A Scalable Framework for Safety Assurance of Self-Driving Vehicles based on Assurance 2.0
Shufeng Chen, Mariat James Elizebeth, Robab Aghazadeh Chakherlou, Xingyu Zhao, Eric Barbier, Siddartha Khastgir, Paul Jennings
TL;DR
The paper addresses the challenge of safely assuring self-driving vehicles with AI by proposing a scalable Assurance 2.0-based framework that extends traditional CAE approaches with defeaters and reusable assurance theories. It introduces a three-level decomposition tied to a V-model, lifecycle-based PDLCs aligned to ISO standards, and a revised 5M1E framework with Measurement as a meta-factor, supported by Excel templates to manage complex safety arguments. A Wayve AV2.0 case study demonstrates the approach across Requirements, Verification/Validation, and Post-Deployment phases, highlighting improvements in completeness, efficiency, and cross-disciplinary clarity. The work enables continuous, incremental safety assurance suitable for agile, AI-enabled SDV development and sets the stage for toolchains that auto-generate Assurance 2.0 diagrams from structured templates.
Abstract
Assurance 2.0 is a modern framework developed to address the assurance challenges of increasingly complex, adaptive, and autonomous systems. Building on the traditional Claims-Argument-Evidence (CAE) model, it introduces reusable assurance theories and explicit counterarguments (defeaters) to enhance rigor, transparency, and adaptability. It supports continuous, incremental assurance, enabling innovation without compromising safety. However, limitations persist in confidence measurement, residual doubt management, automation support, and the practical handling of defeaters and confirmation bias. This paper presents \textcolor{black}{a set of decomposition frameworks to identify a complete set of safety arguments and measure their corresponding evidence.} Grounded in the Assurance 2.0 paradigm, the framework is instantiated through a structured template and employs a three-tiered decomposition strategy. \textcolor{black}{A case study regarding the application of the decomposition framework in the end-to-end (E2E) AI-based Self-Driving Vehicle (SDV) development is also presented in this paper.} At the top level, the SDV development is divided into three critical phases: Requirements Engineering (RE), Verification and Validation (VnV), and Post-Deployment (PD). Each phase is further decomposed according to its Product Development Lifecycle (PDLC). To ensure comprehensive coverage, each PDLC is analyzed using an adapted 5M1E model (Man, Machine, Method, Material, Measurement, and Environment). Originally developed for manufacturing quality control, the 5M1E model is reinterpreted and contextually mapped to the assurance domain. This enables a multi-dimensional decomposition that supports fine-grained traceability of safety claims, evidence, and potential defeaters.