Automation Ironies—

Share this article: FacebooktwitterlinkedinFacebooktwitterlinkedin

planes have had it;

cars add it;

experts suggest that car regulations may be needed

The National Transportation Safety Board investigates accidents and incidents in all modes of transportation. It has no authority to regulate; the National Highway Transportation Safety Administration and the FAA do. Before an aircraft may operate, it must meet a system of required airworthiness standards. NHTSA does not issue pre-operation tests.

Aviation has increasingly used automation (including positive control of aircraft), which the FAA has carefully reviewed prior to declaring that the plane may fly. The Automobile Industry has begun to add automation to its vehicles and most recently Tesla’s Autopilot, General Motors’ Super Cruise, and Audi’s Traffic Jam Pilot have been added to provide some level of control of the vehicles.

The Board recently issued a report on Joshua Brown’s May 2016 crash of Tesla Model S using Autopilot becoming the first fatality in a car driving itself. The Board’s findings of probable cause included  Driver Errors, Overreliance on Automation, Lack of Safeguards, Led to Fatal Tesla Crash.

 

IRONY #1: the history of the NTSB’s reviews of aircraft automation highlights the problems of the interface between the pilot/driver and the computers. The irony is that with this record, why didn’t the automotive designers include precautions against the driver’s attention? The Board found:

Because driving is an inherently visual task and a driver may touch the steering wheel without visually assessing the roadway, traffic conditions, or vehicle control system performance, monitoring steering wheel torque provides a poor surrogate means of determining the automated vehicle driver’s degree of engagement with the driving task.

The way that the Tesla Autopilot system monitored and responded to the driver’s interaction with the steering wheel was not an effective method of ensuring driver engagement.

 

IRONY #2: Aviation, particularly commercial aviation, has reduced risk by its use of data. SMS and big data have provided the tools for preventative actions. The numbers must capture the same parameters in order to provide useful data. The Brown accident created a basis for the Board to find, and to strongly recommend, that the cars utilizing automation MUST capture consistent information and thus become useful for improving safety. Why did the automobile industry NOT agree to standard data as a basis for reducing risk?  The Board found:

  1. Without the manufacturer’s involvement, vehicle performance data associated with highly automated systems on vehicles involved in crashes cannot be independently analyzed or verified.
  2. A standardized set of retrievable data is needed to enable independent assessment of automated vehicle safety and to foster automation system improvements.
  3. To determine the safety effects from the use of automated vehicle control systems and to analyze the benefit-cost outcomes of these systems, reliable information is needed on the types of systems deployed and the numbers of miles driven using them.
  4. Connected vehicle technology will be most effective when all vehicles traveling on our roadways are equipped with the technology, and that is particularly important with respect to large, heavy trucks that pose the highest risk of injury to occupants of other vehicles.

IRONY #3: At a time when aviation safety is improving off of a history of heavy regulations, there are people claiming that more rules are necessary (even though experts disagree). The automotive record is more robust in

terms of highway fatalities-

This was (1) a case in which an industry ignored past absolutely relevant safety experience (even though the examples involved aviation)  and (2) in which prior determination of a specific system’s incorporation of the relevant safety threats appears to be an important policy response by NHTSA, the Board’s findings/recommendation include ONLY:

To the US Department of Transportation:

  1. Define the data parameters needed to understand the automated vehicle control systems involved in a crash. The parameters must reflect the vehicle’s control status and the frequency and duration of control actions to adequately characterize driver and vehicle performance before and during a crash.

To the National Highway Traffic Safety Administration:

  1. Develop a method to verify that manufacturers of vehicles equipped with Level 2 vehicle automation systems incorporate system safeguards that limit the use of automated vehicle control systems to those conditions for which they were designed.
  2. Use the data parameters defined by the US Department of Transportation in response to Safety Recommendation [1] as a benchmark for new vehicles equipped with automated vehicle control systems so that they capture data that reflect the vehicle’s control status and the frequency and duration of control actions needed to adequately characterize driver and vehicle performance before and during a crash; the captured data should be readily available to, at a minimum, National Transportation Safety Board investigators and National Highway Traffic Safety Administration regulators.
  3. Define a standard format for reporting automated vehicle control systems data, and require manufacturers of vehicles equipped with automated vehicle control systems to report incidents, crashes, and vehicle miles operated with such systems enabled.

To manufacturers of vehicles equipped with Level 2 vehicle automation systems (Audi of America, BMW of North America, Infiniti USA, Mercedes-Benz USA, Tesla Inc., and Volvo Car USA):

  1. Incorporate system safeguards that limit the use of automated vehicle control systems to those conditions for which they were designed.
  2. Develop applications to more effectively sense the driver’s level of engagement and alert the driver when engagement is lacking while automated vehicle control systems are in use.

To the Alliance of Automobile Manufacturers and to Global Automakers:

  1. Notify your members of the importance of incorporating system safeguards that limit the use of automated vehicle control systems to those conditions for which they were designed.

Reiterated Recommendations As a result of its investigation, the National Transportation Safety Board reiterates the following safety recommendations:

To the National Highway Traffic Safety Administration:

Develop minimum performance standards for connected vehicle technology for all highway vehicles. (H-13-30)

Once minimum performance standards for connected vehicle technology are developed, require this technology to be installed on all newly manufactured highway vehicles. (H13-31)

This case, early in the automation of cars, provides a significant policy moment, So, as the auto industry add increased reliance on computers to their vehicles:

  • would it not be wise to have NHTSA to assess the computers’ algorithms to be sure that the relevant threats are covered?
    • Note: the FAA’s recent adoption of industry developed standards should provide a model
  • Shouldn’t the DOT convene an industry meeting to standardize the data being captured?
  • Should there be more research and education of drivers about the interface with the computers.

The DOT and NTSB were designed intentionally to be multi-modal in their scope. Given the convergence of on vehicle automation (n.b. UAS heavily depend on computers), the broad perspective of both of these bodies should be utilized more effectively.

Share this article: FacebooktwitterlinkedinFacebooktwitterlinkedin

Leave a comment

Your email address will not be published.