Browse Topic: Safety critical systems

Items (394)
Find
ALLOY WHEEL RIM LINEAR CRASH VALIDATION WITH BENCH LEVEL TEST PROCEDURE2026-26-05741/16/2026
Crash test plays a very crucial role in determining the passenger safety along with driver safety in most modern vehicles. This has become a prominent factor for many buyers to choose a safe car. During crash test, many components tend to fail. Amongst them, the major safety critical component which hampers the drivability of a vehicle is Wheel and Tyre Assembly. With the introduction of low aspect tyres, the failure rate of these assemblies has increased. A very high importance is given to ensure these parts withstand the subjection load as it is directly related to function of vehicle. Many methods are available to test the Wheel and Tyre assembly to ensure they pass the crash criteria. We have developed a novel test method which can simulate the crash pattern in the rig/bench level. The method employs a mechanical actuator which can be operated at designated load application to ensure the assembly undergoes the anticipated failure. The process is repeated with different types of
Medaboyina, HarshaVardhanSingh, Ram KrishnanSUNDARAM, RAGHUPATHIJithendhar, Ashokan
A Centralized Framework for Sustaining Safety-Critical Vehicle Systems Through Periodic Servicing2026-26-00031/16/2026
As vehicles are becoming more complex, maintaining the effectiveness of safety critical systems like adaptive cruise control, lane keep assist, electronic breaking and airbag deployment extends far beyond the initial design and manufacturing. In the automotive industry these safety systems must perform reliably over the years under varying environmental conditions. This paper examines the critical role of periodic maintenance in sustaining the long-term safety and functional integrity of these systems throughout the lifecycle. As per the latest data from the Ministry of Road Transport and Highways (MoRTH), in 2022, India reported a total of 4.61 lakh road accidents, resulting in 1.68 lakh fatalities and 4.43 lakh injuries. The number of fatalities could have been reduced by the intervention of periodic services and monitoring the health of safety critical systems. While periodic maintenance has contributed to long term safety of the vehicles, there are a lot of vehicles on the road
HN, Sufiyan AhmedKhan, FurqanSrinivas, Dheeraj
Reducing Risk in Safety Critical Systems through Early Safety Case Development and Dialectic Arguments2026-26-00441/16/2026
The rapid evolution of modern automotive systems—powered by advancements in autonomous driving, and connected vehicle technologies— pose fundamental challenges to design and integration. Ensuring the safety of these highly interconnected, software-driven systems, with the widespread reuse of components across platforms. This growing complexity calls for a more structured and rigorous approach to safety assurance than traditional methods. Traditional safety cases tend to take a linear, justification-focused approach that mainly focuses on positive assertions —statements of compliance or success—while giving limited attention to potential weaknesses, or gaps in supporting evidence. This practice may lead to criticism that such arguments are “too positive,” portraying an overly optimistic view of system safety without sufficiently acknowledging areas of unresolved risk. As a result, conventional approaches for developing safety case may overlook complex interactions, assumptions, and
Kumar, AmrendraBagalwadi, SaurabhMcMurran, Ross
Powering the Future: Addressing Power Architecture bottlenecks in Next Gen Automotive Platforms.2026-26-06881/16/2026
As the automotive industry moves from conventional function oriented embedded ECU-based systems to Code-driven system, the core electrical and electronic (E&E) architecture is also being redesigned to support more software-driven functionality. Modern and centralized architectures promise scalability and software-driven flexibility, but they also introduce significant challenges in power distribution-an area that remains underexplored despite its critical role in overall vehicle safety and performance. Our paper aims at the adoption of the traditional power distribution approach for Next Gen vehicle architecture. It requires a fresh look at how power is distributed. In a novel E&E architecture, a single power harness supplies battery voltage to each zone. If there's a failure or voltage drop, it can affect multiple functions within that zone at once, and management of voltage regulation, thermal dissipation, and EMI/EMC compliance becomes crucial. Adding to the complexity, safety
Borole, AkashCHAKRA, PIPUNWarke, Umakant
SEooC-Based Design Framework for Integrated EV Power Conversion Systems under ISO 26262 Compliance2026-26-01921/16/2026
The rapid integration of electric vehicle (EV) power conversion elements—such as traction inverters, onboard chargers, and DC-DC converters—into unified architectures poses new challenges for ensuring functional safety compliance as per ISO 26262. This paper presents a system-level framework that leverages the Safety Element out of Context (SEooC) approach to design and validate reusable safety-critical components independent of vehicle-specific applications. By defining clear assumptions of use and ASIL decomposition strategies, the proposed method facilitates early-stage fault analysis and verification. The framework integrates model-based development with Hardware-in-the-Loop (HIL) testing and formal verification techniques to validate both control logic and hardware behavior under diverse fault injection scenarios. The result is a scalable, standards-compliant methodology that reduces time-to-market and enhances reliability in integrated EV power electronics platforms. The work
Uthaman, SreekumarMulay, Abhijit BGadekar, Pundlik
Advancing Automotive Radar Characterization: OTA HIL Testing for Enhanced ADAS Safety2026-26-00431/16/2026
The increasing demand for reliable Advanced Driver-Assistance Systems (ADAS) and autonomous driving technologies necessitates the precise validation of automotive radar sensors. Traditional on-road testing, while effective, presents challenges such as limited repeatability, high costs, and safety concerns. To address these limitations, this paper introduces an Over-the-Air (OTA) Hardware-in-the-Loop (HIL) methodology for radar characterization, providing a controlled and repeatable lab-based validation approach. This methodology enables dynamic testing of key radar parameters, including range estimation, angle of arrival measurement, Doppler velocity analysis, and object detection accuracy. The proposed setup supports diverse testing scenarios, such as variable target distances, relative speeds, multiple object simulation, and environmental effects, ensuring a comprehensive evaluation of radar behaviour under complex and safety-critical conditions. Through OTA testing, developers can
