Safety Case Framework Case Study: ENCODE Safety Case

ENCODE Safety Case – from the reviewer’s point of view

TRL is a global centre for innovation in transport and mobility. It provides world-leading research, technology and software solutions for surface transport modes and related markets engaged in intelligent, new mobility innovations. Independent from government, industry and academia, TRL helps organisations create global transport systems that are safe, clean, affordable, liveable and efficient.

What was the trial and which testbeds did you work with?

The ENCODE (Ensuring cybersecure deployments of driverless teleoperated vehicles) project was a 6-month research project funded by Innovate UK. The objective of ENCODE was to reduce time to market for Connected and Autonomous Vehicles (CAVs) by investigating and implementing cybersecurity best practice on “multi-driver” autonomous vehicles in first and last-mile freight use cases. ​“Multi-driver” vehicles are defined as manual operation (in-vehicle operation by a Safety Driver), autonomous operation – automated driving system (ADS) and remote operation (teleoperation – remote operator is responsible for the management of multiple vehicles at one time)​.

The project lead for ENCODE was StreetDrone Ltd, the CAV technology developer. TRL’s role within the project was to act as a safety specialist. One of TRL’s main tasks was to conduct a technical review of StreetDrone’s Safety Case for remotely – operated automated vehicle (AV) trials at two public on-road demonstration sites. These demonstration sites were at StreetDrone’s technical facility at Osney Mead, Oxford, and at the Smart Mobility Living Lab’s (SMLL’s) Royal Arsenal site in Woolwich. In addition to the AV trials held at Osney Mead and Woolwich, a one-day demonstration of the potential of teleoperation of “multi-driver” vehicles was simultaneously carried out at both trials’ locations.

Past experiences with safety cases

As safety specialists TRL has previous experience of working with StreetDrone on the safety of AV on-road trials, specifically on an AV trial at the SMLL for the Shared Research Programme, where we led the development of the Safety Case. For this particular AV trial, the same infrastructure and section of route at the Royal Arsenal was used as the ENCODE demonstration.

With regards to the technical content in the Safety Case, the Centre for Connected and Autonomous Vehicles’ Code of Practice: Automated vehicle trialling (2019) outlines the main issues that should be covered by a Safety Case, stating that these issues are not exhaustive, and trialling organisations should build on this foundation.

How did the guidance help?

For TRL’s technical review of StreetDrone’s Safety Case, Zenzic’s guidance document Safety Case Framework: The Guidance Edition for Reviewers (2021), UK approved best practice guidance for Safety Case development in the UK, was used in combination with current best practice found in the British Standards Institution PAS 1881:2020 Assuring the safety of automated vehicle trials and testing – Specification.  Guidance contained in Zenzic’s Safety Case framework made it easier for TRL to understand and how to apply best practice contained in industry standards documentation. British Standard PAS 1881:2020 is widely used by AV developers and automotive testing professionals to ensure safety during AV testing and trialling. Technical specifications within the PAS set out the minimum requirements for managing safety during developmental testing of AVs and when conducting rials of AVs on both private and public roads.

TRL’s technical review of StreetDrone’s Safety Code ENCODE demonstrations was conducted as a gap analysis exercise using relevant best practice guidance in the Zenzic’s Safety Case Framework document in combination with PAS 1881:2020, specifically Section 5 (Contents of the safety case), as the checklist for our review. Adherence to best practice guidance contained in both the Safety Case Framework and Section 5 of the PAS, enabled TRL to undertake a prompt, but thorough, high-level review of StreetDrone’s Safety Case documentation. This enabled us to provide rapid feedback to StreetDrone, making recommendations related to the inclusion of additional technical information to strengthen their Safety Case. Following our feedback, StreetDrone swiftly produced an updated version of their Safety Case for further review by TRL.

Our second and final review of the Safety Case was a more comprehensive technical review, again using best practice guidance contained in Zenzic’s Safety Case Framework and Section 5 of PAS 1881:2020 as the checklist. For TRL’s final review, we also referred to specific guidance in Zenzic’s Safety Case Framework document related to defining an ODD, together with technical requirements contained in PAS 1883:2020 Operational Design Domain (ODD) taxonomy for an automated driving system (ADS) – Specification, to review the technical details in StreetDrone’s Safety Case related to ODD boundaries and road environment limitations. We also reviewed supporting documentation that was referenced in the Safety Case, for example, StreetDrone’s Crisis Management and Communications Plan. Following TRL’s full technical review of the Safety Case, we provided StreetDrone with additional feedback, mainly recommendations, where required, to further strengthen their Safety Case.

To read this case study from a creator’s perspective, please visit : Safety Case Framework Case Study: Streetdrone – Zenzic

To find out more about the Safety Case Framework, please visit: Safety Case Framework – Zenzic