Abstract:Automated and autonomous driving has made a significant technological leap over the past decade. In this process, the complexity of algorithms used for vehicle control has grown significantly. Model Predictive Control (MPC) is a prominent example, which has gained enormous popularity and is now widely used for vehicle motion planning and control. However, safety concerns constrain its practical application, especially since traditional procedures of functional safety (FS), with its universal standard ISO26262, reach their limits. Concomitantly, the new aspect of safety-of-the-intended-function (SOTIF) has moved into the center of attention, whose standard, ISO21448, has only been released in 2022. Thus, experience with SOTIF is low and few case studies are available in industry and research. Hence this paper aims to make two main contributions: (1) an analysis of the SOTIF for a generic MPC-based trajectory planner and (2) an interpretation and concrete application of the generic procedures described in ISO21448 for determining functional insufficiencies (FIs) and triggering conditions (TCs). Particular novelties of the paper include an approach for the out-of-context development of SOTIF-related elements (SOTIF-EooC), a compilation of important FIs and TCs for a MPC-based trajectory planner, and an optimized safety concept based on the identified FIs and TCs for the MPC-based trajectory planner.

What problem does this paper attempt to address?

The main problem that this paper attempts to solve is how to improve the safety of trajectory planners based on model predictive control (MPC), especially in terms of the Safety of the Intended Functionality (SOTIF). Specifically, the article aims to: 1. **Analyze SOTIF**: Conduct a SOTIF analysis on a general MPC - based trajectory planner, and identify its Functional Insufficiencies (FIs) and Triggering Conditions (TCs). This includes how to ensure the safety of the system in complex and dynamic driving environments, even when all system components are working as expected. 2. **Apply ISO 21448 standard**: Explain and specifically apply the general procedures described in the ISO 21448 standard to determine FIs and TCs. ISO 21448 is a new standard for SOTIF, released in 2022, so there is less relevant experience and limited case studies. 3. **Propose an innovative method**: Introduce a new method, namely "SOTIF - Related Elements out - of - context Development" (SOTIF - EooC), for developing SOTIF - related elements without relying on specific application scenarios. This method enables MPC - TP to be integrated into different types of vehicle control systems and can be reused in different vehicle types. 4. **Optimize the safety concept**: Based on the identified functional insufficiencies and triggering conditions, propose an optimized safety concept to improve the design and specifications of MPC - based trajectory planners. ### Key contributions - **Apply ISO 21448 framework**: Apply the abstract/general framework of the ISO 21448 standard to a real - world case study, focusing on the early part of the SOTIF life cycle. - **Explain and apply general methods**: Explain the general methods in ISO 21448 and apply them to specific usage scenarios to determine FIs and TCs. - **Structured list**: Derive a structured list of FIs and TCs as a comprehensive result of the SOTIF analysis. - **Refinement of out - of - context development**: Refine the concept of SOTIF - EooC to make it more suitable for practical applications. Through these efforts, the paper hopes to provide a more robust and safe design framework for MPC - TP in autonomous driving systems (ADS) to meet the challenges in an increasingly complex automated driving environment.

Analysis of Functional Insufficiencies and Triggering Conditions to Improve the SOTIF of an MPC-based Trajectory Planner

SOMTP: A Self-Supervised Learning-Based Optimizer for MPC-Based Safe Trajectory Planning Problems in Robotics

Safety Tunnel-Based Model Predictive Path-Planning Controller With Potential Functions for Emergency Navigation

SOMTP: Self-Supervised Learning-Based Optimizer for MPC-Based Safe Trajectory Planning Problems in Robotics

Safe Motion Planning and Control Framework for Automated Vehicles with Zonotopic TRMPC

Safe Trajectory Tracking in Uncertain Environments

Stochastic Model Predictive Control with a Safety Guarantee for Automated Driving: Extended Version

Model Predictive Path-Planning Controller With Potential Function for Emergency Collision Avoidance on Highway Driving

Experimental Validation of Safe MPC for Autonomous Driving in Uncertain Environments

Simultaneous Trajectory Planning and Tracking Using an MPC Method for Cyber-Physical Systems: A Case Study of Obstacle Avoidance for an Intelligent Vehicle

Forward Invariance in Trajectory Spaces for Safety-critical Control

Real-time MPC with Control Barrier Functions for Autonomous Driving using Safety Enhanced Collocation

Efficient MPC for Emergency Evasive Maneuvers, Part II: Comparative Assessment for Hybrid Control

A Safe Control Architecture Based on Robust Model Predictive Control for Autonomous Driving

Towards a Safe Real-Time Motion Planning Framework for Autonomous Driving Systems: An MPPI Approach

Human-centred Risk-Potential-based Trajectory Planning of Autonomous Vehicles

Probabilistically safe controllers based on control barrier functions and scenario model predictive control

Iterative Convex Optimization for Safety-Critical Model Predictive Control

STEAM & MoSAFE: SOTIF Error-and-Failure Model & Analysis for AI-Enabled Driving Automation

A Survey on an Emerging Safety Challenge for Autonomous Vehicles: Safety of the Intended Functionality

Safety Verification and Navigation for Autonomous Vehicles based on Signal Temporal Logic Constraints