observing technical measurements at runtime to infer the quality of the system's capabilities through the Bayesian Network.
The framework is demonstrated in the context of an urban example scenario for the longitudinal motion control of a UNICARagil automated vehicle. The capability monitor is able to infer the quality of the vehicle's capabilities, such as "accelerate", "decelerate", and "estimate motion", by propagating quality information through the Bayesian Network. The authors show how the inferred capability quality can be used to support the vehicle's runtime decision making, e.g., by eliminating maneuvers that the vehicle is not capable of performing safely.
The expert-driven approach is proposed as a practical first step, acknowledging the need for more objective, data-driven methods to model the complex interdependencies in future work. The framework aims to address the challenge of ensuring the safe operation of automated vehicles by enabling them to be aware of their own capabilities at runtime.
Stats
The standard deviation of the vehicle's horizontal position estimated by the localization filter is used as a quality measure for the "estimate motion" capability.
The voltage level of the power electronics is used as a quality measure for the powertrain units contributing to the "accelerate" and "decelerate" capabilities.
Quotes
"A decline in system health at runtime (e.g., due to degradations or failures of hardware components) as well as performance insufficiencies are expected to inhibit the system from realizing the required capabilities and hence the specified behavior."
"Nolte et al. [11] argues that the selection of technical variables for monitoring should be based on capability-level requirements that are formulated with respect to the system's desired behavior."