FAIL OPERATIONAL E/E SYSTEM CONCEPT FOR FUTURE APPLICATION IN ADAS AND AUTONOMOUS DRIVING
|
|
- Raymond Butler
- 5 years ago
- Views:
Transcription
1 FAIL OPERATIONAL E/E SYSTEM CONCEPT FOR FUTURE APPLICATION IN ADAS AND AUTONOMOUS DRIVING Fail Safe Fail Operational Fault Tolerance ISO Hermann Kränzle, TÜV NORD Systems
2 OUR FUNCTIONAL SAFETY CERTIFIED PROGRAM FOR PRODUCT PROCESS MANAGEMENT PERSONNEL FOR VEHICLES INDUSTRY INDUSTRIAL INTERNET IT 2 TÜV NORD Systems
3 FAIL OPERATIONAL VS. FAIL SAFE Theory Fail-operational systems continue to operate when one of their control systems fail. Fail-safe systems become safe when they cannot operate. Fault-tolerant systems avoid service failure when faults are introduced to the system. Fail-secure systems maintain maximum security when they can not operate. in context of the ISO (ISO/DIS:2016) 1 Scope :. ISO addresses possible hazards caused by malfunctioning behavior of safety-related E/E systems, including interaction of these systems functional safety absence of unreasonable risk (3.175) due to hazards (3.72) caused by malfunctioning behavior (3.87) of E/E systems (3.37) Mentioned in 3.40 emergency operation, safe state and in Part 11 3
4 Degree of automation FAIL OPERATIONAL VS. FAIL SAFE 0 Driver only 1 2 ADAS ADS 4
5 MOST SYSTEMS ARE FAIL SAFE Fault occurs Fault detection Fault tolerance time time t Possible hazard. Normal Op. Diagnostic Test Interval Fault Reaction Time Safe state Deactivation or degrade the function leads to a Safe State Including the warning concept Examples Deactivation: Adaptive Cruse control, power train, battery charging Examples Degradation: EP-Steering, Braking ( so far ) 5
6 EFFECT OF FAIL SOS-GOALS Influence of system attributed like availability, reliability, safety and security interference and dependence of safety, fail operational and security requirements (or goals) Non transparency ( state, interconnection and behavior of the system ) Sensitivity interference of results in case of unexpected input change Instability smallest disturbance cause unknown, unwanted behavior of the system Internal dynamics continuous change of the system s state by the system itself without any external influence 6
7 HOW? WHAT ARE THE CHALLENGES? To understand possible system design we have to make a step back to the item definition, HARA and the functional safety concept Item definition is not isolated to the E/E of the vehicles. -> Vehicle System Assumptions to be present (beyond ISO 26262) Presence of the Driver Safe Place Safe State Scenario Degradation Categories (i.e. automated lane change is not allowed any more) Harmonization of the behavior of all ADS (like in airborne application) -> PAS 7
8 EFFECT OF FAIL SOS-GOALS Sensor information (nearly raw) provided by the infrastructure other vehicles vehicle itself Pre processed status and emergency information (X-to- Car) Static and dynamic databases: Static maps Processed and consolidated dynamic information (i.e. traffic information system) Abs. positioning information Satellite and terestric (GPS,WIFI,5G, ) Static ( infrastructure) Environment (. 8
9 Car Sensing Firewall INFLUENCE TO THE SYSTEM DESIGN [ECUs] Firewall Steering[ECUs] ADS [I_ECU] ADS [M_ECU] Radar [ECUs] VMS [ECUs] PTrain [ECUs] 9
10 INFLUENCE TO THE SYSTEM DESIGN Vehicle Sensors Position Static Informati on (DB) Steering, PT Radar GPS WIFI,5G MAPs Systematic Aspect Full performance or estimate degradation category depending on the missing or incorrect input information Systematic Aspect Hardware Design Aspect Full performance or estimate degradation category depending performing of the electronic subsystems or components Car-to Car Position Sensor Status, Emergency 10
11 INFLUENCE TO THE SYSTEM DESIGN Full performance or estimate degradation category depending on the missing or incorrect input information Full performance or estimate degradation category depending performing of the electronic subsystems or components 11
12 SYSTEM DESIGN (FAIL SAFE VS. FAIL OPERATIONAL) S A SG 1 Motor not operating is safe! 0 1 unsafe state! A S 1 S S S A FOG Motor operating is safe! A 0 12
13 SYSTEM DESIGN (FAIL SAFE VS. FAIL OPERATIONAL) S S1 Subsystem 1 S IN CASE OF ERROR -> RECONFIGURATION O R A 2 out of 2 [2oo2] S S2 Subsystem 2 1 out of 2 [1oo2] S S S S1 S2 Subsystem 1 (with supervision) IN CASE OF ERROR -> DEACTIVATION Subsystem 2 (with supervision) A N D A 13
14 OFF_DIAG EN_L_2 SYSTEM DESIGN (FAIL SAFE VS. FAIL OPERATIONAL) CAN µc 1 CAN PWM reset T3 INT ASIC DSP WD PWM DSP PWM CAN S2 CAN S1 CAN WD reset µc 2 EN_L_1 t1 t0 L DIC T2 T1 S2 S1 ST1a ST2a ST1b ST2b O R O R EN_L_1 EN_L_2 L 1 L 2 DIC T2 T1 O R Unsafe state A the only safe state A 14
