|Article by Elisabeth Uhlemann|
Verifying the performance and correctness of a smart factory is difficult. This is because it is more complicated to verify the functionality of a distributed system than it is to verify a centralized system.
Verifying a distributed heterogeneous system such as a factory is even worse. Now imagine that the distributed heterogeneous system has multiple stakeholders, with different, often competing business models. This is the actual situation for connected autonomous vehicles.
How do we go about verifying that autonomous vehicles are safe enough? How do we verify that cooperating autonomous vehicles are safe enough? Cooperating intelligent transport systems? Smart cities? No matter how good our autonomous vehicles become, at some point or at some level there will be humans in the loop affecting safety in random ways.
When Waymo’s safety driver collided with a motorcyclist because it was trying to avoid a collision with a car, Waymo claimed its self-driving minivan would have acted safer due to having more knowledge about the vehicle’s surroundings. Would it?
Human behavior in traffic depends mainly on the local traffic rules but also a range of other factors, such as previous experience of certain traffic situations, the human trust in the autonomous system, physiological variations in human reaction time, and so on. Although simulations will be a key technology in verifying autonomous vehicle safety, it is difficult to simulate human behavior.
To this end, a set of guidelines or principles for how autonomous vehicles should behave in extreme situations is needed. In normal situations, traffic regulations are generally followed so no extra guidelines should, in principle, be needed.
However, dangerous situations occur when one or more road users break the law. It would not be morally correct to let each original equipment manufacturer (OEM) verify the correctness of their vehicles in each traffic situation because there is always a risk that the business model promotes a scenario where the vehicle saves its buyer over other road users, which ultimately reduces the human trust in the autonomous system.
Safety should be provided regardless of business model.