If self-driving cars on a large scale implementation is likely to produce a great economic and social benefits, including greatly reduce traffic deaths, injuries and congestion, and make everyone get cheaper, more flexible and more productive means of transportation. Intel's Mobileye has developed an innovative framework for the model. It revolves around two basic pillars: 1) proven security guarantees, and 2) economic scalability. This article introduces the security support of this model to more readers.
Our proposed model provides a detailed, practical and effective solution for designing and verifying an AV system, thus greatly improving security. The following is a summary of the areas that we think are worthy of attention in the next step, and the solutions we propose:
1, a set of predetermined rules for the rapid and accurate assessment and determination of liability for AVs in a collision with a piloted vehicle:
Picture 1 illustrates the follow. If there is something wrong with the car being driven outside, and you hit AV, there is no way for AV to avoid collision. But this is happening all the time, so even if we ban AV, it's futile. The conclusion is that any useful AV will involve situations that can lead to accidents, including mechanical failures and external forces.
As shown in picture 1, the central car cannot guarantee absolute safety
The formal model of failure allows the creation of decision (driving policy) software to avoid accidents caused by AV systems. It can also be validated in an effective way.
Mobileye has designed a system called responsible security (RSS). RSS ensures that from a planning and decision point of view, AV systems do not issue commands that may cause AV accidents.
How safe is it? Our system can verify that every billion hours of driving has three orders of magnitude improvement in a traffic accident. The death rate from human driving is one traffic fatality per million hours (that is, the number of traffic deaths in the United States is about 40 per year, compared with 40,000 in 2016).
Details of our safety methods
In practice, AV needs to know two things:
Safety status: this is a condition in which AV will not cause accidents even if other vehicles take unpredictable or reckless actions. Default emergency policy: this is a concept that defines the most aggressive evasive action that AV can use to maintain or return to a safe state.
Cut into the practice
RSS has a good ability to handle this situation using the same principles. Based on a set of variables, the security channels around AV can be calculated. If a human-driven vehicle (pictured below) violates the passageway before the crash, it is the vehicle's responsibility. AV, by contrast, can continuously calculate the safe passage around other vehicles and will never issue a command to violate the space.
Picture 2: the calculated safe passage around the vehicle will determine the failure in the case of the cut- in maneuver
Dealing with limited perception and occluded objects
Consider this: C0 is trying to get out of the parking lot into a street where a building blocks traffic. The human driver's behavior is to slowly integrate into the road and gain more and more vision until the perceptual limitations are eliminated. However, the driver made some assumptions, such as the possible speed of traffic and when traffic would be exposed. The assumption that RSS calculates the maximum reasonable speed is called Vlimit (dynamic based on road speed limits). With this information, if C0 is AV, it knows how much it can peek at, and still gives C1 a chance to brake. If C1 is faster than Vlimit and collides, it is a C1 error. Conversely, if C1 is AV, assuming that there may be a car that can't see it and wants to leave the parking lot, it will be more cautious and drive further into the central lane.
Picture 3, RSS includes situations where objects (vehicles, pedestrians, etc.) are blocked (hidden) by other objects.
Extend RSS to all road structures include route preferred, two-way traffic,Traffic lights, unstructured roads, unstructured road.