Safety Analysis of Heavy-Duty Truck Platooning Systems · Safety Analysis of Heavy-Duty Truck...
Transcript of Safety Analysis of Heavy-Duty Truck Platooning Systems · Safety Analysis of Heavy-Duty Truck...
SAE INTERNATIONAL
Safety Analysis of Heavy-Duty Truck Platooning Systems
Doug PapeBattelle
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Safety Analysis of Heavy-Duty Truck Platooning Systems
Battelle is conducting this research for NHTSA
Safety Analysis of Heavy-Duty Truck Platooning Systems
List of Current and Future
Products
Hazard Analysis and
Risk AssessmentSafety Analysis
Study Completion: Summer 2020.
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
A Sampling of Platooning Projects
Safety Analysis of Heavy-Duty Truck Platooning Systems
Volvo Peloton
Texas A&M Transportation Institute
TARDEC
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Safety Analysis of Heavy-Duty Truck Platooning Systems
Safety Analysis of Heavy-Duty Truck Platooning Systems
List of Current and Future
Products
Hazard Analysis and
Risk AssessmentSafety Analysis
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Hazards
An event that poses danger to people, the system, or the environmentCaused by human error, hardware failure, or software defect (usually)May be caused by limits of system design (scenario not anticipated)
Safety Analysis of Heavy-Duty Truck Platooning Systems
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Identifying Hazards
Preliminary Hazard Analysis (PHA) More formalized than brainstorming
Decompose the design to subsystems or blocks• Identify failures of the function of each block• Identify failures of the interfaces• Identify failures from the environment and from human factors
Safety Analysis of Heavy-Duty Truck Platooning Systems
Then characterize the risk of every hazard.
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Risk Characterization
Safety Analysis of Heavy-Duty Truck Platooning Systems
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Risk Characterization
Safety Analysis of Heavy-Duty Truck Platooning Systems
ISO 26262 adds a third dimension—
Controllability
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Classes of Hazards We Are Considering
Safety Analysis of Heavy-Duty Truck Platooning Systems
• Communication failures (message lost, delayed, corrupted)• Component failures (hardware failures, software errors)• Vehicle factors (brake failures, differences in brake rates)• Environmental factors (weather, other traffic)• Driver issues (lack of training, acclimatization with the system)• Human factors (reliance, fatigue, workload, fumes from close
following, trust in the other driver, standardization across brands)
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Safety Analysis of Heavy-Duty Truck Platooning Systems
Safety Analysis of Heavy-Duty Truck Platooning Systems
List of Current and Future
Products
Hazard Analysis and
Risk AssessmentSafety Analysis
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Common Safety Analysis Techniques
Failure Modes & Effects AnalysisFMEABottom Up
Safety Analysis of Heavy-Duty Truck Platooning Systems
Fault Tree AnalysisFTATop Down
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Failure Modes & Effects Analysis
Safety Analysis of Heavy-Duty Truck Platooning Systems
Bottom UpA Failure Modes & Effects Analysis determines
how a system might failand the likely effects of particular modes of a failure.
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Failure Modes & Effects Analysis
Safety Analysis of Heavy-Duty Truck Platooning Systems
What can go wrong
with the input?
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Failure Modes & Effects Analysis
Safety Analysis of Heavy-Duty Truck Platooning Systems
What can go wrong
with the input?
What is the effect
on the output?
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Failure Modes & Effects Analysis
Safety Analysis of Heavy-Duty Truck Platooning Systems
What can go wrong
with the input?
What is the effect
on the output?
How bad?
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Failure Modes & Effects Analysis
Safety Analysis of Heavy-Duty Truck Platooning Systems
What can go wrong
with the input?
What is the effect
on the output?
How bad?
What are the causes?
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Failure Modes & Effects Analysis
Safety Analysis of Heavy-Duty Truck Platooning Systems
What can go wrong
with the input?
What is the effect
on the output?
How bad?
What are the causes?
How often?
What can be done?
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Fault Tree Analysis (FTA)
Safety Analysis of Heavy-Duty Truck Platooning Systems
Top DownA Fault Tree Analysis is
a deductive analytical techniquewhere an undesirable state is specified.
FTA demonstrates how resistant a system is to initiating faults.FTA of complex systems is labor intensive
but beneficial.
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Top-Down Approach
Safety Analysis of Heavy-Duty Truck Platooning Systems
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Top-Down Approach
Safety Analysis of Heavy-Duty Truck Platooning Systems
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Top-Down Approach
Safety Analysis of Heavy-Duty Truck Platooning Systems
Fade
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Top-Down Approach
Safety Analysis of Heavy-Duty Truck Platooning Systems
Fade
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Human Factors
Analysis Techniques• Task analysis• Workload assessment• Activity sequence diagramPossible Faults• Distraction or boredom• Confusing message
Safety Analysis of Heavy-Duty Truck Platooning Systems
SAE INTERNATIONALSAE INTERNATIONALCopyright © SAE International. Further use or distribution is not permitted without permission from SAE
Questions
Safety Analysis of Heavy-Duty Truck Platooning Systems
?Contact Information:
Doug Pape [email protected]
NHTSA Program Lead:Alrik Svenson [email protected]