Back to Program



Sensitivity Analysis within the Prospective Safety Integrity Framework


apl. Prof. Dr. Moritz Werling

Senior Expert Safe System Design

BMW Group



Due to the possibly inattentive driver, the accepted system failure probabilities of L3/L4 Systems are much lower than for L1/L2. As a consequence, sole driving with the end-to-end system will not provide enough data for statistical significance. We therefore systematically identify hazardous scenarios and validate the system within these by Simulation. This requires models of the driving environment conditions, the traffic, the perception and the control system. Dealing with uncertainties is a major concern, since many effects can only be described stochastically (aleatory uncertainty) and Validation data is limited (epistemic uncertainty). Therefore, developers must investigate how sensitive the estimated risk is to uncertainties in the model. This so-called Sensitivity Analysis (SA) involves identifying the most safety-critical components to improve and identifying the critical assumptions to be supported by more evidence. However, the term "Sensitivity Analysis" is not mentioned in ISO 21448, although it is particularly relevant for assessing the risk of performance limitations. The presentation will provide a simplistic example to demonstrate the use of a SA within the Prospective Safety Integrity Framework.