US 12,377,867 B2
Independent safety monitoring of an automated driving system
Umberto Santoni, Scottsdale, AZ (US); Riccardo Mariani, Calci (IT); and John Weast, Phoenix, AZ (US)
Assigned to Intel Corporation, Santa Clara, CA (US)
Filed by Intel Corporation, Santa Clara, CA (US)
Filed on Sep. 23, 2019, as Appl. No. 16/579,376.
Prior Publication US 2020/0017114 A1, Jan. 16, 2020
Int. Cl. B60W 50/023 (2012.01); B60W 50/02 (2012.01); G05D 1/00 (2024.01); G06F 11/16 (2006.01); G07C 5/08 (2006.01)
CPC B60W 50/023 (2013.01) [B60W 50/0205 (2013.01); G05D 1/0055 (2013.01); G05D 1/0088 (2013.01); G06F 11/1641 (2013.01); G07C 5/0816 (2013.01); B60W 2050/021 (2013.01)] 20 Claims
OG exemplary drawing
 
1. An apparatus comprising:
a security companion subsystem of an automated driving system of a vehicle, the security companion subsystem comprising:
a first processor device;
first memory;
one or more interfaces to couple the security companion subsystem to a compute subsystem of the automated driving system;
a safety monitor, executed by the first processor device, to:
access data generated at the compute subsystem, wherein the data corresponds to a determination by the compute subsystem associated with an automated driving task to be performed by the vehicle as directed by the automated driving system, wherein the determination is made by an automated driving application executed by a second processor device on the compute subsystem, wherein the second processor device is separate and independent from the first processor device;
detect a fault in the compute subsystem based on the data; and
trigger an action, based on the fault, to cause the automated driving task to be safely performed,
wherein an overall safety integrity rating for the security companion subsystem is higher than an overall safety integrity rating for the compute subsystem based on characteristics of hardware of the security companion subsystem.