Jadhav, TejasKarle, UjjwalaPaul, HarshitSNV, Karthik
Shaping the Future of Mobility with Innovative Power Tailgate Testing Solutions2026-26-04731/16/2026
Abstract With increasing demand for automation and user convenience in modern vehicles, Power Operated Tailgates (POT) have become standard in premium and mid-segment cars. However, validating such systems—comprising electronic control units (ECUs), sensors, actuators, and mechanical components poses significant challenges in safety, reliability, and cost. This paper introduces a Hardware-in-the-Loop (HiL) based validation framework that allows comprehensive, automated, and safe testing of POT systems without depending on full vehicle prototypes. The HiL platform integrates Real Time Hardware and Real Time software with dynamic models to simulate real-world behaviors. It enables automated validation of normal and fault scenarios—such as open/close commands, anti-pinch protection, voltage sensitivity, and communication errors—ensuring robust system performance. The proposed framework accelerates development, improves test coverage, and supports early fault detection, making it a
More, ShwetaGHANWAT, HemantShetti, SurajJape, AkshayKulkarni, ShraddhaJagdale, Nitin
Analysis and Verification of Safety-Critical TSN NetworksF-0081-2025-00335/20/2025
Time-Sensitive Networking (TSN) is an emerging technology that has garnered popularity among the US DoD and others for its deterministic properties while using flexible, ubiquitous Ethernet as its core. However, individual TSN devices will support the TSN features of only some of the vast array of amendments and extensions that make up the full IEEE 802 TSN standards. This functional and modular approach offers great flexibility, but it also increases the complexity of network planning, analysis, verification, etc. as well as potentially leading to unexpected emergent behavior that must be addressed before a TSN network can be truly said to be qualified for use with safety-critical systems. Using industry experience gained certifying other deterministic networks to DO-254 and DO-178C Design Assurance Level A (DAL-A) and applying it to the analysis, testing, and validation of a deterministic TSN Ethernet digital backbone offers a roadmap for overcoming these challenges. Such an approach
Finnegan, DanielZischka, WolframSoares, Alvaro
SAE TOMORROW TODAY: How AI Alignment Makes AVs Safer134951/10/2025
In order for AVs to perform safely and reliably, we need to teach them the language of human preference and expectations--and accelerating AI alignment can do just that. Enter Kognic, the industry-leading annotation platform for sensor-fusion datasets (e.g., camera, radar, and LIDAR data). By helping companies gather, organize, and refine massive datasets used for training AI models, Kognic is helping to ensure that AD/ADAS perform reliably and meet safety standards--all while minimizing costs and optimizing teams. To learn more, we sat down with Daniel Langkilde, Co-Founder and CEO, to discuss why the future of autonomous driving depends on effectively managing AI-driven datasets and how Kognic is leading dataset management for safety-critical AI. We'd love to hear from you. Share your comments, questions and ideas for future topics and guests to podcast@sae.org. Don't forget to take a moment to follow SAE Tomorrow Today--a podcast where we discuss emerging technology and trends in
Hineman, Marcie
TSN-Based Zonal Architecture for Digital BackboneF-0080-2024-12185/7/2024
Modern aircraft have an established need for a high-performance, open standards solution to interconnect increasing number of digital components including sensors, actuators, controllers, processors, displays and data concentrators. The aircraft can be envisioned as a distributed system requiring highly available, reliable, and deterministic communication network - often termed as digital backbone - for safe operation. This paper introduces a new zonal architecture for aerospace onboard networks using Time-Sensitive Networking (TSN). TSN is an open standard based deterministic Ethernet solution for mission and safety critical networks in aerospace industry that truly meets the Modular Open Standards Approach (MOSA) requirements. This paper also presents a reference implementation of the proposed digital backbone architecture using commercial-off-the-shelf hardware from multiple vendors. Experimental data from laboratory evaluation shows stability, performance, and reliability that
Jabbar, AbdulJanakaraj, Prabhu
Airworthiness Certification of Ethernet-Based Networks as a SystemF-0080-2024-10875/7/2024
To this point in aviation history, a typical aircraft type certification program has focused on the constituent systems that make up the aircraft, decomposing them further and further down until reaching their elemental parts and how they interact. This approach has traditionally treated the actual communication technology as only an interface, with technology and implementation based on a decision between multiple stakeholders via an ICD and high-level requirements. This has been necessary to ensure the accurate and on-time delivery of safety-critical data between nodes. When using legacy point-to-point or bus-based data communication technologies like ARINC 429 or MIL-STD-1553, this approach has worked well enough as these technologies are relatively straightforward and proven technologies. However, as onboard bandwidth needs for safety-critical data increase, these legacy technologies are increasingly no longer capable of meeting the needs of system integrators. Ubiquitous, high
Mustillo, MichaelFinnegan, DanielZischka, Wolfram
Fault-Tolerant Electric Actuation: A Condition to Make Electric Platforms CertifiableF-0080-2024-12425/7/2024
The paper deals with the status of development and qualification/certification of electromechanical actuation for Helicopters and VTOL applications with the focus on aspects relevant to the Fault-Tolerance. In particular a linear Electromechanical Actuator (EMA) architecture is presented, derived from a fault tolerant ballscrew-based differential (speed-summing arrangement) actuation system patented by UMBRAGROUP S.p.A. The focus is on safety-critical and high reliability/availability requirements for electromechanical actuation certification. The main characteristic is the use of two independent mechanical actuation channels in the same envelope driven by independent Motor Control Electronics (MCEs). At the state of the art, the presented fault-tolerant architecture is under development in flight-critical swashplate application for eVTOL platform and under feasibility study in flight-critical swashplate application for CS27 platform.
