A formal framework for the safe design of the Autonomous Driving supervision

•Integration of safety activities to Systems Engineering processes.•Approach improving both system modeling and requirements formulation.•Requirements reinforcement by highlighting initial weaknesses.•Construction of a complete formal state model compliant with functional and safety viewpoints. The...

Full description

Saved in:
Bibliographic Details
Published inReliability engineering & system safety Vol. 174; pp. 29 - 40
Main Authors Cuer, Romain, Piétrac, Laurent, Niel, Eric, Diallo, Saidou, Minoiu-Enache, Nicoleta, Dang-Van-Nhan, Christophe
Format Journal Article
LanguageEnglish
Published Barking Elsevier Ltd 01.06.2018
Elsevier BV
Elsevier
Subjects
Automobile driving
Automobile industry
Automotive engineering
Autonomous cars
Autonomous vehicle
Autonomous vehicles
Collisions
Control systems
Design engineering
Design systems
Discrete-event dynamic systems
Driving
Electric power
Embedded systems
Engineering Sciences
Highway safety
Nonlinear systems
Redundancy control
Reliability engineering
Requirements analysis
Safety
Safety analysis
Safety critical
Safety engineering
Systems design
Systems engineering
Traffic accidents & safety
Traffic safety
Requirements analysis
Design systems
Autonomous vehicle
Systems engineering
Safety analysis
Redundancy control
Discrete-event dynamic systems
Online AccessGet full text
ISSN0951-8320
1879-0836
DOI10.1016/j.ress.2018.01.014

Cover

Abstract •Integration of safety activities to Systems Engineering processes.•Approach improving both system modeling and requirements formulation.•Requirements reinforcement by highlighting initial weaknesses.•Construction of a complete formal state model compliant with functional and safety viewpoints. The autonomous vehicle is meant to drive by itself, without any driver intervention (for the levels 4 and 5 of automated driving, according to the National Highway Traffic Safety Administration(NHTSA)). This car includes a new function, called Autonomous Driving (AD) function, in charge of driving the vehicle when it is authorized. This function may be in different states (basically active or inactive), that shall be managed by a sub-function, named supervision. The main focus of this work is to ensure that the supervision of a function, performed by a safety critical embedded automotive control system (controlled systems are not considered), respects functional and safety requirements. Usually two processes are involved in the system design: the systems engineering process and the safety one. The first process defines the functional requirements on the function while the safety one specifies redundant sub-functions (realizing together the function) allowing to ensure a continuous service under failure. Since two different aspects of the system are specified, it is a major challenge to make all requirements consistent, from the outset of the design process. In this paper, a method is precisely proposed to address this issue. A progressive reinforcement of the treated requirements is achieved by means of formal state models. In fact, the proposed approach permits to build state models from requirements initially expressed in natural language. Potential ambiguities, incompletenesses or undertones in requirements are in this way gradually deleted. The enrichment of conventional formal verification of control properties with safety requirements constitutes the main originality of the deployed method and contributes to solve inconsistencies between functional and safety verification processes. In addition, the application of the method to the design of AD function supervision highlights its efficiency in an industrial context.
AbstractList •Integration of safety activities to Systems Engineering processes.•Approach improving both system modeling and requirements formulation.•Requirements reinforcement by highlighting initial weaknesses.•Construction of a complete formal state model compliant with functional and safety viewpoints. The autonomous vehicle is meant to drive by itself, without any driver intervention (for the levels 4 and 5 of automated driving, according to the National Highway Traffic Safety Administration(NHTSA)). This car includes a new function, called Autonomous Driving (AD) function, in charge of driving the vehicle when it is authorized. This function may be in different states (basically active or inactive), that shall be managed by a sub-function, named supervision. The main focus of this work is to ensure that the supervision of a function, performed by a safety critical embedded automotive control system (controlled systems are not considered), respects functional and safety requirements. Usually two processes are involved in the system design: the systems engineering process and the safety one. The first process defines the functional requirements on the function while the safety one specifies redundant sub-functions (realizing together the function) allowing to ensure a continuous service under failure. Since two different aspects of the system are specified, it is a major challenge to make all requirements consistent, from the outset of the design process. In this paper, a method is precisely proposed to address this issue. A progressive reinforcement of the treated requirements is achieved by means of formal state models. In fact, the proposed approach permits to build state models from requirements initially expressed in natural language. Potential ambiguities, incompletenesses or undertones in requirements are in this way gradually deleted. The enrichment of conventional formal verification of control properties with safety requirements constitutes the main originality of the deployed method and contributes to solve inconsistencies between functional and safety verification processes. In addition, the application of the method to the design of AD function supervision highlights its efficiency in an industrial context.
The autonomous vehicle is meant to drive by itself, without any driver intervention (for the levels 4 and 5 of automated driving, according to the National Highway Traffic Safety Administration(NHTSA)). This car includes a new function, called Autonomous Driving (AD) function, in charge of driving the vehicle when it is authorized. This function may be in different states (basically active or inactive), that shall be managed by a sub-function, named supervision. The main focus of this work is to ensure that the supervision of a function, performed by a safety critical embedded automotive control system (controlled systems are not considered), respects functional and safety requirements. Usually two processes are involved in the system design: the systems engineering process and the safety one. The first process defines the functional requirements on the function while the safety one specifies redundant sub-functions (realizing together the function) allowing to ensure a continuous service under failure. Since two different aspects of the system are specified, it is a major challenge to make all requirements consistent, from the outset of the design process. In this paper, a method is precisely proposed to address this issue. A progressive reinforcement of the treated requirements is achieved by means of formal state models. In fact, the proposed approach permits to build state models from requirements initially expressed in natural language. Potential ambiguities, incompletenesses or undertones in requirements are in this way gradually deleted. The enrichment of conventional formal verification of control properties with safety requirements constitutes the main originality of the deployed method and contributes to solve inconsistencies between functional and safety verification processes. In addition, the application of the method to the design of AD function supervision highlights its efficiency in an industrial context.
