(GRVA-06-02r4e) Uniform provisions Concerning the Approval of ALKS


Regulations on the Automated Lane Keeping Systems (ALKS) feature appear to be under discussion. There seems to be some difference from the regulation so far. In this document, evaluation by third-party organizations seems to be considered through the type certification procedure. There are statements in the Clause 7 of Annex D that Audit or Assessments are required by Auditor or Assessor with knowledge of ISO 26262, SOTIF and Cyber ​​Security.

I heard that a standardization trend in the Cyber ​​Security area presents a closer requirement to regulation. But looking at this document, it looks that FuSa and SOTIF are likely to follow a similar trend on topics related to ALKS.

As this policy is not yet decided, it may be considered to be quick, but we can prospect Audit/Assessment by 3rd party, which has been slightly loosened by the OEM, may be strengthened in the future.

On the regulatory side, there is some preparation, and on the side of defense, it seems to try hard to standardize through ISO standard activities and try to perform according to the standard as an approach of standard conformity.

This is an interesting change that was not found in functional safety in the past.

Click to access GRVA-06-02r4e.pdf

(paper comment) Analysis of Safety of The Intended Use(SOTIF)


This paper was published at the time of ISO/PAS 21448. I have never seen anything about ISO/PAS 21448. It is only known that the ongoing ISO 21448 will replace it. Looking at this paper, it seems that the earliest SOTIF focused on vehicle level safety. The ongoing ISO 21448 seems to cover not only the vehicle level, but also the entire lifecycle of FuSa’s systems, hw and sw. (That’s because the standard hasn’t been finalized yet, and I think it will be better later.)

When I first read the CD version of SOTIF, there were so many things that I didn’t understand and the relationship between FuSa and SOTIF wasn’t exactly understood. So it is dim to know that the concept of SOTIF is needed to achieve safety, but it was not clear. (I think it will be because it is still a CD version.)

However, after reading this paper, I came to understand the direction that SOTIF aims to pursue. Also, the concept of known/unknown and hazardous/non-hazardous models, which were newly introduced in SOTIF, couldn’t understand why the concept was introduced and how such a conceptual model could be practically used. For example, it was like this. Testing something in the Known domain is easy to understand, but what does it mean to test something in the Unknown domain? If you already have a test scenario, isn’t it supposed to be already known? What on earth does unknown mean?

Setting a validation target seems to use a statistical approach, but how can a quantitative figure be derived?

Of course, I am still not clearly understanding everything about SOTIF, but I am still studying. And what I realized now may be misunderstanding by’misunderstanding’, so my thoughts may change over time.

This paper contains examples of quantifying validation targets with the statistical approach mentioned above, and some explanations on how the concepts of known/unknown and hazardous/not hazardous apply.

Personally, I think the above two confusing concepts have been materialized through this paper. Of course, I’m still not sure how validation targets can be applied at the lower level, not at the vehicle level. It is expected that the standard will be more specific or practical examples will come from other papers.

It is worth reading this article to understand SOTIF. I think it will not be too difficult to understand

https://downloads.regulations.gov/NHTSA-2019-0036-0022/attachment_2.pdf