The active safety control systems of highly automated vehicles for SAE level 3 and higher are still not fully developed and facing some unresolved issues. The deployment of automated driving systems and the functional safety development present challenges in driver – machine control relationship when there is a system failure or malfunction. The current definition of the product development and controllability classes of the road vehicles functional safety (ISO26262) are not feasible in highly automated vehicles (HAV). This research developed an overview of fault or disturbance injection on the steering system of highly automated model to study the impact of steering system sensors malfunction. The approach was to study the fault propagation using a model-based engineering development in a virtual environment of MATLAB. Subsequently, the steering control system of automated vehicle was developed using an adaptive model predictive control structure to study the control system sensors failures on a system-feature level of the vehicle. It was concluded that the steering wheel angle sensor failure has a significant impact on the planned trajectory of the vehicle and thus it was classified as ASIL D, which represents the highest critical safety component and requires comprehensive safety mechanisms to meet the safety goals of the system. The study also introduced a new criterion for controllability classes suitable for highly automated systems based on the global vehicle position relative of the lane marker lines, to deal with the active safety systems and risk handling strategies. The drivers – vehicle control systems are changing significantly in SAE level 3 automated vehicle and above that driving functions are controlled by the vehicle control systems. This presents human factors challenge in this interactive system with moving to SAE levels 4 and 5. Hence, several human machine interfaces and scenario-based testing are introduced to mitigate any risk or safety uncertainty resulting from control handing-over between the driver and the vehicle control system.

中文翻译：

---

高度自动化车辆基于模型的系统故障分析中的故障注入


SAE 3级及更高级别的高度自动化车辆的主动安全控制系统尚未完全开发，并面临一些未解决的问题。自动驾驶系统的部署和功能安全的发展对系统故障或故障时的驾驶员-机器控制关系提出了挑战。道路车辆功能安全 (ISO26262) 的产品开发和可控性等级的当前定义在高度自动化车辆 (HAV) 中不可行。本研究概述了高度自动化模型转向系统上的故障或干扰注入，以研究转向系统传感器故障的影响。该方法是在 MATLAB 虚拟环境中使用基于模型的工程开发来研究故障传播。随后，使用自适应模型预测控制结构开发了自动车辆的转向控制系统，以研究车辆系统特征级别的控制系统传感器故障。结论是，方向盘角度传感器故障对车辆的规划轨迹有重大影响，因此被归类为ASIL D，代表最高的关键安全部件，需要全面的安全机制来满足系统的安全目标。该研究还引入了适用于基于相对于车道标记线的全局车辆位置的高度自动化系统的可控性等级的新标准，以处理主动安全系统和风险处理策略。在 SAE 3 级及以上级别的自动驾驶汽车中，驾驶员 - 车辆控制系统正在发生显着变化，驾驶功能由车辆控制系统控制。 随着转向 SAE 4 级和 5 级，这给该交互式系统带来了人为因素的挑战。因此，引入了多种人机界面和基于场景的测试，以减轻因驾驶员和车辆之间的控制权移交而产生的任何风险或安全不确定性控制系统。