Periodic Reporting for period 2 - ArchitectECA2030 (Trustable architectures with acceptable residual risk for the electric, connected and automated cars)
Período documentado: 2021-07-01 hasta 2022-06-30
Development in electric, connected, and automated (ECA) vehicle driving technology leads to a paradigm shift in transportation systems, user experience, mode choices, and business models. Automated driving technology is progressing with advancements in electronic components and systems (ECS) and increased verification, validation, and testing requirements to provide increased safety and reliability.
To be accepted by drivers and other stakeholders, automated vehicles must be reliable and significantly safer than today's driving baseline. Consequently, there is a strong need for independent and reproducible validation of automated vehicles even though they have to deal with non-deterministic elements.
The vision of ArchitectECA2030 is to provide a harmonized pan-European validation framework enabling mission-oriented validation of ECS for electric, connected, and automated (ECA) SAE L3 to L5 vehicles to improve reliability, robustness, safety, and traceability.
The ArchitectECA2030 goals are to manage failure modes, uncertainties, and failure probabilities, propagating through the entire ECA vehicle stack consisting of on-board HW, on-board SW, off-board SW and data, development, and validation methodologies, to support hazard identification, risk analysis, and sufficient risk mitigation.
To develop a widely agreed homologation framework, comprised of harmonized methods, tools, and processes able to handle dynamic requirements (e.g. new scenarios, untested events, online traffic data etc.) provided by the in-vehicle monitoring device, to ultimately design safe, secure, and reliable ECA vehicle with a well-defined, quantified, and acceptable residual risk across all ECS levels. The residual risk relies on the failure risks of every single semiconductor, electronic component, subsystem, and system used to build ECA vehicles.
Propose, align, and develop a concept for an in-vehicle monitoring device, which can indicate and measure the health status and possible degradations of the functional electronics and electronic systems, enabling predictive diagnosis, maintenance and reconfiguration of embedded software.
Bring together the representative stakeholders from the ECS industry, standardization and certification bodies (Europe, US, Asia), governments, test field operators, and academia in tight interaction with the lighthouse initiative Mobility.E and its LIASE group to influence emerging standards, validation and homologation procedures for ECA vehicles and contributing to the emerging UL 4600 which is based on ISO 26262 and ISO/PAS 21448 (SOTIF).
To be accepted by drivers and other stakeholders, automated vehicles must be reliable and significantly safer than today's driving baseline. Consequently, there is a strong need for independent and reproducible validation of automated vehicles even though they have to deal with non-deterministic elements.
The vision of ArchitectECA2030 is to provide a harmonized pan-European validation framework enabling mission-oriented validation of ECS for electric, connected, and automated (ECA) SAE L3 to L5 vehicles to improve reliability, robustness, safety, and traceability.
The ArchitectECA2030 goals are to manage failure modes, uncertainties, and failure probabilities, propagating through the entire ECA vehicle stack consisting of on-board HW, on-board SW, off-board SW and data, development, and validation methodologies, to support hazard identification, risk analysis, and sufficient risk mitigation.
To develop a widely agreed homologation framework, comprised of harmonized methods, tools, and processes able to handle dynamic requirements (e.g. new scenarios, untested events, online traffic data etc.) provided by the in-vehicle monitoring device, to ultimately design safe, secure, and reliable ECA vehicle with a well-defined, quantified, and acceptable residual risk across all ECS levels. The residual risk relies on the failure risks of every single semiconductor, electronic component, subsystem, and system used to build ECA vehicles.
Propose, align, and develop a concept for an in-vehicle monitoring device, which can indicate and measure the health status and possible degradations of the functional electronics and electronic systems, enabling predictive diagnosis, maintenance and reconfiguration of embedded software.
Bring together the representative stakeholders from the ECS industry, standardization and certification bodies (Europe, US, Asia), governments, test field operators, and academia in tight interaction with the lighthouse initiative Mobility.E and its LIASE group to influence emerging standards, validation and homologation procedures for ECA vehicles and contributing to the emerging UL 4600 which is based on ISO 26262 and ISO/PAS 21448 (SOTIF).
The second year of the ArchitectECA2030 project was dedicated to further sharpen the stated vision and mission of the project focusing on generating a project identity in terms of a big picture. The big picture highlights all interrelationships between the five supply chains and their linked demonstrators accordingly.
In that sense, the big picture concept strongly supports the targeted reference homologation process as well as the developed hierarchical monitoring device (MonDev) concept across all ECS layers.
Besides, the big picture:
• highlights partner cooperation across companies and even countries,
• depicts we know how to work together,
• enables cross partner results maximize impact, and
• stimulates cross partner activities especially relevant for standardization activities.
