© Copyright Our Wall
As autonomous vehicles (AVs) continue to advance and prepare for commercial deployment, ensuring the safety and security of AV operations should be the top priority for all AV teams. While technology promises to reduce human error in driving, proactive measures are still needed to mitigate risks and protect passengers, pedestrians, infrastructure and data. This guide outlines best practices that AV teams can adopt across different aspects of their operations to maximize safety and security.
Vehicle Safety Systems
A foundational aspect of safe AV operations is the vehicle safety systems themselves. Teams should implement redundant safety systems that can monitor each other for failures or anomalies. Some key systems to focus on include:
Sensing Systems - Redundant camera, lidar and radar setups allow for cross-checking of sensor readings. Teams should establish sensor-fusion techniques to merge data from multiple sensors. Frequently validate sensor calibration and performance against test data.
Computing Systems - Use separate computing modules for perceptual/control functions with regular hardware health checks. Implement safe failovers and watchdogs to catch anomalies. Hardware security modules can protect integrity of safety-critical software/firmware.
Braking and Steering - Redundant braking and steering actuators ensure safety even in single-point failures. Functional safety standards like ISO 26262 help systematically eliminate flaws. Strict validation of controls against edge cases is vital.
Vehicle Network Security - Isolate safety-critical networks from infotainment/passenger networks. Monitor for communication faults or interference that could destabilize controls. Over-the-air updates must undergo rigorous testing.
Incident Detection - Equip vehicles to automatically detect incidents and communicate vital forensic data via fallback telematics. This aids in quick investigations and continuous improvements.
Rigorous System Testing
Comprehensive testing forms the backbone of safe operations. Some aspects teams should systematically test and validate include:
Edge Case Simulation - Thoroughly simulate rare and unexpected scenarios to evaluate software responses before public rollouts. This helps catch flaws.
Hardware-in-the-loop Testing - Continuously test integrated hardware and software systems with high-fidelity simulation environments replicating real-world complexity.
On-road Validation - Gradually expand real-world testing in controlled environments and low-risk geographies to continuously verify functionality and gather edge case data.
Monthly Software/Firmware Audits - Regular in-house and third party security/safety audits help catch vulnerabilities early and drive continuous enhancements.
Operational Design Domain Validation - Clearly define supported operational design domains and re-validate performance whenever domains are expanded.
Comply with Functional Safety Standards - Adhering to industry best practices like ISO 26262 helps systematically eliminate risks during development and operations.
Prioritize issues found during all testing phases for timely resolution. Documentation of edge cases aids continued learning.
Cybersecurity
As AVs become more connected, cyber risks cannot be overlooked. Key actions teams must take include:
Segment On-board Networks - Isolate safety-critical networks from infotainment and passenger-facing interfaces using network segmentation and encryption.
Monitor Network Traffic - Detect anomalies against white-listed traffic patterns using Intrusion Detection Systems. Correlate findings across fleets.
Control Remote Access - Strictly control remote accesspoints and privileges. Enforce multi-factor authentication for repairs/updates.
Secure Over-the-air Updates - Rigorously test updates before deployment using techniques like code signing, fail-safes and rollback options.
Conduct Regular Penetration Testing - Leverage ethical hackers to test attack surfaces and proactively eliminate vulnerabilities like those in supply chains.
Protect Data Privacy - Adopt practices like anonymization, consent frameworks and strict access controls to ensure passenger and driver privacy.
Educate Workforce - Train teams on cyber hygiene practices and how to identify social engineering attempts targeting AV systems or data.
Safety Operations Centers
Centralized monitoring improves safety through real-time issue detection and coordinated incident response. Key capabilities include:
Vehicle Telematics - Continuously monitor vehicle health data, events, locations from telematics units using IoT platforms. Trigger automated diagnostics.
Geofence Monitoring - Enforce safe operating zones and monitor for geofence breaches that violate risk protocols.
Remote Assistance - Dispatch remote agents to render aid via teleoperations or assist with on-site issues like mechanical faults.
Incident Response Coordination - Coordinate between first responders, roadside assistance, fleet operations and engineers to effectively manage incidents.
Blackbox Data Access - Analyze flight recorder-like blackbox data during or post-incident for fail-operational modes and forensic investigations.
Continuously track safety/operational metrics and correlate findings for continuous process improvements. Geospatial tracking helps assess risks for expanding operations.
