1. Introduction

Ensuring the safety of ADAS and automated driving systems, particularly for Level 2+ and Level 3 automated driving features, is a challenge I encountered firsthand while working with major OEMs and Tier 1 suppliers. These projects required robust methodologies to address safety-critical scenarios, many of which involved hazardous edge cases that could not be safely or feasibly tested in real-world environments.

While leading the development of these features, I consistently faced the limitations of traditional Hazard Analysis and Risk Assessment (HARA). Subjective estimations of severity and controllability often introduced variability, making it difficult to establish a data-driven foundation for safety goal feasibility. The need for a more structured and objective approach became clear as we navigated the complexities of ISO 26262 compliance.

In response, I developed a methodology that combines realistic simulation software with research-backed data to objectively analyze safety-critical scenarios. This approach reduces subjectivity, enables detailed feasibility assessments, and supports the validation of safety goals in complex edge-case scenarios. This entry showcases the methodology and experiences that inspired it, highlighting my expertise in safety analysis for advanced driving systems.

2. Challenges in Traditional HARA

Working directly on advanced automated driving systems for major OEMs and Tier 1 suppliers, I encountered several recurring challenges:

  • Subjectivity in Safety Analysis: Traditional HARA processes rely heavily on human judgment to estimate severity and controllability, leading to variability between analysts and teams.

  • Infeasibility of Real-World Testing: Simulating rare but high-risk events like high-speed cut-ins or nighttime pedestrian detection in the real world is unsafe, impractical, or cost-prohibitive.

  • Alignment with ISO 26262: Ensuring compliance often exposed the need for clear, reproducible methods to validate safety goals effectively.

These challenges weren’t theoretical observations—they were obstacles I faced while designing and analyzing safety-critical systems. My solution addresses these gaps by grounding safety analysis in data-driven, simulation-based insights.

3. My Methodology: Step-by-Step

Here’s a detailed breakdown of the methodology I developed to bring objectivity and reproducibility to HARA:

1. Define Edge-Case Scenarios
Collaborate with cross-functional teams to identify edge-case scenarios critical to system safety, taking into account item definition and intended Operational Design Domain (ODD). For example:

  • Highway Merge: A vehicle cuts into the lane unexpectedly at high speeds.

  • Lane Departure: ego-vehicle unexpectedly leaves its driving lane.

  • Pedestrian Detection: Nighttime emergency braking scenarios in poor visibility.

2. Setup the Simulation Environment

Leverage advanced simulation platforms like CARLA, CarMaker, or proprietary OEM tools to replicate real-world conditions with high fidelity. The simulation setup includes:

  • Vehicle dynamics tuned to OEM specifications.

  • Safety critical scenario specifics, including ego-vehicle, traffic vehicle, road, driving maneuvers, etc.

  • Environmental variables like weather, road conditions, and traffic patterns.

  • Human-in-the-loop capabilities to replicate driver behavior.

Simulation-Based Safety Analysis

A Data-Driven Approach to Analyze Safety Critical Scenarios Using Realistic Simulations for ADAS and Automated Driving Features

Figure 1. Scenario Configuration in IPG Carmaker

Figure 2. Vehicle Dynamics Configuration in IPG Carmaker

Figure 3. Driver Take-Over Time Reaction Timeline Integrated into Realistic Simulation as Collision Avoidance Maneuver

3. Integrate Research Data
Incorporate external data sources to refine the analysis:

  • Driver Reaction Times: Based on human factors studies and behavioral data.

  • Severity Metrics: Derived from crash dynamics and injury severity databases.

4. Run Simulations
Execute simulations across a range of parameters, varying factors such as vehicle speeds, braking forces, and environmental conditions. This generates datasets for:

  • Collision data, including collision speed, and frequency of collisions.

  • Time-to-collision (TTC) metrics.

  • Controllability outcomes based on driver responses.

