广东工业大学学报 ›› 2024, Vol. 41 ›› Issue (04): 34-43.doi: 10.12052/gdutxb.230196

• 控制科学与工程 • 上一篇    下一篇

融合STPA及有限状态机的ADAS触发条件生成机制

陈思阳, 赖粤, 薛先斌, 梁浩涛, 任佳怡   

  1. 广东工业大学 自动化学院, 广东 广州 510006
  • 收稿日期:2023-12-04 出版日期:2024-07-25 发布日期:2024-08-13
  • 通信作者: 赖粤(1983–),男,副教授,博士,主要研究方向为智能信息处理,E-mail:hot_day@163.com
  • 作者简介:陈思阳(1998–) ,男,硕士研究生,主要研究方向为自动驾驶预期功能安全测试与评价,E-mail:csyxxx622@163.com
  • 基金资助:
    国家自然科学基金资助项目(U22A2054)

Generation Mechanism of ADAS System Trigger Conditions Integrating STPA and Finite State Machines

Chen Si-yang, Lai Yue, Xue Xian-bin, Liang Hao-tao, Ren Jia-yi   

  1. School of Automation, Guangdong University of Technology, Guangzhou 510006, China
  • Received:2023-12-04 Online:2024-07-25 Published:2024-08-13

HTML

PDF (PC)

29

摘要: 现有高级辅助驾驶系统(Advanced Driver Assistance Systems, ADAS)功能不断增多且系统复杂性不断提高,不可避免带来了预期功能安全(Safety of the Intended Functionality, SOTIF)问题。触发条件的识别与生成是预期功能安全活动中重要的一环,然而现有对触发条件识别仅借助系统过程理论分析方法(System Theoretic Process Analysis, STPA)进行分析,未充分考虑系统功能状态转换中存在的问题。本文以知识驱动的方式构建触发条件识别机制,将STPA及有限状态机(Finite State Machine, FSM)理论融合构建拓展型系统控制结构,针对拓展型控制架构及功能状态转换进行安全分析,根据系统存在的功能局限及人为误用,完成触发条件的识别、生成、规范化描述、分类及标签化。最后将本文提出的触发条件生成机制应用于集成式巡航辅助系统(Integrated Cruise Assistance, ICA),得到了该系统的触发条件及其分类,并将本文所提出的生成机制与现有相关触发条件生成方法进行对比分析,证明了本机制的实用性、可行性及有效性。

关键词: 预期功能安全, 系统过程理论分析方法, 有限状态机, 触发条件, 高级辅助驾驶系统

Abstract: The ever-increasing functionalities and escalating complexity of existing Advanced Driver Assistance Systems inevitably cause the problem of Safety of The Intended Functionality. The identification and generation of trigger conditions play a critical role in SOTIF activities. Most existing trigger condition identification approachesare mainly based on the System-Theoretic Process Analysis method, which however neglect the issues within the system's functional state transitions. This paper adopts a knowledge-driven approach to construct a trigger condition identification mechanism by integrating STPA and Finite State Machine theories to establish an expanded system control structure. Safety analysis is conducted concerning the expanded control architecture and functional state transitions. By considering system limitations and human misuse, trigger conditions are identified, generated, described, classified, and labeled. Finally, the proposed trigger condition generation mechanism is applied to an Integrated Cruise Assistance system, obtaining trigger conditions and their classifications. The generated mechanism is compared with existing trigger condition generation methods, demonstrating its practicality, feasibility, and effectiveness.

Key words: safety of the intended functionality (SOTIF), system theoretic process analysis (STPA), finite state machine (FSM), trigger condition, advanced driver assistance systems (ADAS)

中图分类号: 

