The SAFEXPLAIN project is extremely relevant for exida development SRL. In 2009, exida development SRL was incorporated as an affiliate of the exida group and tasked with exploring disciplines and sectors not directly covered by the group. The tumultuous and highly controversial emergence of Machine Learning (ML)/Deep Learning (DL) techniques and applications in safety critical system is proving to be a ‘perfect storm‘ that this Horizon Europe project is tackling through its focus, partnership and financial support.
Exida is part of two technical pillars that are associated with two major work-packages (WP) of the project: WP2- Safety Assessment and WP4 –Platforms and Toolset Support. The intermediate results of these work packages is presented below.
Safety Assessment
Partner IKERLAN, leader of WP2, has developed a Functional Safety lifecycle extension (AI-FSM) covering ML/DL processes and allowing for their assessment according to the current standard ISO/IEC 61508 (Functional Safety of E/E/PE Safety-related Systems). AI-FSM has already successfully passed a first review by both TÜV Rheinland and exida certification experts.
Exida has developed an artificial intelligence verification and validation (AI-V&V) strategy and associated methods for the verification and validation of ML/DL components. This approach extends the traditional Functional Safety (FuSa) approach from “hazards caused by malfunctioning” (as in ISO/IEC 61508 and ISO 26262), to “hazards resulting from functional insufficiencies” (as in ISO 21448, a.k.a. Safety of the Intended Functionality (SOTIF)).
To implement the AI-V&V strategy, exida has developed a Catalogue of Scenarios and Test Cases. For each scenario, one or more test cases have been defined, to be performed on real or simulated testing environments. The scenarios specify conditions, parameter values, test/fail criteria and can be used to prepare full Test Reports. The V&V model is completed with specifications of the expected behaviour for Sense – Plan – Actuators parts, as needed for SOTIF compliance.
An example of a simple scenario is one that includes a so-called ego-vehicle and a target vehicle, where there is “a vehicle driving following a target vehicle on highway”. This scenario defines a series of conditions/constraints on aspects such vehicle parameters (speed, acceleration, steering angle, yaw rate…), environmental conditions (weather, road, lighting…), risks exposure, and more.
A subset of the Catalogue is being used by the automotive case study, led by partner NAVINFO Europe. Adaptations are under preparation for the railway and space case studies, where dedicated SOTIF standards do not yet exist.
Platforms and Toolset Support
Exida is also contributing to the SAFEXPLAIN platform and toolset, led by partner Barcelona Supercomputing Center (BSC). The BSC has proposed a software (SW) Middleware concept, which exida has contributed to and supported.
The high-level platform design is inspired by the AUTOSAR Adaptive standard, which is very popular in the automotive sector and to which exida has significantly contributed during its development. Moreover, the middleware support is being developed to align with ROS2 libraries and tools, and Exida plays a specific role in this activity. The Middleware architecture to be implemented aims to accommodate the FUSA architecture requirements together with standard V&V concepts and architectural features. Figure 3 provides an overview of the FUSA architecture.
Several modules have been already implemented and will be released at the first major milestone of technical deliverables at M18 (March 2024).
Exida development SRL will continue to work within the framework of the SAFEXPLAIN project to navigate the intricate lansacape of ML/DL in safety-critical systems. The intermediate results show promising advancements, and continued collaborative efforts will be instrumental to advancing safety assessment and platform developments in the next half of the project.