Biagetti, FrancescoPelliccia, StefanoMalleret, FredericBorgarelli, Nicola
Development of India specific biaxial test cycle for fatigue testing of wheel rims and wheel hub bearings for Heavy Commercial Vehicles2024-26-03221/16/2024
Wheel rims and wheel hub bearings are critical components of Heavy Commercial Vehicle (HCV) suspension systems and are subjected to extensive fatigue loading throughout their operational life. Actual loading conditions on wheels are a combination of radial loads (vertical loads) and cornering loads (lateral loads) acting simultaneously and are directly influenced by payload and road conditions. Currently for Indian usage, there are test guidelines only for separate uniaxial Radial Fatigue Test (RFT) and Cornering Fatigue Test (CFT) for wheel rims which might not represent realistic combined loading conditions, and no generic guidelines are available for testing of wheel hub bearings. There is a biaxial test guideline defined for European usage scenario, but no guidelines defined for Indian usage scenario. Thus, there was a need to define test guidelines for biaxial fatigue testing of wheel rims and wheel hub bearings, based on data acquired for Indian roads and usage conditions, which
Thorat, Omkar A.Bakal, Nikhil R.Kuwar, Virendra S.Pawar, Prashant R.Shinde, Vikram V.
A methodology to create limit sample definition for part level evaluation of rubber hoses to optimize the testing requirement2024-26-03841/16/2024
Various countries all around globe are adopting usage of alternate fuel to reduce dependency on fossil fuel in automotive application, to curb fast depleting fossil fuel and rising concerns of deteriorating air quality due to vehicular emissions. Govt. of India also took a big leap to switch over from 10% Ethanol blend gasoline (E10) to 20% Ethanol blend (E20) gasoline to improve air quality, boost farmers income by converting farm produce to ethanol and reduce imported crude oil dependency of nation. Fuel system components are safety critical parts and functional loss like leakage can lead to safety hazard. In general, sample preparation at worst conditions is done to evaluate system robustness. Need of the hour was to develop E20 compatible parts within limited span of time to meet government timelines. To develop an automotive fuel hose suitable to higher ethanol blend, fluorinated, carbon-based synthetic rubber, also known as FKM rubber as an inner material of fuel hose was planned
BAGGA, RAJATRawat, MohitKUMAR, ABHIJEETPal, Kiran
Simulation Based Validation of Battery Structural Integrity for Mechanical Abuse as per AIS 1562024-26-02421/16/2024
Battery is one of the safety critical systems in EV. As the number of EVs increases, battery safety becomes an important task to avoid any mishap during its use, as even small accidents may slow down the adaptation of EVs. Automotive environment being one of the harshest operating environments, it is important to ensure both mechanical and electrical safety of the battery pack. Li-Ion batteries are most popular among traction batteries, due to their high energy density, long life, and fast charging capabilities. But mechanical damage, overtemperature, short-circuit, etc. may lead to battery thermal runaway, causing a major accident. Mechanical abuse of battery can be one of the reasons that may lead to the damages mentioned above, eventually causing thermal runaway in batteries. That’s why all major battery safety standards have requirements for vibration and mechanical shock tests. In this paper, we will be developing a methodology to evaluate the structural integrity of a battery
Dandge, SunilMahamuni, AmeyaSevda, GauravH, RajeshKumar, RavindraMahajan, Rahul
Certification Aspects of Explainable Artificial Intelligence in Aerospace2022-26-12345/26/2022
Aviation industry foresees future of air transportation will significantly benefit from autonomous technologies. However, autonomous technologies are not easily monitored and manageable by traditional means. Emerging technologies such as Artificial Intelligence (AI) could be a major enabler on this front, but the regulators perceive AI based systems as opaque models and have challenges in terms of explainability and trustworthiness forcing the regulators and industry to develop new certification standards and guidelines for AI systems with special emphasis on the trustworthiness and explainability. This paper attempts to discuss possible guidance on certification aspects of explainable AI/ML systems in aerospace industry. This paper also provides insights on different techniques of AI Explainability (XAI) and its importance in safety critical systems certification. Keywords: Artificial Intelligence, Explainable AI (XAI), Safety critical systems, Trustworthiness, Certification
Sudalaimani, NagarajanParamasivam, PrameelaKumar, ShashiShrivastava, Rupali
Approaches for AI/ML Based Airborne Systems Compliance2022-26-12245/26/2022
Abstract—Technologies such as Artificial Intelligence (AI) encompassing Machine Learning (ML), Deep Learning (DL) techniques have proved to be a game changer in multiple domains including aerospace. The avionics systems are becoming more complex, as software content continues to grow, pushing the cost of certification higher. The non-transparent nature of AI/ML systems further adds to this complexity which, throws new challenges in certification of safety critical systems. It is difficult to verify AI/ML design and to explain or interpret the behavior during the operation. This paper attempts to discuss simpler approach of showing compliance to AI/ML systems with the existing ARP4761, ARP4754A, DO178B/C, DO-254, and EASA/FAA guidelines. Further, this paper provides possible references and aids to evaluate the AI/ML based systems in aerospace. Keywords—Artificial Intelligence (AI), Machine learning (ML), Deep learning (DL), EASA, FAA, Compliance, Safety Critical System.
