System Theoretic View on Uncertainties
This addresses safety challenges in automated driving by providing a framework to handle uncertainties, though it is incremental as it builds on existing taxonomies like Laprie et al.'s.
The paper tackles the problem of performance limitations in highly automated driving by proposing a system theoretic approach based on uncertainty as a root cause, resulting in a taxonomy that distinguishes aleatory, epistemic, and ontological uncertainties and clusters methods into prevention, removal, tolerance, and forecasting strategies.
The complexity of the operating environment and required technologies for highly automated driving is unprecedented. A different type of threat to safe operation besides the fault-error-failure model by Laprie et al. arises in the form of performance limitations. We propose a system theoretic approach to handle these and derive a taxonomy based on uncertainty, i.e. lack of knowledge, as a root cause. Uncertainty is a threat to the dependability of a system, as it limits our ability to assess its dependability properties. We distinguish uncertainties by aleatory (inherent to probabilistic models), epistemic (lack of model parameter knowledge) and ontological (incompleteness of models) in order to determine strategies and methods to cope with them. Analogous to the taxonomy of Laprie et al. we cluster methods into uncertainty prevention (use of elements with well-known behavior, avoiding architectures prone to emergent behavior, restriction of operational design domain, etc.), uncertainty removal (during design time by design of experiment, etc. and after release by field observation, continuous updates, etc.), uncertainty tolerance (use of redundant architectures with diverse uncertainties, uncertainty aware deep learning, etc.) and uncertainty forecasting (estimation of residual uncertainty, etc.).