15 SOME WORDING SIMPLIFIED FOR THE UNDERSTANDING - SPFM [Single Point Fault Metric] the safe portion of the <first fault> (similar idea: IEC > SFF [Safe Failure Fraction] LFM [Latent Fault Metric] the safe portion of the <latent/multi-point fault> multiple-point fault (1.77)[3.96] individual fault that, in combination with other independent faults, leads to a multiple-point failure PMHF[Probability Metric Hardware Fault] - failure rate of the underlying safety goal (dangerous failure) Similar idea: IEC 61508:PFH or in railway: THR 15
16 IN THE CASE OF BOTH.???? The system architecture is a projection of the metrics and the techniques of separating the lambda values. The Safety Mechanism has a different goal detecting fault and react Normally fail safe and fail operational goals are in contradiction More components less availability/reliability For fail operational we need full or nearly full functionality in the case of a fault. SPFM could be manageable but what about LFM? PMHF 2oo2 vs. 1oo2 System What would be the starting point 16
17 POSSIBILITIES IF WE TALK ABOUT ASIL C/D WE NEED A STARTING POINT Diagnostics (SMR) S1 a S1 b S2 a S2 b SubSubsystem 1a IN CASE OF ERROR -> DEACTIVATION SubSubsystem 1b IN CASE OF ERROR -> RECONFIGURATION SubSubsystem 2a IN CASE OF ERROR -> DEACTIVATION SubSubsystem 2b A N D A N D [X] O R preventing latency (SML) We start with the maximum system In this case software is quite important We start finally with a 2* ASIL C/D System -> every one gets a half of the PFHM portion in the case of a fail safe goal / and each has to satisfy the SPFM/LFM For the fail operational goal we use complex voting but we have a system with a lot of components which can fail in a safe way, which is not good for our fail operational requirements. 17
18 INFLUENCE TO THE SYSTEM DESIGN We start with a maximum system configuration what would work Identify critical mechanism Remove, simplify or restructure the subsystems - Step by Step by analyzing the Fail Safe FTA vs. Fail Operational FTA (FTA shall contain the software mechanism) Recalculate the SPFM/LFM/PMHF Reliability / Safety optimization within each of the subsystems. Operation Research can be considered i.e. as Combinatorial Optimization Problem... 18
19 THE MODEL SOME ELEMENTS a binary system function in disjunctive normal form where and the components failure mode with Be A transformation function for failure modes which can be detected by a safety mechanism or are safe due to architectural constraints. Further it can be shown that probability/stochastic distribution can be directly apply in the system function in disjunctive normal form 19
20 THE MODEL A OPTIMIZATION PROBLEM Minimizing the costs Under the further conditions: Which represent the minimum requirements a for SPF and LF Metric according to the underlying ASIL Comply with the PMHF criteria according to the underlying ASIL and in case additional constraints 20
21 NOW WE TRY TO SIMPLIFY THE SYSTEM S1 S2 Subsystem 1 Subsystem 2 V O T E R Diagnostics (SMR) preventing latency (SML) S3 Subsystem 3 2 o o 3 DEPENDING ON THE APPLICATION, WE CAN DO FURTHER REDUCTION 21 S1 S2 a S2 b Main System Subsystem 2a Subsystem 2b (degraded fct.) V O T E R
22 THANK YOU 22
Logic Solver for Tank Overfill Protection
Introduction A growing level of attention has recently been given to the automated control of potentially hazardous processes such as the overpressure or containment of dangerous substances. Several independent
More informationAutomated Driving Systems with Model-Based Design for ISO 26262:2018 and SOTIF
Automated Driving Systems with Model-Based Design for ISO 26262:2018 and SOTIF Konstantin Dmitriev The MathWorks, Inc. Certification and Standards Group 2018 The MathWorks, Inc. 1 Agenda Use of simulation
More informationVirtual Homologation of Software- Intensive Safety Systems: From ESC to Automated Driving
Virtual Homologation of Software- Intensive Safety Systems: From ESC to Automated Driving Dr. Houssem Abdellatif Global Head Autonomous Driving & ADAS TÜV SÜD Auto Service Christian Gnandt Lead Engineer
More informationRadar and Functional Safety technology for advanced driving assistance
Radar and Functional Safety technology for advanced driving assistance Yves Legrand (Freescale Semiconductor) This presentation will describe advanced development in 77 GHz radar technology, enabling smaller
More informationTime Triggered Protocol (TTP/C): A Safety-Critical System Protocol
Time Triggered Protocol (TTP/C): A Safety-Critical System Protocol Literature Review EE382c Fall 1999 Howard Curtis Global Technology Services MCC Robert France Global Software Division Motorola, Inc.
