Introduction
Ensuring the safety of AI in road vehicles is crucial. This blog explores key safety protocols including Functional Safety (FuSa), Safety of the Intended Functionality (SOTIF), cybersecurity measures, and Safety Assurance of AI (SaAI). Together, these protocols provide a comprehensive framework for the safe integration of AI in vehicles.
ISO 8800 is an automotive standard designed to guide the achievement of functional safety compliance in AI-based systems. It is intended to be used in conjunction with ISO 26262, ISO 21448, and ISO 21434 to ensure comprehensive safety management.
Interplay of standards
FuSA
Functional Safety (FuSa) is defined by the ISO 26262 standard as the “absence of unreasonable risk due to hazards caused by malfunctioning behavior of electrical or electronic systems.” It involves managing systematic software and hardware faults, as well as random hardware faults. To achieve this, FuSa involves setting and realizing safety goals through a comprehensive safety management process. This process includes hazard analysis, risk assessment, and the development of safety mechanisms to ensure that the vehicle’s electronic and electrical systems perform reliably and safely under all operating conditions.
SOTIF
Safety of The Intended Functionality (SOTIF) is defined by ISO 21448 as the “absence of unreasonable risk due to hazards resulting from the functional insufficiency of the intended functionality or from reasonably foreseeable misuse by road users.” This standard addresses potential risks not covered by traditional safety measures, focusing on ensuring that the intended functionality performs as safely as expected under various conditions.
Cybersecurity
According to ISO 21434, cybersecurity involves protecting automotive systems from cyber threats, unauthorized access, and malicious actions. This standard is a domain-specific adaptation of ISO 27001, tailored to address the unique cybersecurity challenges faced by the automotive industry. It provides a framework for identifying and mitigating cybersecurity risks throughout the lifecycle of a vehicle, ensuring that all electronic and software-based systems are adequately protected. This includes developing secure architectures, implementing robust security controls, and continuously monitoring for potential threats to maintain the safety and integrity of the vehicle’s systems.
SaAI
ISO 8800 addresses the safety-related behavior of AI applications in vehicles by focusing on handling various insufficiencies, such as data, model, training, verification, and validation. The standard provides guidelines to derive a suitable safety assurance claim, demonstrating the absence of unreasonable risk1. Essentially, ISO 8800 aims to answer the question, “How can we assure that an AI-based system in a vehicle poses the least risk?” by ensuring comprehensive safety measures throughout the AI lifecycle.
Fig 1: Interplay of the relevant safety and security standards
Ensuring System-Level Safety & Environmental Decision-Making
While Functional Safety (FuSA) addresses the system level safety adherence, Safety of the Intended Functionality (SoTIF) focuses on ensuring the system can accurately perceive and respond to its environment. This includes:
- Sensor Perception: Making sure sensors like cameras and radar detect the environment accurately
- Decision making: Ensuring the system can predict and respond to potential hazards
- Minimizing False Negatives: Reducing instances where the system fails to detect a hazard.
Cybersecurity complements both by protecting the system from external threats, analyzing and implementing measures to mitigate risks in connected vehicles.
ISO 8800: Extending FuSA & SoTIF for AI-Based Systems
ISO8800 serves as an extension for both FuSA and SoTIF, encompassing the entire safety life cycle of AI based systems. It remains agnostic to the specific AI/ML/DL technologies deployed and is generic and not limited to automated driving, though it is one of the prominent use cases. This standard aims to instil stakeholder confidence in the deployment of autonomous systems particularly in road safety for the different categories involved whether it is Level 3+ autonomy or last – mile delivery.
Defining Safety Requirements: The starting point is to define the safety requirements, for a simple and straight forward example the correct identification of traffic signs under adverse weather conditions. It includes the necessary metrics for the application and any limitations in the deployed AI model.
ISO 8800 also covers potential dataset errors, and any associated limitations or biases providing guidelines to address these issues. Identifying edge cases and ensuring safety in these scenarios is a crucial consideration.
Safety Assurance Arguments
Fig 2: Safety Assurance Arguments
Safety Assurance Arguments are essential to demonstrate that AI requirements are met, and necessary verification and validation are completed. These arguments provide the observed evidence to prove the system’s safety and reliability.
Conclusion
Adhering to ISO 8800 is crucial in achieving functional safety for the AI enabled systems. Achieving compliance to the ISO 8800 standard will require AI models to evolve, becoming more robust and gaining the trust of stakeholders. This will pave the way for advancements in higher levels of autonomous driving.
MulticoreWare with its extensive AI development experience is ready to support customers on Safety for AI systems re-engineering / development and compliance. Kindly contact us at info@multicorewareinc.com
