Architectural Safety Perspectives & Considerations Regarding the AI-based AV Domain Controller

Providing safety assurance for Automated Vehicle (AV) domain controllers which also complies with the growing list of functional safety standards is a challenging task. Compliance with these norms requires several steps during the safety life-cycle. A system definition is followed by the allocation of functional objectives to architectural elements. The safety analysis then includes the identification of safety goals and respective Automotive Safety Integrity Level (ASIL - injury risk) assessments as required by the desired automation level. Finally, safety mechanisms are included to provide necessary fault coverage and ensure that safe modes and states are reached in the presence of system faults. The focus of this paper is to provide a methodical definition process of a hypothetical AV domain controller architecture. Our proposed process includes an assortment of typical functional objectives and attributes consistent with the Operational Design Domain (ODD) at automation levels 3, 4 and 5. The intent of this paper will be to ensure that the safety goals and requirements are completely and correctly stated at the start of the development process and then propagated accurately to the final design and implementation with-out omission.