II III
ABSTRACT
This publication summarizes widely known safety by design and verification and validation (V&V) methods of SAE
L3 and L4 automated driving. This summary is required for maximizing the evidence of a positive risk balance of
automated driving solutions compared to the average human driving performance. There is already a vast array
of publications focusing on only specific subtopics of automated driving. In contrast, this publication promotes
a comprehensive approach to safety relevant topics of automated driving and is based on the input of OEMs, tiered
suppliers and key technology providers. The objective of this publication is to systematically break down safety
principles into safety by design capabilities, elements and architectures and then to summarize the V&V methods in
order to demonstrate the positive risk balance. With Level 3 and 4 automated driving systems still under development,
this publication represents guidance for potential methods and considerations in the development and V&V. This
publication is not intended to serve as a final statement or minimum or maximum guideline or standard for automated
driving systems. Instead, the intent of this publication is to contribute to current activities working towards the industry-
wide standardization of automated driving.
REFERENCED STANDARDS
ISO/PAS 21448:2019 Road Vehicles – Safety of the intended functionality (SOTIF)
ISO 26262:2018 Road Vehicles – Functional safety
ISO/SAE CD 21434 Road Vehicles – Cybersecurity engineering
ISO 19157:2013 Geographic information – Data quality
ISO/TS 19158:2012 Geographic information – Quality assurance of data supply
ISO/TS 16949:2009 Quality management systems – Particular requirements for the application of
ISO 9001:2008 for automotive production and relevant service part organizations
ISO/IEC 2382-1:1993 Information technology – Vocabulary – Part 1: Fundamental terms
ISO/IEC/IEEE 15288:2015 Systems and software engineering – System life cycle processes
© Copyright 2019 by Aptiv Services US, LLC; AUDI AG; Bayrische Motoren Werke AG; Beijing Baidu Netcom Science Technology Co., Ltd; Continental
Teves AG & Co oHG; Daimler AG; FCA US LLC; HERE Global B.V.; Infineon Technologies AG; Intel; Volkswagen AG. All rights reserved.
The document and information contained herein is not a license, either expressly or impliedly, to any intellectual property owned or controlled by
any of the authors or developers of this publication, and license to this document and information should not be considered to be have been made
available to parties receiving and/or reviewing this document and information. The information contained herein is provided on an “AS IS” basis,
and to the maximum extent permitted by applicable law, the authors and developers of this document hereby disclaim all other warranties and
conditions, either express, implied or statutory, including but not limited to, any (if any) implied warranties, duties or conditions of merchantability,
of fitness for a particular purpose, of accuracy or completeness of responses, of results, of workmanlike effort, of lack of viruses, of lack of
negligence. THERE IS NO WARRANTY OR CONDITION OF TITLE, QUIET ENJOYMENT, QUIET POSSESSION, OR NON-INFRINGEMENT.
评论0