Experimental Resilience Assessment of An Open-Source Driving Agent

TL;DR

This paper introduces a fault injection framework based on Systems-Theoretic Process Analysis to evaluate the resilience of an open-source autonomous driving system under various environmental faults, enhancing safety testing.

Contribution

It presents a strategic fault injection method derived from hazard analysis to improve safety scenario coverage in AV resilience assessment.

Findings

Strategic fault injection increases hazard coverage over random methods.

Openpilot's safety mechanisms can detect and recover from faulty sensor inputs.

The framework effectively simulates safety-critical faults in autonomous vehicles.

Abstract

Autonomous vehicles (AV) depend on the sensors like RADAR and camera for the perception of the environment, path planning, and control. With the increasing autonomy and interactions with the complex environment, there have been growing concerns regarding the safety and reliability of AVs. This paper presents a Systems-Theoretic Process Analysis (STPA) based fault injection framework to assess the resilience of an open-source driving agent, called openpilot, under different environmental conditions and faults affecting sensor data. To increase the coverage of unsafe scenarios during testing, we use a strategic software fault-injection approach where the triggers for injecting the faults are derived from the unsafe scenarios identified during the high-level hazard analysis of the system. The experimental results show that the proposed strategic fault injection approach increases the hazard coverage compared to random fault injection and, thus, can help with more effective simulation of safety-critical faults and testing of AVs. In addition, the paper provides insights on the performance of openpilot safety mechanisms and its ability in timely detection and recovery from faulty inputs.