5. Analyze Data
Use research data to quantify simulation results for:

  • Severity Ratings: Evaluated based on crash speed and forces.

  • Controllability Ratings: Based on successful mitigations by drivers.

Figure 4. Drivers Take-Over Time Distribution

6. Validate Findings
Cross-reference simulation results with:

  • Real-world testing data where available.

  • Feedback from safety engineers and stakeholders to ensure alignment with ISO 26262 requirements.

7. Determine Safety Goals

Work closely with key stakeholders and Subject Matter Experts (SMEs) to determine appropriate Safety Goals to mitigate risk associated with ASIL rated scenarios.

4. Case Studies

This methodology has been applied to several safety-critical scenarios during my work with OEMs and Tier 1 suppliers:

Highway Merge with Cut-In

  • Scenario: A high-speed vehicle cuts into the lane, requiring evasive action.

  • Simulation Setup: Traffic models with realistic vehicle trajectories and driver behavior.

  • Results: Quantified severity and controllability, providing data to refine lane-keeping and collision avoidance algorithms.2.

Highway Lane Departure

  • Scenario: A vehicle executing sharp curves in a highway at high speeds.

  • Simulation Setup: Traffic models steering torque limitations and driver reactions.

  • Results: Refined ODD and necessary steering torque to execute curve limits

Highway Steering Faults

  • Scenario: A vehicle executing faulty steering movements leading to crossing into oncoming traffic.

  • Simulation Setup: Max steering fault applied in the system with no driver reaction

  • Results: Refined safety goal with perception barrier gap detection minimum size

5. Results and Innovations

  • Objective HARA Analysis: The integration of simulation data reduced reliance on subjective assessments, ensuring consistent and repeatable safety analysis.

  • Improved Safety Goal Feasibility: Enabled early validation of safety goals before physical testing, saving development time and cost.

  • Broader Applicability: This methodology is adaptable across a wide range of ADAS and automated driving use cases.

6. Lessons Learned

  • Iterative Development: Refining simulations based on feedback from safety teams and stakeholders is critical to achieving reliable results.

  • Cross-Functional Collaboration: Working closely with systems engineers, software teams, managers, directors, and functional safety experts improves the overall impact of the methodology.

7. Limitations of the Simulation-Based Approach & Comparison to Alternative Approaches

While this methodology provides significant advantages, like any simulation-based approach, it has inherent limitations:

  • Simulation Realism:

    • Even with advanced platforms, simulations cannot perfectly recreate the physical and psychological complexity of real-world environments.

    • Certain variables, such as weather conditions or unexpected behaviors, may be oversimplified.

  • Data Quality:

    • The accuracy of the analysis heavily depends on the quality and relevance of external research data (e.g., driver response times or crash statistics).

    • Mismatched or incomplete datasets can lead to skewed results.

  • Driver Behavior:

    • Simulated drivers do not replicate the emotional or physical responses of real-world drivers facing high-risk situations.

  • Ideal Real-World Testing:

    • The most accurate method would involve using real vehicles with average drivers in edge-case scenarios, supported by a professional in the passenger seat to intervene if needed. However, such setups require extensive preparation and resources, making them impractical for many manufacturers.

Table 1. Comparison of Simulation with Other Approaches for Safety Analysis

Summary of Comparison:

  • Simulation-Based Testing: Best for early development and quick iteration. Provides insights into feasibility but lacks full realism.

  • Driving Simulator Setups: A middle ground, offering some real-world driver interaction but still lacks the urgency and danger of real-world driving.

  • Real Vehicle Testing: The most accurate and ideal but often impractical due to resource and time constraints.

8. Impact

This methodology demonstrates my ability to address complex safety challenges through innovation and technical expertise. By combining my hands-on experience with major OEMs and Tier 1 suppliers with cutting-edge simulation tools, I developed a practical, scalable solution for modern safety-critical systems. This approach not only enhances compliance with ISO 26262 but also accelerates the development of safer, more reliable automated driving features.