[SystemSafety] a public beta phase ???

[Driscoll, Kevin R]

I forgot to add the coincidence:  The reason I was at Ames was to give a presentation titled "Cyber Safety and Security for Pilot Assistance".  Yes, that's semi-autonomous air crew replacement (reduced crew operations, single pilot operations, etc).  Synopsis:  I don't think it's viable in the foreseeable future.

> -----Original Message-----
> From: Smith, Brian E. (ARC-TH) [mailto:brian.e.smith at nasa.gov]
> Sent: Friday, August 05, 2016 16:25
> To: Driscoll, Kevin R; Mike Ellims; 'Les Chambers'; 'Peter Bernard
> Ladkin'; systemsafety at lists.techfak.uni-bielefeld.de
> Subject: Re: [SystemSafety] a public beta phase ???
> 
> Doesn¹t surprise me at all, Kevin.  I commute from NASA Ames to my home
> in Mountain View and see unusual behaviors by the fleet of Google Lexus
> vehicles and the little ³gumdrop² AVs equipped with just a joystick and
> no steering wheel.  The Google safety drivers and systems engineers
> onboard are fortunately not reading their newspapers.
> 
> I¹m on the Ames Safety Committee that is responsible for monitoring the
> safety of driverless-car experiments being performed here by a major
> automobile manufacturer.  The same subtleties and contradictions that
> have been discussed at length on this thread play out in very practical
> ways during our review of the activities here.
> 
> Brian
> 
> On 8/5/16, 1:50 PM, "systemsafety on behalf of Driscoll, Kevin R"
> <systemsafety-bounces at lists.techfak.uni-bielefeld.de on behalf of
> kevin.driscoll at honeywell.com> wrote:
> 
> >On Wednesday, I was passed by a Tesla on the 101 going to SFO from
> NASA
> >Ames at about 4pm (rush hour).  The person behind the wheel (I
> couldn't
> >call him the driver) had a stack of papers in both hands and was
> >reading them.  He went by me too fast (40mph?, I was doing about 25)
> to
> >see how often he looked up; I saw one head bob.
> >
> >> -----Original Message-----
> >> From: systemsafety [mailto:systemsafety-bounces at lists.techfak.uni-
> >> bielefeld.de] On Behalf Of Mike Ellims
> >> Sent: Friday, July 22, 2016 06:54
> >> To: 'Les Chambers'; 'Peter Bernard Ladkin';
> >> systemsafety at lists.techfak.uni-bielefeld.de
> >> Subject: Re: [SystemSafety] a public beta phase ???
> >>
> >> Morning Les,
> >>
> >> These are all on the surface reasonable ideas, however as Mencken
> >> said; "for every complex problem there is an answer that is clear,
> >> simple, and wrong"
> >> (sorry - couldn't help myself ;-).
> >>
> >> 1. The solutions suggested are applicable only to vehicles; what
> >> about pedestrians, cyclists, horses, live stock, wild animals (deer
> >> or moose) or any of the hundreds of objects that can be found on
> roads e.g.
> >> roadwork's, fallen trees. To go beyond where Mercedes, BMW and Tesla
> >> are now requires everything be detected.
> >>
> >> 2. They don't scale, or at least don't scale fast enough.
> >> First, to be truly useful all vehicles would need to be equipped.
> >> Currently there are 1.2 billion vehicles on the worlds roads and
> >> approximately 85 million new vehicles being added each year. Note
> >> this doesn't include road going equipment such mobile plant or
> tractors.
> >>
> >> Second the average life of a vehicle is somewhere between 10 and 20
> >> years so even if we started mandating one of these solutions now it
> >> would be 2026 or so before approximately half of the world vehicles
> >> were equipped and 2040 before 100% (simple model assuming 3% of all
> >> vehicles are removed each year).
> >>
> >> Even if it was a simple retrofit like putting bumper stickers on the
> >> front sides and rear of every vehicle it still need to be designed
> >> and rolled out.
> >> If it has to be done by a mechanic paid for by the manufactures it's
> >> going to have a minimum cost of $50 US per vehicle... so we're
> >> talking a minimum of $50 billion... And if it's bumper sticks they
> >> had better be an exact match to the paint on my car!
