DoT Announces 'Voluntary' Self-Driving Vehicle Safety Guidelines

The industry comments will likely shape the upcoming mandatory regulations.
By Ronald E. Quirk

Object and Event Detection and Response
The DoT stresses the need for an Object and Event Detection and Response (OEDR), referring to the detection of the operator or ADS of any unusual circumstances in the course of driving, and system responses to such circumstances. Entities are encouraged to have a documented process for assessment, testing and validation of their ADSs' OEDR capabilities. When an ADS operates within its ODD, the OEDR functions are expected to detect and respond to other vehicles, pedestrians, animals, bicyclists and objects that could affect safe operation of the vehicle.

Fallback (Minimal Risk Condition)
The DoT wants ADS suppliers to document a process for transitioning to a minimal risk condition when either a hazard is encountered, or the ADS cannot operate safely. This means that ADSs should be capable of detecting malfunctions, operating in a degraded state, or outside of its ODD when necessary. The ADS should be capable of immediately notifying the human operators of such problems in a way that enables seamless human control of the vehicle or allows the ADS to return to a minimal risk condition independently.

Validation Methods
ADS designers should develop validation methods to mitigate risks associated with their operations. Testing to demonstrate the competencies that an ADS would perform during normal driving conditions, crash avoidance situations and performance of fallback strategies pursuant to the ODD is necessary. ADS suppliers should work with the DoT and industry standards organizations such as SAE and the International Organization for Standards to develop and update tests and performance criteria for facilities that conduct validation tests.

Human Machine Interface
The DoT encourages the development of flexible human machine interface (HMI) capabilities in all ADSs. One aspect of HMI is the incorporation of driver engagement monitoring (driver awareness and readiness) for cases in which drivers could be involved in driving tasks. This would mainly apply to Level 3 vehicles. Processes for testing, assessment and validation of an ADS's HMI should be documented. For Level 4 and 5 vehicles, a remote dispatcher or central control authority should be able to determine the status of the ADS at all times.

Vehicle Cybersecurity
ADS designers are strongly encouraged to follow a stringent product development process based on systems engineering to minimize cybersecurity threats and vulnerabilities. This process should include a systematic and ongoing safety risk assessment for each ADS, the overall vehicle design and the overall transportation ecosystem. This process and any cybersecurity best practices should be documented. The DoT urges information sharing among industry members, as well as the incorporation of cybersecurity practices designed by recognized industry standards organizations.

Crashworthiness
Occupant protection is of paramount importance. ADS designers should incorporate information from advanced sensing technologies needed for ADS operation into new occupant protection systems for the safety of all vehicle operators and passengers. Unoccupied vehicles with ADSs should provide geometric and energy absorption crash compatibility with existing vehicles on the road.

JOIN THE CONVERSATION ON TWITTER
Loading
ASK THE EXPERTS
Simply enter a question for our experts.
Sign up for the RFID Journal Newsletter
We will never sell or share your information
RFID Journal LIVE! RFID in Health Care LIVE! LatAm LIVE! Brasil LIVE! Europe RFID Connect Virtual Events RFID Journal Awards Webinars Presentations