More informationSITRANS SCSC, TCSC. With SIL qualification. Safety Manual
SITRANS SCSC, TCSC With SIL qualification Safety Manual Contents 1 Document language... 3 2 Scope... 4 2.1 Instrument version... 4 2.2 Area of application... 4 2.3 SIL conformity... 4 3 Planning... 5 3.1
More informationSafety Manual VEGATOR 121, 122. With SIL qualification. Document ID: 49221
Safety Manual VEGATOR 121, 122 With SIL qualification Document ID: 49221 Contents Contents 1 Document language... 3 2 Scope... 4 2.1 Instrument version... 4 2.2 Area of application... 4 2.3 SIL conformity...
More informationFiber-optic temperature measurement solves HV challenges in e-mobility Tech Article
Fiber-optic temperature measurement solves HV challenges in e-mobility Tech Article Figure 1: Consistent isolation of the HV environment using FBG technology avoids additional safety measures, qualification
More informationCombining ROS and AI for fail-operational automated driving
Combining ROS and AI for fail-operational automated driving Prof. Dr. Daniel Watzenig Virtual Vehicle Research Center, Graz, Austria and Institute of Automation and Control at Graz University of Technology
More informationSAFE TORQUE OFF FUNCTION - Application Manual -
15W0102B300 SAFE TORQUE OFF FUNCTION - Application Manual - Issued on 04/03/2015 R.00 English This manual is integrant and essential to the product. Carefully read the instructions contained herein as
More informationSafety Manual VEGATOR 111, 112. With SIL qualification. Document ID: 49220
Safety Manual VEGATOR 111, 112 With SIL qualification Document ID: 49220 Contents Contents 1 Document language 2 Scope 2.1 Instrument version... 4 2.2 Area of application... 4 2.3 SIL conformity... 4 3
More informationSafety Manual VEGATOR 121, 122. With SIL qualification. Document ID: 49221
Safety Manual VEGATOR 121, 122 With SIL qualification Document ID: 49221 Contents Contents 1 Document language 2 Scope 2.1 Instrument version... 4 2.2 Area of application... 4 2.3 SIL conformity... 4 3
More informationAN0503 Using swarm bee LE for Collision Avoidance Systems (CAS)
AN0503 Using swarm bee LE for Collision Avoidance Systems (CAS) 1.3 NA-14-0267-0019-1.3 Document Information Document Title: Document Version: 1.3 Current Date: 2016-05-18 Print Date: 2016-05-18 Document
More informationThe Building Blocks of Autonomous Control. Phil Magney, Founder & Principal Advisor July 2016
The Building Blocks of Autonomous Control Phil Magney, Founder & Principal Advisor July 2016 Agenda VSI Remarks The Building Blocks of Autonomy Elements of Autonomous Control Motion Control (path, maneuver,
More informationA SERVICE-ORIENTED SYSTEM ARCHITECTURE FOR THE HUMAN CENTERED DESIGN OF INTELLIGENT TRANSPORTATION SYSTEMS
Tools and methodologies for ITS design and drivers awareness A SERVICE-ORIENTED SYSTEM ARCHITECTURE FOR THE HUMAN CENTERED DESIGN OF INTELLIGENT TRANSPORTATION SYSTEMS Jan Gačnik, Oliver Häger, Marco Hannibal
More informationTesting in the Google car era Are we ready?
Testing in the Google car era Are we ready? Prof. Massimo Violante Politecnico di Torino Dep. of Control and Computer Engineering Nicola Frisco TXT e-solutions Head of Simulation & Training Systems The
More informationUser and Safety Manual ProLine P224xx P1
The Art of Measuring. User and Safety Manual ProLine P224xx P1 English 17 Loop-Powered Isolators/Splitters www.knick-international.com Contents 17 Safety Information 18 Short Description 19 Intended Use
More informationWilliam Milam Ford Motor Co
Sharing technology for a stronger America Verification Challenges in Automotive Embedded Systems William Milam Ford Motor Co Chair USCAR CPS Task Force 10/20/2011 What is USCAR? The United States Council
More informationUsing FMI/ SSP for Development of Autonomous Driving
Using FMI/ SSP for Development of Autonomous Driving presented by Jochen Köhler (ZF) FMI User Meeting 15.05.2017 Prague / Czech Republic H.M. Heinkel S.Rude P. R. Mai J. Köhler M. Rühl / A. Pillekeit Motivation
More informationSAFETY CASES: ARGUING THE SAFETY OF AUTONOMOUS SYSTEMS SIMON BURTON DAGSTUHL,
SAFETY CASES: ARGUING THE SAFETY OF AUTONOMOUS SYSTEMS SIMON BURTON DAGSTUHL, 17.02.2017 The need for safety cases Interaction and Security is becoming more than what happens when things break functional
More informationYour Global Automation Partner. IMX12-DI01 Isolating Switching Amplifier. Safety Manual
Your Global Automation Partner IMX12-DI01 Isolating Switching Amplifier Safety Manual Contents 2 Hans Turck GmbH & Co. KG T +49 208 4952-0 F +49 208 4952-264 more@turck.com www.turck.com Contents 1 About
More informationCalculation of Failure Detection Probability on Safety Mechanisms of Correlated Sensor Signals According to ISO 26262
Published 03/28/2017 Copyright 2017 SAE International doi:10.4271/2017-01-0015 saepcelec.saejournals.org Calculation of Failure Detection Probability on Safety Mechanisms of Correlated Sensor Signals According