> >>
> >> But that would be unlikely to happen as,
> >>
> >> 3. The solution would have to be legally mandated. This might be
> >> possible Europe but in the US you would have to provide an economic
> >> case that showed that the avoided cost in lives saved would exceed
> >> the cost of adding the equipment to all vehicles. Three simple
> >> examples, in Europe side impact bars on trucks, ABS and indicators a
> >> different colour to brake lights are all required, in the US none of
> >> these are as the economic case isn't clear enough for to allow the
> >> rule making process to move forward.
> >>
> >> For the Tesla that implies you need agreement between the EU,
> >> USA/Canada, China and Australia (based on locations of the
> >> supercharger networks).
> >> Goodness know how long getting agreement would take but possibly
> >> somewhere between 4 and 10 years?
> >>
> >> I know this is a bit like pissing on the parade but the huge
> numbers,
> >> time scales and politics involved make the problem approximate
> >> intractable fairly well, which is why manufactures are following an
> >> approach based on what they control.
> >>
> >> It may be worthwhile to note that the vast majority of cars on the
> >> road today don't need radar reflectors as they are radar reflectors,
> >> under all that plastic they are steel (or aluminium in the case of
> >> Tesla). It gets interesting with carbon fibre cars such as the BMW
> i3
> >> but I assume they have radar reflective material added to the mix as
> >> radar and adaptive cruise control is so common today (you would hope
> >> that would come out of the hazard analysis wouldn't you).
> >>
> >> Remember in the Tesla crash the car's radar "saw" the truck (but
> only
> >> the truck bed) but apparently misclassified what it was seeing... at
> >> this juncture it appears to be a requirements or analysis problem
> not
> >> a senor detection problem.
> >>
> >> I suspect that fully autonomous cars are probably some way off,
> >> Google is now saying 5 to 10 years, Musk says two but what he
> >> probably means is 4 to 10.
> >>
> >> Fully autonomous vehicles can probably be classed as a "wicked"
> >> problem, in that the problem itself isn't well defined. Tesla and
> >> other manufactures have been able to provide a partial solution for
> >> highly constrained conditions, i.e. motorways and highways where the
> >> complexity of the situation is relatively  "low". Noisy urban areas
> >> (as an example) is a whole different problem. For example do we have
> >> to detect people and classify them as people or is it enough to
> >> classify them as things either moving or not moving; or perhaps as
> >> thing on road, things moving towards road or things not on road? At
> >> this point in time it may not be possible to answer that question.
> >>
> >>
> >> Cheers.
> >>
> >>
> >>
> >>
> >> -----Original Message-----
> >> From: systemsafety
> >> [mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de] On
> >> Behalf Of Les Chambers
> >> Sent: 22 July 2016 00:14
> >> To: 'Peter Bernard Ladkin';
> >> systemsafety at lists.techfak.uni-bielefeld.de
> >> Subject: Re: [SystemSafety] a public beta phase ???
> >>
> >> Peter
> >> The concept of workshopping something is that you rollout ideas,
> >> people critique them and in the process maybe you spark some
> >> creativity, new ideas that is. These days our lives are absolutely
> >> ruled by the people with ideas.
> >> Elon Musk is a classic example (I'm in awe of that guy despite the
> >> fact I disagree with some of the things he does). Ideas are the last
> >> frontier, they are the final currency, they will never be automated.
> >> In 24 hours My Tesla Motor Club post attracted 930 views and 22
> >> replies. It looks like this is a very active forum biased more
> >> towards solutions than the it'll-never-work-narrative - I find this
> refreshing.
> >> The following three I found particularly informative:
> >> ----response one ------------------
> >> Good reference: Wireless Vehicular Networks for Car Collision
> >> Avoidance
> >> http://www.springer.com/us/book/9781441995629
> >> ----- response two ------------------- I'd favour a "radar
> reflector"
> >> of some sort - something that makes a "vehicle" more "visible" to
> the
> >> sensors. Hopefully dirt-cheap, and thus could be mandated for
> >> installation at the vehicle's next roadworth-test (over here that is
> >> an annual test once a car reaches 3 year's old).