Author Minoiu-Enache, Nicoleta
Diallo, Saidou
Piétrac, Laurent
Dang-Van-Nhan, Christophe
Cuer, Romain
Niel, Eric
Author_xml – sequence: 1
  givenname: Romain
  surname: Cuer
  fullname: Cuer, Romain
  email: romain.cuer@insa-lyon.fr
  organization: Université de Lyon, CNRS, INSA-Lyon, AMPERE, F-69621 Villeurbanne, France
– sequence: 2
  givenname: Laurent
  surname: Piétrac
  fullname: Piétrac, Laurent
  organization: Université de Lyon, CNRS, INSA-Lyon, AMPERE, F-69621 Villeurbanne, France
– sequence: 3
  givenname: Eric
  surname: Niel
  fullname: Niel, Eric
  organization: Université de Lyon, CNRS, INSA-Lyon, AMPERE, F-69621 Villeurbanne, France
– sequence: 4
  givenname: Saidou
  surname: Diallo
  fullname: Diallo, Saidou
  organization: Renault S.A.S., 1 avenue du Golf, 78280 Guyancourt, France
– sequence: 5
  givenname: Nicoleta
  surname: Minoiu-Enache
  fullname: Minoiu-Enache, Nicoleta
  organization: Renault S.A.S., 1 avenue du Golf, 78280 Guyancourt, France
– sequence: 6
  givenname: Christophe
  surname: Dang-Van-Nhan
  fullname: Dang-Van-Nhan, Christophe
  organization: Renault S.A.S., 1 avenue du Golf, 78280 Guyancourt, France
BackLink https://hal.science/hal-01707778$$DView record in HAL
BookMark eNp9kF9LwzAUxYNMcE6_gE8Fn3zoTJq2ScGXMf9MKPiizyFLb7bUrZlJW_Hbm1rxwYfBhcs9nHO4_M7RpLENIHRF8Jxgkt_WcwfezxNM-ByTMOkJmhLOihhzmk_QFBcZiTlN8Bk6977GGKdFxqaoXETaur3cRdrJPXxa9z4IUbuFyEsNUQXebJrI6h9p0bW2sXvb-ejemd40m8h3B3C98cY2F-hUy52Hy989Q2-PD6_LVVy-PD0vF2WsaJ60sdayypSSOgPg2TpsrrBmmuuUyjQBCprJIoeKU56wdbhUXqhMZkrnVGlKZ-hm7N3KnTg4s5fuS1hpxGpRikHDhGHGGO9J8F6P3oOzHx34VtS2c014TyQ4pzwPLyXBlYwu5az3DvRfLcFiICxqMRAWA-FQHyYNIf4vpEwr2wCiddLsjkfvxigETL0BJ7wy0CiojAPVisqaY_FvWC2aKg
CitedBy_id crossref_primary_10_1002_cpe_6550
crossref_primary_10_1155_2020_8830752
crossref_primary_10_1016_j_ress_2021_107933
crossref_primary_10_1016_j_ifacol_2020_12_1453
crossref_primary_10_1007_s00607_024_01375_x
crossref_primary_10_1016_j_ress_2021_107436
crossref_primary_10_1016_j_ress_2023_109621
crossref_primary_10_1109_TITS_2024_3513717
crossref_primary_10_1016_j_ress_2021_107610
crossref_primary_10_1016_j_ress_2022_108874
crossref_primary_10_1016_j_ress_2021_108062
crossref_primary_10_1142_S0218194022500188
crossref_primary_10_1109_TCST_2018_2827329
Cites_doi 10.1016/j.infsof.2015.12.008
10.1109/MITS.2016.2613913
10.1016/j.automatica.2016.10.012
10.1016/j.ress.2014.10.025
10.1007/s100090050010
10.1016/j.jides.2015.11.001
10.1016/j.ress.2013.06.007
10.1016/S1005-8885(15)60624-0
10.3182/20070613-3-FR-4909.00024
10.1109/MITS.2016.2583491
10.1016/j.arcontrol.2017.03.004
10.1007/s00502-011-0007-7
10.1016/j.ssci.2016.04.011
10.1016/j.entcs.2011.07.005
10.1109/TCST.2007.894653
10.1016/j.eswa.2015.03.022
10.1016/j.micpro.2016.07.020
10.1016/j.ress.2009.11.015
ContentType Journal Article
Copyright 2018 Elsevier Ltd
Copyright Elsevier BV Jun 2018
Distributed under a Creative Commons Attribution 4.0 International License
Copyright_xml – notice: 2018 Elsevier Ltd
– notice: Copyright Elsevier BV Jun 2018
– notice: Distributed under a Creative Commons Attribution 4.0 International License
DBID AAYXX
CITATION
7ST
7TB
8FD
C1K
FR3
SOI
1XC
DOI 10.1016/j.ress.2018.01.014
DatabaseName CrossRef
Environment Abstracts
Mechanical & Transportation Engineering Abstracts
Technology Research Database
Environmental Sciences and Pollution Management
Engineering Research Database
Environment Abstracts
Hyper Article en Ligne (HAL)
DatabaseTitle CrossRef
Engineering Research Database
Technology Research Database
Mechanical & Transportation Engineering Abstracts
Environment Abstracts
Environmental Sciences and Pollution Management
DatabaseTitleList
Engineering Research Database
DeliveryMethod fulltext_linktorsrc
Discipline Engineering
EISSN 1879-0836
EndPage 40
ExternalDocumentID oai_HAL_hal_01707778v1
10_1016_j_ress_2018_01_014
S0951832017305914
Genre Feature
GroupedDBID --K
--M
.~1
0R~
123
1B1
1~.
1~5
29P
4.4
457
4G.
5VS
7-5
71M
8P~
9JN
9JO
AABNK
AACTN
AAEDT
AAEDW
AAFJI
AAIAV
AAIKJ
AAKOC
AALRI
AAOAW
AAQFI
AAQXK
AAXUO
ABEFU
ABFNM
ABJNI
ABMAC
ABMMH
ABTAH
ABXDB
ABYKQ
ACDAQ
ACGFS
ACIWK
ACNNM
ACRLP
ADBBV
ADEZE
ADMUD
ADTZH
AEBSH
AECPX
AEKER
AENEX
AFKWA
AFRAH
AFTJW
AGHFR
AGUBO
AGYEJ
AHHHB
AHJVU
AIEXJ
AIKHN
AITUG
AJBFU
AJOXV
AKYCK
ALMA_UNASSIGNED_HOLDINGS
AMFUW
AMRAJ
AOMHK
ASPBG
AVARZ
AVWKF
AXJTR
AZFZN
BJAXD
BKOJK
BLXMC
CS3
DU5
EBS
EFJIC
EFLBG
EJD
EO8
EO9
EP2
EP3
FDB
FEDTE
FGOYB
FIRID
FNPLU
FYGXN
G-2
G-Q
GBLVA
HVGLF
HZ~
IHE
J1W
JJJVA
KOM
LY7
M41
MO0
N9A
O-L
O9-
OAUVE
OZT
P-8
P-9
P2P
PC.
