STPA FOR AUTONOMOUS VEHICLE SAFETY IN TRAFFIC SYSTEMS
Date
Type
Examensarbete för masterexamen
Master's Thesis
Master's Thesis
Model builders
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
It is speculated that vehicle companies such as Volvo, are actively developing autonomous
vehicles and planning to introduce fully Autonomous Vehicle (AV) test
fleets in the transport systems of Swedish cities. The gradual introduction of autonomous
vehicles is meant to make the traffic system more efficient, reliable, and
most importantly safer than a traditional human-driven vehicle (HDV) dominated
system. However, the introduction of AVs will lead to an increase in the complexity
of the traffic system. Especially the complex interactions between AVs with human
drivers and other traffic participants such as pedestrians. These interactions are
further complicated by operational domain constraints such as road infrastructure
and natural weather conditions. These complex interactions create conditions that
inevitably lead to unforeseen unsafe actions by a human or non-human participant,
resulting in a hazardous scenario and an eventual accident event. Traditional hazard
analysis methods as well as domain-specific ISO standards such as ISO 26262
mainly focus on AV component and functional failures, ignoring high-level safety
hazard casual factors originating from system interactions and organizational flaws.
New hazard analysis tools such as System Theoretical Process Analysis (STPA) provide
systematic and sequential steps for identifying hazardous interactions within a
system in the absence of extensive test trials and operational data. This thesis aimed
to provide a pilot application of STPA for evaluating the systematic safety of AV
in different traffic scenarios. The case study in this thesis is AV at an unsignalized
intersection with an unprotected left turn.
The framework of the methodology in this thesis is formulated by using the STPA
process. The first step defines the scope and objectives of the analysis. This involves
defining the traffic system, enumerating its hazardous states, and identifying losses
unacceptable to stakeholders. The second step establishes the traffic system control
structure consisting of controllers, actuators, sensors, and controlled components.
The third step identifies Unsafe Control Actions (UCA) that under the worst or
extreme environmental conditions will lead to one or more hazards. Lastly UCA
causal factors are identified through a brainstorming process. A hazardous Factor
Network (HFN) is developed for a structured causal factor identification process.
Further, principles of network analysis such as network traceability and betweenness
values are utilized for causal factor (CF) evaluation.
The results show that STPA can be applied to identify hazard causal factors in a
iv
traffic system with autonomous vehicles. The result also showed that hazard causal
factors in a traffic system are highly connected and related to each other. The
HFN provided a structured framework for casual factor traceability and evaluation.
For example, identified CF5 (inadequate road infrastructure maintenance and management
plan by road authority) had the highest betweenness value in the HFN.
Meaning that CF5 is highly connected to other causal factors and UCAs, hence is
very vital to the safety of AVs in the current traffic system. In conclusion, the thesis
shows that in the absence of high statistical data, STPA can be applied as a framework
for analyzing traffic system safety with the introduction of fully autonomous
vehicles in the current system. This thesis finally recommends further research and
development of the STPA process to include a “probabilistic link” between the Unsafe
Control Actions (UCA) and established causal factors.