Paramasivam, PrameelaKumar, ShashiShrivastava, RupaliSudalaimani, Nagarajan
A Framework for Teaching Safety Critical Control and Artificially Intelligent Systems to Undergrads2022-26-12235/26/2022
There is a need to teach systems to the undergrad and graduate levels in colleges. Efforts are being made by industry, academia, and professional societies to join hands to bridge the gap. The students require examples to get their “hands dirty” on an actual system. Many of the aerospace examples are not available in the open domain as they are considered proprietary. The world is going toward Artificial Intelligence. Though AI has been used in aerospace industry for optimization for quite some time, certification of AI systems in the safety critical control domain are still not very popular. Experiments on such system are required to clearly understand the testing and safety aspects of deploying such systems. This paper looks at an environmental control system which has enough complexity to merit an industry level attention but is again simple enough to be understood by the students. This is a physics model. Simulation runs from this physics model is used to train a Neural Network
Jeppu, YoganandaRaman, Ramakrishnan
AI deep learning-based bird detection for UAM and aircraft2022-26-12285/26/2022
Abstract - Safety of flight during takeoff, flight and landing is one of the important considerations for airborne vehicles. Bird strike is defined as a collision between a bird and aircraft during takeoff, flight and landing of airborne vehicles. When bird strike happens, it can result in damage to aircraft structure and loss of thrust which impacts safety of flight. The nature of aircraft damage can differ depending on the size of the aircraft. For smaller aircrafts, it can result in penetration into flight deck windscreens or damage to control surfaces. In case of larger aircraft, it can result in hazardous effects because of engine ingestion. Many deep learning algorithms have evolved for object detection and classification in the recent years. You Only Look Once [YOLO] and single shot detector [SSD] are top two state of art object detection algorithms that are extensively used in real world applications. The Xilinx® Deep Learning Processor Unit (DPU) is a programmable engine
K, Mythri
Requirements to code review bot for safety critical software2022-26-12375/26/2022
Development of any safety critical software applications such as in the aerospace industry needs to comply to specific standards (DO178) to meet airworthiness requirements. This standard is normally applicable to all airborne systems and equipment. As such, the software development needs to perform certain verification activities to comply to the standard objectives. One of the verification activities is the source code inspection of review to check the implementation meets the specification captured in the form of requirements and other aspects such as coding style guidelines and documentation example, indentation used in code, sufficient comments or notes in the code files etc. Generally, this activity is carried out manually supplemented by tools which are deployed to check errors and standards in the code by means of static analysis and practices such as test-driven development (TDD), wherein, the testing and analysis is done prior to the reviews. However, software quality still
Hossain, ShadabTaggarsi, Bhavana MohanKameshwari Prasad Dev, M
Investigating approaches for qualifying virtual testing platforms for automated vehicle certification2022-01-09823/29/2022
The safety validation and verification of Automated Driving Systems (ADS) represent a difficult challenge for regulators. Evaluating the performance of an ADS under diverse and complex conditions becomes prohibitive for conventional physical testing. Automotive safety experts are therefore proposing to complement the traditional physical testing with virtual testing to evaluate the performance of ADS in a comprehensive and cost-effective way for a wide range of traffic scenarios. Virtual testing is particularly suited to test ADS under safety critical scenarios that would be difficult and/or unsafe to reproduce on test tracks or public roads. While virtual testing has obvious advantages over the traditional track and real world testing approach, there is a need to ensure that the virtual ADS test results are accurate, representative and can provide confidence in the safety of the ADS, an area which has been less explored. The verification of virtual testing is also required to assess
Anctil, BenoitKhastgir, SiddarthaZhang, JasonBurns, PeterJennings, Paul
AV/ADAS Safety Critical Testing Scenario Generation from Vehicle Crash Data2022-01-01043/29/2022
This research leverages publicly available crash data to construct safety critical scenarios focusing primarily on level 3 autonomous driving systems (ADS) safety assessment under highway driving conditions. NHTSA’s Crashworthiness Data System (CDS) has a rich dataset of a representative crashes of varying fatalities randomly sampled from across the country. Each of these datasets includes the storyline, road geometry information, detailed description of actors involved in the crash, weather information, scene diagrams, crash images and a myriad of other crash specific details. The methodology adopted aims to generate critical scenarios from real-world driving to complement the existent regulatory tests for validation of L3 ADS. For this work, a four-step approach was adopted to extract safety critical scenarios from crash data. Firstly, development of a methodology to filter crash cases relevant to the scope and download pdf files, and numerical crash data from the CDS website. Then
Kibalama, DennisTulpule, PunitChen, Bo-Shian
Comparison of sensing modes for stray-field-immune magnetic angle sensors2022-01-07573/29/2022
