STPA FOR AUTONOMOUS VEHICLE SAFETY IN TRAFFIC SYSTEMS

Abstract

It is speculated that vehicle companies such as Volvo, are actively developing autonomous vehicles and planning to introduce fully Autonomous Vehicle (AV) test fleets in the transport systems of Swedish cities. The gradual introduction of autonomous vehicles is meant to make the traffic system more efficient, reliable, and most importantly safer than a traditional human-driven vehicle (HDV) dominated system. However, the introduction of AVs will lead to an increase in the complexity of the traffic system. Especially the complex interactions between AVs with human drivers and other traffic participants such as pedestrians. These interactions are further complicated by operational domain constraints such as road infrastructure and natural weather conditions. These complex interactions create conditions that inevitably lead to unforeseen unsafe actions by a human or non-human participant, resulting in a hazardous scenario and an eventual accident event. Traditional hazard analysis methods as well as domain-specific ISO standards such as ISO 26262 mainly focus on AV component and functional failures, ignoring high-level safety hazard casual factors originating from system interactions and organizational flaws. New hazard analysis tools such as System Theoretical Process Analysis (STPA) provide systematic and sequential steps for identifying hazardous interactions within a system in the absence of extensive test trials and operational data. This thesis aimed to provide a pilot application of STPA for evaluating the systematic safety of AV in different traffic scenarios. The case study in this thesis is AV at an unsignalized intersection with an unprotected left turn. The framework of the methodology in this thesis is formulated by using the STPA process. The first step defines the scope and objectives of the analysis. This involves defining the traffic system, enumerating its hazardous states, and identifying losses unacceptable to stakeholders. The second step establishes the traffic system control structure consisting of controllers, actuators, sensors, and controlled components. The third step identifies Unsafe Control Actions (UCA) that under the worst or extreme environmental conditions will lead to one or more hazards. Lastly UCA causal factors are identified through a brainstorming process. A hazardous Factor Network (HFN) is developed for a structured causal factor identification process. Further, principles of network analysis such as network traceability and betweenness values are utilized for causal factor (CF) evaluation. The results show that STPA can be applied to identify hazard causal factors in a iv traffic system with autonomous vehicles. The result also showed that hazard causal factors in a traffic system are highly connected and related to each other. The HFN provided a structured framework for casual factor traceability and evaluation. For example, identified CF5 (inadequate road infrastructure maintenance and management plan by road authority) had the highest betweenness value in the HFN. Meaning that CF5 is highly connected to other causal factors and UCAs, hence is very vital to the safety of AVs in the current traffic system. In conclusion, the thesis shows that in the absence of high statistical data, STPA can be applied as a framework for analyzing traffic system safety with the introduction of fully autonomous vehicles in the current system. This thesis finally recommends further research and development of the STPA process to include a “probabilistic link” between the Unsafe Control Actions (UCA) and established causal factors.