Derivation of harmonised high-level safety requirements for self-driving cars using railway experience

The development and manufacture of self-driving cars (SDCs) have triggered unprecedented challenges among car manufacturers and smart road operators to accelerate awareness and implementation of innovative technologies for cooperative, connected and automated mobility (CCAM), especially those with a high level of automation and safety. Safety improvement is a pre-requisite to justify and unleashing a mass deployment of connected and driverless cars to reach the goal of zero-accident in 2050 set by the European Commission. Behind these motivations a well-justified and widely acceptable high-level safety target for SDCs is mandatory. The aim of this article is to contribute to the derivation of an harmonised high-level safety target for SDCs, starting from the safety requirements and the state of the art achieved by train and airplane operations. The novelty of our approach is to leverage the Common Safety Method-Design Targets (CSM-DT) already adopted and widely accepted by the railway community. According to this approach, the derived, justified and harmonised high-level design safety target for SDCs, defined as the average probability of a dangerous failure PF(SDC) per 1 h, should be 1 × 10(−7)/h. An example of PF(SDC) allocation to individual SDC safety functions, including position determination based on Global Navigation Satellite System (GNSS), is described using a fault tree. The proposed methodology can speed up the validation and certification process needed to authorise the SDCs, by capitalising the know-how and best practices in use since many years for the train management.