+

WO2018141545A1 - Procédé et dispositif pour contrôler la vraisemblance d'une trajectoire de véhicule pour commander un véhicule - Google Patents

Procédé et dispositif pour contrôler la vraisemblance d'une trajectoire de véhicule pour commander un véhicule Download PDF

Info

Publication number
WO2018141545A1
WO2018141545A1 PCT/EP2018/051074 EP2018051074W WO2018141545A1 WO 2018141545 A1 WO2018141545 A1 WO 2018141545A1 EP 2018051074 W EP2018051074 W EP 2018051074W WO 2018141545 A1 WO2018141545 A1 WO 2018141545A1
Authority
WO
WIPO (PCT)
Prior art keywords
vehicle
trajectory
vehicle trajectory
stored
memory unit
Prior art date
Application number
PCT/EP2018/051074
Other languages
German (de)
English (en)
Inventor
Marlon Ramon EWERT
Original Assignee
Robert Bosch Gmbh
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Robert Bosch Gmbh filed Critical Robert Bosch Gmbh
Publication of WO2018141545A1 publication Critical patent/WO2018141545A1/fr

Links

Classifications

    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05DSYSTEMS FOR CONTROLLING OR REGULATING NON-ELECTRIC VARIABLES
    • G05D1/00Control of position, course, altitude or attitude of land, water, air or space vehicles, e.g. using automatic pilots
    • G05D1/0055Control of position, course, altitude or attitude of land, water, air or space vehicles, e.g. using automatic pilots with safety arrangements
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01CMEASURING DISTANCES, LEVELS OR BEARINGS; SURVEYING; NAVIGATION; GYROSCOPIC INSTRUMENTS; PHOTOGRAMMETRY OR VIDEOGRAMMETRY
    • G01C21/00Navigation; Navigational instruments not provided for in groups G01C1/00 - G01C19/00
    • G01C21/26Navigation; Navigational instruments not provided for in groups G01C1/00 - G01C19/00 specially adapted for navigation in a road network
    • G01C21/34Route searching; Route guidance
    • G01C21/3407Route searching; Route guidance specially adapted for specific applications

