With the increasing complexity of software permeating critical domains such as autonomous driving, new challenges are emerging in the ways the engineering of these systems needs to be rethought. Autonomous driving is expected to continue gradually overtaking all critical driving functions, which is adding to the complexity of the certification of autonomous driving systems. As a response, certification authorities have already started introducing strategies for the certification of autonomous vehicles and their software. But even with these new approaches, the certification procedures are not fully catching up with the dynamism and unpredictability of future autonomous systems, and thus may not necessarily guarantee compliance with all requirements imposed on these systems. In this paper, we identified a number of issues with the proposed certification strategies, which may impact the systems substantially. For instance, we emphasize the lack of adequate reflection on software changes occurring in constantly changing systems, or low support for systems' cooperation needed for the management of coordinated moves. Other shortcomings concern the narrow focus of the awarded certification by neglecting aspects such as the ethical behavior of autonomous software systems. The contribution of this paper is threefold. First, we discuss the motivation for the need to modify the current certification processes for autonomous driving systems. Second, we analyze current international standards used in the certification processes towards requirements derived from the requirements laid on dynamic software ecosystems and autonomous systems themselves. Third, we outline a concept for incorporating the missing parts into the certification procedure.

翻译：随着渗透到自动驾驶等关键领域的软件日益复杂，这些系统工程方式的重新思考正面临新挑战。自动驾驶预计将继续逐步接管所有关键驾驶功能，这增加了自动驾驶系统认证的复杂性。作为应对，认证机构已开始引入针对自动驾驶车辆及其软件的认证策略。但即便采用这些新方法，认证程序仍未能完全适应未来自主系统的动态性和不可预测性，因此未必能保证满足对这些系统施加的所有要求。在本文中，我们识别了所提议认证策略中可能对系统产生重大影响的若干问题。例如，我们强调了对不断变化系统中发生的软件变更缺乏充分反思，或对协调移动管理所需的系统合作支持不足。其他缺陷涉及所颁发认证的范围狭窄，忽视了自主软件系统的伦理行为等方面。本文的贡献有三方面。第一，我们讨论了修改当前自动驾驶系统认证流程的必要性动机。第二，我们分析了当前认证流程中使用的国际标准，对照从动态软件生态系统和自主系统本身要求中推导出的需求。第三，我们概述了一个将缺失部分整合到认证程序中的概念。