More informationCellular-based Vehicle to Pedestrian (V2P) Adaptive Communication for Collision Avoidance
Cellular-based Vehicle to Pedestrian (V2P) Adaptive Communication for Collision Avoidance Mehrdad Bagheri, Matti Siekkinen, Jukka K. Nurminen Aalto University - Department of Computer Science and Engineering
More informationLevel Crossing Test Methodology. Carla Eickmann, Markus Pelz, Michael Meyer zu Hörste (DLR FS)
Level Crossing Test Methodology Carla Eickmann, Markus Pelz, Michael Meyer zu Hörste (DLR FS) Structure Introduction Project context RailSiTe laboratory Implementation of a level crossing Applied approach
More informationTsuyoshi Sato PIONEER CORPORATION July 6, 2017
Technology R&D for for Highly Highly Automated Automated Driving Driving Tsuyoshi Sato PIONEER CORPORATION July 6, 2017 Agenda Introduction Overview Architecture R&D for Highly Automated Driving Hardware
More informationFuture In Radiated Immunity Testing
Future In Radiated Immunity Testing Flynn Lawrence Flynn Lawrence is an Applications Engineer for AR RF/Microwave Instrumentation. At AR, Flynn is actively engaged in new application and product development
More informationVibrating Switches SITRANS LVL 200S, LVL 200E. Safety Manual. Transistor (NPN/PNP) With SIL qualification
Vibrating Switches SITRANS LVL 200S, LVL 200E Transistor (NPN/PNP) With SIL qualification Safety Manual Contents 1 Document language 2 Scope 2.1 Instrument version... 4 2.2 Area of application... 4 2.3
More informationGalileo as an instrument of unification of the European railway transport
Railway Infrastructure Administration Galileo as an instrument of unification of the European railway transport by Hynek Mocek SŽDC, TÚDC - Laboratory of Intelligent Systems Pardubice,, Czech Republic
More informationVSI Labs The Build Up of Automated Driving
VSI Labs The Build Up of Automated Driving October - 2017 Agenda Opening Remarks Introduction and Background Customers Solutions VSI Labs Some Industry Content Opening Remarks Automated vehicle systems
More informationRECOMMENDATION ITU-R M.1310* TRANSPORT INFORMATION AND CONTROL SYSTEMS (TICS) OBJECTIVES AND REQUIREMENTS (Question ITU-R 205/8)
Rec. ITU-R M.1310 1 RECOMMENDATION ITU-R M.1310* TRANSPORT INFORMATION AND CONTROL SYSTEMS (TICS) OBJECTIVES AND REQUIREMENTS (Question ITU-R 205/8) Rec. ITU-R M.1310 (1997) Summary This Recommendation
More informationCOVER STORY. how this new architecture will help carmakers master the complexity of autonomous driving.
COVER STORY Semiconductors NXP ESTABLISHED AND NEW PLAYERS The era of self-driving cars places semiconductor companies at the center of important discussions about standards, methodologies, and design
More informationIsrael Railways No Fault Liability Renewal The Implementation of New Technological Safety Devices at Level Crossings. Amos Gellert, Nataly Kats
Mr. Amos Gellert Technological aspects of level crossing facilities Israel Railways No Fault Liability Renewal The Implementation of New Technological Safety Devices at Level Crossings Deputy General Manager
More informationThe Preliminary Risk Analysis Approach: Merging Space and Aeronautics Methods
The Preliminary Risk Approach: Merging Space and Aeronautics Methods J. Faure, A. Cabarbaye & R. Laulheret CNES, Toulouse,France ABSTRACT: Based on space industry but also on aeronautics methods, we will
More informationNext-generation automotive image processing with ARM Mali-C71
Next-generation automotive image processing with ARM Mali-C71 Chris Turner Director, Advanced Technology Marketing CPU Group, ARM ARM Tech Forum Korea June 28 th 2017 Pioneers in imaging and vision signal
More informationWhite paper on CAR28T millimeter wave radar
White paper on CAR28T millimeter wave radar Hunan Nanoradar Science and Technology Co., Ltd. Version history Date Version Version description 2017-07-13 1.0 the 1st version of white paper on CAR28T Contents
More informationDavid Howarth. Business Development Manager Americas
David Howarth Business Development Manager Americas David Howarth IPG Automotive USA, Inc. Business Development Manager Americas david.howarth@ipg-automotive.com ni.com Testing Automated Driving Functions
More informationIntelligent Transport Systems standardization in ITU. 8-9 October 2018 Detroit Michigan USA
Intelligent Transport Systems standardization in ITU 8-9 October 2018 Detroit Michigan USA : international organization with global presence 5 Elected Officials ~750 Staff from ~80 Countries Membership
More informationITS radiocommunications toward automated driving systems in Japan
Session 1: ITS radiocommunications toward automated driving systems in Japan 25 March 2015 Helmond, the Netherland Takahiro Ueno Deputy Director, New-Generation Mobile Communications Office, Radio Dept.,