PRBVW
Q38
R2-
RIG
ROL
RPZ
SDF
SDG
SES
SET
SEW
SPC
SPCBC
SSB
SSO
SST
SSZ
T5K
TN5
WUQ
XPP
ZMT
ZY4
~G-
AATTM
AAXKI
AAYWO
AAYXX
ABWVN
ACRPL
ACVFH
ADCNI
ADNMO
AEIPS
AEUPX
AFJKZ
AFPUW
AFXIZ
AGCQF
AGQPQ
AGRNS
AIGII
AIIUN
AKBMS
AKRWK
AKYEP
ANKPU
APXCP
BNPGV
CITATION
SSH
7ST
7TB
8FD
C1K
EFKBS
FR3
SOI
1XC
ID FETCH-LOGICAL-c362t-ffad5ccaf5ee85baf58c0f7f8f43a42e3ef7a96ed83827bef7c69c5a5cf63cf33
IEDL.DBID AIKHN
ISSN 0951-8320
IngestDate Fri May 09 12:21:52 EDT 2025
Wed Aug 13 02:59:24 EDT 2025
Thu Apr 24 22:53:47 EDT 2025
Tue Jul 01 00:44:58 EDT 2025
Fri Feb 23 02:28:00 EST 2024
IsPeerReviewed true
IsScholarly true
Keywords Requirements analysis
Design systems
Autonomous vehicle
Systems engineering
Safety analysis
Redundancy control
Discrete-event dynamic systems
Language English
License Distributed under a Creative Commons Attribution 4.0 International License: http://creativecommons.org/licenses/by/4.0
LinkModel DirectLink
MergedId FETCHMERGED-LOGICAL-c362t-ffad5ccaf5ee85baf58c0f7f8f43a42e3ef7a96ed83827bef7c69c5a5cf63cf33
Notes SourceType-Scholarly Journals-1
ObjectType-Feature-1
content type line 14
ORCID 0000-0001-9791-5845
PQID 2063863622
PQPubID 2045406
PageCount 12
ParticipantIDs hal_primary_oai_HAL_hal_01707778v1
proquest_journals_2063863622
crossref_primary_10_1016_j_ress_2018_01_014
crossref_citationtrail_10_1016_j_ress_2018_01_014
elsevier_sciencedirect_doi_10_1016_j_ress_2018_01_014
ProviderPackageCode CITATION
AAYXX
PublicationCentury 2000
PublicationDate June 2018
2018-06-00
20180601
2018-06
PublicationDateYYYYMMDD 2018-06-01
PublicationDate_xml – month: 06
  year: 2018
  text: June 2018
PublicationDecade 2010
PublicationPlace Barking
PublicationPlace_xml – name: Barking
PublicationTitle Reliability engineering & system safety
PublicationYear 2018
Publisher Elsevier Ltd
Elsevier BV
Elsevier
Publisher_xml – name: Elsevier Ltd
– name: Elsevier BV
– name: Elsevier
References Markovski, van de Mortel-Fronczak (bib0045) 2012
Liu, Zhu (bib0023) 2011; 274
Taofifenua (bib0010) 2012
Roussel, Lesage (bib0032) 2012
Behm, Benoit, Faivre, Meynadier (bib0014) 1999
Åkesson, Fabian, Flordal, Vahidi (bib0044) 2003
Bitsch (bib0029) 2001; 2187
Mauborgne, Deniaud, Levrat, Bonjour, Micalli, Loise (bib0009) 2016; 87
Güdemann, Ortmeier (bib0021) 2010
David, Yi (bib0039) 2000
You, Zhang, Lie, Wang, Wen, Xu (bib0054) 2015; 42
Lindahl, Pettersson, Yi (bib0038) 1998
Mohajerani, Malik, Fabian (bib0046) 2017; 76
Mu, Xinyu, Deyi, Tianlei, Lifeng (bib0055) 2015; 22
Rohée, Riera, Carré-Ménétrier, Roussel (bib0047) 2006
Kaiser, Klaas, Schulz, Herbst, Lascych (bib0005) 2010
Pétin, Evrot, Morel, Lamy (bib0022) 2010
Roussel, Denis (bib0025) 2002; 36
Zaytoon, Riera (bib0034) 2017; 43
Behrmann, David, Larsen (bib0048) 2004
Nouacer, Djemal, Niar, Mouchard, Rapin, Gallois (bib0024) 2016; 47
Maurer, Winner (bib0004) 2013
Sharvia, Papadopoulos (bib0028) 2015; 135
Kang, Enoiu, Marinescu, Seceleanu, Schobbens, Pettersson (bib0018) 2013; 120
Kalra, Paddock (bib0008) 2016; 94
Koopman, Wagner (bib0007) 2017; 9
Märtin, Schatalov, Hagner, Goltz, Maibaum (bib0012) 2013
Ghazel, Yang, El-Koursi (bib0031) 2015; 2
Cressent, Idasiak, Kratz, David (bib0019) 2011
Boulanger (bib0057) 2015
Ramadge, Wonham (bib0033) 1982
Broy (bib0015) 2006
Taofifenua, Chale, Gaudré, Topa, Levy, Boulanger (bib0003) 2011
Leveson (bib0016) 2002
of Electrical I., Engineers E.. ISO/IEC/IEEE 29148:2011(E) systems and software engineering life cycle processes requirements engineering. 2011.
Owens, Herring, Dulac, Leveson, Ingham, Weiss (bib0011) 2008
Fagnant, Kockelman (bib0001) 2015; 77
David, Idasiak, Kratz (bib0020) 2010; 95
Behere, Törngren (bib0051) 2016; 73
Apvrille, Becoulet (bib0027) 2012
Do, Niknejad, Mita, Egawa, Muto, Yoneda (bib0052) 2017; 9
Boulanger (bib0013) 2014
ISO 26262 - Road vehicles Functional safety. Tech. Rep. Geneva, Switzerland; 2011.
Evrot, Pétin, Morel, Lamy (bib0030) 2007; 40
Hessel, Pettersson (bib0040) 2006
Koolmees B. Reniers M. Markovski J.. Validation of modeled behavior using uppaal, Master’s thesis, University of Technology Eindhoven.
