Publication

This paper presents a methodology for achieving functional safety for an automated driving system (SAE Level 4) with respect to safe transitions between the driver and the system. Safety analysis and assessment of an implementation example show how to allocate safety requirements on Human-Machine Interface (HMI) components to handle the risks of unfair transition, mode confusion and stuck in transition, respectively. The methodology is appropriate for different assumptions on driver failures. The paper shows how to identify safety requirements on the HMI components, given that there is an assumption of a set of single, double or multiple failures by the driver. Results from this example show that it is sufficient to allocate safety requirements on the sensor and the lock of a control to ensure safe transitions. No safety requirements are needed on visual feedback to the driver, e.g., displays.