Learning enabled components (LECs), while critical for decision making in autonomous vehicles (AVs), are likely to make incorrect decisions when presented with samples outside of their training distributions. Out-of-distribution (OOD) detectors have been proposed to detect such samples, thereby acting as a safety monitor, however, both OOD detectors and LECs require heavy utilization of embedded hardware typically found in AVs. For both components, there is a tradeoff between non-functional and functional performance, and both impact a vehicle's safety. For instance, giving an OOD detector a longer response time can increase its accuracy at the expense of the LEC. We consider an LEC with binary output like an autonomous emergency braking system (AEBS) and use risk, the combination of severity and occurrence of a failure, to model the effect of both components' design parameters on each other's functional and non-functional performance, as well as their impact on system safety. We formulate a co-design methodology that uses this risk model to find the design parameters for an OOD detector and LEC that decrease risk below that of the baseline system and demonstrate it on a vision based AEBS. Using our methodology, we achieve a 42.3% risk reduction while maintaining equivalent resource utilization.

翻译：学习型组件（LECs）虽对自动驾驶车辆的决策至关重要，但在处理训练分布之外的样本时容易做出错误判断。分布外检测器被提出用于识别此类样本，从而充当安全监控器。然而，分布外检测器与LECs均需大量占用自动驾驶车辆中常见的嵌入式硬件资源。这两个组件皆存在非功能性能与功能性能之间的权衡，且两者均影响车辆安全性。例如，延长分布外检测器的响应时间可提升其准确率，但会牺牲LEC的性能。本文考虑采用二进制输出的LEC（如自主紧急制动系统，AEBS），并利用风险（即故障严重性与发生率的综合指标）建模两类组件的设计参数对彼此功能/非功能性能的影响，及其对系统安全性的作用。我们提出一种基于该风险模型的协同设计方法，用于确定分布外检测器与LEC的设计参数，使系统风险低于基准方案，并在基于视觉的AEBS上验证该方法。采用该协同设计方法后，我们在保持等效资源利用率的同时实现了42.3%的风险降低。