BEAUTIFUL VIEW

Now that the press flurry over the NTSB's report on the Autonomous Driving System (ADS) fatality in Tempe has subsided, it's important to reflect on the lessons to be learned. Hats off to the NTSB for absolutely nailing this. Cheers to the Press who got the messaging right. But not...

Last week there were two injuries involving human-supervised autonomous test shuttles on different continents, with no apparent connection other than random chance.  (For example: Link) As deployment of this work-in-progress technology scales up in public, we know that...

When you build an autonomous vehicle you can't count on a human driver to notice when something's wrong and "do the right thing." Here is a list of faults, system limitations, and fault responses AVs will need to get right. Did you think of these?System Limitations:Sometimes the...

Object and Event Detection and Recognition (OEDR) also involves making predictions about what might happen next. Is that pedestrian waiting for a bus? or about to walk out into the crosswalk right in front of my car? Did you think of all of these aspects?The infamous Pittsburgh Left....

Object and Event Detection and Recognition (OEDR) involves having an autonomous vehicle detect and classify various types of objects so that it can plan a response. Detection is only the first step; you need to also be able to classify the obstacle to predict what might happen next....

The Operational Design Domain (ODD) is the set of environmental conditions that an autonomous system is designed to work in. Typically an ODD is thought of as some sort of geo-fencing plus a obvious weather conditions (rain, snow, sun). But, it's a lot more than that. Did you think...

It's time to get past the irrelevant Trolley Problem and talk about ethical issues that actually matter in the real world of self driving cars.  Here's a starter list involving public road testing, human driver responsibilities, safety confidence, and grappling with how safe...

How will self-driving cars handle all the non-driving tasks that drivers also perform?  How will they make unaccompanied kids stop sticking their head out the window?Hey Kids -- Don't stick your heads out the window!The conversation about self-driving cars is almost all about...

1860 The Frenchman Lenoir constructs the first internal-combustion engine; this powerplant relies on city gas as its fuel source. Thermal efficiency is in the 3% range. 1867 Otto and Langen display an improved inter- nal-combustion engine at the Paris Interna- tional Exhibition....

Other AV Safety Issues:We've seen some teams get it right. And some get it wrong. Don't make these mistakes if you're trying to ensure your autonomous vehicle is safe.Defective disengagement mechanisms. Generally this involves the ability of an arbitrary fail-active autonomy failure...

Human Test Scenario Bias:Machine Learning perceives the world differently than you do. That means your intuition is not necessarily a good source for test planning.Simulation-based testing (including especially closed-course testing of real vehicles) can suffer from a test planning...

Beth Osyk and I are presenting our paper at SAE WCX today on how to argue sufficient road test safety for self-driving car technology.See below slideshare or follow this link for presentation slides.Preprint of paper here:https://users.ece.cmu.edu/~koopman/pubs/koopman19_TestingSafetyCase_SAEWCX.pdfAbstract:Autonomous vehicle (AV) developers test extensively...

Nondeterministic Behavior and Legibility:How do you know your autonomous vehicle passed the test for the right reason? What if it just got lucky, or is gaming the test?The nature of the algorithms used by autonomy systems creates problems for modelling and testing that go beyond...

Missing Rare Events in Simulation:A highly accurate simulation and system model doesn't solve the problem of what scenarios to simulate. If you don't know what edge cases to simulate, your system won't be safe.It is common, and generally desirable, to use vehicle-level simulation...

Dealing with Edge Cases:Some failures are neither random nor independent. Moreover, safety is typically more about dealing with unusual cases. This means that brute force testing is likely to miss important edge case safety issues.A significant limitation to a field testing argument...