Multi-Staged Framework for Safety Analysis of Offloaded Services in Distributed Intelligent Transportation Systems

TL;DR

This work addresses safety challenges of offloading autonomous driving tasks to remote devices within distributed ITS by introducing MUFASA, a multi-staged safety framework embedded in the existing SOFOF offloading platform. MUFASA provides a sequential validation pipeline—spanning track, map, and grid-map based checks, plus LLCC and dynamic detections—to ensure data quality from remote services and reconfigure execution to local safety when needed, controlled by a waiting period $t_{\text{wait}}$. The authors formalize a distributed service model and demonstrate configurations where MOT, ENV, and TPL can be offloaded, while key tasks stay local, with explicit fallback logic and safety-driven orchestration. Evaluation in simulation shows MUFASA detects manipulated remote data that SOFOF alone misses, reduces offloading duration for certain tasks, and maintains safe operation under attack scenarios. The work advances practical, safety-centric integration of edge/offloaded services in autonomous transportation, informing design of resilient distributed ITS architectures with clear fallback guarantees.

Abstract

The integration of service-oriented architectures (SOA) with function offloading for distributed, intelligent transportation systems (ITS) offers the opportunity for connected autonomous vehicles (CAVs) to extend their locally available services. One major goal of offloading a subset of functions in the processing chain of a CAV to remote devices is to reduce the overall computational complexity on the CAV. The extension of using remote services, however, requires careful safety analysis, since the remotely created data are corrupted more easily, e.g., through an attacker on the remote device or by intercepting the wireless transmission. To tackle this problem, we first analyze the concept of SOA for distributed environments. From this, we derive a safety framework that validates the reliability of remote services and the data received locally. Since it is possible for the autonomous driving task to offload multiple different services, we propose a specific multi-staged framework for safety analysis dependent on the service composition of local and remote services. For efficiency reasons, we directly include the multi-staged framework for safety analysis in our service-oriented function offloading framework (SOFOF) that we have proposed in earlier work. The evaluation compares the performance of the extended framework considering computational complexity, with energy savings being a major motivation for function offloading, and its capability to detect data from corrupted remote services.

Figures (4)

• Figure 1: Simplified service configuration for autonomous driving. Deactivated nodes are more transparent. The legend on the right shows different arrow colors indicating data types that are sent through the interfaces. The lightnings show possible areas for data manipulation for remote services.
• Figure 2: Exemplary hierarchical tree structure of services for a distributed ITS considering one CAV and a MEC server. The color indicates the location of the services, respectively. A distributed service composition can be chosen from the root nodes, i.e., CAV and MEC detection, to the leaf node CAV actuation.
• Figure 3: Proposed MUFASA for different service configurations (blue=local, red=remote). If a validation block is green for a specific configuration it is always applied while yellow ones are only applied under certain conditions, e.g., if previous ones cannot be used.
• Figure 4: Number of failures during function offloading for SOFOF and SOFOF + MUFASA. For each attack, we have simulated $10$ scenarios. A failure is occurring if a collision happens or if a specified target zone is not reached within a time limit.

Theorems & Definitions (2)

• Definition 1: Service
• Definition 2: Device switch