More informationCommunication Networks. Braunschweiger Verkehrskolloquium
Simulation of Car-to-X Communication Networks Braunschweiger Verkehrskolloquium DLR, 03.02.2011 02 2011 Henrik Schumacher, IKT Introduction VANET = Vehicular Ad hoc NETwork Originally used to emphasize
More informationADAS Development using Advanced Real-Time All-in-the-Loop Simulators. Roberto De Vecchi VI-grade Enrico Busto - AddFor
ADAS Development using Advanced Real-Time All-in-the-Loop Simulators Roberto De Vecchi VI-grade Enrico Busto - AddFor The Scenario The introduction of ADAS and AV has created completely new challenges
More informationPlatform Independent Launch Vehicle Avionics
Platform Independent Launch Vehicle Avionics Small Satellite Conference Logan, Utah August 5 th, 2014 Company Introduction Founded in 2011 The Co-Founders blend Academia and Commercial Experience ~20 Employees
More informationIntroduction to Systems Engineering
p. 1/2 ENES 489P Hands-On Systems Engineering Projects Introduction to Systems Engineering Mark Austin E-mail: austin@isr.umd.edu Institute for Systems Research, University of Maryland, College Park Career
More informationA Winning Combination
A Winning Combination Risk factors Statements in this presentation that refer to future plans and expectations are forward-looking statements that involve a number of risks and uncertainties. Words such
More informationIQAN-MC3 Instruction book Publ no HY IB/UK Edition
IQAN-MC3 Instruction book Publ no HY33-8001-IB/UK Edition 2014-12-11 Contents 1 Introduction.................................................... 1 Warnings....................................................
More informationMACX MCR-UI-UI-UP(-SP)(-NC)
Configurable 3-way isolating amplifier with safe isolation and wide-range power supply Data sheet 04247_en_02 PHOENIX CONTACT 203-04-0 Description MACX MCR-UI-UI 3-way isolating amplifiers are used to
More informationQosmotec. Software Solutions GmbH. Technical Overview. QPER C2X - Car-to-X Signal Strength Emulator and HiL Test Bench. Page 1
Qosmotec Software Solutions GmbH Technical Overview QPER C2X - Page 1 TABLE OF CONTENTS 0 DOCUMENT CONTROL...3 0.1 Imprint...3 0.2 Document Description...3 1 SYSTEM DESCRIPTION...4 1.1 General Concept...4
More informationMaking your ISO Flow Flawless Establishing Confidence in Verification Tools
Making your ISO 26262 Flow Flawless Establishing Confidence in Verification Tools Bryan Ramirez DVT Automotive Product Manager August 2015 What is Tool Confidence? Principle: If a tool supports any process
More informationSafe protection of railroad critical areas by using radar technology
Safe protection of railroad critical areas by using radar technology Dr. G. Gennaro (1), Ing. F. Pingitore (2), Ing. Enzo Bagagli (3), Ing. Gaetano De Pasquale (4) (1) Intecs S.p.A. - Pisa Polo di Att.
More informationNext-generation automotive image processing with ARM Mali-C71
Next-generation automotive image processing with ARM Mali-C71 Steve Steele Director, Product Marketing Imaging & Vision Group, ARM ARM Tech Forum Taipei July 4th 2017 Pioneers in imaging and vision 2 Automotive
More informationSystems characteristics of automotive radars operating in the frequency band GHz for intelligent transport systems applications
Recommendation ITU-R M.257-1 (1/218) Systems characteristics of automotive s operating in the frequency band 76-81 GHz for intelligent transport systems applications M Series Mobile, radiodetermination,
More informationFinal Report Non Hit Car And Truck
Final Report Non Hit Car And Truck 2010-2013 Project within Vehicle and Traffic Safety Author: Anders Almevad Date 2014-03-17 Content 1. Executive summary... 3 2. Background... 3. Objective... 4. Project
More informationEvaluating Functional Safety in Automotive Image Sensors
TND6233/D Rev. 1, MAY 2018 Evaluating Functional Safety in Automotive Image Sensors Semiconductor Components Industries, LLC, 2017 May, 2018 Rev. 1 1 Publication Order Number: TND6233/D Evaluating Functional
More informationFunctional safety for semiconductor IP
Functional safety for semiconductor IP Lauri Ora Functional Safety Manager, CPU Group NMI ISO 26262 Practitioner s Workshop January 20 th, 2016, Nuneaton Intellectual property supplier s point of view
More informationCoupling unit CM-IVN For expansion of the insulation monitoring relay CM-IWN.x measuring range up to U n = 690 V AC and 1000 V DC
Data sheet Coupling unit CM-IVN For expansion of the insulation monitoring relay CM-IWN.x measuring range up to U n = 690 V AC and 1000 V DC The CM-IVN serves to extend the measuring range of the insulation
More informationAutomotive Control Solution for Brushless DC Motors
Page 1 Automotive Control Solution for Brushless DC Motors TTTech provides solutions for setting up distributed systems with brushless DC motors. Today brushless DC motors are used in a variety of applications.