Baier, Katoen (bib0026) 2008
Anderson, Kalra, Stanley, Sorensen, Samaras, Oluwatola (bib0002) 2014
Larsson, Larsen, Pettersson, Yi (bib0036) 1997
Bitsch (bib0049) 2000
Weissnegger R., Pistauer M., Kreiner C., Römer K., Steger C.. A novel method to speed-up the evaluation of cyber-physical systems (ISO 26262). In: 12th International workshop on intelligent solutions in embedded systems, WISES 2015, Ancona, Italy, October 29–30. p. 109–114.
Larsen, Pettersson, Yi (bib0035) 1997; 1
Larsen, Pettersson, Yi (bib0037) 1995
Pohl, Rupp (bib0041) 2011
Chen, Johansson, Lnn, Blom, Walker, Papadopoulos (bib0017) 2011; 128
Holt, Perry, Brownsword (bib0042) 2012
Falcone, Borrelli, Asgari, Tseng, Hrovat (bib0053) 2007; 15
Güdemann (10.1016/j.ress.2018.01.014_bib0021) 2010
Falcone (10.1016/j.ress.2018.01.014_bib0053) 2007; 15
10.1016/j.ress.2018.01.014_bib0056
Sharvia (10.1016/j.ress.2018.01.014_bib0028) 2015; 135
Pétin (10.1016/j.ress.2018.01.014_bib0022) 2010
Cressent (10.1016/j.ress.2018.01.014_bib0019) 2011
Liu (10.1016/j.ress.2018.01.014_bib0023) 2011; 274
Hessel (10.1016/j.ress.2018.01.014_sbref0039) 2006
Åkesson (10.1016/j.ress.2018.01.014_bib0044) 2003
Behere (10.1016/j.ress.2018.01.014_bib0051) 2016; 73
Anderson (10.1016/j.ress.2018.01.014_sbref0002) 2014
Ghazel (10.1016/j.ress.2018.01.014_bib0031) 2015; 2
Broy (10.1016/j.ress.2018.01.014_bib0015) 2006
10.1016/j.ress.2018.01.014_bib0050
Koopman (10.1016/j.ress.2018.01.014_bib0007) 2017; 9
Larsson (10.1016/j.ress.2018.01.014_bib0036) 1997
Kang (10.1016/j.ress.2018.01.014_bib0018) 2013; 120
Kaiser (10.1016/j.ress.2018.01.014_bib0005) 2010
Mu (10.1016/j.ress.2018.01.014_bib0055) 2015; 22
Larsen (10.1016/j.ress.2018.01.014_bib0035) 1997; 1
10.1016/j.ress.2018.01.014_bib0006
Chen (10.1016/j.ress.2018.01.014_bib0017) 2011; 128
Larsen (10.1016/j.ress.2018.01.014_bib0037) 1995
Markovski (10.1016/j.ress.2018.01.014_bib0045) 2012
Boulanger (10.1016/j.ress.2018.01.014_sbref0054) 2015
Taofifenua (10.1016/j.ress.2018.01.014_bib0010) 2012
Nouacer (10.1016/j.ress.2018.01.014_bib0024) 2016; 47
David (10.1016/j.ress.2018.01.014_bib0020) 2010; 95
10.1016/j.ress.2018.01.014_bib0043
Mohajerani (10.1016/j.ress.2018.01.014_bib0046) 2017; 76
Rohée (10.1016/j.ress.2018.01.014_bib0047) 2006
Apvrille (10.1016/j.ress.2018.01.014_bib0027) 2012
Fagnant (10.1016/j.ress.2018.01.014_bib0001) 2015; 77
You (10.1016/j.ress.2018.01.014_bib0054) 2015; 42
Boulanger (10.1016/j.ress.2018.01.014_sbref0012) 2014
Märtin (10.1016/j.ress.2018.01.014_bib0012) 2013
Behm (10.1016/j.ress.2018.01.014_bib0014) 1999
Baier (10.1016/j.ress.2018.01.014_sbref0025) 2008
Leveson (10.1016/j.ress.2018.01.014_bib0016) 2002
Roussel (10.1016/j.ress.2018.01.014_sbref0031) 2012
Owens (10.1016/j.ress.2018.01.014_bib0011) 2008
Bitsch (10.1016/j.ress.2018.01.014_bib0029) 2001; 2187
Ramadge (10.1016/j.ress.2018.01.014_bib0033) 1982
Pohl (10.1016/j.ress.2018.01.014_sbref0040) 2011
Holt (10.1016/j.ress.2018.01.014_sbref0041) 2012
Mauborgne (10.1016/j.ress.2018.01.014_bib0009) 2016; 87
Zaytoon (10.1016/j.ress.2018.01.014_bib0034) 2017; 43
Taofifenua (10.1016/j.ress.2018.01.014_sbref0003) 2011
Maurer (10.1016/j.ress.2018.01.014_sbref0004) 2013
Kalra (10.1016/j.ress.2018.01.014_bib0008) 2016; 94
Roussel (10.1016/j.ress.2018.01.014_bib0025) 2002; 36
Do (10.1016/j.ress.2018.01.014_bib0052) 2017; 9
David (10.1016/j.ress.2018.01.014_sbref0038) 2000
Behrmann (10.1016/j.ress.2018.01.014_sbref0046) 2004
Evrot (10.1016/j.ress.2018.01.014_sbref0029) 2007; 40
Bitsch (10.1016/j.ress.2018.01.014_bib0049) 2000
Lindahl (10.1016/j.ress.2018.01.014_bib0038) 1998
References_xml – start-page: 281
  year: 1998
  end-page: 297
  ident: bib0038
  article-title: Formal design and analysis of a gear controller
  publication-title: International conference on tools and algorithms for the construction and analysis of systems
– start-page: 1228
  year: 1982
  end-page: 1229
  ident: bib0033
  article-title: Supervision of discrete event processes
  publication-title: 1982 21st IEEE conference on decision and control
– volume: 40
  start-page: 127
  year: 2007
  end-page: 132
  ident: bib0030
  article-title: Using sysml for identification and refinement of machinery safety properties
  publication-title: IFAC Proc
– volume: 43
  start-page: 152
  year: 2017
  end-page: 168
  ident: bib0034
  article-title: Synthesis and implementation of logic controllers a review
  publication-title: Annu Rev Control
– volume: 1
  start-page: 134
  year: 1997
  end-page: 152
  ident: bib0035
  article-title: Uppaal in a nutshell
  publication-title: Int J Softw Tools TechnolTransfer
– start-page: 165
  year: 2000
  end-page: 172
  ident: bib0039
  article-title: Modelling and analysis of a commercial field bus protocol
  publication-title: Proceedings of the 12th Euromicro conference on real time systems
– year: 2011
  ident: bib0041
  article-title: Requirements engineering fundamentals: a study guide for the certified professional for requirements engineering exam - foundation level - IREB compliant
– volume: 76
  start-page: 277
  year: 2017
  end-page: 281
  ident: bib0046
  article-title: Compositional synthesis of supervisors in the form of state machines and state maps
  publication-title: Automatica
– year: 2003
  ident: bib0044
  article-title: Supremica – a tool for verification and synthesis of discrete event supervisors
  publication-title: Proceedings of the 11th mediterranean conference on control and automation. Rhodos, Greece
– year: 2000
  ident: bib0049
  article-title: Classification of safety requirements for formal verification of software models of industrial automation systems
  publication-title: Proceedings of the 13th conference on software and systems engineering and their applications
– year: 2008
  ident: bib0026
  article-title: Principles of model checking (representation and mind series)
– year: 2015
  ident: bib0057
  article-title: CENELEC 50128 And IEC 62279 standards
– start-page: 200
  year: 2004
  end-page: 236
  ident: bib0048
  article-title: A tutorial on UPPAAL
  publication-title: Lecture Notes in Computer Science
– start-page: 76
  year: 1995
  end-page: 87
  ident: bib0037
  article-title: Compositional and symbolic model-checking of real-time systems
  publication-title: Proc. of the 16
– reference: ISO 26262 - Road vehicles Functional safety. Tech. Rep. Geneva, Switzerland; 2011.
