Getting Started in Autonomous Safety

I get this question a lot: "Hey, I am an experienced functional safety engineer in another industry. How do I break into the self-driving industry?". Autonomous systems are cool, and people want in!

I get that question a lot because I successfully "made the leap" a couple of years ago. I had spent over 20 years in the chemical and refining industry, then two weeks later I was designing robot cars!

In this post, I will give some tips on skills and knowledge that I think are necessary both to "break-in" to the autonomous vehicle industry and to succeed.

Functional Safety Basics

If you are reading this, you probably already have some experience with functional safety. Automotive functional safety is defined by the ISO 26262 standard.

If you are familiar with IEC 61508 or IEC 61511, you should find ISO 26262 very familiar. ISO 26262 was derived from IEC 61508, although it fell farther from the tree than many other IEC 61508 offspring. You can read these posts for an intro to ISO 26262 and an intro to fault metrics.

It is important to understand that ISO 26262 is a thing for autonomous vehicles, but it is not the only thing. You will hear both of the terms "functional safety" and "system safety" used in the autonomous vehicle (AV) domain. System safety generally denotes a focus beyond ISO 26262.

Beyond Functional Safety

The ISO 26262 standard circumscribes functional safety scope significantly more than IEC 61508. ISO 26262 functional safety typically does not cover:

  • Functional failures not caused by hardware or software faults
  • Insufficiencies of nominal performance
  • Human error
  • Intentional misuse

ISO 26262 was written for conventional automobiles and driver assistance systems, not autonomous vehicles. Due to the limitations of ISO 26262, it has been extended in various ways, including:

  • SOTIF
    • Safety Of The Intended Functionality (SOTIF), covered by ISO 21448 and intended to analyze safety of functional insufficiencies and unknown unknowns
  • STAMP/STPA
    • Systems-theoritic accident model and process (STAMP) and Systems-theoretic process analysis (STPA) are a hazard analysis methodology that incorporates human, organizational, and interaction causes. It is referenced in ISO 21448. Learn more in this STAMP post.
  • Safety Case GSN
  • UL 4600
    • UL 4600 is the first safety standard specifically targeted at autonomous vehicles. It is still new in 2020, so it is still percolating through the industry. A final draft of UL 4600 is available online.
  • MBSE
    • Model Based Systems Engineering is not strictly a safety technique, but it is a systems engineering approach that includes system safety. Learn a little about it here and here.

If you want to succeed (and survive the interview process!) with an AV company, you need to have at least a basic familiarity with the items above.

Not everything is new! FMEA and Fault Tree analysis are also common in the industry. FMEA in particular has been the tool of choice in conventional automotive. Learn more about automotive FMEA here.

There are many, many other autonomous safety resources out there, including:

Autonomous Vehicle Basics

Knowing functional safety and related techniques is important for the AV industry, but it's not enough. You need to do your homework and understand some of the fundamental technologies behind AVs. A sampling is given below:

Basics and History
Here is a gentle introduction to self-driving cars. Watch some videos about the DARPA grand challenge. Who are some of the leading players today?

Levels of Autonomy
The SAE J3016 recommended practice gives a common framework and vocabulary for talking about automated driving systems

Functional Architecture
Understand the problem we are trying to solve and the abstract functions that are required to solve it. Example architectures here and here.

Technical Architectures
Understand the technology and architectures that are typically used to implement these functions. Here is a good overview.

Sensor Technologies
Learn about the cutting edge sensor technology used in autonomous vehicles, including LIDAR and other sensors. And don't forget sensor fusion.

Machine Learning
Machine Learning is the cool technology that helped make self-driving cars a reality. To learn about this, Coursera is your low cost friend. Start here.

Autonomy and Robotics Software
Unless you are already a robotics engineer, you may not know about localization algorithms, computer vision, motion planning, and motion control. All of these can be done without machine learning. As a safety engineer, you don't have to be an expert in all of these, but you can't be clueless. Again, I recommend starting here with Coursera. The Udacity course is also great, but it's much more expensive. Matlab also has several great free talks available.

Python, Linux, etc.
If you are moving from aviation, chemicals, or manufacturing where your "high tech" was installed 20 years ago, you may need to brush up on your tech skills. Again, Coursera is your friend.

Summary

This list is probably more than a little intimidating, but don't let that stop you! It is not necessary to master all of these skills to start an AV safety career. How do you eat an elephant? One bite at a time!

The biggest challenge is continuous learning and improvement. Unlike the stodgy old oil refinery, the AV industry is competitive and fast moving. Getting started in the industry is just the beginning.

Autonomous vehicle system safety engineers are in high demand. That is not going to change anytime soon. As fast as the technology matures, people will dream up new applications and new challenges to solve. Careers in system safety for autonomous systems will be around for a long, long time.

Leave a Reply

Your email address will not be published. Required fields are marked *