More informationPressure transmitter SIL-2 DST P92S
Safety guide Pressure transmitter SIL-2 DST P92S ia.danfoss.com Table of contents Contents 1. Introduction... 2 2. General information... 3 2.1 Contact... 3 2.2 Used symbols and format... 3 2.3 Reference...
More informationDevelopment & Simulation of a Test Environment for Vehicle Dynamics a Virtual Test Track Layout.
Development & Simulation of a Test Environment for Vehicle Dynamics a Virtual Test Track Layout. PhD.C. -Eng. Kmeid Saad 1 1 Introduction... 2 2 Vehicle Dynamic Libraries... 3 3 Virtual Driver... 3 4 ROAD...
More informationRun time safety analysis for automotive systems in an open and adaptive environment
Run time safety analysis for automotive systems in an open and adaptive environment Kenneth Östberg, Magnus Bengtsson To cite this version: Kenneth Östberg, Magnus Bengtsson. Run time safety analysis for
More informationCriteria for the Application of IEC 61508:2010 Route 2H
Criteria for the Application of IEC 61508:2010 Route 2H Abstract Dr. William M. Goble, CFSE exida Sellersville, PA 18960, USA wgoble@exida.com Dr. Julia V. Bukowski Villanova University Villanova, PA 19085
More informationModel-Based Design as an Enabler for Supply Chain Collaboration
CO-DEVELOPMENT MANUFACTURING INNOVATION & SUPPORT Model-Based Design as an Enabler for Supply Chain Collaboration Richard Mijnheer, CEO, 3T Stephan van Beek, Technical Manager, MathWorks Richard Mijnheer
More informationMeta-Hearing Defect Detection
Meta-Hearing Defect Detection S20 Specification to the KLIPPEL ANALYZER SYSTEM (QC6.1, db-lab 210) Document Revision 2.0 FEATURES Extension of regular Rub&Buzz detection method for highest sensitivity
More informationFindings of the Artist2 Workshop Beyond Autosar
Findings of the Artist2 Workshop Beyond Autosar Werner Damm OFFIS Acknowledgements This presentation reports on Results of the NoE Artist2, Workshop Beyond Autosar (co-organized with Albert Benveniste,
More informationFrom Safety Integrity Level to Assured Reliability and Resilience Level for Compositional Safety Critical Systems
From Safety Integrity Level to Assured Reliability and Resilience Level for Compositional Safety Critical Systems Abstract: While safety engineering standards define rigorous and controllable processes
More informationCarSim/TruckSim/BikeSim Real-Time Hardware In the Loop Mechanical Simulation Corporation
CarSim/TruckSim/BikeSim Real-Time Hardware In the Loop Mechanical Simulation Corporation www.carsim.com What is Hardware In the Loop (HIL)? Pure Simulation Software In the Loop (SIL) Plant Model Simulation
More informationARGUING THE SAFETY OF MACHINE LEARNING FOR HIGHLY AUTOMATED DRIVING USING ASSURANCE CASES LYDIA GAUERHOF BOSCH CORPORATE RESEARCH
ARGUING THE SAFETY OF MACHINE LEARNING FOR HIGHLY AUTOMATED DRIVING USING ASSURANCE CASES 14.12.2017 LYDIA GAUERHOF BOSCH CORPORATE RESEARCH Arguing Safety of Machine Learning for Highly Automated Driving
More information23270: AUGMENTED REALITY FOR NAVIGATION AND INFORMATIONAL ADAS. Sergii Bykov Technical Lead Machine Learning 12 Oct 2017
23270: AUGMENTED REALITY FOR NAVIGATION AND INFORMATIONAL ADAS Sergii Bykov Technical Lead Machine Learning 12 Oct 2017 Product Vision Company Introduction Apostera GmbH with headquarter in Munich, was
More informationOLA2 Open Loop Amplifier. Installation and Operating Manual Release May 2013
OLA2 Open Loop Amplifier Installation and Operating Manual Release May 2013 1 OLA2 - SAFETY INSTRUCTIONS Read this page carefully before installation and use of the instrument, and follow all instructions
More informationAutomated Testing of Autonomous Driving Assistance Systems
Automated Testing of Autonomous Driving Assistance Systems Lionel Briand Vector Testing Symposium, Stuttgart, 2018 SnT Centre Top level research in Information & Communication Technologies Created to fuel
More informationTable of contents Physical environmental conditions... 12
EN EN EN ANNEX to Recommendation N. ERA-REC-123-2015/REC on amending and recasting Commission Decision 2012/88/EU on the Technical Specification for Interoperability relating to the Control-Command and
More informationReal-Time Systems Hermann Härtig Introduction
Real-Time Systems Hermann Härtig Introduction 08/10/10 Organisation Issues Web-Page http://os.inf.tu-dresden.de/studium/rts/ Subscribe to the mailing list!!! Time 3 SWS: 2 lectures + 1 exercises Thursday,
