Functional Safety: How GPR Helps Meet Requirements

ADAS and Safety

When discussing autonomous vehicles, a critical question arises: How reliable must they be? Current human drivers average one fatality every 100 million miles. Self-driving cars are expected to perform anywhere from 2 to 100 times better than this standard, removing the 94% of accidents attributed to driver error. Achieving this level of reliability is crucial not only for safety but also for building trust with users and regulatory bodies. 

The automotive industry understands that any fatal incidents linked to self-driving vehicles could severely damage reputations and lead to significant legal challenges. Hence, companies must develop robust systems that ensure safety and reliability. 

And with lofty upcoming goals from companies like Aurora to launch driverless freight in mid-2025, commercial industries need to ensure they achieve the highest functional safety levels. 

What Is Functional Safety in Autonomous Vehicles (AV)? 

Functional safety in the context of Level 4 refers to an AV’s ability to detect, prevent, and mitigate failures or scenarios that could result in hazardous situations. Defined by ISO 26262, the standard for automotive functional safety, it encompasses system design, fault tolerance, redundancy, and fail-operational strategies. 

For AVs, this means: 

  • Redundancy: Multiple layers of sensing, computation, and actuation to handle failures. 
  • Fail-safe and fail-operational systems: Vehicles must detect failures and either safely disengage or continue operating in a degraded but safe mode. 
  • Continuous self-validation: The AV must consistently verify that its sensors, perception, and localization are functioning correctly. 

How Do Autonomous Vehicles Achieve Functional Safety? 

Achieving functionally safe autonomy in AVs involves a combination of hardware redundancy, sensor fusion, fault-tolerant architectures, and fail-operational strategies that work together to maintain system integrity, even in the presence of component failures or environmental challenges. 

Redundancy: Eliminating Single Points of Failure 

Functionally safe autonomy is built upon redundancy, ensuring that no single point of failure can compromise vehicle safety. This is achieved by integrating multiple, overlapping systems that provide alternative means of perception, decision-making, and actuation. 

  • Sensor redundancy: AVs employ multiple sensor modalities, such as Lidar, cameras, radar, GNSS, and Ground Penetrating Radar (GPR), ensuring that if one sensor fails or is degraded (e.g., due to adverse weather conditions), others can compensate. 
  • Computational redundancy: Critical decision-making processes are distributed across redundant computing platforms. Failover mechanisms ensure that a secondary unit takes over if a processing unit malfunctions without disrupting vehicle operation. 
  • Actuation redundancy: Redundant braking, steering, and power systems enable AVs to execute safety-critical maneuvers even if primary actuators fail. 

Sensor Fusion: Enhancing Reliability Through Multi-Modal Perception 

To achieve a high degree of reliability, AVs use sensor fusion, a process that combines data from multiple sources to create a comprehensive and accurate understanding of the environment. Each sensor type has strengths and weaknesses: 

  • Cameras: Provide high-resolution visual data but are affected by lighting conditions and adverse weather. 
  • Lidar: Collect high-resolution point cloud data but struggle in fog, snow, or dust. 
  • Radar: Provides coarse point clouds and works well in adverse weather but lacks high resolution. 
  • GNSS (GPS): Provides global positioning but is vulnerable to signal loss in tunnels, urban canyons, or under heavy foliage. 
  • Ground positioning radar: Uses stable underground features for localization, ensuring reliable positioning even when above-ground sensors are compromised. 

By fusing data from these diverse sources, AVs can detect inconsistencies and cross-validate information, reducing the risk of misinterpretation and generating a robust environmental model. 

Functional Safety Architectures: Designing for Fail-Safe and Fail-Operational Performance 

ISO 26262 emphasizes the need for fail-safe and fail-operational strategies in AV system design. These architectures ensure that when a failure occurs, the vehicle can still operate in a degraded but safe mode. 

Fail-safe design requires that, in case of a major failure, the AV transitions into a minimal-risk condition, such as safely stopping on the roadside or handing control back to a human driver. 

Fail-operational systems refer to certain critical functions, like localization and braking, that must continue working even after component failure. For example, GPR-based localization remains operational even when GNSS or visual sensors are degraded, allowing AVs to maintain safe navigation when localization is safety critical. 

Real-Time Self-Monitoring and Fault Detection 

AVs continuously monitor their internal systems to detect and respond to potential failures before they lead to unsafe conditions. Health monitoring systems perform sensor diagnostics, ensuring sensors provide accurate data and are not affected by occlusion, interference, or degradation. Actuator health checks verify that braking and steering systems respond correctly to commands. And localization consistency checks compare multiple localization sources (GNSS, HD maps, GPR, IMUs) to detect discrepancies and trigger failover mechanisms if necessary. 

Functional safety extends beyond hardware failures to include protection against cyber threats. AVs must be resilient to attacks that could compromise their perception, decision-making, or localization capabilities. 

How WaveSense Helps Meet Functional Safety Standards 

One of the biggest challenges in achieving functional safety is localization—knowing precisely where the vehicle is at all times, even in GPS-denied or sensor-degraded environments.  

GPR’s WaveSense solution provides a localization method that is inherently robust against common failure points in traditional AV sensors.WaveSense maps the road’s subsurface, which remains stable over time, unlike lane markings, road signs, or above-ground objects that can change due to construction or weather. Even if cameras, Lidar, or GPS fail, GPR remains operational, allowing the AV to continue navigating safely. 

Weather conditions or dust storms can impair traditional sensors but do not affect GPR’s ability to localize based on the subsurface. This ensures the AV maintains precise localization, even in conditions where other systems might fail. 

Cybersecurity is an often-overlooked aspect of AV safety. GPS spoofing can mislead a vehicle, and adversarial attacks can disrupt computer vision models. GPR is immune to these threats, providing an untainted, physics-based ground truth for localization. 

WaveSense’s technology completes existing AV localization stacks, enhancing redundancy and enabling compliance with ISO 26262 safety requirements. By integrating GPR into the sensor fusion stack, AV developers increase reliability and ensure safety even in complex scenarios like adverse weather or GNSS-denied environments. 

Conclusion 

Functional safety is non-negotiable in autonomous mobility. As AV technology advances, so must the safety measures that underpin it. WaveSense offers a proven, redundant, and resilient localization solution that significantly enhances functional safety and the ability to perform critical functions, like minimal risk maneuvers.  

For many autonomous solutions, WaveSense is not just an advantage—it’s a necessity in ensuring vehicles operate safely, no matter the conditions. To learn more about the benefits of WaveSense, contact us or email info@gpr.com.