> >> ------ response three ------------------ "high-quality GPS SPS
> >> receivers provide better than 3.5 meter horizontal accuracy."
> >> So i think accuracy is not good enough.
> >> If there is a car on the side of the road, your GPS receivers are
> >> closer each other than 3.5 m and collision warning would give false
> >> alert.
> >> ------------------------
> >>
> >> Have you got any ideas Peter?
> >>
> >> Les
> >>
> >>
> >> -----Original Message-----
> >> From: systemsafety
> >> [mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de] On
> >> Behalf Of Peter Bernard Ladkin
> >> Sent: Thursday, July 21, 2016 3:51 PM
> >> To: systemsafety at lists.techfak.uni-bielefeld.de
> >> Subject: Re: [SystemSafety] a public beta phase ???
> >>
> >> Les,
> >>
> >> On 2016-07-21 01:44 , Les Chambers wrote:
> >> > Ok, so I've posted my brilliant idea (below) on a Tesla Forum for
> >> > the Model S. .... It got 4 views in the first 10 seconds after
> posting.
> >> > Let's see how much interest it generates.
> >>
> >> When I read your post I thought you were being facetious. But on the
> >> odd chance you were being serious, a couple of comments.
> >>
> >> First, fail-stop is a fairly well-understood mechanism, of limited
> use.
> >> It is going to be of particularly limited use in road traffic, not
> >> only because of its functional limitations but also because of the
> latency.
> >> People's reaction time is between 1 and 2 seconds (this has been
> >> fairly well measured with pilots). This is quite long enough to get
> >> you into an irrecoverable situation in road traffic.
> >>
> >> Second, the Tesla S is equipped with such a device. It's called
> >> "steering wheel and brake activation" and it didn't save Mr. Brown.
> >>
> >> Third, designing reliable GPS locator mechanisms, even for steadily-
> >> moving objects, is tricky. For example,
> >>
> http://www.icao.int/APAC/Meetings/2015%20ADSBSITF14/IP04_AUS%20AI.4%2
> >> 0-
> >> %20Bo
> >> eing%20787%20ADS-B%20deficiency.pdf
> >> For general comments about the suitability of GPS-based devices for
> >> high-resolution terrestrial use, see
> >> http://www.raeng.org.uk/publications/reports/global-navigation-
> space-
> >> systems
> >> , the report of a Working Group chaired by Martyn. There is quite a
> >> bit about trustworthiness and lack of it.
> >>
> >> Fourth, car manufacturers have been working on such "sense and
> avoid"
> >> mechanisms quite intensely for well over a decade. I recall a talk
> at
> >> SAFECOMP 2004 in Potsdam from Daimler R&D guru Ralf Herrtwich on the
> >> trustworthiness of automotive telematics. He was talking about
> >> car-to- car stuff. It was mostly radar/lidar/sonar based, for what I
> >> take to be obvious reasons, namely that you don't have to worry in
> >> quite the same way about the trustworthiness of your sensorics as
> you
> >> do about the trustworthiness of third-party information such as GPS
> >> positioning of others. I doubt if that has changed at all.
> >>
> >> I asked him about what they were doing about vulnerable road users
> >> and didn't get the impression that they were doing much at all at
> >> that point.
> >>
> >> PBL
> >>
> >> Prof. Peter Bernard Ladkin, Bielefeld, Germany MoreInCommon Je suis
> >> Charlie
> >> Tel+msg +49 (0)521 880 7319  www.rvs-bi.de
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> _______________________________________________
> >> The System Safety Mailing List
> >> systemsafety at TechFak.Uni-Bielefeld.DE
> >>
> >>
> >> ---
> >> This email has been checked for viruses by Avast antivirus software.
> >> https://www.avast.com/antivirus
> >>
> >> _______________________________________________
> >> The System Safety Mailing List
> >> systemsafety at TechFak.Uni-Bielefeld.DE
> >_______________________________________________
> >The System Safety Mailing List
> >systemsafety at TechFak.Uni-Bielefeld.DE