Definitions

  • the invention is based on a device or a method according to the preamble of the independent claims.
  • the subject of the present invention is also a computer program.
  • the vehicles drive autonomously by, for example, a road course, others
  • the driver is not involved in a fully autonomous vehicle on the ride.
  • a method for plausibility checking of a vehicle trajectory for controlling a vehicle is presented, wherein the vehicle has a control unit with a storage unit for storing vehicle trajectories, the method comprising the following steps:
  • a vehicle trajectory can be understood, for example, as a data record based on a digital map with control commands for navigating the vehicle.
  • the vehicle trajectory can be calculated, for example, during operation of the vehicle by the control unit.
  • the stored vehicle trajectory can be, for example, a vehicle trajectory calculated by the control unit at an earlier time and then stored in the storage unit.
  • Control unit received vehicle trajectory are understood. Under a
  • unauthorized changes such as in the context of a hacker attack
  • vehicle trajectory is compared with a stored in the control unit vehicle trajectory.
  • the safety during autonomous driving in an autonomous vehicle can be significantly increased.
  • vehicle trajectory are recognized as plausible if the vehicle trajectory to be traversed and the stored vehicle trajectory coincide with one another within a tolerance range. This will a simple and quick plausibility check of the vehicle trajectory to be traveled or recognition of a plausible vehicle to be driven off
  • the method may include a step of outputting a control signal for controlling the vehicle.
  • the control signal for controlling the vehicle can be output in accordance with the vehicle trajectory to be traveled if, in the step of the comparison, the vehicle trajectory to be traveled has been recognized as plausible.
  • the control signal for controlling the vehicle according to the stored vehicle trajectory or to decelerate the vehicle can be output if in the step of the comparison the vehicle trajectory to be traveled has not been recognized as plausible. As a result, dangerous traffic situations can be avoided.
  • the memory unit can be read in order to obtain a reference trajectory generated by the control unit as the stored vehicle trajectory.
  • a reference trajectory can be understood as a desired trajectory of the vehicle classified as safe. This embodiment enables a reliable plausibility check of the vehicle trajectory to be traveled.
  • Reference trajectory is stored in the memory unit to at least one storage time.
  • the storage time may represent a time determined by means of a key assigned to the vehicle.
  • Reference trajectories allows.
  • the method may include a step of preventing write access to the memory unit outside of the storage time.
  • the storage unit can be reliably protected against unauthorized access from the outside, for example in the context of a hacker attack.
  • the reference trajectory in the step of storing, can be transmitted via a communication interface of the vehicle to an external storage unit in order to store the reference trajectory in the external storage unit.
  • the external memory unit in the readout step, can be read out via the communication interface in order to obtain an externally stored vehicle trajectory.
  • Vehicle trajectory are compared with the vehicle trajectory to be traversed to recognize the trajectory to be trajectory as plausible.
  • an external storage unit for example, a central processing unit, for example, a central processing unit, or a central processing unit, or a central processing unit.
  • the combination interface may, for example, be an interface for car-to-car communication, which serves to exchange information and data between motor vehicles.
  • the purpose of such data exchange may be to inform critical drivers of critical and dangerous situations at an early stage.
  • the communication interface can be used to exchange vehicle-specific data between vehicles.
  • the vehicles in question collect, for example, data such as ABS interventions, steering angle, position, direction or speed and send them, for example via radio (WLAN, UMTS) to other road users.
  • WLAN wireless local area network
  • the communication interface can also be designed for car-to-infrastructure communication, which can be understood as the exchange of data between the vehicle and a surrounding infrastructure such as traffic light installations or the like.
  • the mentioned communication technologies are therefore based on the
  • Vehicle trajectory are stored centrally. This allows the Processing of the vehicle trajectory can be simplified or made available to other road users
  • the approach presented here also provides a device which is designed to implement the steps of a variant of a method presented here
  • the device may comprise at least one computing unit for processing signals or data, at least one memory unit for storing signals or data, at least one interface to a sensor or an actuator for reading sensor signals from the sensor or for outputting data or control signals to the sensor Actuator and / or at least one
  • the arithmetic unit may be, for example, a signal processor, a microcontroller or the like, wherein the memory unit is a flash memory, an EPROM or a
  • the magnetic storage unit can be.
  • the communication interface can be designed to read or output data wirelessly and / or by line, wherein a communication interface that can read or output line-bound data, for example, electrically or optically read this data from a corresponding data transmission line or output in a corresponding data transmission line.
  • a device can be understood as meaning an electrical device which processes sensor signals and outputs control and / or data signals in dependence thereon.
  • the device may have an interface, which may be formed in hardware and / or software.
  • the interfaces for example, part of a so-called system ASICs, which includes a variety of functions of the device.
  • the interfaces are their own integrated circuits or at least partially consist of discrete components.
  • the interfaces may be software modules that are present, for example, on a microcontroller in addition to other software modules.
  • the device is used to control the vehicle.
  • the device can access, for example, sensor signals such as acceleration, pressure, steering angle or environmental sensor signals.
  • the control takes place via actuators such as brake or steering actuators or an engine control unit of the vehicle.
  • FIG. 1 shows a schematic representation of a vehicle with a device according to an embodiment
  • Fig. 2 is a schematic representation of a device according to a
  • FIG. 3 is a flowchart of a method according to a
  • FIG. 1 shows a schematic representation of a vehicle 100 having a device 102 for checking the plausibility of a vehicle trajectory for controlling the vehicle 100.
  • the vehicle 100 is, for example, a highly-automated vehicle, also called an autonomous vehicle, which is equipped with a corresponding driver assistance system.
  • a highly-automated vehicle also called an autonomous vehicle, which is equipped with a corresponding driver assistance system.
  • Driver assistance system is an electronic option to assist the driver in certain driving situations. Here, safety aspects, but also the increase in ride comfort can be in the foreground.
  • the driver assistance system can partially autonomously or autonomously intervene in drive, control (gas or brake), steering or signaling devices of the vehicle 100 or warn the driver of a suitable man-machine interface shortly before or during critical situations.
