warg.org >> Fredrik >> Publications >> Abstract

The Quantitative Risk Norm - A Proposed Tailoring of HARA for ADS

Authors: Fredrik Warg, Rolf Johansson, Martin Skoglund, Anders Thorsén, Mattias Brännström, Magnus Gyllenhammar and Martin Sanfridson

Abstract:

One of the major challenges of automated driving systems (ADS) is showing that they drive safely. Key to ensuring safety is eliciting a complete set of top-level safety requirements (safety goals). This is typically done with an activity called hazard analysis and risk assessment (HARA). In this paper we argue that the HARA of ISO 26262:2018 is not directly suitable for an ADS, both because the number of relevant operational situations may be vast, and because the ability of the ADS to make decisions in order to reduce risks will affect the analysis of exposure and hazards. Instead we propose a tailoring using a quantitative risk norm (QRN) with consequence classes, where each class has a limit for the frequency within which the consequences may occur. Incident types are then defined and assigned to the consequence classes; the requirements prescribing the limits of these incident types are used as safety goals to fulfil in the implementation. The main benefits of the QRN approach are the ability to show completeness of safety goals, and make sure that the safety strategy is not limited by safety goals which are not formulated in a way suitable for an ADS.

Keywords: ADS, automated driving, hazard analysis, HARA, functional safety, ISO 26262, risk norm

Year-Month: 2020-06

Published: 2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W)

Publication type: Workshop paper

Workshop: 6th International Workshop on Safety and Security of Intelligent Vehicles (SSIV 2020)

Pages: 86--93

Fulltext: QRN_Approach.pdf

Presentation: SSIV2020-QRN_Presentation.pdf

DOI: 10.1109/DSN-W50199.2020.00026

Bibtex:

@inproceedings{QRN_ssiv2020,
  title     = {The Quantitative Risk Norm - A Proposed Tailoring of HARA for ADS},
  author    = {Warg, Fredrik and Johansson, Rolf and Skoglund, Martin and Thorsén, Anders and Brännström, Mattias and Gyllenhammar, Magnus and Sanfridson, Martin},
  year      = {2020},
  month     = {06},
  abstract  = {One of the major challenges of automated driving systems (ADS) is showing that they drive safely. Key to ensuring safety is eliciting a complete set of top-level safety requirements (safety goals). This is typically done with an activity called hazard analysis and risk assessment (HARA). In this paper we argue that the HARA of ISO 26262:2018 is not directly suitable for an ADS, both because the number of relevant operational situations may be vast, and because the ability of the ADS to make decisions in order to reduce risks will affect the analysis of exposure and hazards. Instead we propose a tailoring using a quantitative risk norm (QRN) with consequence classes, where each class has a limit for the frequency within which the consequences may occur. Incident types are then defined and assigned to the consequence classes; the requirements prescribing the limits of these incident types are used as safety goals to fulfil in the implementation. The main benefits of the QRN approach are the ability to show completeness of safety goals, and make sure that the safety strategy is not limited by safety goals which are not formulated in a way suitable for an ADS.},
  keywords  = {ADS, automated driving, hazard analysis, HARA, functional safety, ISO 26262, risk norm},
  booktitle = {2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W)},
  doi       = {10.1109/DSN-W50199.2020.00026},
  pages     = {86--93},
  note      = {Publication data: https://warg.org/fredrik/publ/}
}