– start-page: pp.87
  year: 2012
  end-page: 124
  ident: bib0027
  article-title: Prototyping an embedded automotive system from its UML/sysml models
  publication-title: Proc Embedded Real Time SystSoftw
– volume: 77
  start-page: 167
  year: 2015
  end-page: 181
  ident: bib0001
  article-title: Preparing a nation for autonomous vehicles: opportunities, barriers and policy recommendations
  publication-title: Transp Res Part A
– year: 2014
  ident: bib0002
  article-title: Autonomous vehicle technology: A Guide for policymakers
– year: 2011
  ident: bib0003
  article-title: Reducing the gap between formal and informal worlds in automotive safety-critical systems
  publication-title: 21th annual INCOSE international symposium, Denver, USA
– start-page: 14
  year: 1997
  end-page: 24
  ident: bib0036
  article-title: Efficient verification of real-time systems: compact data structures and state-space reduction
  publication-title: Proc. of the
– volume: 87
  start-page: 256
  year: 2016
  end-page: 268
  ident: bib0009
  article-title: Operational and system hazard analysis in a safe systems requirement engineering process application to automotive industry
  publication-title: Saf Sci
– start-page: 307
  year: 2012
  end-page: 314
  ident: bib0032
  article-title: Algebraic synthesis of logical controllers despite inconsistencies in specifications
  publication-title: 11th international workshop on discrete event systems, WODES 2012, Guadalajara, Mexico
– reference: Koolmees B. Reniers M. Markovski J.. Validation of modeled behavior using uppaal, Master’s thesis, University of Technology Eindhoven.
– start-page: 1
  year: 2008
  end-page: 24
  ident: bib0011
  article-title: Application of a safety-driven design methodology to an outer planet exploration mission
  publication-title: 2008 IEEE aerospace conference
– volume: 22
  start-page: 50
  year: 2015
  end-page: 56
  ident: bib0055
  article-title: Traffic light detection and recognition for autonomous vehicles
  publication-title: J China Univ Posts Telecommun
– start-page: pp.246
  year: 2006
  end-page: 250
  ident: bib0047
  article-title: A methodology to design and check a plant model
  publication-title: 3rd IFAC workshop on discrete-event system design (DESDes’06). Rydzyna, Poland
– reference: of Electrical I., Engineers E.. ISO/IEC/IEEE 29148:2011(E) systems and software engineering life cycle processes requirements engineering. 2011.
– volume: 42
  start-page: 5932
  year: 2015
  end-page: 5946
  ident: bib0054
  article-title: Trajectory planning and tracking control for autonomous lane change maneuver based on the cooperative vehicle infrastructure system
  publication-title: Expert Syst Appl
– start-page: 452
  year: 2010
  end-page: 465
  ident: bib0005
  article-title: Integrating system modelling with safety activities
  publication-title: International conference on computer safety, reliability, and security
– year: 2012
  ident: bib0010
  publication-title: Ontology centric design process : sharing a conceptualization
– volume: 15
  start-page: 566
  year: 2007
  end-page: 580
  ident: bib0053
  article-title: Predictive active steering control for autonomous vehicle systems
  publication-title: IEEE Trans Control Syst Technol
– year: 2013
  ident: bib0004
  article-title: Automotive systems engineering
– volume: 36
  start-page: pp.905
  year: 2002
  end-page: 917
  ident: bib0025
  article-title: Safety properties verification of ladder diagram programs
  publication-title: Journal Européen des Systèmes Automatisés (JESA)
– reference: Weissnegger R., Pistauer M., Kreiner C., Römer K., Steger C.. A novel method to speed-up the evaluation of cyber-physical systems (ISO 26262). In: 12th International workshop on intelligent solutions in embedded systems, WISES 2015, Ancona, Italy, October 29–30. p. 109–114.
– volume: 95
  start-page: 431
  year: 2010
  end-page: 450
  ident: bib0020
  article-title: Reliability study of complex physical systems using sysml
  publication-title: Reliab Eng Syst Saf
– volume: 128
  start-page: 196
  year: 2011
  end-page: 202
  ident: bib0017
  article-title: Integrated safety and architecture modeling for automotive embedded systems
  publication-title: E & I Elektrotechnik und Informationstechnik
– volume: 120
  start-page: pp.127
  year: 2013
  end-page: 138
  ident: bib0018
  article-title: A methodology for formal analysis and verification of EAST-ADL models
  publication-title: Reliab Eng Syst Saf
– start-page: CDROM
  year: 2010
  ident: bib0022
  article-title: Combining SysML and formal methods for safety requirements verification
  publication-title: 22nd international conference on software & systems engineering and their applications, Paris, France
– volume: 2
  start-page: 32
  year: 2015
  end-page: 44
  ident: bib0031
  article-title: A pattern-based method for refining and formalizing informal specifications in critical control systems
  publication-title: J Innovation Digital Ecosyst
– start-page: 132
  year: 2010
  end-page: 141
  ident: bib0021
  article-title: A framework for qualitative and quantitative formal model-based safety analysis
  publication-title: 12th IEEE high assurance systems engineering symposium, HASE 2010, San Jose, CA, USA, November 3–4, 2010
– year: 2014
  ident: bib0013
  article-title: Formal methods applied to industrial complex systems: implementation of the b method
– volume: 94
  start-page: 182
  year: 2016
  end-page: 193
  ident: bib0008
  article-title: Driving to safety: how many miles of driving would it take to demonstrate autonomous vehicle reliability?
