Download - MATLAB EXPO 2019 Bern
![Page 1: MATLAB EXPO 2019 Bern](https://reader030.vdocuments.us/reader030/viewer/2022012519/6193b7c829d475222176892d/html5/thumbnails/1.jpg)
Designing and controlling safe self-driving systems
Dr. Erik Wilhelm
Head of Research
KYBURZ Switzerland
MATLAB EXPO 2019 Bern
23rd May, 2019
![Page 2: MATLAB EXPO 2019 Bern](https://reader030.vdocuments.us/reader030/viewer/2022012519/6193b7c829d475222176892d/html5/thumbnails/2.jpg)
A well-established brand
11.04.2019
• Founded 1993• Owner operated• Over 16,000 vehicles
sold• 30M CHF/year
turnover• 100 + Employees• Headquarters in
Freienstein, ZH
![Page 3: MATLAB EXPO 2019 Bern](https://reader030.vdocuments.us/reader030/viewer/2022012519/6193b7c829d475222176892d/html5/thumbnails/3.jpg)
Changing postal delivery landscape
11.04.2019
• Must be:
– Cheaper
– Faster
– More reliable
– ... More personal?
![Page 4: MATLAB EXPO 2019 Bern](https://reader030.vdocuments.us/reader030/viewer/2022012519/6193b7c829d475222176892d/html5/thumbnails/4.jpg)
Prototype series
11.04.2019
• Mobile depot box (eT2)
• Sensors
– 2D Lidar
– Ultrasonic
– 360 camera
– GPS
– Bump-stop
• Autonomous delivery agent (eT3)
• Sensors
– 3D Lidar
– Ultrasonic
– Infraded
– INS
– Bump-stop
• Flexible delivery system (eT4)
• Sensors
– 3D Lidar (2x)
– Ultrasonic (8x)
– Infrared (8x)
– Radar (4x)
– GPS (INS)
– 360 Cameras (localization)
– 360 Cameras (comprehension)
– Time-of-flight camera
– Bump-stop
![Page 5: MATLAB EXPO 2019 Bern](https://reader030.vdocuments.us/reader030/viewer/2022012519/6193b7c829d475222176892d/html5/thumbnails/5.jpg)
Autonomous System Design Challenges
23.05.2019
High availability Ap(proved) safety
Image: sick.comImage: ABC news
Test coverage
Image: youtube.com
![Page 6: MATLAB EXPO 2019 Bern](https://reader030.vdocuments.us/reader030/viewer/2022012519/6193b7c829d475222176892d/html5/thumbnails/6.jpg)
Availability Requirement
• Robotic delivery amortized with 1 disengagement/day, never with 3 disengagements/day
Image: Frugal Entrepreneur Image: cnbc.com
• 300 parcels/day
• 8.25 hr/day
• 56 kCHF/year
• 40 parcels/day
• 24 hr/day
• 50 kCHF purchase
• 1 disengagement/day
• 56 hours per year
• 3 kCHF per year
![Page 7: MATLAB EXPO 2019 Bern](https://reader030.vdocuments.us/reader030/viewer/2022012519/6193b7c829d475222176892d/html5/thumbnails/7.jpg)
Sensor and controller redundancy
11.04.2019
![Page 8: MATLAB EXPO 2019 Bern](https://reader030.vdocuments.us/reader030/viewer/2022012519/6193b7c829d475222176892d/html5/thumbnails/8.jpg)
Workflow
• This workflow allows SIL2 certifiable code to be generated using model-based design
• Review and testing occurs within each phase and before each release
23.05.2019
Specifications Model Based Design Code Generation Compilation
![Page 9: MATLAB EXPO 2019 Bern](https://reader030.vdocuments.us/reader030/viewer/2022012519/6193b7c829d475222176892d/html5/thumbnails/9.jpg)
Availability Solution
• Supervisory controller
invokes multiple
independent and redundant
motion control paradigms
– Local
– Remote
– Mission training
– Mission running
• Graphical state modeling of
control logic allows
streamlined, debuggable,
testable strategies
Controller n-1
Controller 1
Controller n
Fault handlerSelf-test handler
![Page 10: MATLAB EXPO 2019 Bern](https://reader030.vdocuments.us/reader030/viewer/2022012519/6193b7c829d475222176892d/html5/thumbnails/10.jpg)
Functional Safety and Approvals
11.04.2019
• Kyburz is designing autonomous
machines not vehicles
– IEC 61508
• Voluntarily following automotive
functional safety norms
– ISO 13849:2015
– ISO 26262:2018
• Primary implications
– Development process
– Documentation system
– Component selection
– Software development toolchains
Image: ROSAS Freiburg, Paria Amini
![Page 11: MATLAB EXPO 2019 Bern](https://reader030.vdocuments.us/reader030/viewer/2022012519/6193b7c829d475222176892d/html5/thumbnails/11.jpg)
Safety Solution
• Kyburz toolchain uses layered verification techniques and model-based design
• All requirements are easily documented for traceability
System Specification
Module Specification
Unit Specification Unit Tests
Module Tests
System TestsROS Gazebo + SIL environment (Multiphysics)
Co-simulation of Testbenches
Simulink Test
![Page 12: MATLAB EXPO 2019 Bern](https://reader030.vdocuments.us/reader030/viewer/2022012519/6193b7c829d475222176892d/html5/thumbnails/12.jpg)
Safety Example
• Serial communication errors are detected and handled gracefully in control logic
controller_error
INS_status
Error State Handler
CRC_evaluation
Controller Function Block
![Page 13: MATLAB EXPO 2019 Bern](https://reader030.vdocuments.us/reader030/viewer/2022012519/6193b7c829d475222176892d/html5/thumbnails/13.jpg)
Corner Cases
• Hazard and Risk Assessment (HARA) identified 30 failure modes with Risk Priority Number (RPN) > 200, some which are challenging to simulate
Image: drivingtests.co.nz
Image: arstechnica.com
Image: sick.com
Risk (RPN) = Occurrence x Severity x Controllability
![Page 14: MATLAB EXPO 2019 Bern](https://reader030.vdocuments.us/reader030/viewer/2022012519/6193b7c829d475222176892d/html5/thumbnails/14.jpg)
Corner Cases Solution
• ROS Gazebo enables detailed sensor measurement-level simulation
• With co-simulation testing is drastically streamlined
ROS Subscribers
ROS Publishers
Autogenerated
![Page 15: MATLAB EXPO 2019 Bern](https://reader030.vdocuments.us/reader030/viewer/2022012519/6193b7c829d475222176892d/html5/thumbnails/15.jpg)
Corner Cases Example
23.05.2019
![Page 16: MATLAB EXPO 2019 Bern](https://reader030.vdocuments.us/reader030/viewer/2022012519/6193b7c829d475222176892d/html5/thumbnails/16.jpg)
Summary
• Kyburz Switzerland’s autonomous system developments have saved
substantial development time from
– Enabling seamless and testable control redundancy with finite state
machines
– Integrated toolboxes for streamlining development following functional
safety norms
– Simulation of difficult to test corner-cases with controller to environment
interfaces
![Page 17: MATLAB EXPO 2019 Bern](https://reader030.vdocuments.us/reader030/viewer/2022012519/6193b7c829d475222176892d/html5/thumbnails/17.jpg)
Thank you for your attention
23.05.2019