Magnetic angle sensors play a major role in engine control, steering, and numerous other automotive applications like pedal, wipers and gear shift position sensing. With vehicle electrification, these sensors are increasingly exposed to parasitic magnetic stray fields. When shielding is not an option, a differential scheme is an alternative, where the sensor responds to magnetic field gradients. Two such schemes were previously introduced to reject stray fields to some degree. For these two modes, there are engineering trade-offs between the key performance parameters (noise, thermal drift, angular range). Often, these trade-offs are misunderstood by sensor users. This paper investigates these trade-offs by comparing the two stray-field-immune magnetic sensing modes. We use a single programmable integrated sensor supporting both modes for a direct comparison. The integrated sensor is designed for safety critical automotive applications. Two independent dies are integrated in the same
Lefebvre, ChristopherMazzilli, FrancescoLaville, ArnaudBidaux, YvesClose, Gael
Durability Validation for Variable Vehicle Usage2022-01-02953/29/2022
Durability engineering for vehicles is about relating real operational loading to the actual strength of the product and its components. In the first part of this presentation, we show how to calculate failure probabilities and safety factors based on the load and strength distributions. We discuss the uncertainty within the estimations, which is considerably large in case of extremely small failure probabilities as required for safety critical components. In the second part, we focus on modelling and simulating the loads based on real vehicle usage, such that the resulting statistics allows to understand and quantify the usage variability. The idea is, to simulate thousands of vehicle life spans of, say, 300.000 km or 15.000 h of operation each. The input data for such simulations typically consists of a combination of geographic data (like road network, topography, road conditions, traffic data, and points of interest) and properly segmented rich data from measurement campaigns. The
Dressler, Klaus
Improved Run Time Error Analysis using Formal Methods for Automotive Software – Improvement of Quality, Cost Effectiveness and Efforts to Proactive Defects Check2021-26-04599/22/2021
Quality is what determines success or failure. If products are not error-free, reliable and robust, customers will be put off. Criticism is inevitable. Bosch is focusing on this theme and taking appropriate action to improve the quality of automotive software developed for Combustion Engines. Runtime errors most often refer to issues that appear during the execution of a program like array out of bounds and illegally dereferenced pointer. They are important to detect as they may cause critical safety, security or business operation concerns. They can potentially cause the critical systems of high-integrity applications to fail, leading to disastrous results and they have been blamed as the root cause of system failure in high-profile examples in automotive software. This has resulted in identifying run-time error detection as critical field of interest where safety-critical embedded software has to satisfy stringent quality requirements by all contemporary safety standards where no run
Anandapadmanabhan, Isvaria
Memory Partitioning in AUTOSAR Compliant Functional Safety Projects2021-26-00149/22/2021
In automotive systems that include one or more electrical and/or electronic (E/E) systems, it’s imperative that utmost care is given to the functional behavior at all times so as to reduce the probability of their malfunctioning. As there is a probability that the deviation can result in harm, adherence to ISO-26262 is mandatory. One such important safety requirement is Freedom From Interference(FFI). FFI for memory (mainly volatile memory- RAM) is under focus here. The intention is to prevent corruption/unintended modification of safety critical data (ASIL- A,B,C or D) by QM components. In automotive domain, the increasing complexity of modern vehicles and especially their E/E systems has made strides towards AUTOSAR projects, making them prevalent. This paper presents a method to partition RAM memory in such AUTOSAR projects, by activating the Memory Protection Unit(MPU) using the AUTOSAR configuration tool. The partitioned software can thus help achieve FFI, adhering to Functional
G, VenkateshUppara, Vamsi Krishna
Software Robustness Verification Framework (SRVF): Validating the Critical Software Module2021-26-04819/22/2021
With the advancement of inbuilt electronics and intelligent controls, automotive and other industries are looking at efficient usage of ECUs with intelligent electronic modules and more of critical functions implemented by software. Robustness of the software involved is always critical to the ECUs health, so software engineers are tasked to ensure the same by following right development and validation life cycle. Enabling the multiple decision by single software module makes verification & validation challenging, complex and time consuming. To insure the robustness of these software module, the predictable verification & validation process, which is followed by most of the industries, deals with specific standard if it is safety critical application to aid test coverage with respect to dynamic responses & function associated. Hence iterative verification & validation approach against the gaps/fixes identified during unit level, model-in-loop, hardware-in-loop & system integration test
Pandey, VikasKadekodi, PravinBhatarkar, Gajanan ShrawanManohar, Ruchita
Guide for Installation of Electrical Wire and Cable on Aircraft Landing GearAIR4004A (Current)8/9/2021
Recent field experience has indicated significant problems with some types of wire and cables as routed on aircraft landing gear. This SAE Aerospace Information Report (AIR) is intended to identify environmental concerns the designer should consider, materials that appear to be most suitable for use in these areas, routing, clamping, and other protection techniques that are appropriate in these applications. In recent years aircraft certification regulatory agencies introduced new regulations regarding Electrical Wiring Interconnection Systems (EWIS) to further enhance safety of the associated systems and aircraft overall.
