Autonomous driving confronts great challenges in complex traffic scenarios, where the risk of Safety of the Intended Functionality (SOTIF) can be triggered by the dynamic operational environment and system insufficiencies. The SOTIF risk is reflected not only intuitively in the collision risk with objects outside the autonomous vehicles (AVs), but also inherently in the performance limitation risk of the implemented algorithms themselves. How to minimize the SOTIF risk for autonomous driving is currently a critical, difficult, and unresolved issue. Therefore, this paper proposes the "Self-Surveillance and Self-Adaption System" as a systematic approach to online minimize the SOTIF risk, which aims to provide a systematic solution for monitoring, quantification, and mitigation of inherent and external risks. The core of this system is the risk monitoring of the implemented artificial intelligence algorithms within the AV. As a demonstration of the Self-Surveillance and Self-Adaption System, the risk monitoring of the perception algorithm, i.e., YOLOv5 is highlighted. Moreover, the inherent perception algorithm risk and external collision risk are jointly quantified via SOTIF entropy, which is then propagated downstream to the decision-making module and mitigated. Finally, several challenging scenarios are demonstrated, and the Hardware-in-the-Loop experiments are conducted to verify the efficiency and effectiveness of the system. The results demonstrate that the Self-Surveillance and Self-Adaption System enables dependable online monitoring, quantification, and mitigation of SOTIF risk in real-time critical traffic environments.
翻译:自动驾驶在复杂的交通情况中面临巨大挑战,因为在复杂的交通情况中,“自毁功能安全系统(SOTIF)”的风险可能因动态操作环境和系统不足而触发。SOTIF的风险不仅直观地反映在与自主车辆(AVs)以外的物体的碰撞风险中,而且本身也反映在已实施的算法本身的性能限制风险中。如何最大限度地减少SOTIF对自主驾驶的风险目前是一个关键、困难和未解决的问题。因此,本文件提出“自毁功能安全系统(SOTIF)”是将SOTIF风险降至最低的系统系统,目的是为监测、量化和减轻内在和外部风险提供系统解决办法。该系统的核心是监测AVSV内实施的人工智能算法的风险。作为自毁和自毁系统的一个示范,对感知算法的风险监测,即YOLOV5被强调“自毁和自毁功能系统(SOTIF)的内在认识算法风险和外部碰撞风险,通过SOUTIFA系统进行最终量化了SIF的软和硬拷贝风险的核查。该模型显示,该系统对降低和降低的系统和降低风险的系统和降低风险的系统的风险和升级的系统是最终的核查。在SUFIFIFFFF的系统和升级和升级的系统进行。最后的核查。在进行。