More informationLEARNING FROM THE AVIATION INDUSTRY
DEVELOPMENT Power Electronics 26 AUTHORS Dipl.-Ing. (FH) Martin Heininger is Owner of Heicon, a Consultant Company in Schwendi near Ulm (Germany). Dipl.-Ing. (FH) Horst Hammerer is Managing Director of
More informationCONSTRUCTION SPECIFICATION FOR PORTABLE TEMPORARY TRAFFIC SIGNALS
ONTARIO PROVINCIAL STANDARD SPECIFICATION METRIC OPSS.PROV 708 November 2016 CONSTRUCTION SPECIFICATION FOR PORTABLE TEMPORARY TRAFFIC SIGNALS TABLE OF CONTENTS 708.01 SCOPE 708.02 REFERENCES 708.03 DEFINITIONS
More informationComparison of Collision Avoidance Systems and Applicability to Rail Transport
Comparison of Collision Avoidance Systems and Applicability to Rail Transport Cristina Rico García, Andreas Lehner, Thomas Strang and Matthias Röckl Institute of Communication and Navigation Page 1 Cristina
More informationLecture 2: Embedded Systems: An Introduction
Design & Co-design of Embedded Systems Lecture 2: Embedded Systems: An Introduction Adapted from ECE456 course notes, University of California (Riverside), and EE412 course notes, Princeton University
More informationCommon Mode Susceptibility of Computers
Common Mode Susceptibility of Computers White Paper #9 Revision 1 Executive Summary This White Paper examines and challenges the claims made in literature regarding the alleged high susceptibility of computers
More informationApplied Collaboration for the Virtualization of Roads and Customer Approval as Exemplified by a Brake Control System
Applied Collaboration for the Virtualization of Roads and Customer Approval as Exemplified by a Brake Control System Sven-Etienne Henschel, Rohan Deshetti Applied Collaboration for the Virtualization of
More informationCoupling unit CM-IVN For expansion of the insulation monitoring relay CM-IWN.x measuring range up to U n = 690 V AC and 1000 V DC
Data sheet Coupling unit CM-IVN For expansion of the insulation monitoring relay CM-IWN.x measuring range up to U n = 690 V AC and 1000 V DC The CM-IVN serves to extend the measuring range of the insulation
More informationBridging Functional Safety Analysis and Software Architecture Assessment Safety scenarios in Architecture Trade-off Analysis Method (ATAM)
Bridging Functional Safety Analysis and Software Architecture Assessment Safety scenarios in Architecture Trade-off Analysis Method (ATAM) Miroslaw Staron Software Engineering Computer Science and Engineering
More informationTeam Autono-Mo. Jacobia. Department of Computer Science and Engineering The University of Texas at Arlington
Department of Computer Science and Engineering The University of Texas at Arlington Team Autono-Mo Jacobia Architecture Design Specification Team Members: Bill Butts Darius Salemizadeh Lance Storey Yunesh
More informationTRB Workshop on the Future of Road Vehicle Automation
TRB Workshop on the Future of Road Vehicle Automation Steven E. Shladover University of California PATH Program ITFVHA Meeting, Vienna October 21, 2012 1 Outline TRB background Workshop organization Automation
More informationOriginal instructions INCA-1 Tina Emergency stop for enclosure installation INCA-1S Tina Safety stop for enclosure installation
Original instructions INCA-1 Tina Emergency stop for enclosure installation INCA-1S Tina Safety stop for enclosure installation ABB AB / Jokab Safety Varlabergsvägen 11, SE-434 39 Kungsbacka, Sweden www.abb.com/lowvoltage
More informationIntelligent driving TH« TNO I Innovation for live
Intelligent driving TNO I Innovation for live TH«Intelligent Transport Systems have become an integral part of the world. In addition to the current ITS systems, intelligent vehicles can make a significant
More informationthe text Article 5(5) of Directive 2008/57/EC is replaced by the text Article 4(5) of
Chapter Chapter EUROPEAN UNION AGENCY FOR RAILWAYS Annex 1 O11REC1O28 Annex 1: Amendments to the technical specification for interoperability relating to the control-command and signalling subsystems of
More informationVolkswagen Group: Leveraging VIRES VTD to Design a Cooperative Driver Assistance System
Volkswagen Group: Leveraging VIRES VTD to Design a Cooperative Driver Assistance System By Dr. Kai Franke, Development Online Driver Assistance Systems, Volkswagen AG 10 Engineering Reality Magazine A
More informationOperating instructions Fail-safe delay timer AZS About this document. Content