  • the driver assistance system for example, is designed so that the responsibility remains with the driver and this is not incapacitated.
  • Driver assistance system can be used depending on the embodiment with various types of environment sensors, among others
  • Lane change assistant blind spot monitoring, emergency braking system for
  • the device 102 is realized as a component of a control device 104 of the vehicle 100, wherein the control device 104 comprises a memory unit 106 for storing vehicle trajectories.
  • the device 102 is designed to read the memory unit 106.
  • the device 102 receives from the memory unit 106 a stored vehicle trajectory 108.
  • This is supplied by the device 102 with a vehicle trajectory to be traveled, which is, for example, a vehicle trajectory presently present to the control device 104, compared in order to make the vehicle trajectory to be plausibility checked.
  • the device 102 outputs a corresponding control signal 110 for controlling the vehicle 100.
  • control signal 110 is also generated, for example, to bring the vehicle 100 to a halt or at least slow it down.
  • the stored vehicle trajectory 108 is in particular a reference trajectory generated by the control unit 104, which is stored cyclically in the memory unit 106, for example at previously calculated times. The calculation of these storage times takes place, for example, using a specific
  • Calculation key which may be associated with the vehicle 100 specifically.
  • control unit 104 not only stores the reference trajectory in the memory unit 106, but additionally sends it in the form of a corresponding data stream 111 via an appropriate communication interface 112 of the vehicle 100 to an external one
  • Memory unit 114 such as a central data server of a cloud, where the reference trajectory is stored outside the vehicle.
  • the device 102 accordingly reads out the external memory unit 114 to read the
  • FIG. 2 shows a schematic representation of a device 102 according to an exemplary embodiment, for example as described above with reference to FIG. 1
  • the device 102 comprises a readout unit 210 for
  • the comparison unit 220 reads a the
  • trajectory data set 222 representing the vehicle trajectory to be traveled.
  • the device 102 is additionally equipped with an output unit 230 for outputting the control signal 110 in dependence on a plausibility value 232 provided by the comparison unit 220.
  • FIG. 3 shows a flowchart of a method 300 according to FIG.
  • Embodiment. The method 300 for plausibility of a
  • vehicle trajectory for controlling a vehicle may be performed using a device as described above with reference to FIGS. 1 and 2.
  • the memory unit is read to obtain the stored vehicle trajectory.
  • the stored vehicle trajectory is compared with the vehicle trajectory to be traveled by the vehicle in order to make it plausible.
  • An autonomous vehicle usually calculates itself the vehicle trajectory, which is automatically run by the vehicle if the vehicle is in autonomous operation. In this case, the vehicle trajectory already calculated in the vehicle during ongoing vehicle operation, for example by a hacker, to be changed. At this point, the approach presented here comes into play, because the device 102 can significantly increase safety during an autonomous journey in an autonomous vehicle.
  • the increase in safety refers to the protection of a vehicle trajectory, which was calculated by the autonomous vehicle and is to be driven off the autonomous vehicle.
  • the vehicle trajectory is stored cyclically in a secure shadow register of the vehicle control unit. Before the execution of the control commands of the vehicle trajectory, the vehicle trajectory is compared with the vehicle trajectory stored in the shadow register. Only when both vehicle trajectories are identical within a tolerance does the processing of the vehicle trajectory in the vehicle take place. Otherwise it can be assumed that the vehicle trajectory has been hacked. In this case, the secured vehicle trajectory is executed or the vehicle is brought to a safe state by, for example, braking and parking it in a controlled manner until the damage or hack has been rectified.
  • the vehicle trajectory is cyclically secured in a cloud, for example via a car-to-X communication connection between the vehicle and the cloud.
  • Vehicle trajectory with the vehicle trajectory stored in the cloud Only when both vehicle trajectories are identical within a tolerance does the processing of the vehicle trajectory in the vehicle take place. Otherwise it can be assumed that the vehicle trajectory has been hacked. In this case, the secured vehicle trajectory is executed or the vehicle is brought to a safe state by, for example, being braked in a controlled manner (via the cloud) and switched off until the damage or hack has been rectified.
  • the vehicle trajectory is again cyclically secured in the cloud.
  • the vehicle trajectory is compared with the vehicle trajectory stored in the cloud. In the event of a deviation, the cloud checks what the vehicle is going to do. If the result of the calculation is that the vehicle is placed in a critical situation, then the secured
  • Vehicle trajectory is executed or the vehicle is brought to a safe state, for example, by the controlled slowed down (via the cloud) and turned off until the damage or hack has been corrected. This means that the vehicle trajectory is made plausible within the cloud. h., recognized as plausible. In addition to the vehicle trajectory, the actual vehicle positions between the vehicle and the cloud are exchanged and included in the calculations on the cloud.
  • Road traffic can be significantly increased and it can be avoided even with hacks serious accidents in traffic.
  • the approach presented here is also applicable if the vehicle has a malfunction and its trajectory suddenly calculated incorrectly.
  • the storage of the vehicle trajectory takes place in the shadow register or in the cloud by means of an encrypted connection.
  • the storage time at which a trajectory is saved is calculated using a vehicle-specific key.
  • the backup of the trajectories outside the time points calculated with the key is thus prevented, since the backup times in the shadow register or in the cloud are checked before the trajectory is saved. For example, because a hacker does not know the key, the manipulated trajectory can not immediately in the
  • Shadow registers or on the cloud to be secured instead, the manipulated trajectory immediately by the time comparison or by a
  • Trajectory comparison between shadow register or cloud and the new trajectory discarded.
  • the calculation of the vehicle trajectory next to the vehicle also takes place in parallel in the cloud.
  • both trajectories within the cloud are made plausible, ie, recognized as plausible.
  • the secured vehicle trajectory is executed or the vehicle is brought to a safe state by, for example, controlled braking (via the cloud) and parking until the damage or hack was fixed.
  • trajectories of autonomous vehicles can be efficiently secured and compared with newly calculated trajectories, whereby the newly calculated trajectories can be checked for deviations almost in real time and made plausible, ie, plausible.
  • the safety in traffic can be significantly increased and it can be avoided even with hacks serious accidents on the road, since the vehicles can be transferred to larger trajectory deviations directly into a safe state.
  • an exemplary embodiment comprises a "and / or" link between a first feature and a second feature, then this is to be read so that the embodiment according to one embodiment, both the first feature and the second feature and according to another embodiment either only first feature or only the second feature.