Driver and Passenger Safety
When AVs operate with passengers, additional protocols become critical:
Driver Monitoring - For AVs operated by safety drivers, continuously monitor alertness/fitness using camera monitoring, biometrics or driver facing cameras.
Passenger Vetting - Validate passenger identities and conduct consent/waiver processes electronically or at pickup to screen for high-risk behaviors/items.
Emergency Procedures - Educate drivers and passengers about onboard emergency equipment like first aid kits or fire extinguishers and procedures to follow during issues.
Access Restriction - Physically restrict access to AV controls with locks, sensors or software measures to prevent non-drivers from interfering with operation.
Crisis Management Training - Train drivers, operations teams on protocols for handling crises like medical emergencies or security threats while the AV is moving to ensure passenger safety.
Passenger Feedback surveys can improve AV and operational safety over time by addressing comfort/experience issues. Clear disclosures of service/risk limitations are also prudent.
Security and Privacy Program
Comprehensive organizational safeguards complement technical security measures:
Threat Modeling - Systematically assess potential threats targeting AVs, infrastructure or data at development and operational stages to prioritize security controls.
Incident Response Planning - Train cross-functional incident response teams with clearly defined roles. Conduct simulated exercises to validate plans.
Supply Chain Risk Management - Assess vulnerabilities introduced by third-party suppliers and partners through audits and contractual obligations.
Classified Asset Management - Maintain strict inventory and access controls over safety-critical assets like firmware, configuration files or private keys used for code signing.
Background Checks - Screen personnel against sanction lists and conduct background/reference validation checks tailored for their roles and privileges.
Data Governance - Establish clear policies governing collection, use, storage, retention and sharing of sensitive operational data or private passenger details.
Conduct Regular Compliance Audits - Audit adherence to security policies, procedures and best practices through a combination of internal assessments and penetration testing by third-party assessors.
The right security culture and ongoing trainings can instill cyber-awareness across the organization and reinforce safe operations. Regularly review programs based on learnings and evolving threat models.
Insurance and Risk Management
Comprehensive insurance and risk management protocols provide a safety net:
Insurance Coverage - Obtain appropriate levels of general liability, cyber, product liability and other specialist insurance that consider maximum pay-out capacities.
Risk Assessment - Methodically assess technical, operational and organizational risks through tools like failure mode effects analysis, bowtie risk assessments and risk register management.
Contingency Planning - Anticipate potential crises scenarios through business continuity and disaster recovery plans across development and operations to sustain activities.
Crisis Communications - Train spokespeople to effectively communicate with regulators, media and public during crises or incidents while continuing to ensure passenger trust.
Event Tracking - Track incidents, near-misses, crashes, bugs, security issues for trend analysis. Use to refine processes, re-evaluate controls and update risk assessments as operations scale.
Safety Metrics - Publicly report key metrics related to issues, miles driven to demonstrate safety progress and oversight approach as services expand.
Proactive management of insurable risks underwrites public trust and long-term viability of AV services.
Safety Culture and Oversight
Finally, prioritizing safety intrinsically requires:
Top Management Commitment - Active support from leadership to allocate required resources and prioritize safety over speed to market or commercialization pressures industry-wide.
Cross-functional Collaboration - Break organizational silos through regular interaction between engineering, operations, legal/policy to holistically address risks.
Data-driven Decision Making - Make policies, protocols and operational changes based on statistically sound safety/incident data analyses, not premature assumptions.
Continuous Learning - Seek feedback from affected groups on identified issues, oversight measures. Foster just safety culture where teams feel empowered to report near-misses without reprisal.
Regulatory Partnerships - Engage proactively with regulators to understand evolving rules, enable data/information sharing and continuously strengthen oversight framework.
Third party Audits - Independent assessments and oversight reinforce robust processes and transparency of activities for building public trust.
Just as safety-critical industries never declare themselves ‘safe’, neither should AV operators rest on achievements. Continuous improvements across technical, operational and cultural fronts are key to realizing the promise of autonomous mobility safely.
Conclusion
Adopting a robust, systematic approach to safety and security as outlined guides AV teams towards prioritizing risk mitigation and oversight from initial concept through scaled operations. No single measure alone can ensure safe operations - it requires
Read Related:- https://www.diigo.com/item/note/apk1m/derc?k=af94ccbd8c7d82b819bd3f26fafcef2f
The Wall