Using Machine Learning Safely in Automotive Software: An Assessment and Adaption of Software Process Requirements in ISO 26262

TL;DR

This paper assesses how ISO 26262 safety standards can be adapted for machine learning in automotive software, proposing new requirements to ensure safety in ML-driven ADAS and ADS development.

Contribution

It provides a detailed assessment and extension of ISO 26262 Part 6 to address the unique challenges of supervised learning in automotive safety standards.

Findings

Identified gaps in ISO 26262 for ML safety requirements

Proposed new safety requirements for ML development processes

Discussed application of adapted standards to real ML scenarios

Abstract

The use of machine learning (ML) is on the rise in many sectors of software development, and automotive software development is no different. In particular, Advanced Driver Assistance Systems (ADAS) and Automated Driving Systems (ADS) are two areas where ML plays a significant role. In automotive development, safety is a critical objective, and the emergence of standards such as ISO 26262 has helped focus industry practices to address safety in a systematic and consistent way. Unfortunately, these standards were not designed to accommodate technologies such as ML or the type of functionality that is provided by an ADS and this has created a conflict between the need to innovate and the need to improve safety. In this report, we take steps to address this conflict by doing a detailed assessment and adaption of ISO 26262 for ML, specifically in the context of supervised learning. First we analyze the key factors that are the source of the conflict. Then we assess each software development process requirement (Part 6 of ISO 26262) for applicability to ML. Where there are gaps, we propose new requirements to address the gaps. Finally we discuss the application of this adapted and extended variant of Part 6 to ML development scenarios.