  • U461.91
[1] National Transportation Safety Board. Collision between vehicle controlled by developmental automated driving system and pedestrian[R]. Washington D C: National Transportation Safety Board, 2019.
[2] 邵文博, 李骏, 张玉新, 等. 智能汽车预期功能安全保障关键技术[J]. 汽车工程, 2022, 44(9): 1289-1304.
SHAO W B, LI J, ZHANG Y X, et al. Key technologies to ensure the safety of the intended functionality for intelligent vehicles [J]. Automotive Engineering, 2022, 44(9): 1289-1304.
[3] International Organization for Standardization. ISO/FDIS 21448 road vehicles — safety of the intended functionality: ISO 21448[S]. Geneva, Switzerland: ISO, 2022.
[4] ZHAO Q D, ZHENG T, ZHANG Y S, et al. The research on the identification of ACC SOTIF triggering conditions based on scenario analysis[C]//2022 IEEE International Conference on Real-time Computing and Robotics (RCAR) . Guiyang: IEEE, 2022: 263-266.
[5] LI J F, ZHANG Y S, ZHAO S, et al. A research on SOTIF of LKA based on STPA[C]//2022 IEEE International Conference on Real-time Computing and Robotics (RCAR) . Guiyang: IEEE, 2022: 396-400.
[6] ZHU Z J, PHILIPP R, HUNGAR C, et al. Systematization and identification of triggering conditions: a preliminary step for efficient testing of autonomous vehicles[C]//2022 IEEE Intelligent Vehicles Symposium (IV) . Aachen: IEEE, 2022: 798-805.
[7] XING X Y, ZHOU T, CHEN J Y, et al. A hazard analysis approach based on STPA and finite state machine for autonomous vehicles[C]//2021 IEEE Intelligent Vehicles Symposium (IV) . Nagoya: IEEE, 2021: 150-156.
[8] GOERGES S L, HOMMES Q D V E. System theoretic approach for determining causal factors of quality loss in complex system design[C]//International Design Engineering Technical Conferences and Computers and Information in Engineering Conference. Buffalo: American Society of Mechanical Engineers, 2014, 46407: V007T07A006.
[9] HOMMES Q D V E. Applying system theoretical hazard analysis method to complex automotive cyber physical systems[C]//International Design Engineering Technical Conferences and Computers and Information in Engineering Conference. Chicago: American Society of Mechanical Engineers, 2012, 45066: 705-717.
[10] MAHAJAN H S, BRADLEY T, PASRICHA S. Application of systems theoretic process analysis to a lane keeping assist system [J]. Reliability Engineering & System Safety, 2017, 167: 177-183.
[11] LEE D, YANNAKAKIS M. Principles and methods of testing finite state machines-a survey [J]. Proceedings of the IEEE, 1996, 84(8): 1090-1123.
[12] LEE D, YANNAKAKIS M. Testing finite-state machines: state identification and verification [J]. IEEE Transactions on Computers, 1994, 43(3): 306-320.
[13] DASH N P, DASGUPTA R, CHEPADA J, et al. Event driven programming for embedded systems-a finite state machine based approach[C]//The Sixth International Conference on Systems. Mumbai: IARIA Journals, 2011: 23-28.
[14] 熊璐, 贾通, 陈君毅, 等. 基于有限状态机的预期功能安全危害识别方法[J]. 同济大学学报(自然科学版) , 2023, 51(4): 616-622.
XIONG L, JIA T, CHEN J Y, et al. Hazard tdentification method for safety of the intended functionality based on finite state machine [J]. Journal of Tongji University(Natural Science) , 2023, 51(4): 616-622.
[15] SCHOLTES M, WESTHOFEN L, TURNER L R, et al. 6-layer model for a structured description and categorization of urban traffic and environment [J]. IEEE Access, 2021, 9: 59131-59147.
[16] WU S, WANG H, YU W, et al. A new SOTIF scenario hierarchy and its critical test case generation based on potential risk assessment[C]//2021 IEEE 1st International Conference on Digital Twins and Parallel Intelligence (DTPI) . Beijing: IEEE, 2021: 399-409.
[17] AMERSBACH C. Functional decomposition approach-reducing the safety validation effort for highly automated driving[D]. Darmstadt: Technische Universität Darmstadt, 2020.
[18] International Organization for Standardization. Road vehicles-functional Safety: ISO 26262[S]. Geneva, Switzerland: ISO, 2011.
[1] 苏成悦,李文杰,庄伟林. 基于FSM的短距离家居通讯协议的分析及应用[J]. 广东工业大学学报, 2013, 30(2): 63-67.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
版权所有 © 2017 《广东工业大学学报》编辑部
地址:广州市东风东路729号广东工业大学 邮编:510090
电话:020-37626653,020-37626139,020-37626396
邮箱:xbzrb@gdut.edu.cn
本系统由北京玛格泰克科技发展有限公司设计开发