Landscapes

  • Engineering & Computer Science (AREA)
  • Radar, Positioning & Navigation (AREA)
  • Remote Sensing (AREA)
  • Automation & Control Theory (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Aviation & Aerospace Engineering (AREA)
  • Traffic Control Systems (AREA)
  • Control Of Driving Devices And Active Controlling Of Vehicle (AREA)

Abstract

L'invention concerne un procédé pour contrôler la vraisemblance d'une trajectoire de véhicule pour commander un véhicule (100), ce véhicule (100) présentant un appareil de commande (104) pourvu d'une unité de mémoire (106) destinée à stocker des trajectoires de véhicule. Selon ce procédé, l'unité de mémoire (106) est appelée pour obtenir une trajectoire de véhicule (108) stockée. Cette trajectoire stockée est ensuite comparée avec une trajectoire de véhicule à parcourir pour contrôler la plausibilité de la trajectoire à parcourir.
PCT/EP2018/051074 2017-01-31 2018-01-17 Procédé et dispositif pour contrôler la vraisemblance d'une trajectoire de véhicule pour commander un véhicule WO2018141545A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102017201517.9A DE102017201517A1 (de) 2017-01-31 2017-01-31 Verfahren und Vorrichtung zum Plausibilisieren einer Fahrzeugtrajektorie zum Steuern eines Fahrzeugs
DE102017201517.9 2017-01-31

Publications (1)

Publication Number Publication Date
WO2018141545A1 true WO2018141545A1 (fr) 2018-08-09

Family

ID=61005828

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2018/051074 WO2018141545A1 (fr) 2017-01-31 2018-01-17 Procédé et dispositif pour contrôler la vraisemblance d'une trajectoire de véhicule pour commander un véhicule

Country Status (2)

Country Link
DE (1) DE102017201517A1 (fr)
WO (1) WO2018141545A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116409344A (zh) * 2023-03-14 2023-07-11 中国第一汽车股份有限公司 一种大数据汽车定轨系统、方法、电子设备及存储介质

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP4141715A1 (fr) * 2021-08-23 2023-03-01 Fujitsu Limited Détection d'anomalie

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010048611A1 (fr) * 2008-10-24 2010-04-29 The Gray Insurance Company Commande et systèmes pour véhicules à conduite autonome
DE102013019424A1 (de) * 2013-11-20 2015-05-21 Audi Ag Verfahren zum Betrieb eines Fahrzeugsystems zur Überwachung eines Fahrers und Kraftfahrzeug
US20160358482A1 (en) * 2015-06-05 2016-12-08 Thales Trajectory monitoring