  publication-title: Transp Res Part A
– volume: 135
  start-page: 64
  year: 2015
  end-page: 80
  ident: bib0028
  article-title: Integrating model checking with HiP-HOPS in model-based safety analysis
  publication-title: Reliab Eng Syst Saf
– start-page: 1
  year: 2013
  end-page: 19
  ident: bib0012
  article-title: A methodology for model-based development and automated verification of software for aerospace systems
  publication-title: 2013 IEEE aerospace conference
– volume: 47
  start-page: 252
  year: 2016
  end-page: 261
  ident: bib0024
  article-title: EQUITAS: a tool-chain for functional safety and reliability improvement in automotive systems
  publication-title: Microprocess Microsyst - Embedded Hardware Des
– year: 2012
  ident: bib0042
  article-title: Model-based requirements engineering
– year: 2006
  ident: bib0015
  article-title: Challenges in automotive software engineering
  publication-title: Proceedings of the 28th international conference on software engineering
– volume: 2187
  start-page: 176
  year: 2001
  end-page: 189
  ident: bib0029
  article-title: Safety patterns-the key to formal specification of safety requirements
  publication-title: SAFECOMP
– start-page: 369
  year: 1999
  end-page: 387
  ident: bib0014
  article-title: Mtor: asuccessful application of B in a large project
– volume: 9
  start-page: 90
  year: 2017
  end-page: 96
  ident: bib0007
  article-title: Autonomous vehicle safety: an interdisciplinary challenge
  publication-title: IEEE Intell Transp Syst Mag
– start-page: 15
  year: 2002
  end-page: 29
  ident: bib0016
  article-title: An approach to designing safe embedded software
  publication-title: International workshop on embedded software
– start-page: pp.1
  year: 2011
  end-page: 6
  ident: bib0019
  article-title: Mastering safety and reliability in a model based process
  publication-title: Proceedings - annual reliability and maintainability symposium
– year: 2006
  ident: bib0040
  article-title: Model-based testing of a wap gateway: an industrial case-study
  publication-title: Tech. Rep.
– start-page: 36
  year: 2012
  end-page: 49
  ident: bib0045
  article-title: Modeling for safety in a synthesis-centric systems engineering framework
  publication-title: International conference on computer safety, reliability, and security
– volume: 9
  start-page: 42
  year: 2017
  end-page: 56
  ident: bib0052
  article-title: Human drivers based active-passive model for automated lane change
  publication-title: IEEE Intell Transp Syst Mag
– volume: 274
  start-page: pp.33
  year: 2011
  end-page: 50
  ident: bib0023
  article-title: Construct aspectual models from requirement documents for model-driven development of automotive software
  publication-title: Electron Notes Theor Comput Sci
– volume: 73
  start-page: 136
  year: 2016
  end-page: 150
  ident: bib0051
  article-title: A functional reference architecture for autonomous driving
  publication-title: Inf Softw Technol
– start-page: 281
  year: 1998
  ident: 10.1016/j.ress.2018.01.014_bib0038
  article-title: Formal design and analysis of a gear controller
– start-page: pp.87
  year: 2012
  ident: 10.1016/j.ress.2018.01.014_bib0027
  article-title: Prototyping an embedded automotive system from its UML/sysml models
  publication-title: Proc Embedded Real Time SystSoftw
– volume: 73
  start-page: 136
  year: 2016
  ident: 10.1016/j.ress.2018.01.014_bib0051
  article-title: A functional reference architecture for autonomous driving
  publication-title: Inf Softw Technol
  doi: 10.1016/j.infsof.2015.12.008
– start-page: 452
  year: 2010
  ident: 10.1016/j.ress.2018.01.014_bib0005
  article-title: Integrating system modelling with safety activities
– year: 2015
  ident: 10.1016/j.ress.2018.01.014_sbref0054
– start-page: 36
  year: 2012
  ident: 10.1016/j.ress.2018.01.014_bib0045
  article-title: Modeling for safety in a synthesis-centric systems engineering framework
– year: 2008
  ident: 10.1016/j.ress.2018.01.014_sbref0025
– year: 2012
  ident: 10.1016/j.ress.2018.01.014_sbref0041
– volume: 9
  start-page: 42
  issue: 1
  year: 2017
  ident: 10.1016/j.ress.2018.01.014_bib0052
  article-title: Human drivers based active-passive model for automated lane change
  publication-title: IEEE Intell Transp Syst Mag
  doi: 10.1109/MITS.2016.2613913
– volume: 77
  start-page: 167
  year: 2015
  ident: 10.1016/j.ress.2018.01.014_bib0001
  article-title: Preparing a nation for autonomous vehicles: opportunities, barriers and policy recommendations
  publication-title: Transp Res Part A
– year: 2011
  ident: 10.1016/j.ress.2018.01.014_sbref0040
– volume: 76
  start-page: 277
  year: 2017
  ident: 10.1016/j.ress.2018.01.014_bib0046
  article-title: Compositional synthesis of supervisors in the form of state machines and state maps
  publication-title: Automatica
  doi: 10.1016/j.automatica.2016.10.012
– year: 2013
  ident: 10.1016/j.ress.2018.01.014_sbref0004
– start-page: 1
  year: 2008
  ident: 10.1016/j.ress.2018.01.014_bib0011
  article-title: Application of a safety-driven design methodology to an outer planet exploration mission
– start-page: 369
  year: 1999
  ident: 10.1016/j.ress.2018.01.014_bib0014
– volume: 135
  start-page: 64
  year: 2015
  ident: 10.1016/j.ress.2018.01.014_bib0028
  article-title: Integrating model checking with HiP-HOPS in model-based safety analysis
  publication-title: Reliab Eng Syst Saf
  doi: 10.1016/j.ress.2014.10.025
– year: 2012
  ident: 10.1016/j.ress.2018.01.014_bib0010
– volume: 36
  start-page: pp.905
  issue: 7
  year: 2002
  ident: 10.1016/j.ress.2018.01.014_bib0025
  article-title: Safety properties verification of ladder diagram programs
  publication-title: Journal Européen des Systèmes Automatisés (JESA)
– start-page: 132
  year: 2010
  ident: 10.1016/j.ress.2018.01.014_bib0021
  article-title: A framework for qualitative and quantitative formal model-based safety analysis
– volume: 1
  start-page: 134
  year: 1997
  ident: 10.1016/j.ress.2018.01.014_bib0035
  article-title: Uppaal in a nutshell
  publication-title: Int J Softw Tools TechnolTransfer
  doi: 10.1007/s100090050010
– start-page: 307
  year: 2012
  ident: 10.1016/j.ress.2018.01.014_sbref0031
  article-title: Algebraic synthesis of logical controllers despite inconsistencies in specifications
– volume: 2
  start-page: 32
