Autonomous vehicles need to be industrialized in high volumes in the not so far future. These vehicles w ill need to be flexible tow ards incorporating updated control algorithms at a high pace; as soon as there are improvements in transport efficiency or to the intended area of operation, these improvements should be used in as many vehicles as possible for maximum benefit. How ever, it is a challenge to verify that the risk is tolerable that an autonomous vehicle creates a situation that can be harmful. Therefore, a system in use must be robust tow ards receiving updates to some parts of the system in the aspect that these updates cannot compromise the verified safety of the system yet provide improved functionality. One w ay of achieving the aforementioned flexibility and robustness is to separate the system that ensures the safety of the vehicle from the components that conduct the tactical and strategic mission planning and allow changes only to the latter parts. The hypothesis is that this can be done such that updates to an autonomous vehicle can be implemented at a higher pace than w hat w ould be possible if the process that verifies the underlying safety of a system is applied each time. The underlying assumption is that it w ill be hard to verify the safety of a highcomplexity system that can do virtually anything, w hereas a low -complexity system responsible for avoiding critical errors can be verified more easily and be unchanged for a longer period of time.
Full Professor at Chalmers, Electrical Engineering, Systems and control, Mechatronics
Funding Chalmers participation during 2018–2022