CN110254439A - The exception management system and abnormality eliminating method of automatic driving vehicle - Google Patents
The exception management system and abnormality eliminating method of automatic driving vehicle Download PDFInfo
- Publication number
- CN110254439A CN110254439A CN201910612301.2A CN201910612301A CN110254439A CN 110254439 A CN110254439 A CN 110254439A CN 201910612301 A CN201910612301 A CN 201910612301A CN 110254439 A CN110254439 A CN 110254439A
- Authority
- CN
- China
- Prior art keywords
- failure
- fault
- level
- vehicle
- subsystem
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000005856 abnormality Effects 0.000 title claims abstract description 30
- 238000000034 method Methods 0.000 title claims abstract description 19
- 238000012545 processing Methods 0.000 claims abstract description 63
- 238000007726 management method Methods 0.000 claims abstract description 35
- 238000001514 detection method Methods 0.000 claims abstract description 23
- 230000002159 abnormal effect Effects 0.000 claims abstract description 22
- 238000013523 data management Methods 0.000 claims abstract description 11
- 230000007257 malfunction Effects 0.000 claims description 31
- 238000004891 communication Methods 0.000 claims description 12
- 230000008447 perception Effects 0.000 claims description 12
- 230000001960 triggered effect Effects 0.000 claims description 9
- 238000013024 troubleshooting Methods 0.000 claims description 8
- 238000012216 screening Methods 0.000 claims description 5
- 230000007547 defect Effects 0.000 claims description 4
- 238000003672 processing method Methods 0.000 claims description 4
- 238000005516 engineering process Methods 0.000 abstract description 7
- 230000004888 barrier function Effects 0.000 description 5
- 238000007689 inspection Methods 0.000 description 3
- 238000012423 maintenance Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000013473 artificial intelligence Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000000717 retained effect Effects 0.000 description 1
Classifications
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B60—VEHICLES IN GENERAL
- B60W—CONJOINT CONTROL OF VEHICLE SUB-UNITS OF DIFFERENT TYPE OR DIFFERENT FUNCTION; CONTROL SYSTEMS SPECIALLY ADAPTED FOR HYBRID VEHICLES; ROAD VEHICLE DRIVE CONTROL SYSTEMS FOR PURPOSES NOT RELATED TO THE CONTROL OF A PARTICULAR SUB-UNIT
- B60W50/00—Details of control systems for road vehicle drive control not related to the control of a particular sub-unit, e.g. process diagnostic or vehicle driver interfaces
- B60W50/02—Ensuring safety in case of control system failures, e.g. by diagnosing, circumventing or fixing failures
- B60W50/0205—Diagnosing or detecting failures; Failure detection models
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B60—VEHICLES IN GENERAL
- B60W—CONJOINT CONTROL OF VEHICLE SUB-UNITS OF DIFFERENT TYPE OR DIFFERENT FUNCTION; CONTROL SYSTEMS SPECIALLY ADAPTED FOR HYBRID VEHICLES; ROAD VEHICLE DRIVE CONTROL SYSTEMS FOR PURPOSES NOT RELATED TO THE CONTROL OF A PARTICULAR SUB-UNIT
- B60W50/00—Details of control systems for road vehicle drive control not related to the control of a particular sub-unit, e.g. process diagnostic or vehicle driver interfaces
- B60W50/02—Ensuring safety in case of control system failures, e.g. by diagnosing, circumventing or fixing failures
- B60W50/029—Adapting to failures or work around with other constraints, e.g. circumvention by avoiding use of failed parts
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B60—VEHICLES IN GENERAL
- B60W—CONJOINT CONTROL OF VEHICLE SUB-UNITS OF DIFFERENT TYPE OR DIFFERENT FUNCTION; CONTROL SYSTEMS SPECIALLY ADAPTED FOR HYBRID VEHICLES; ROAD VEHICLE DRIVE CONTROL SYSTEMS FOR PURPOSES NOT RELATED TO THE CONTROL OF A PARTICULAR SUB-UNIT
- B60W50/00—Details of control systems for road vehicle drive control not related to the control of a particular sub-unit, e.g. process diagnostic or vehicle driver interfaces
- B60W50/02—Ensuring safety in case of control system failures, e.g. by diagnosing, circumventing or fixing failures
- B60W50/029—Adapting to failures or work around with other constraints, e.g. circumvention by avoiding use of failed parts
