AOS, as one of the very early partners in the Australia and New Zealand Driverless Vehicle Initiative or ADVI, attended this on Thursday 30th May at ARRB’s new headquarters in Fishermens Bend.
ADVI is the peak industry advisory body that services the wide ecosystem of automated vehicle activities across Australia and New Zealand.
The presentation was by Dr David Ward of HORIBA MIRA in the UK. Dr Ward and his team of 30 experts are responsible for training, consultancy and independent safety assessment in the functional safety standard ISO 26262 and other related standards. Dr Ward is the UK principal expert contributing to the international ISO committee responsible for the development of ISO 26262; and the development of the forthcoming standard on cybersecurity engineering ISO/SAE 21434.
AOS is currently developing its Kelpie autonomous ground vehicle for the RAAF. Kelpie is a multi-purpose vehicle, performing both logistics and security roles on air bases. The Kelpie is not designed for carrying passengers, and will operate on air bases where there is some vehicle and pedestrian traffic. It can be considered a Level 4 driverless vehicle.
Dr David Ward presenting at the seminar
Dr Ward introduced ISO/PAS 21448:2019(en) “Road vehicles — Safety of the intended functionality”. This recent ISO standard, referred to as SOTIF, addresses the inability of an autonomous function to correctly comprehend the situation and operate safely; including sensor input variations or diverse environmental conditions. It complements the existing ISO 26262, an automotive-specific international standard focussing on safety critical components, both hardware and software.
AOS’s Kelpie being prepared for testing at Amberley Air Base
AOS has a strong interest in the SOTIF standard approach. The Kelpie’s autonomy capability is built upon AOS’s C-BDI™ multi-agent architecture. The C-BDI release plan is based upon a commercial release in late 2020, with a subsequent development of a DO-178C-compliant version following. However, DO-178C, or ISO 26262, compliance is only part of the story as if the autonomy behaviours are incorrectly captured in the first place, the compliant code will simply implement the wrong behaviours.
The challenge is to ensure that autonomy behaviours are both effective and safe and in the current state-of-the-art this requires an SME, or SMEs, to both understand and review the autonomy behaviours. C-BDI uses a Visual Modelling approach – even though developers would wish to write in the C-BDI language the SMEs (Subject Matter Experts) cannot read this. On the other hand, with training and with the support of an analyst, they can understand the C-BDI graphical plans and determine if the reasoning is correct and safe. The SOTIF standard is highly relevant to this process and will inform AOS’s development of C-BDI and the Kelpie.