A-5B Gears, Struts and Couplings Committee
Coalesce of Artificial Intelligence into ADAS Hardware-In-the-Loop Testing2021-01-01934/6/2021
Automotive industry is inclined towards connected, comfortable, environment friendly, efficient and smarter systems. Advanced Driver Assist System (ADAS) technology assist drivers to achieve a safer as well as better ride by automation and improvisation of the vehicular systems. With the advent of ADAS system, there is a significant focus not only in the development of Electronic Control Units (ECUs) and its features to cater to the emerging market but also on the information that could be displayed to meet the functional as well as safety requirements. This ADAS information display ensures timely notification to the driver with unique alerts that can be acoustic or visual. These systems should be tested thoroughly to ensure reliability as failures may impose severe risk on the OEM. Hardware in the loop testing has been largely adopted by industry against manual testing in lieu of the testing constraints imposed by the latter. This paper discusses on the existing test methods for ADAS
Krishnamoorthy, BharathiNammalwar, GiriWulf, TorstenPazhur, Nandini
Putting Safety of Intended Functionality SOTIF into Practice2021-01-01964/6/2021
The increase of autonomy demand in the automotive industry made the usage of AI models inevitable. However, such models introduce a variety of threats to automobile safety and security. ISO/PAS 21448 SOTIF is a safety standard that is designed to deal with risks due to non-electrical and non-electronic failures. In this paper we put SOTIF into practice. In our work we introduce a conceivable safety critical scenario that targets the lane keep assist function. We use the suggested modelling techniques in the SOTIF standard to analyze the scenario and extract the trigger event. In result, we propose a contextual based predictive ML model to monitor the intervention between the driver and lane keep assist system. Our approach followed the SOTIF verification and validation guidelines. Empirically, we use a real safety critical scenario dataset as well as an augmented dataset. Our results show a high precision/recall values that exceed 90% by an increase of more than 150% in f1 score
Abdulazim, AmrElbahaey, MoustafaMohamed, Abduallah
AS6021 Aerospace Fiber Optic Cable Assembly Drawing SpecificationAS6021A (Current)12/29/2020
This SAE Aerospace Standard (AS) defines the items that shall be considered when creating a fiber optic cable assembly specification and source control drawing intended for installation on aerospace platforms.
AS-3 Fiber Optics and Applied Photonics Committee
AS6021 Aerospace Fiber Optic Cable Assembly Drawing SpecificationAS6021A-TEST-REC (Historical)12/29/2020
This SAE Aerospace Standard (AS) defines the items that shall be considered when creating a fiber optic cable assembly specification and source control drawing intended for installation on aerospace platforms.
AS-3 Fiber Optics and Applied Photonics Committee
Candidate Improvements to Dedicated Short Range Communications (DSRC) Message Set Dictionary [SAE J2735] Using Systems Engineering MethodsJ3067_202010 (Current)10/6/2020
This document is not a standard, it is a candidate for a standard being submitted to SAE for their consideration as a comment to SAE J2735. The term SAE J2735 SE candidate is used within this document to refer to this submission. This document specifies dialogs, messages, and the data frames and data elements that make up the messages specifically for use by applications intended to utilize the 5.9 GHz Dedicated Short Range Communications for Wireless Access in Vehicular Environments (DSRC/WAVE, referenced in this document simply as “DSRC"), communications systems. Although the scope of this Standard is focused on DSRC, these dialogs, messages, data frames and data elements have been designed, to the extent possible, to be of use for applications that may be deployed in conjunction with other wireless communications technologies. This standard therefore specifies the definitive message structure and provides sufficient background information to allow readers to properly interpret the
V2X Communications Steering Committee
Protecting Patients and Their Data from Cyberattacks Aimed at Their Connected Health DevicesTBMG-373578/1/2020
The security of connected health technology is often assumed to exist when it does not, or considered to be prohibitively expensive or complex, or, worst of all, relegated to an afterthought. This is dangerous thinking, especially as the industry increasingly moves to a smartphone-based command-and-control model for these safety-critical applications.