- B60W2050/0292—Fail-safe or redundant systems, e.g. limp-home or backup systems
-
- B—PERFORMING OPERATIONS; TRANSPORTING
- B60—VEHICLES IN GENERAL
- B60W—CONJOINT CONTROL OF VEHICLE SUB-UNITS OF DIFFERENT TYPE OR DIFFERENT FUNCTION; CONTROL SYSTEMS SPECIALLY ADAPTED FOR HYBRID VEHICLES; ROAD VEHICLE DRIVE CONTROL SYSTEMS FOR PURPOSES NOT RELATED TO THE CONTROL OF A PARTICULAR SUB-UNIT
- B60W50/00—Details of control systems for road vehicle drive control not related to the control of a particular sub-unit, e.g. process diagnostic or vehicle driver interfaces
- B60W50/02—Ensuring safety in case of control system failures, e.g. by diagnosing, circumventing or fixing failures
- B60W50/029—Adapting to failures or work around with other constraints, e.g. circumvention by avoiding use of failed parts
- B60W2050/0295—Inhibiting action of specific actuators or systems
Landscapes
- Engineering & Computer Science (AREA)
- Automation & Control Theory (AREA)
- Human Computer Interaction (AREA)
- Transportation (AREA)
- Mechanical Engineering (AREA)
- Electric Propulsion And Braking For Vehicles (AREA)
Abstract
The exception management system and abnormality eliminating method of automatic driving vehicle, belong to automatic Pilot field.It is poor that existing automatic Pilot technology lacks abnormal conditions processing capacity.A kind of the exception management system and abnormality eliminating method of automatic driving vehicle pass through the fault message in abnormality detection module statistical collection automated driving system by subsystems generation and storage;Concentration judgement is carried out by all fault messages of the failure trigger module to abnormality detection module collection, obtains the fault level of fault message, and send it to fault processing module;By fault processing module all failure grade informations received are ranked up from low to high according to fault level, failure are handled according still further to fault level from high to low, and check whether current failure is bypassed;By data management module when being abnormal and after carrying out failure triggering, data are backed up.The present invention can rapidly have found the abnormal conditions of surrounding;Promptly deal with to abnormal conditions.
Description
Technical field
The present invention relates to the management of Vehicular automatic driving, in particular to the management for the abnormal conditions of automatic driving vehicle
System and processing method.
Background technique
Automatic Pilot is due to the advantages that can saving human cost, reducing accident rate, reduce oil consumption, and all circles are all exerting at present
Power presumption principle.With the development of various onboard sensor technologies and artificial intelligence technology, automatic Pilot technology also increasingly tends to
Commercialization.Especially in closing, semi-enclosed application scenarios, such as automatic dock, airport, closing garden etc., automatic Pilot technology
It is hopeful business at first to land, but also faces many problems instantly simultaneously.Can automatic Pilot be widely used in all trades and professions, produce
The stability of product is crucial;And processing of the product for kind of sudden abnormal condition, it is directly related to the quality of product stability.Cause
This, a set of reliable exception management system is most important for automated driving system.
In March, 2018, Uber autonomous driving vehicle collide the 49 years old pedestrian to cross street that walks one's bicycle to death, and
Vehicle does not step on brake after hitting pedestrian yet.This event directly results in prolonging for automatic Pilot commercialization landing plan
Late, while also reflect that enterprise all lays particular emphasis on the exploitation of core algorithm to automatic Pilot technology, and ignore at abnormal conditions
The management of reason.
Summary of the invention
The purpose of the present invention is to solve the problem that existing automatic Pilot technology lacks abnormal conditions processing capacity difference,
And propose the exception management system and abnormality eliminating method of a kind of automatic driving vehicle.
