Safe Perception -- A Hierarchical Monitor Approach

Our transportation world is rapidly transforming induced by an ever increasing level of autonomy. However, to obtain license of fully automated vehicles for widespread public use, it is necessary to assure safety of the entire system, which is still a challenge. This holds in particular for AI-based perception systems that have to handle a diversity of environmental conditions and road users, and at the same time should robustly detect all safety relevant objects (i.e no detection misses should occur). Yet, limited training and validation data make a proof of fault-free operation hardly achievable, as the perception system might be exposed to new, yet unknown objects or conditions on public roads. Hence, new safety approaches for AI-based perception systems are required. For this reason we propose in this paper a novel hierarchical monitoring approach that is able to validate the object list from a primary perception system, can reliably detect detection misses, and at the same time has a very low false alarm rate.

MTBF Model for AVs -- From Perception Errors to Vehicle-Level Failures

The development of Automated Vehicles (AVs) is progressing quickly and the first robotaxi services are being deployed worldwide. However, to receive authority certification for mass deployment, manufactures need to justify that their AVs operate safer than human drivers. This in turn creates the need to estimate and model the collision rate (failure rate) of an AV taking all possible errors and driving situations into account. In other words, there is the strong demand for comprehensive Mean Time Between Failure (MTBF) models for AVs. In this paper, we will introduce such a generic and scalable model that creates a link between errors in the perception system to vehicle-level failures (collisions). Using this model, we are able to derive requirements for the perception quality based on the desired vehicle-level MTBF or vice versa to obtain an MTBF value given a certain mission profile and perception quality.

Fault-Tolerant Perception for Automated Driving A Lightweight Monitoring Approach

While the most visible part of the safety verification process of automated vehicles concerns the planning and control system, it is often overlooked that safety of the latter crucially depends on the fault-tolerance of the preceding environment perception. Modern perception systems feature complex and often machine-learning-based components with various failure modes that can jeopardize the overall safety. At the same time, a verification by for example redundant execution is not always feasible due to resource constraints. In this paper, we address the need for feasible and efficient perception monitors and propose a lightweight approach that helps to protect the integrity of the perception system while keeping the additional compute overhead minimal. In contrast to existing solutions, the monitor is realized by a well-balanced combination of sensor checks -- here using LiDAR information -- and plausibility checks on the object motion history. It is designed to detect relevant errors in the distance and velocity of objects in the environment of the automated vehicle. In conjunction with an appropriate planning system, such a monitor can help to make safe automated driving feasible.

Robustness of Object Detectors in Degrading Weather Conditions

State-of-the-art object detection systems for autonomous driving achieve promising results in clear weather conditions. However, such autonomous safety critical systems also need to work in degrading weather conditions, such as rain, fog and snow. Unfortunately, most approaches evaluate only on the KITTI dataset, which consists only of clear weather scenes. In this paper we address this issue and perform one of the most detailed evaluation on single and dual modality architectures on data captured in real weather conditions. We analyse the performance degradation of these architectures in degrading weather conditions. We demonstrate that an object detection architecture performing good in clear weather might not be able to handle degrading weather conditions. We also perform ablation studies on the dual modality architectures and show their limitations.