  issue: 1
  year: 2015
  ident: 10.1016/j.ress.2018.01.014_bib0031
  article-title: A pattern-based method for refining and formalizing informal specifications in critical control systems
  publication-title: J Innovation Digital Ecosyst
  doi: 10.1016/j.jides.2015.11.001
– year: 2006
  ident: 10.1016/j.ress.2018.01.014_bib0015
  article-title: Challenges in automotive software engineering
– volume: 120
  start-page: pp.127
  year: 2013
  ident: 10.1016/j.ress.2018.01.014_bib0018
  article-title: A methodology for formal analysis and verification of EAST-ADL models
  publication-title: Reliab Eng Syst Saf
  doi: 10.1016/j.ress.2013.06.007
– year: 2000
  ident: 10.1016/j.ress.2018.01.014_bib0049
  article-title: Classification of safety requirements for formal verification of software models of industrial automation systems
– volume: 22
  start-page: 50
  issue: 1
  year: 2015
  ident: 10.1016/j.ress.2018.01.014_bib0055
  article-title: Traffic light detection and recognition for autonomous vehicles
  publication-title: J China Univ Posts Telecommun
  doi: 10.1016/S1005-8885(15)60624-0
– volume: 40
  start-page: 127
  issue: 6
  year: 2007
  ident: 10.1016/j.ress.2018.01.014_sbref0029
  article-title: Using sysml for identification and refinement of machinery safety properties
  publication-title: IFAC Proc
  doi: 10.3182/20070613-3-FR-4909.00024
– start-page: 76
  year: 1995
  ident: 10.1016/j.ress.2018.01.014_bib0037
  article-title: Compositional and symbolic model-checking of real-time systems
– start-page: 1
  year: 2013
  ident: 10.1016/j.ress.2018.01.014_bib0012
  article-title: A methodology for model-based development and automated verification of software for aerospace systems
– volume: 9
  start-page: 90
  issue: 1
  year: 2017
  ident: 10.1016/j.ress.2018.01.014_bib0007
  article-title: Autonomous vehicle safety: an interdisciplinary challenge
  publication-title: IEEE Intell Transp Syst Mag
  doi: 10.1109/MITS.2016.2583491
– ident: 10.1016/j.ress.2018.01.014_bib0056
– start-page: pp.1
  year: 2011
  ident: 10.1016/j.ress.2018.01.014_bib0019
  article-title: Mastering safety and reliability in a model based process
– volume: 43
  start-page: 152
  issue: Supplement C
  year: 2017
  ident: 10.1016/j.ress.2018.01.014_bib0034
  article-title: Synthesis and implementation of logic controllers a review
  publication-title: Annu Rev Control
  doi: 10.1016/j.arcontrol.2017.03.004
– start-page: 200
  year: 2004
  ident: 10.1016/j.ress.2018.01.014_sbref0046
  article-title: A tutorial on UPPAAL
– ident: 10.1016/j.ress.2018.01.014_bib0050
– year: 2014
  ident: 10.1016/j.ress.2018.01.014_sbref0012
– year: 2003
  ident: 10.1016/j.ress.2018.01.014_bib0044
  article-title: Supremica – a tool for verification and synthesis of discrete event supervisors
– start-page: 165
  year: 2000
  ident: 10.1016/j.ress.2018.01.014_sbref0038
  article-title: Modelling and analysis of a commercial field bus protocol
– volume: 128
  start-page: 196
  issue: 6
  year: 2011
  ident: 10.1016/j.ress.2018.01.014_bib0017
  article-title: Integrated safety and architecture modeling for automotive embedded systems
  publication-title: E & I Elektrotechnik und Informationstechnik
  doi: 10.1007/s00502-011-0007-7
– start-page: 14
  year: 1997
  ident: 10.1016/j.ress.2018.01.014_bib0036
  article-title: Efficient verification of real-time systems: compact data structures and state-space reduction
– ident: 10.1016/j.ress.2018.01.014_bib0006
– start-page: CDROM
  year: 2010
  ident: 10.1016/j.ress.2018.01.014_bib0022
  article-title: Combining SysML and formal methods for safety requirements verification
– volume: 87
  start-page: 256
  year: 2016
  ident: 10.1016/j.ress.2018.01.014_bib0009
  article-title: Operational and system hazard analysis in a safe systems requirement engineering process application to automotive industry
  publication-title: Saf Sci
  doi: 10.1016/j.ssci.2016.04.011
– volume: 2187
  start-page: 176
  year: 2001
  ident: 10.1016/j.ress.2018.01.014_bib0029
  article-title: Safety patterns-the key to formal specification of safety requirements
– start-page: pp.246
  year: 2006
  ident: 10.1016/j.ress.2018.01.014_bib0047
  article-title: A methodology to design and check a plant model
– volume: 274
  start-page: pp.33
  year: 2011
  ident: 10.1016/j.ress.2018.01.014_bib0023
  article-title: Construct aspectual models from requirement documents for model-driven development of automotive software
  publication-title: Electron Notes Theor Comput Sci
  doi: 10.1016/j.entcs.2011.07.005
– start-page: 15
  year: 2002
  ident: 10.1016/j.ress.2018.01.014_bib0016
  article-title: An approach to designing safe embedded software
– year: 2006
  ident: 10.1016/j.ress.2018.01.014_sbref0039
  article-title: Model-based testing of a wap gateway: an industrial case-study
– year: 2014
  ident: 10.1016/j.ress.2018.01.014_sbref0002
– start-page: 1228
  year: 1982
  ident: 10.1016/j.ress.2018.01.014_bib0033
  article-title: Supervision of discrete event processes
– ident: 10.1016/j.ress.2018.01.014_bib0043
– volume: 15
  start-page: 566
  issue: 3
  year: 2007
  ident: 10.1016/j.ress.2018.01.014_bib0053
  article-title: Predictive active steering control for autonomous vehicle systems
  publication-title: IEEE Trans Control Syst Technol
  doi: 10.1109/TCST.2007.894653
– year: 2011
  ident: 10.1016/j.ress.2018.01.014_sbref0003
  article-title: Reducing the gap between formal and informal worlds in automotive safety-critical systems
– volume: 42
  start-page: 5932
  issue: 14
  year: 2015
  ident: 10.1016/j.ress.2018.01.014_bib0054
  article-title: Trajectory planning and tracking control for autonomous lane change maneuver based on the cooperative vehicle infrastructure system
  publication-title: Expert Syst Appl
  doi: 10.1016/j.eswa.2015.03.022
– volume: 47
  start-page: 252
  year: 2016
  ident: 10.1016/j.ress.2018.01.014_bib0024
  article-title: EQUITAS: a tool-chain for functional safety and reliability improvement in automotive systems
  publication-title: Microprocess Microsyst - Embedded Hardware Des
  doi: 10.1016/j.micpro.2016.07.020
– volume: 94
  start-page: 182
  year: 2016
  ident: 10.1016/j.ress.2018.01.014_bib0008
  article-title: Driving to safety: how many miles of driving would it take to demonstrate autonomous vehicle reliability?