A kind of exception management system of automatic driving vehicle, the management system include abnormality detection module, for uniting
The fault message generated in collection automated driving system by subsystems is collected, is stored in csv file in the form of a list;Its
In, the fault message that subsystems generate is generated by same set of malfunction coding rule;Wherein, in automated driving system
Subsystems include perception subsystem, positioning subsystem, decision-making subsystem, control subsystem, communication subsystem;
Failure trigger module is obtained for carrying out concentration judgement to all fault messages to abnormality detection module collection
The fault level of fault message is obtained, and sends it to fault processing module;Wherein, fault level is ranked up from high to low
Are as follows: normal, warning, generic failure and catastrophe failure;
Fault processing module, for being arranged from low to high according to fault level all failure grade informations received
Sequence starts to handle the corresponding failure of fault level, and checks that current failure is according still further to fault level from high to low
It is no to be bypassed, current failure, which is directly handled, if not being bypassed handles next failure in order if being bypassed;Processing
When each failure, the coding and description information of the failure can be all recorded in csv file;Wherein, processing means include with lower section
Formula, i.e., do not handle, reset, bypassing, slide stop, emergency stop;And
The processing means of bypass refer to, when fault level is not triggered, permanently ignore current failure;
The processing means of reset refer to, by reset signal, system temporarily can all remove the failure having occurred and that, directly
It is triggered again to new failure;
The sliding processing means stopped refer to that, when fault level is warning or generic failure, vehicle is stopped with maximum deceleration
Vehicle;
The processing means of emergency stop refer to that, when fault level is catastrophe failure, vehicle brake is opened, wheel lock up;
Task management module, for making corresponding counter-measure to current task, reply is arranged according to troubleshooting means
It applies and is drawn including tasks interrupt, task continuation and task weight-normality;Wherein,
Tasks interrupt is the vehicle for the processing for carrying out emergency stop, refers to that vehicle pauses immediately all current movements;
Task continues, and is to refer to that vehicle then move by last pause for the processing means that do not handle or bypass
It continues to execute;
Task weight-normality is drawn, and refers to that vehicle restarts new movement, and the movement for not having to the last time for considering vehicle is
What;
Data management module, for when being abnormal and after carrying out failure triggering, to malfunction coding, failure-description, touching
The data of hair time and all subsystems are backed up;Wherein, the data content of backup include sensing data, control data,
Track data, travelling data, fault code, operation note and task record.
A kind of abnormality eliminating method of automatic driving vehicle, the processing method the following steps are included:
Step 1: by being believed in abnormality detection module statistical collection automated driving system by the failure that subsystems generate
Breath is stored in csv file in the form of a list;Wherein, the fault message attribute of storage has: number, description, grade, vehicle shape
State, task status reset license and bypass license;The fault message that subsystems generate is advised by same set of malfunction coding
Then generate;Wherein, the subsystems in automated driving system include perception subsystem, positioning subsystem, decision-making subsystem, control
Subsystem, communication subsystem;
Step 2: program is loaded into csv file after starting, each level is started to work, by failure trigger module to abnormal inspection
All fault messages for surveying module collection carry out concentration judgement, obtain the fault level of fault message, and send it to event
Hinder processing module;Wherein, fault level is ranked up from high to low are as follows: normal, warning, generic failure and catastrophe failure;
Step 3: by fault processing module to all failure grade informations received according to fault level from low to high
It is ranked up, starts to handle the corresponding failure of fault level according still further to fault level from high to low, and check current
Whether failure is bypassed, and current failure is directly handled if not being bypassed, if being bypassed, handles next event in order
Barrier;When handling each failure, the coding and description information of the failure can be all recorded in csv file;Wherein, processing means include
Following manner, i.e., do not handle, reset, bypassing, slide stop, emergency stop;And
The processing means of bypass refer to, when fault level is not triggered, permanently ignore current failure;
The processing means of reset refer to, by reset signal, system temporarily can all remove the failure having occurred and that, directly
It is triggered again to new failure;
The sliding processing means stopped refer to that, when fault level is warning or generic failure, vehicle is stopped with maximum deceleration
Vehicle;
The processing means of emergency stop refer to that, when fault level is catastrophe failure, vehicle brake is opened, wheel lock up;
Step 4: corresponding counter-measure is made to current task according to troubleshooting means by task management module,
Counter-measure includes tasks interrupt, task continues and task weight-normality is drawn;Wherein,
Tasks interrupt is the vehicle for the processing for carrying out emergency stop, refers to that vehicle pauses immediately all current movements;
Task continues, and is to refer to that vehicle then move by last pause for the processing means that do not handle or bypass
It continues to execute;
Task weight-normality is drawn, and refers to that vehicle restarts new movement, and the movement for not having to the last time for considering vehicle is
What;
Step 5: when being abnormal and after carrying out failure triggering, being retouched to malfunction coding, failure by data management module
It states, the data of triggered time and all subsystems are backed up;Wherein, the data content of backup includes sensing data, control
Data, track data, travelling data, fault code, operation note and task record.
