A System's Perspective Towards an Architecture Framework for Safe Automated Vehicles

Bagschik, Gerrit; Nolte, Marcus; Ernst, Susanne; Maurer, Markus · 2018 · Crossref

DOI: 10.1109/itsc.2018.8569398

archive: archived pipeline: cataloged verified

Get this paper ↗ (DOI — opens at the source; we link to it, we don't host it)

Summary

This paper addresses the challenge of ensuring safety in automated vehicles by proposing a holistic systems engineering approach that integrates behavioral safety into architectural frameworks. The authors argue that current standards, such as ISO 26262, focus primarily on functional safety (hardware and software failures) but neglect behavioral safety, which concerns whether a vehicle behaves safely during normal operation. Because safety is an emergent property that cannot be verified by examining isolated components, the paper advocates for a top-down development process that traces requirements across multiple system viewpoints, including capability-based assessments and functional architectures. The methodology involves deriving behavioral safety requirements from hazard analyses of specific driving scenarios and mapping these requirements into a multi-layered architecture. The authors use an example scenario involving an automated vehicle approaching a pedestrian crossing with occluded pedestrians to demonstrate this process. They define a safety goal (approaching with adequate speed) and a "risk minimal state" (coming to a complete stop) to establish boundaries for safe operation. The approach distinguishes between the static functional system architecture, which represents information flow and component structure, and a dynamic capability-based view, which monitors the vehicle’s actual performance relative to its functional boundaries. This allows for the allocation of behavioral requirements to specific architectural elements, enabling runtime decision-making based on system health and environmental conditions. Key findings highlight the necessity of bridging the semantic gap between abstract driving missions and technical implementations. The study demonstrates that singular architectural viewpoints are insufficient for capturing safety concerns, as they fail to reveal dependencies between performance monitoring and functional execution. By integrating capability monitoring into the functional architecture, the system can assess its own performance—such as detection range, braking capability, and uncertainty in object perception—and adjust its behavior accordingly. The authors show that this integration allows for the explicit modeling of vague terms like "adequate speed" into concrete, traceable technical requirements that account for real-time variables like weather and road conditions. The significance of this work lies in its contribution to a comprehensive safety framework for automated vehicles that complements existing functional safety standards. By treating safety as an emergent property derived from multiple viewpoints, the proposed architecture supports "safety by design" through correctness by construction. This approach enables traceability of safety requirements from high-level behavioral goals down to specific hardware and software components, facilitating a more robust verification process. The paper concludes that such a holistic, capability-based perspective is essential for managing the complexity of automated systems and ensuring that vehicles can operate safely within their defined functional boundaries.

Provenance

The full processing record for this entry. Every stage of this paper's journey through the pipeline is logged — what ran, with which tool and model, how many attempts it took, and when it last completed.

StageOutcomeToolModelPromptAttemptsCompleted
discover success Crossref 1 2026-06-20
archive success unpaywall 2 2026-06-26
extract success pdftotext 2 2026-06-26
clean success clean 1 2026-06-26
chunk success chunk 1 2026-06-26
embed success embed Qwen/Qwen3-Embedding-8B 1 2026-06-26
enrich success openalex 1 2026-06-26
promote success 1 2026-06-20
summarize success llm qwen3.6-27b-prismaquant summ-v5 1 2026-06-26
tag success vector_similarity 6 2026-06-26
verify success 1 2026-06-26

Summary generated by qwen3.6-27b-prismaquant on 2026-06-26; verification: verified.

Topics

Ranked by relevance to this paper. Hover a topic for its definition.

Information type

What kind of knowledge this paper contributes, grouped by family — independent of topic (what it is about) and method (how it was studied).