Michael J Pont, technical author of PAS 1880, discusses the challenges of developing the PAS and how it can support the design of automated vehicles
1. Regarding PAS 1880, why is the control system so important in automated driving systems?
In an automated driving system (ADS), the control system – working with associated sensors and actuators – provides a replacement for the driver in a human-driven vehicle (HDV) such as a passenger car.
As such, the control system in an ADS represents the central piece of technology that distinguishes an automated vehicle (AV) from an HDV.
2. What is PAS 1880 and how can it benefit manufacturers and developers working on automated vehicles?
PAS 1880 provides a set of guidelines for developers of control systems for AVs.
The two key benefits are:
- Guidance on the key areas that need to be considered during the design of such a vehicle (or a component to be used in such a vehicle)
- Examples of the types of evidence that can be used to demonstrate that the design of an AV / AV component is appropriate for such a vehicle
3. Can you give us an example of how this standard can be used in day-to-day business and working?
PAS 1880 provides guidance on many aspects of AV design including the following:
- the vehicle mission;
- recording the operational design domain;
- identifying the required sensing operations;
- designing the required planning and operations; and
- designing the required vehicle-monitoring operations.
Users are likely to find particular sections of the standard more relevant than others (for example, developers of AV sensors are likely to find Clause 7 most immediately useful).
In most cases, users will then spend some time considering Annex A, which considers sources of evidence. For example, the developer of an AV sensor might refer to Annex A when considering how it will be possible to demonstrate that a design will achieve the level of fault tolerance that is likely to be required in a particular AV system.
4. PAS 1880 doesn’t cover general techniques for achieving functional safety; for this purpose, ISO 26262 or a related standard can be used alongside it. Can you tell us the best way for customers to do this and how it could help their business?
ISO 26262 has a focus on vehicles in which there is a driver present at all times. PAS 1880 has a focus on AVs in which there is no driver present.
PAS 1880 is expected to be used alongside ISO 26262 (or related standards). For example, PAS 1880 provides no information on the design, implementation or testing of the software that is likely to be required in AVs: ISO 26262 provides detailed guidance on such matters.
Treating PAS 1880 as an adjunct to rather than a replacement for current standards means that organizations can make full use of the existing functional-safety skill sets in their team when developing AVs.
5. What were the challenges faced when creating PAS 1880?
The AV field is growing quickly, and it was felt that some form of guidance was required for developers of such vehicles (to act as an adjunct to existing standards, such as ISO 26262). However, guidelines such as PAS 1880 need to build on real world experience and best practice, rather than simply representing interesting research ideas or concepts.
The first challenge that we experienced when writing this PAS was that there are a limited number of AVs in use at the present time from which such ‘best practice’ can be distilled.
To address this challenge, it was recognized from the start of this project that the guidelines presented in PAS 1880 would need to be at a high level, with a focus on areas that need to be considered by developers (rather than attempting to provide specific ‘how to’ guidance in these areas).
Dr Michael J. Pont specializes in the development of safety-related embedded systems using ‘Time Triggered’ (TT) software architectures. After working for more than 20 years in the academic sector, Michael founded SafeTTy Systems Ltd at the end of 2013. Through SafeTTy, Michael and his team help organizations around the world that need to develop safe, reliable and secure products in compliance with international safety standards, such as ISO 26262 and IEC 61508. Several of SafeTTy’s current projects involve autonomous vehicles.