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010048611A1 (fr) * 2008-10-24 2010-04-29 The Gray Insurance Company Commande et systèmes pour véhicules à conduite autonome
DE102013019424A1 (de) * 2013-11-20 2015-05-21 Audi Ag Verfahren zum Betrieb eines Fahrzeugsystems zur Überwachung eines Fahrers und Kraftfahrzeug
US20160358482A1 (en) * 2015-06-05 2016-12-08 Thales Trajectory monitoring

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116409344A (zh) * 2023-03-14 2023-07-11 中国第一汽车股份有限公司 一种大数据汽车定轨系统、方法、电子设备及存储介质

Also Published As

Publication number Publication date
DE102017201517A1 (de) 2018-08-02

Similar Documents

Publication Publication Date Title
EP3512744B1 (fr) Procédé et dispositif permettant de commander un déplacement d'un véhicule et système de commande de déplacement de véhicule
EP3529679B1 (fr) Procédé et dispositif pour assister un conducteur dans la désactivation d'un mode de conduite hautement automatisée d'un véhicule
WO2018086784A1 (fr) Système d'aide à la conduite pour un véhicule automobile
DE102016212195A1 (de) Verfahren zum Durchführen eines automatischen Eingriffs in die Fahrzeugführung eines Fahrzeugs
DE102016200973A1 (de) Verfahren zum Erkennen einer Müdigkeit eines Fahrers eines Fahrzeugs und Steuergerät
EP3465658A1 (fr) Procédé pour fournir une information relative à un piéton dans un environnement d'un véhicule et procédé pour commander un véhicule
DE102016207353A1 (de) Verfahren und Vorrichtung zum Detektieren eines Benutzens eines elektronischen Geräts durch einen Fahrer für ein Fahrzeug
WO2020020666A1 (fr) Procédé et dispositif de contrôle d'un comportement de conduite d'un véhicule à conduite hautement automatisée et système d'infrastructure, véhicule ou véhicule de surveillance pourvus du dispositif
DE102017209258A1 (de) Verfahren und Vorrichtung zum Überwachen einer Fahrstabilität eines Fahrzeugs auf einer vorausliegenden Fahrroute
WO2021148178A1 (fr) Procédé et dispositif d'exécution du guidage de voie automatisé d'un vehicule automobile
DE102015218361A1 (de) Verfahren und Testeinheit zur Verifizierung einer Fahrzeugfunktion
DE102017208462A1 (de) Verfahren und Vorrichtung zum Ermitteln von Betriebsdaten für ein automatisiertes Fahrzeug
DE102019214461A1 (de) Verfahren zum Fernsteuern eines Kraftfahrzeugs
DE102017205495A1 (de) Vorrichtung und Verfahren zum Fokussieren von Sensoren im fahrdynamischen Grenzbereich für ein Kraftfahrzeug
WO2018141545A1 (fr) Procédé et dispositif pour contrôler la vraisemblance d'une trajectoire de véhicule pour commander un véhicule
DE102021209315A1 (de) Verfahren zum Betreiben eines Infrastruktursystems zur Fahrunterstützung von zumindest teilautomatisiert geführten Kraftfahrzeugen
DE102021206297A1 (de) Verfahren und System zum Betreiben eines wenigstens teilweise automatisierten Fahrzeugs
DE102016224074A1 (de) Verfahren und Vorrichtung zum Betreiben eines Fahrzeugs
DE102021204239A1 (de) Verfahren zum Betrieb eines Assistenzsystems sowie Assistenzsystem
WO2023222357A1 (fr) Procédé et dispositif d'identification d'un dysfonctionnement dans un modèle d'environnement d'une fonction de conduite automatisée
DE102010015538A1 (de) Verfahren, Vorrichtung und Computerprogrammprodukt zur Erhöhung der Betriebssicherheit eines Fahrzeugs
WO2022199916A1 (fr) Procédé d'évaluation de logiciel pour un dispositif de commande d'un véhicule
EP4035141A1 (fr) Procédé de fusion au moins assistée d'un véhicule automobile dans une voie de circulation
DE102022104931A1 (de) Verfahren zum betreiben eines notbremsassistenten eines automatisierten kraftfahrzeugs
DE102016216983A1 (de) Vorrichtung und Verfahren zum Aktualisieren zumindest einer in einem Fahrzeug angeordneten Sensoreinrichtung und Sensorsystem für ein Fahrzeug

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18700758

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18700758

Country of ref document: EP

Kind code of ref document: A1

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载