  publication-title: Transp Res Part A
– volume: 95
  start-page: 431
  issue: 4
  year: 2010
  ident: 10.1016/j.ress.2018.01.014_bib0020
  article-title: Reliability study of complex physical systems using sysml
  publication-title: Reliab Eng Syst Saf
  doi: 10.1016/j.ress.2009.11.015
SSID ssj0004957
Score 2.3318298
Snippet •Integration of safety activities to Systems Engineering processes.•Approach improving both system modeling and requirements formulation.•Requirements...
The autonomous vehicle is meant to drive by itself, without any driver intervention (for the levels 4 and 5 of automated driving, according to the National...
SourceID hal
proquest
crossref
elsevier
SourceType Open Access Repository
Aggregation Database
Enrichment Source
Index Database
Publisher
StartPage 29
SubjectTerms Automobile driving
Automobile industry
Automotive engineering
Autonomous cars
Autonomous vehicle
Autonomous vehicles
Collisions
Control systems
Design engineering
Design systems
Discrete-event dynamic systems
Driving
Electric power
Embedded systems
Engineering Sciences
Highway safety
Nonlinear systems
Redundancy control
Reliability engineering
Requirements analysis
Safety
Safety analysis
Safety critical
Safety engineering
Systems design
Systems engineering
Traffic accidents & safety
Traffic safety
Title A formal framework for the safe design of the Autonomous Driving supervision
URI https://dx.doi.org/10.1016/j.ress.2018.01.014
https://www.proquest.com/docview/2063863622
https://hal.science/hal-01707778
Volume 174
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
link http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV1LS8QwEB5096IH8YnriyDepO62aZr0WHyw6uJFBW8hSRNckXXZh0d_u5k29QV6EAolQ9OUyfTLJMx8A3DEbVJyj70R1TSNUifKSAvFosRiVpVWMXMV2-dN1r9Prx7YwwKcNrkwGFYZsL_G9Aqtg6QbtNkdD4fdW3QOvD16k_I2m2Mx63ZC84y1oF1cXvdvPtMj85rwEyvKY4eQO1OHeeGmFiO8RMXeGae_rU-Ljxgo-QOvq0XoYhVWgvdIivoD12DBjtZh-Qun4AYMClL5oc_ENXFXKCDe0SNT5Swpq5gN8uIqUTGfYVqD3_-Ts8kQTxfIdD5GAMFjtE24vzi_O-1HoWRCZPxKNIucUyXzk-KYtYJpfxem57gTLqUqTSy1jqs8s6WgIuHat0yWG6aYcRk1jtItaI1eRnYbiOG41mvV06VNM-20ZUblTPWoozYTvANxoyhpAp84lrV4lk3g2JNE5UpUruzF_ko7cPzRZ1yzafz5NGv0L7_ZhPRw_2e_Qz9ZHwMggXa_GEiUIVsQ51y8xh3Ya-ZSht8WX-LhKPOaTHb-OfYuLGGrDibbg9ZsMrf73m2Z6QNYPHmLD4JxvgNEFe1q
linkProvider Elsevier
linkToHtml http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV1LSwMxEA4-DupBfGJ9BvEma7ubZJMeS1WqVi8qeAtJNsFKaUttPfrbndlHfYAehIVlZ7ObZTL7zSR8MyHkRPokk4C9EbOMRzyoLLLKiCjxmFVlTSxCXu3zLu088usn8TRH2lUuDNIqS-wvMD1H61JSL7VZH_V69XsMDsAewaTAZpu4mfUiF0wir-_s_ZPnATMAWe0nj83LzJmC5IVTWuR3qbx2Z8x_807zz0iT_IHWuQu6XCOrZexIW8XnrZM5P9ggK18qCm6SbovmUWifhop1hQIKYR59NcHTLGds0GHIRa3pBJMaYPZPz8c9XFugr9MRwgcuom2Rx8uLh3YnKjdMiBz4oUkUgskEDEkQ3ith4axcI8igAmeGJ575IE0z9ZliKpEWrlzadMIIF1LmAmPbZGEwHPgdQp1ET29Nw2aepzZYL5xpCtNggflUyRqJK0VpV1YTx00t-rqijb1oVK5G5epGDAevkdPZM6OilsafrUWlf_3NIjSA_Z_PHcNgzTrA8tmdVlejDGsFSSnVW1wj-9VY6vKnxZcAGKWgyWT3n30fkaXOw21Xd6_ubvbIMt4paGX7ZGEynvoDCGAm9jA30A9GLe41
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=A+formal+framework+for+the+safe+design+of+the+Autonomous+Driving+supervision&rft.jtitle=Reliability+engineering+%26+system+safety&rft.au=Cuer%2C+Romain&rft.au=Pi%C3%A9trac%2C+Laurent&rft.au=Niel%2C+Eric&rft.au=Diallo%2C+Saidou&rft.date=2018-06-01&rft.pub=Elsevier+BV&rft.issn=0951-8320&rft.eissn=1879-0836&rft.volume=174&rft.spage=29&rft_id=info:doi/10.1016%2Fj.ress.2018.01.014&rft.externalDBID=NO_FULL_TEXT
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0951-8320&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0951-8320&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0951-8320&client=summon