The Sandbox: the AVSandbox knowledge hub

The Sandbox knowledge hub discusses many of the crucial issues affecting the development, engineering, use and regulation of Autonomous Vehicles.

AVSandbox | Autonomous Vehicle Simulation

Scroll to explore

The Sandbox | Knowledge Hub | AVSandbox

Self-driving Vehicle Type-approval for Public Roads in EU

The European Commission has released a draft regulation that outlines the legal requirements to obtain the type-approval for CAV operation on public roads. This requires the Safety Case documentation to be approved by a government-appointed regulatory authority in order to attain type-approval.

It is based on principles of candour, blame-free safety culture and open collaboration between parties. Safety is never assured, but it can be fostered. In this setting, even if an accident occurs, a demonstration of full commitment to safety is sufficient for a Due Diligence Defence – the only legal route to protecting a company’s interest in the event of bad luck. However, leaders, that thwart the safety process, may expect criminal liability. The architecture of the legal system resembles nuclear industry regulations, from which we draw our know-how.

Safety Case: Hardware

The core of the Safety Case is an overview of the hardware architecture of the ADS (Automated Driving System) and its integration with the vehicle. It involves sensors, perception, planning and actuation systems, but also the power supply, off-board connections, and auxiliaries – this serves to estimate the system-level failure frequency, as well as identify possible CCF (Common Cause Failures – i.e., a damaged power cable can disable multiple sensors at once).

Safety Case: Software

Moving on to software, the ADS must pass a ‘driver’s license test for robots’, which consists of multiple road scenarios, based on the claimed ODD (Operational Design Domain), which is what the manufacturer claims their AV is capable of. The scenarios are divided into the following classes: nominal, critical and failure. Their architecture and generation ontology is presented in Fig. 1. Interestingly, the list of scenarios is intended to keep changing and growing, as the ADS must be always ready to take on a novel scenario at no notice – just like on the roads.

The Sandbox | Knowledge Hub | AVSandbox

Fig. 1: Architecture of the Scenario Testing. Source: EC type-approval regulation draft.

When it comes to scenario testing, it is impossible to test all of them on public roads or proving grounds. Therefore, in addition, VVV (Virtual Verification & Validation) methods are accepted which employ M&S (Modelling and Simulation) toolchain. The real world modes of testing play an additional role: providing the data to validate the M&S (Modelling & Simulation). The M&S toolchain is then expected to do the legwork, but only after ensuring its relevance to the real world. This involves accurate modelling of all aspects of the vehicle and its physics, including sensors, but also assuring relevance of the weather models, radiation-matter interaction (including rain or dirty sensors), material models, component wear models and even ontology (creation of road-relevant scenarios). Every aspect of the M&S must be validated separately, and the system integration itself must be validated too.

Proving it is Safe

Building the Safety Case is a tremendous amount of work. Claytex operates multi-spectral ultra-realistic simulation, that can operate in Hardware-in-the-Loop mode. As you plug the signal cables to connect your ADS, instead of real sensors, we physically connect to a GPU that emulates the sensor signal, ensuring security of your IP. The signal is indistinguishable from a real sensor. The sensor models are being tested to accurately simulate sensor response to weather, including: rain, spray from wet road, fog, haze, dust, and of course hundreds of various surface materials with their roughness and reflectances. Most importantly, we focus on natural ontology, drawing our scenarios from a pool of tens of thousands of real-world situations recorded. Finally, we are open to collaboration on perfecting our product, because, in this domain, every customer has different needs.

With our present M&S capability, the last remaining challenge is to fulfil the emerging regulation in regard to M&S validation. As we work on the Safety Case delivery process, we are ready to share our safety expertise, working with you, to discharge your legal duty of liability for the AVs operation on public roads.

Written by: Dr Marcin Stryszowski – Lead Engineer

Please get in touch if you have any questions or have got a topic in mind that you would like us to write about. You can submit your questions / topics via: Tech Blog Questions / Topic Suggestion.

The AVSandbox Knowledge Hub

Discover more about what makes AVSandbox unique. Explore our AVSandbox knowledge hub and find out about the issues, challenges and exciting developments that are behind the growth of the market for autonomous vehicles and advanced driver assistance systems.

Go to Top