Scenario-based Verification and Validation of automated and autonomous Systems

Automated and autonomous transport systems should not only make travel more comfortable, but also safer. To make this a reality and bring automated and autonomous transport systems to market, it is therefore very important to ensure their safe operation. This is not an easy task, as not only the systems themselves are highly complex, but also the input they receive (the environment). In order to verify and validate them, we must therefore not only develop them safely, but also test them extensively.

For automated driving systems, the number of test kilometers required for a naïve statistical test is several hundred million kilometers, depending on assumptions/accident type (cf. Wachenfeld 2015, Kalra 2016). By comparison, all paved roads in the U.S. are only about 4.3 million kilometers long. These tests would have to be carried out with every newly developed or even slightly modified automated driving system.

Overview of a generic scenario-based verification and validation process, where our main contributions are highlighted.

A promising solution to this challenge is a scenario-based approach in which scenarios for different phases of the verification and validation process are described at different levels of abstraction. We develop methods and prototypes that support scenario-based verification and validation in these phases.

Scenario Mining

Scenarios are the basis for reducing the search space for verification and validation approaches for automated and autonomous systems. This reduction is based on a fundamental principle: Many similar concrete scenarios can be described by classes of scenarios. The process of identifying these abstract scenarios is called Scenario Mining, and we develop data- and expert-based methods for the systematic derivation of scenario catalogs.

Szenariospezifikation mit Traffic Sequence Charts (TSC)

As a key tool for scenario-based development, we develop Traffic Sequence Charts (TSC), a specification language for compact description of scenario classes and requirements. The core idea of TSCs is the graphical representation of traffic situations, which allows to focus on relevant aspects without introducing ambiguities. Because TSCs are both a visual and a formal language, they can be used for specification, documentation, and communication among stakeholders, as well as for processing by automated tool chains. To support the use of TSCs at all stages of the development process, we develop several methods and tool prototypes, includ-ing a TSC editor, a tool called TSC2OpenX that instantiates TSCs in OpenSCENARIO files for simulation, and methods for monitoring TSCs against simulation and real-world data.

Rare-Event Simulation (RES)

Automated and autonomous systems are usually very complex systems that must function safely in a wide variety of scenarios, so it is often impossible to examine them all. In addition, critical behaviors are very rare. To counter this, we use intelligent optimization algorithms to more efficiently study the scenarios of the given system and find specific parameter combinations where critical behavior (rare events) of the system-under-test occurs.