Hello !
?
Trace: Domain-Specific Challenges in Autonomy Testing Software Systems Challenges Ahead

This is an old revision of the document!

Challenges Ahead

Masters (2nd level) classification icon

[raivo.sell]

In terms of challenges, autonomy is very much in the early innings. Broadly speaking. the challenges can be split into three broad categories. First, the core technology elements within the autonomy pipeline (sensors, location services, perception, and path planning, the algorithms and methodology for demonstrating safety, and finally business economics.

Algorithms and Methodology for Safety:

A major bottleneck remains the inability to fully validate AI behavior, with a need for more rigorous methods to assess completeness, generate targeted test cases, and bound system behavior. Advancements in explainable AI, digital twins, and formal methods are seen as promising paths forward. Additionally, current systems lack scalable abstraction hierarchies—hindering the ability to generalize component-level validation to system-level assurance. Borrowing principles from scalable semiconductor design could aid in building such structures. To build trust with users and regulators, the industry must also adopt a “progressive safety framework,” clearly showing continuous improvement, regression checks during over-the-air (OTA) updates, and lessons learned from real-world failures.

In terms of “V\&V test apparatuses,” both virtual and physical tools are emphasized. Virtual environments will play a key role in supporting evolving V\&V methodologies, necessitating ongoing work from standards bodies like ASAM. Physical test tracks must evolve to not only replicate real-world scenarios efficiently but also validate the accuracy of their virtual counterparts—envisioned through a “movie set” model that can quickly stage complex scenarios. Another emerging concern is “electromagnetic interference (EMI),” especially due to the widespread use of active sensors. Traditional static EMI testing methods are insufficient, and there is a need for dynamic, programmable EMI testing environments tailored to cyber-physical systems.

Finally, a rising concern is around “cybersecurity** in autonomous systems. These systems introduce systemic vulnerabilities that span from hardware to software, necessitating government-level oversight. Key sensor modalities like LiDAR, GPS, and radar are susceptible to spoofing, and detecting such threats is an urgent research priority. The V&V process itself must evolve to minimize exposure to adversarial attacks, effectively treating security as an intrinsic constraint within system validation, not an afterthought.

Verification and Validation Capability:

  1. Components: Validation of AI components continue to be a stumbling block to overall safety. Continued research is required on methods to mathematically measure completeness, efficiently generate tests, and bound AI behavior. Research directions in areas such as explainable AI, digital twin monitors, and more formal methods may well move the state-of-the-art forward.
  2. Scalability: Today, cyber-physical systems do not have a clear hierarchy of abstraction which allows for scaling. Research is required to develop methods where component validation results can lead to higher abstraction validation leading to scale. Learning from the broad methodologies of design artifacts, which enable scaling from semiconductor electronics space, may be good guides for this research direction.
  3. Progressive structure: To project trust from consumers and regulators, the industry must develop a clear process which shows a progressive structure of safety progress. A key part of this process are clear arguments for lack of regression of functionality in OTA updates and inclusion of feedback from field failures.

Verification and Validation Test Apparatuses

  1. Virtual: As methodologies develop for V&V, virtual testing tools will be required to support them. This means that the work done in standards organizations such as ASAM must continue as a key enabling feature to develop these methodologies.
  2. Physical: Test tracks must continue to adapt to support their key functions in the overall flow. Specifically, they must provide resources for characterization of virtual models for simulation and be able to quickly recreate complex scenarios from simulation or field failure. Thus, a movie set operational model will be critical for success.
  3. EMI: Due to the heavy use of active sensing technologies, EMI is a critical new issue for cyber-physical systems. Today, EMI testing is limited to static testing devices such as anechoic chambers. However, with cyber-physical systems, the combination of mechanical movement and complex reflective materials requires a movement in the state-of-art of EMI testing. Further, today, programmatic methods such as LabView enable efficient test programming for electronics, yet nothing similar exists for cyber-physical EMI testing.

Cybersecurity:

  1. Systematic risk: Networked cyber-physical systems are introducing the notion of systematic risk to bad actors. Governmental oversight is required to ensure that all levels of this chain from physical security to the software architecture are fully dependable.
  2. Sensors: Various electronics modalities (e.g., LiDAR, radar, GPS) are critical to autonomous operation while also being vulnerable to spoofing. Research is required to detect and mitigate these spoofing effects.
  3. Cyber-security: The surface for cyber-security attacks is constructed through the design and validation process of the product. The V&V process should include a minimization available for adversarial attacks through communication interfaces. This effectively adds a new constraint to the V&V process.

Supply Chain:

  1. Economics: The economics of semiconductors will limit the development of chips for limited volume markets. Thus, developing methodologies which provide security, reliability and performance from Commercial Off-The-Shelf (COTS) products is critical for success.
  2. Design: Field maintainability, skew minimization, and total lifetime cost have been active topics in many industries, but not typically for the electronics components. With the increasing absorption of electronics components, a clear Design for Supply Chain function is required to understand the down-stream costs of electronic design choices in Electronic Design Systems.
  3. Supply Chain: In the construction of supply chain relationship, there is often a functional decomposition to suppliers. However, for integrated products, a peek through and joint development of the underlying hardware/software system is highly recommended. Of course, this is exactly the direction taken by the concept of a software defined vehicle.
  4. Hardware Fabrics: Building on a minimal number of high -volume semiconductor chips is critical to the long- term viability of the LLC supply chain. To enable this process, a broader concept of hardware programmable fabrics which include software, digital hardware, and analog/sensor function must be developed. Development of this newer version of the computer architecture is key to absorbing the supply chain shocks from the consumer marketplace.

Finally, at a systems level there are two strong recommendations:

  1. Integrated Functional Approach: V&V, Cybersecurity, and supply chain form the crux of the product assurance function. Thinking of these in an integrated, not siloed, fashion, especially in the process of initial product design, is highly recommended.
  2. Learnings from adjacent fields: Automotive is the largest cyber-physical marketplace. The critical learnings from automotive for other ground vehicles as well as adjacent fields such as airborne, space, and marine systems is highly recommended.
en/safeav/avt/challenges.1754097754.txt.gz · Last modified: 2025/08/02 01:22 by rahulrazdan
CC Attribution-Share Alike 4.0 International
www.chimeric.de Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0