Summary

CCAM systems must prove to be reliable in every possible driving scenario, that is building a strong safety argumentation. It is already acknowledged that for higher levels of automation the validation of these systems by real test-driving would be infeasible by conventional methods. Thus, a carefully designed mixture of physical and virtual testing has emerged as a promising approach with the virtual part bearing more significant weight in this mixture (quality of coverage versus quantity of miles) for cost efficiency reasons. Several worldwide initiatives have started to develop test and assessment methods for automated driving functions. These initiatives have already moved from conventional validation approaches to a scenario-based approach and combine different test instances (physical and virtual testing) to avoid the million-mile issue1.

Technological developments evolve rapidly, the initiatives mentioned above provide new approaches to CCAM validation, and many expert groups formed by different stakeholders are already working on CCAM systems’ testing and quality assurance. Nevertheless, the fact that there is a lack of a common European validation framework and homogeneity regarding validation procedures to ensure safety of these complex systems hampers the deployment of CCAM solutions. In this landscape, the standards’ role is paramount in establishing common ground and providing technical guidance2. However, standardising the whole pipeline of AD systems validation and assurance is in its infancy as many of the standards are under development or have been very recently published and still need time to be synchronised and established as common practice.

Scenario databases are another issue tackled by several initiatives and projects3, providing silo solutions. A single concrete approach should be used (at least at the European level), dealing with scenarios of any possible variations, including the creation, editing, parameterisation, storing, exporting, importing, etc. in a universally agreed manner.

Furthermore, validation methods and testing procedures still lack appropriate safety assessment criteria in order to build a robust safety case. These must be set and be valid for the whole parameter space of scenarios. Another level of complexity increases as in a global world we might encounter different approximations per region.

The HEADSTART project4 has explored the state-of-the-art safety validation approaches and procedures to define a common standard methodology for testing, validation and certification, based on consensus building among all CCAM stakeholders. A first concept has been defined in the project using virtual testing, XiL, proving ground testing and field testing, and including Key Enabling Technologies.

Evolving from the achievements obtained in HEADSTART and taking other initiatives as a baseline, it becomes necessary to move to the next level in the concrete specification and demonstration of a commonly accepted Safety Assurance Framework (SAF) for the safety validation of CCAM systems, including a broad portfolio of use cases and comprehensive test and validation tools. Following a common approach will be crucial for present and future activities regarding the testing and validation of CCAM systems, allowing to obtain standardised results, to improve analysis and comparability, hence maximising the societal impact of the introduction of CCAM systems.

Workplan

Building from HEADSTART and other initiatives, SUNRISE will develop and demonstrate a commonly accepted, extensible SAF for the test and safety validation of a varied scope of CCAM systems. This will be achieved by:

• Bringing the needs of heterogeneous CCAM use cases. Different automation levels and types of operation, with (collaborative perception) or without (AD autonomy mode), external V2X clues, in various mixed traffic situations are included.

• Defining a SCDB framework that will broaden the HEADSTART methodology towards a harmonized SAF. This framework will enable the handling of existing databases while preserving the ownership and database access by proposing a federated approach. The federation will allow the scalability of the database framework to integrate future datasets in a seamless manner and will be operational since day 0.

• Holistically addressing the CCAM test scenario generation. The project will deal with the scenario selection from the scenario databases that will be rolled out into the testing toolchain, with strong focus on simulation. Methods for generating variation of scenarios through appropriate parameterization and statistical analysis will be considered towards covering the whole parameter space.

• Preparing the required tools for comprehensive testing (virtual and physical), taking into account robustness, scalability, interoperability, quality and standardization and enabling a common simulation framework integrating functional safety and cybersecurity in the SAF as procedures and methods to be followed.

• Involving the use cases from the initial stages, acting as a guiding principle between the requirements and the different solutions implemented within the project. Demonstrating the SAF applied to different CCAM use cases will provide data-driven evidence for the different stakeholders to support their activities: industry developers, type approval, standardisation bodies, consumer testing associations, etc...

• Fostering and coordinating (international) cooperation with all SAF stakeholders including industry, regulatory bodies, consumer testing associations, SDOs and other relevant groups as e.g. users to increase the impact of the project outputs.

The project scope will include different development paths: automated passenger cars, automated freight vehicles and urban mobility.

This project has received funding from the European Union’s Horizon 2020 Research and Innovation Programme under Grant Agreement number