8 Appendix 8.1 Wiring example...4 8.2 Integral System Diagnostics (ISD)....5 9 EU Declaration of conformity Operating instructions.............pages 1 to 6 Original x.000 / 11.2017 / v.a. - 101126753-
More informationVirtual Testing of Autonomous Vehicles
Virtual Testing of Autonomous Vehicles Mike Dempsey Claytex Services Limited Software, Consultancy, Training Based in Leamington Spa, UK Office in Cape Town, South Africa Experts in Systems Engineering,
More informationAn Integrated Approach to Requirements Development and Hazard Analysis
An Integrated Approach to Requirements Development and Hazard Analysis John Thomas, John Sgueglia, Dajiang Suo, and Nancy Leveson Massachusetts Institute of Technology 2015-01-0274 Published 04/14/2015
More informationV2X-Locate Positioning System Whitepaper
V2X-Locate Positioning System Whitepaper November 8, 2017 www.cohdawireless.com 1 Introduction The most important piece of information any autonomous system must know is its position in the world. This
More informationOrionBMS Master/Slave Supplement
www.orionbms.com OrionBMS Master/Slave Supplement Document Version 1.1 Master / Slave (Series) Overview As of firmware version v2.4.0, multiple Orion BMS units can be configured to operate together in
More informationUser manual. Load cell with one built in amplifier KOSD-FA KIMD-FA KEND-FA Load cell with two built in amplifiers KOSD-FAD KIMD-FAD KEND-FAD
User manual Load cell with one built in amplifier KOSD-FA KIMD-FA KEND-FA Load cell with two built in amplifiers KOSD-FAD KIMD-FAD KEND-FAD Contents Precautions Intended use General 1 Specification 3
More informationINTERNATIONAL STANDARD
INTERNATIONAL STANDARD IEC 60872-2 First edition 1999-01 Maritime navigation and radiocommunication equipment and systems Radar plotting aids Part 2: Automatic tracking aids (ATA) Methods of testing and
More informationDr. Janos Sztipanovits, DARPA/ITO
Dr. Janos Sztipanovits, DRP/ITO Embedded systems: Information systems tightly integrated with physical processes Problem indicators: Integration cost is too high (40-50%) Cost of change is high Design
More informationDeliverable D1.6 Initial System Specifications Executive Summary
Deliverable D1.6 Initial System Specifications Executive Summary Version 1.0 Dissemination Project Coordination RE Ford Research and Advanced Engineering Europe Due Date 31.10.2010 Version Date 09.02.2011
More informationSPECIFICATIONS SUBJECT TO CHANGE WITHOUT NOTICE
SPECIFICATIONS SUBJECT TO CHANGE WITHOUT NOTICE Notice While reasonable efforts have been made to assure the accuracy of this document, Telit assumes no liability resulting from any inaccuracies or omissions
More informationSWEN 256 Software Process & Project Management
SWEN 256 Software Process & Project Management What is quality? A definition of quality should emphasize three important points: 1. Software requirements are the foundation from which quality is measured.
More informationSENSORS SESSION. Operational GNSS Integrity. By Arne Rinnan, Nina Gundersen, Marit E. Sigmond, Jan K. Nilsen
Author s Name Name of the Paper Session DYNAMIC POSITIONING CONFERENCE 11-12 October, 2011 SENSORS SESSION By Arne Rinnan, Nina Gundersen, Marit E. Sigmond, Jan K. Nilsen Kongsberg Seatex AS Trondheim,
More informationTECHNICAL PRODUCT DATASHEET
FORM-ENG-0018 REV A 06-02-03 ISO 9001 CERTIFIED Phone: (352) 629-5020 or 800-533-3569 Fax: (352)-629-2902 SUITABLE FOR OEM DISTRIBUTION ONLY TECHNICAL PRODUCT DATASHEET High Density PDM 21 Output / 10
More informationChallenges for Qualitative Electrical Reasoning in Automotive Circuit Simulation
Challenges for Qualitative Electrical Reasoning in Automotive Circuit Simulation Neal Snooke and Chris Price Department of Computer Science,University of Wales, Aberystwyth,UK nns{cjp}@aber.ac.uk Abstract
More informationThe ISO Revision: Looking back and into the future
An Advanced Guide to ISO 26262 - ebook : Looking back and into the future Part 2 www.iso26262-conference.com : Looking back and into the future The 5th International Conference ISO 26262 will bring together
More informationAbstract. 1. Introduction
Trans Am: An Experiment in Autonomous Navigation Jason W. Grzywna, Dr. A. Antonio Arroyo Machine Intelligence Laboratory Dept. of Electrical Engineering University of Florida, USA Tel. (352) 392-6605 Email:
More information