A Taxonomy to Unify Fault Tolerance Regimes for Automotive Systems: Defining Fail-Operational, Fail-Degraded, and Fail-Safe

@article{Stolte2021ATT,
  title={A Taxonomy to Unify Fault Tolerance Regimes for Automotive Systems: Defining Fail-Operational, Fail-Degraded, and Fail-Safe},
  author={Torben Stolte and Stefan Ackermann and Robert Graubohm and Inga Jatzkowski and Bj{\"o}rn Klamann and Hermann Winner and Markus Maurer},
  journal={ArXiv},
  year={2021},
  volume={abs/2106.11042}
}
This paper presents a taxonomy that allows to define the fault tolerance regimes fail-operational, fail-degraded, and failsafe in the context of automotive systems. Fault tolerance regimes such as these are widely used in recent publications related to automated driving, yet without definitions, which largely holds true for automotive safety standards, too. Moreover, we show that fault tolerance regimes defined in scientific publications related to the automotive domain are partially ambiguous… 

Figures and Tables from this paper

Integration of a Vehicle Operating Mode Management into UNICARagil’s Automotive Service-oriented Software Architecture
Integration of a Vehicle Operating Mode Management into UNICARagil’s Automotive Service-oriented Software Architecture Inga Jatzkowski; Torben Stolte; Robert Graubohm; Prof. Dr.-Ing. Markus Maurer
Comparing Different Levels of Technical Systems for a Modular Safety Approval—Why the State of the Art Does Not Dispense with System Tests Yet
TLDR
This paper shows that errors arise due to faulty decomposition processes wherein, e.g., functions, test scenarios, risks, or requirements of a system are decomposed to the module level and identifies three main categories of errors: insufficiently functional architectures, performing the wrong tests, and performing the right tests wrongly.

References

SHOWING 1-10 OF 71 REFERENCES
Fail-Operational Automotive Systems
TLDR
The state of the art of other industrial domains is investigated, focusing on their related safety standards and technical solutions, and a generic, structured dependent failure analysis is developed, solving the redundancy allocation problem for an automotive application.
A Safety Argumentation for Fail-Operational Automotive Systems in Compliance with ISO 26262
TLDR
This work provides a framework for safety argumentation of a fail-operational driving system in compliance with ISO 26262 regarding safety analysis, and deduce a fault model for a failing system containing the relevant failure modes.
Comparison of fail-operational software architectures from the viewpoint of an automotive application
TLDR
This paper investigates three typical fault tolerant software architectures by use of a structured analysis technique, and by applying a set of criteria specific for the automotive domain to gain an understanding related to the properties of the compared architectures.
Engineering and Hardening of Functional Fail-Operational Architectures for Highly Automated Driving
TLDR
This work tailored and applied a methodology that facilitates the design of fail-operational architectures from early design stages on by enabling informed judgment regarding the gradually evolved architecture's fitness for purpose by considering resilience regarding dynamic changes in environmental conditions.
Basic concepts and taxonomy of dependable and secure computing
TLDR
The aim is to explicate a set of general concepts, of relevance across a wide range of situations and, therefore, helping communication and cooperation among a number of scientific and technical communities, including ones that are concentrating on particular types of system, of system failures, or of causes of systems failures.
Survey on fault-tolerant vehicle design
TLDR
The paper highlights recent and prospective development of vehicle motion control with integrated chassis control and passive and active fault-tolerant control and the role of regulations and international standardization to enable fault-Tolerant vehicle design is taken into consideration.
Fault-tolerant drive-by-wire systems - concepts and realizations
Architectural Safety Perspectives & Considerations Regarding the AI-based AV Domain Controller
TLDR
The intent of this paper will be to ensure that the safety goals and requirements are completely and correctly stated at the start of the development process and then propagated accurately to the final design and implementation with-out omission.
Fault-tolerant drive-by-wire systems
The article begins with a review of electronic driver assisting systems such as ABS, traction control, electronic stability control, and brake assistant. We then review drive-by-wire systems with and
...
...