Development Software Handles High-Integrity Space ApplicationsTBMG-372117/1/2020
AdaCore New York, NY
Q&A20AUTP06_126/1/2020
The sensor arrays that currently reside on the roofs of development mules will be hidden from view on future production vehicles. But how to conceal them without affecting their safety-critical performance? This design and engineering challenge, along with the growing trend toward larger, multifunction interior and exterior displays, is driving new polycarbonate solutions at Covestro, which was spun off from Bayer Materials Science in 2015. For insights into this new family of materials, editor Lindsay Brooke spoke with Paul Platte, a mechanical engineer by training who now is part of Covestro's marketing team.
On Perception Safety Requirements and Multi Sensor Systems for Automated Driving Systems2020-01-01014/14/2020
One major challenge in designing SAE level 3-5 Automated Driving Systems (ADS) is to define requirements for the perception system that would enable argumentation for safe operation. The safety requirements on the perception system can only be fulfilled through redundancy in the sensor hardware. It is, however, a challenge to specify the redundancy that is required in the sensor system. Safe operation for an ADS is significantly more difficult compared to advanced driver assistance systems (ADAS). The safety argumentation for ADAS typically argues that in case of a failure in the sensor array a fail-silent behavior is acceptable because the human driver can take control of the vehicle back. This argumentation however is not possible when developing level 4 or higher automation. This paper investigates prerequisites for applying a systematic methodology for analyzing redundancy in a multi-sensor system and the relation to a conceptual ADS functional architecture. This analysis must
Cassel, AndersBergenhem, CarlChristensen, Ole MartinHeyn, Hans-MartinLeadersson-Olsson, SusannaMajdandzic, MarioSun, PengThorsén, AndersTrygvesson, Jörgen
Virtual Switches and Indicators in Automotive Displays2020-01-13624/14/2020
This paper presents recent advances in automotive microprocessor, operating system, and supporting software technology that supports regulatory and/or functional safety graphics within vehicle cockpit displays. These graphics include “virtual switches” that replace physical switches in the vehicle, as well as “virtual indicators” that replace physical indicator lights. We discuss the functional safety design process and impacts to software and hardware architecture as well as the software design methods to implement End-To-End [E2E] network protection between different ECUs and software processes. We also describe hardware monitoring requirements within the display panel, backlighting, and touch screen and examine an example system design to illustrate the concepts.
Rush, Scott
Runtime Active Safety Risk-Assessment of Highly Autonomous Vehicles for Safe Nominal Behavior2020-01-01074/14/2020
Fatal crashes involving automated driving systems, has been raising the concern of minimum standard requirement for safety, reliability and performance required for Autonomous Driving System (ADS)/Advanced Driver Assistance System (ADAS) before this cutting-edge technology takes on public roads. Hence, in order to ensure necessary safety requirements of ADS/ADAS systems we propose a runtime active safety assurance module known as SConSert. SConSert performs dynamic risk assessment of “Sensing, Planning and Action module of ADS/ADAS”; to provide minimal risk maneuver in any given driving scenario. The dynamic risk assessment of ADS/ADAS system is based on the operational design domain (ODD) knowledge of the driving scenario plus the sensor capability, ADS/ADAS algorithm requirement and capability, and finally smooth and collision free maneuver requirement. So, the main concept behind SConSert is runtime derivation of situational and conditional set of contracts for a given driving
Rathour, Swarn SinghIshigooka, TasukuOtsuka, SatoshiMARTIN, RAUL
A Safety and Security Testbed for Assured Autonomy in Vehicles2020-01-12914/14/2020
Connectivity and autonomy in vehicles promise improved efficiency, safety and comfort. The increasing use of embedded systems and the cyber element bring with them many challenges regarding cyberattacks which can seriously compromise driver and passenger safety. Beyond penetration testing, assessment of the security vulnerabilities of a component must be done through the design phase of its life cycle. This paper describes the development of a benchtop testbed which allows for the assurance of safety and security of components with all capabilities from Model-in-loop to Software-in-loop to Hardware-in-loop testing. Environment simulation is obtained using the AV simulator, CARLA which provides realistic scenarios and sensor information such as Radar, Lidar etc. MATLAB runs the vehicle, powertrain and control models of the vehicle allowing for the implementation and testing of customized models and algorithms. Real-time simulation and connectivity with external components are obtained
Appel, MatthewOruganti, Pradeep SharmaAhmed, QadeerWilkerson, JaxonSekar, Rubanraj
Replacement of a 50cc Two-stroke Engine with an Electric Powertrain2019-32-06231/24/2020
As global regulations look to create a dramatic reduction in CO2 emission and other forms of pollution, companies with products that rely on engine technology must be ready to take on the electrification challenge. Applications that remain using two-stroke engine technology continue to exist due to their very high power density requirements. However, their history of higher pollution compared to four-stroke engines makes them a target to be regulated out of existence. Such high power two-stroke applications include high performance off-road motorcycles. In this type of product, electrification can solve not only pollution challenges but market challenges, such as ridership and public perception. By addressing the core problems presented by the two-stroke engine and turning challenges into opportunity, a strong attraction is created to convert a two-stroke engine motorcycle to an electric vehicle. With Automotive electric vehicle technology paving the way, the basis for cost effective
Beeker, Jesse
HEAT SEEKERS20AUTP02_011/1/2020