Furthermore, so called demonstrator key cards were introduced addressing several key aspects in parallel like:
• catch stakeholders with a harmonized representation of the key results,
• show role of the demonstrators within the entire project and within the hierarchical monitoring device concept,
• show key answers for typical stakeholder questions proactive in advance,
• key source for dissemination and exploitation (impact) of technological results,
• show how we work together across demonstrators and supply chains,
• essential source for hierarchical monitoring device concept - big picture, and
• basis for valuation activities in WP6 with respect to the specified requirements of WP1.
In that sense, those introduced key cards also act as a road map for all demonstrators until the project end. Besides the overall project related aspects, the second project year was dedicated to achieve the targeted main technological developments within the demonstrators and linked supply chains to create key exploitable results to maximize the impact. All gained lessons learned and related user stories gathered during the design, development, verification and validation of the targeted demonstrators enabled to speed up the standardization activities and the development of the targeted reference homologation process, validation framework concept as well as the residual risk evaluation. Finally, all partners collaborated to speed-up and strengthen the dissemination and communication activities promoting our technological achievements.
In that sense, the big picture concept strongly supports the targeted reference homologation process as well as the developed hierarchical monitoring device (MonDev) concept across all ECS layers.
Besides, the big picture:
• highlights partner cooperation across companies and even countries,
• depicts we know how to work together,
• enables cross partner results maximize impact, and
• stimulates cross partner activities especially relevant for standardization activities.
Furthermore, so called demonstrator key cards were introduced addressing several key aspects in parallel like:
• catch stakeholders with a harmonized representation of the key results,
• show role of the demonstrators within the entire project and within the hierarchical monitoring device concept,
• show key answers for typical stakeholder questions proactive in advance,
• key source for dissemination and exploitation (impact) of technological results,
• show how we work together across demonstrators and supply chains,
• essential source for hierarchical monitoring device concept - big picture, and
• basis for valuation activities in WP6 with respect to the specified requirements of WP1.
In that sense, those introduced key cards also act as a road map for all demonstrators until the project end. Besides the overall project related aspects, the second project year was dedicated to achieve the targeted main technological developments within the demonstrators and linked supply chains to create key exploitable results to maximize the impact. All gained lessons learned and related user stories gathered during the design, development, verification and validation of the targeted demonstrators enabled to speed up the standardization activities and the development of the targeted reference homologation process, validation framework concept as well as the residual risk evaluation. Finally, all partners collaborated to speed-up and strengthen the dissemination and communication activities promoting our technological achievements.
In contrast to other domains, such as aviation or railway, safety integrity level (SIL) levels higher than ASIL D (SIL-3) are not state of the art in the automotive domain. In that respect, ArchitectECA2030 strives to provide a commonly accepted framework as a basis for the certification of "mobility as a service", thus closing the current certification gaps.
Expected results of the project are: first, a concept for "in-vehicle monitoring device" that indicates and measures a) the health status of functional electronics and electronic systems, b) possible degradation of the functional electronics and electronic systems c) enabling predictive diagnosis, maintenance, and reconfiguration of embedded SW. Second a Framework for the verification and validation of automated vehicles with Level 3+ capabilities covering an extensive analysis, quantification, and reduction of the residual risk by combining different simulation methods covering different validation aspects. Third, enable a structured and focused communication towards the various stakeholders inside and outside of the project to define standardized methods for safety-critical metrics and suggest criteria for evaluating the completeness of test programs for automated vehicle operation.
The introduced demonstrator key cards (see previous section) are designed to transparently outline all relevant key information linked to the demonstrators related to the four technological supply chains.
In that sense the demonstrator key cards include:
• the main aim,
• the state-of-the-art,
• the beyond state state-of-the-art / innovation elements,
• the link to objectives and key targets,
• the link to the MonDev layers,
• the setup including the benchmark scenario/mission together with the validation KPIs and corresponding baseline,
• the evaluation platform including the current status and next steps,
• the main technological impact,
• and the used standards together with future standardization potentials.
Expected results of the project are: first, a concept for "in-vehicle monitoring device" that indicates and measures a) the health status of functional electronics and electronic systems, b) possible degradation of the functional electronics and electronic systems c) enabling predictive diagnosis, maintenance, and reconfiguration of embedded SW. Second a Framework for the verification and validation of automated vehicles with Level 3+ capabilities covering an extensive analysis, quantification, and reduction of the residual risk by combining different simulation methods covering different validation aspects. Third, enable a structured and focused communication towards the various stakeholders inside and outside of the project to define standardized methods for safety-critical metrics and suggest criteria for evaluating the completeness of test programs for automated vehicle operation.
The introduced demonstrator key cards (see previous section) are designed to transparently outline all relevant key information linked to the demonstrators related to the four technological supply chains.
In that sense the demonstrator key cards include:
• the main aim,
• the state-of-the-art,
• the beyond state state-of-the-art / innovation elements,
• the link to objectives and key targets,
• the link to the MonDev layers,
• the setup including the benchmark scenario/mission together with the validation KPIs and corresponding baseline,
• the evaluation platform including the current status and next steps,
• the main technological impact,
• and the used standards together with future standardization potentials.