| CPC B60W 60/00186 (2020.02) [B60W 50/0205 (2013.01); B60W 50/0225 (2013.01)] | 20 Claims |
|
1. A method comprising:
determining, by a processing device of an autonomous vehicle (AV), that the AV is experiencing a failure condition;
identifying, by the processing device, a plurality of restart operations to apply to one or more components of the AV contributing to the failure condition, wherein the plurality of restart operations comprise at least a node communication connection restart of at least one node communication connection of a software stack of the AV, a node restart of at least one node of the software stack, a subsystem restart of at least one subsystem of the software stack, and a full restart of the software stack;
prior to applying a restart operation of the plurality of restart operations, determining that safety conditions corresponding to the restart operation are satisfied; and
applying the plurality of restart operations to the AV in accordance with an increasing order of disruptiveness of each of the plurality of restart operations to operations of the AV, wherein each of the plurality of restart operations are applied separately until occurrence of at least one of a resolution of the failure condition of the AV or completion of the plurality of restart operations.
|