While engineers debate the use of thermal-imaging sensors for ADAS, their capability and value are being proven for AVs of all levels. What specific sensor types will comprise the advanced driver-assistance systems (ADAS) of the 2020s? That's a controversial subject among engineers who are developing SAE Level 2 and 3 (and the so-called “L2+”) ADAS sensing suites for new vehicles. Many of them believe that visible-light cameras fused with radar will suffice to deliver the object-identification accuracy, redundancy-and cost effectiveness-that OEMs and the driving public expect of ADAS-equipped vehicles. But a case is building for additional sensing capability, particularly for automatic emergency braking (AEB) and pedestrian-detection. Those safety-critical functions currently rely on camera-radar inputs to “see” ahead. They enable the vehicle to react to a range of scenarios-from stalled traffic on a highway to humans and animals suddenly appearing in the road. (In Michigan alone
Brooke, Lindsay
Software Applications for the Control and Management of the Amine Swingbed ExperimentTBMG-3526510/1/2019
The Swingbed software applications provide for the control, command, fault detection, fault recovery, and telemetry monitoring aspects of the Amine Swingbed experiment. These software components are the Swingbed Loader Computer Software Configuration Item (CSCI), the Swingbed Control Module, and the Swingbed Ground Controller applications. As a whole, the Amine Swingbed experiment provides a means for investigating the removal of carbon dioxide from the International Space Station (ISS) crews’ breathing environment via a system of a vacuum-regenerated amine pressure swing absorption reaction beds. Its development and deployment aboard the ISS as an Express Rack pay-load serves to advance the use of the amine-based pressure swing absorption technology towards a level of technology readiness suitable for use in future space transportation systems, where the use of consumables for the removal of carbon dioxide from the breathable environment is not desirable.
Flight ComputerTBMG-351149/1/2019
Abaco Systems Huntsville, AL 866-652-2226
The Navigator19AVEP09_029/1/2019
No trust in AI systems without data protection When people surround themselves with microphones and cameras, others will be listening and watching. This reality shouldn't come as a surprise, but remarkably it does. The advent of automated driving will dramatically expand this activity. In fact, it is already creating controversy. At its core is the challenge of training so-called artificial intelligence systems. As human children, we learn in large part through the guidance we get from parents, teachers and other caregivers. AI systems are no different. They ingest data and “learn” from it. But just as children must be shown the difference between red and green, a circle and a square, or A and Z, machine learning systems need data that has been labeled.
Spotting Objects Amid ClutterTBMG-351649/1/2019
A new MIT-developed technique enables robots to quickly identify objects hidden in a three-dimensional cloud of data, reminiscent of how some people can make sense of a densely patterned “Magic Eye” image if they observe it in just the right way.
Technique Makes Objects Invisible to Image Detection SystemsTBMG-349028/1/2019
Adversarial techniques were developed that can make objects “invisible” to image detection systems that use deep-learning algorithms. These techniques can also trick systems into thinking they see another object or can change the location of objects.
Accelerated Secure Boot for Real-Time Embedded Safety Systems11-02-01-00037/8/2019
Secure boot is a fundamental security primitive for establishing trust in computer systems. For real-time safety applications, the time taken to perform the boot measurement conflicts with the need for near instant availability. To speed up the boot measurement while establishing an acceptable degree of trust, we propose a dual-phase secure boot algorithm that balances the strong requirement for data tamper detection with the strong requirement for real-time availability. A probabilistic boot measurement is executed in the first phase to allow the system to be quickly booted. This is followed by a full boot measurement to verify the first-phase results and generate the new sampled space for the next boot cycle. The dual-phase approach allows the system to be operational within a fraction of the time needed for a full boot measurement while producing a high detection probability of data tampering. We propose two efficient schemes of the dual-phase approach along with calibratable
Nasser, Ahmad M.K.Gumise, WonderMa, Di
Headset Controls: Empowering Disabled People with a Software Tool SuiteTBMG-348147/1/2019
NOW Technologies is a close-knit, dedicated team of professionals working to help people with disabilities to live an independent life. Based in Budapest, Hungary, and founded in 2014, NOW Technologies works closely with injured and disabled users and with medical and rehabilitation professionals. Their requirements and feedback are pivotal to ensure that their products are not only safe but are also sufficiently intuitive to require the least amount of training possible.
Automating Criteria Evaluation in Safety-Critical Avionic SystemsF-0075-2019-147305/13/2019
As the complexities of avionic systems increase, our system-level verification methods have remained stagnant. New requirements are added with each iteration of design, impacting the level of testing needed for full test coverage, while hardware or software updates require verification testing that transcends its predecessors. At Triumph Integrated Systems, (Triumph), DO-178 B/C level A formal qualification testing requires several engineer reviewers to verify a system works as intended. Generally, it takes a week or less to execute a test and gather data, but several weeks to evaluate said test. There is opportunity for improvement in this system. This paper describes how Triumph Engine Control Systems' Automated Criteria Evaluation (ACE) takes the test case review process time and reduces it effectively. ACE is intended to replace one human reviewer using MathWorks® based programing, which breaks down natural criteria language for interpretation and evaluation. ACE aims to increase
Singh, RamandeepGiobbi, Analise
Items per page:
1 – 50 of 394