A lack of industry standards has been among the challenges facing developers of self-driving cars. Underwriters Laboratory today published UL 4600, its first standard for evaluating the safety of autonomous vehicles.

The standard describes safety principles and processes for evaluating fully autonomous vehicles and covers topics including the design process, testing, and human-machine interaction for non-drivers. It also covers autonomy validation, risk identification, and data integrity.

Developing UL 4600

Northbrook, Ill.-based Underwriters Laboratories worked with Philip Koopman, an associate professor in the Department of Electrical and Computer Engineering at Carnegie Mellon University. He is also co-founder and CEO of Edge Case Research, which provides tools and services for autonomous vehicle testing and safety validation.

“UL 4600 is a set of requirements and safety lessons learned that informs the contents of a safety case,” stated Koopman. “This safety case approach provides the flexibility needed to help ensure safety without overly constraining the use of this quickly evolving technology.”

Underwriters Laboratories convened a Standards Technical Panel (STP) to develop and review the first edition of the UL 4600 document. The panel included automotive, aviation, and robotics manufacturers, as well as universities, insurers, state and federal regulatory agencies, and a consumer advocacy organization. The STP had members from the U.S., Germany, the U.K., Sweden, China, and Singapore, among other countries.

“We are grateful to Dr. Koopman and the many stakeholders who so willingly shared their knowledge to contribute to the development of this standard,” said Phil Piqueira, vice president of global standards at Underwriters Laboratories. “This is an example of standardization keeping pace with emerging industries to help support safety while encouraging innovation and continued progress.”

“Uber ATG believes that voluntary industry standards that support the safe development and deployment of self-driving vehicles are an important consideration for all companies in this space. UL’s new standard and [its] approach to standards development allows for rapid iteration and feedback, which is on pace with what our industry needs.” said Nat Beuse, head of safety at Uber Advanced Technology Group (ATG). “Being a contributor to these conversations and driving consensus around some of the safety aspects of SDV [self-driving vehicle] development is a priority for Uber and the rest of the STP.”

ANSI/UL 4600 standard overview

The new safety standard applies to fully autonomous mobile systems, including self-driving passenger cars and vehicles used in agriculture, maintenance, and mining, among other industries. It also applies to lightweight unmanned aerial vehicles (UAVs) or drones. It covers assessments of the ability of a device to operate as intended without human intervention.

UL 4600 also addresses the reliability of hardware and software for sensing in potentially unstructured environments. It also includes provisions for risk analysis and validation of machine learning for critical functions.

The following sections comprise the new standard:

• Dependability, including fault detection and mitigation, incident response, and cybersecurity
• Data and networking, including communications and storage
• Verification, validation, and testing, including approaches, methods, and safety case updates
• Tool qualification, commercial off-the-shelf (COTS) systems, and legacy components
• Lifecycle concerns, such as the handoff from design to manufacturing, supply chain, and disposal
• Maintenance and inspection
• Metrics and safety performance indicators (SPIs)
• Assessment of conformance, independent assessment, and prompt element feedback

Limits of scope and compatibility with other standards

However, the standard does not cover performance criteria, define pass/fail safety criteria, or provide benchmarks for autonomous vehicle road testing. It is also technology-neutral and does not mandate the use of any specific technology to guarantee safety.

In addition, UL 4600 does not provide guidance for human supervision or control of self-driving vehicles. Handoffs between safety drivers and autonomous systems, as well as insurance liability, are also beyond the scope of the standard.

“Conformance with this standard is not a guarantee of a safe automated vehicle,” said Underwriters Laboratories. “However, conformance with this standard promotes more rigorous engineering in support of a safe automated vehicle. It is also recognized that a safety case is just one of many important parts to a complete safety-assurance framework for automated vehicles, and it is expected that this standard will be used in conjunction with other standards and test methodologies defined by standards organizations and regulators.”

“Compliance with UL 4600 permits (but does not require conformance to) other safety standards such as ISO 26262, ISO/PAS 21448, IEC 61508, MIL STD 882, etc., as well as security standards where such conformity is demonstrated,” it said. The current version of the standard includes provisions for future mandatory, “highly recommended,” and recommended safety measures.

Standard is available for review and comment

UL 4600 can be viewed for free online (registration required) and is available for purchase in print.

Underwriters Laboratory said it welcomes feedback and proposals for changes, which anyone can submit to its Collaborative Standards Development System at CSDS.UL.com. Organizations and individuals can also apply for membership on the STP.