Failure generation mechanism and naming rule are as follows:
Each subsystem internal failure is broadly divided into hardware and algorithm level.Wherein hardware fault is worked by detection sensor
State, data content carries out screening, and merges multisensor and judged;The failure of algorithm level then passes through internal system logic
To determine.There is exception when system is run, can be output it in the form of malfunction coding.
Malfunction coding has recorded four attributes of failure: module, failure modes, failure serial number occur for fault level.Failure
Ranking score is normal, warning, generic failure, catastrophe failure, INFO, WARN, ERROR, FATAL is respectively corresponded, with initial generation
For expression in coding;It includes perception, positioning, decision, control, communication that module, which occurs,;Failure modes are demonstrated by failure in certain son
Specific category in system, each subsystem view actual conditions use different classifications principle;Failure serial number located specific failure
Content.It to sum up, is that the failure that each subsystem generates is encoded as naming rule.
2, Fault Management System
Fault Management System includes fault level judgement, troubleshooting and task management.
When failure generates and is exported in the form of specific coding, failure trigger module can determine this failure, identification
Its corresponding grade (normal, warning, generic failure, catastrophe failure) simultaneously exports.Fault processing module is taken according to fault level
Corresponding treatment measures (do not handle, reset, bypassing, slide stop, emergency stop), to guarantee the reasonable removing of failure.Task management module
According to current fault condition and task progress situation, the next executive measure of comprehensive judgement current task (interrupt, continue,
Weight-normality is drawn), to guarantee the safety traffic of vehicle.
3, data management system
The key message for occurring for failure and being generated during being handled via Fault Management System, data management system
It is responsible for record backup, the information of record includes: sensing data, control data, track data, travelling data, and operation note is appointed
Business record.These information are checked after failure occurs, can help operator's positioning failure reason, solve plant issue simultaneously
Internal processes are improved, software robustness is promoted.
4, exception management system
A kind of exception management system based on automatic driving vehicle comprising abnormality detection, failure triggering, treatment mechanism, is appointed
Five business management, data management modules.
The invention has the benefit that
The present invention is that the present patent application provides a kind of exception management system based on automatic driving vehicle, is had following excellent
Point:
1, the abnormal conditions around capable of rapidly being found by subsystems;
2, it can promptly deal with to abnormal conditions;
3, it is convenient for system maintenance and upgrading;
4, make automated driving system more safe and stable, reliable.
Detailed description of the invention
Fig. 1 is the exception management system principle diagram of automatic driving vehicle of the present invention;
Fig. 2 is the abnormality eliminating method flow chart of automatic driving vehicle of the present invention;
Fig. 3 is the malfunction coding rule schematic diagram that the embodiment of the present invention 1 is related to;
Fig. 4 is the fault attribute in the list storehouse that the embodiment of the present invention 1 is related to.
Specific embodiment
Specific embodiment 1:
The exception management system of a kind of automatic driving vehicle of present embodiment, as shown in Figure 1, the management system packet
It includes, abnormality detection module 1, the fault message for being generated in statistical collection automated driving system by subsystems, with list
Form deposit csv file in;Wherein, the fault message that subsystems generate is produced by same set of malfunction coding rule
It is raw;Wherein, the subsystems in automated driving system include perception subsystem, positioning subsystem, decision-making subsystem, control
System, communication subsystem;
Failure trigger module 2, for carrying out concentration judgement to all fault messages collected to abnormality detection module 1,
The fault level of fault message is obtained, and sends it to fault processing module;Wherein, fault level is ranked up from high to low
Are as follows: normal, warning, generic failure and catastrophe failure;
Fault processing module 3, for being carried out from low to high to all failure grade informations received according to fault level
Sequence, starts to handle the corresponding failure of fault level, and check current failure according still further to fault level from high to low
Whether it is bypassed, current failure is directly handled if not being bypassed if being bypassed and handles next failure in order;Place
When managing each failure, the coding and description information of the failure can be all recorded in csv file, to check and position mistake;Its
In, processing means include following five kinds of modes when handling failure, i.e., do not handle, reset, bypassing, slide stop, emergency stop;And
The processing means of bypass refer to, when failure is bypassed, then system can permanently ignore current failure, until the failure
By-passing signal disappear, can just trigger the failure again;
The processing means of reset refer to, by reset signal, system temporarily can all remove the failure having occurred and that, directly
It is triggered again to new failure;
The sliding processing means stopped refer to that, when fault level is warning or generic failure, vehicle is stopped with maximum deceleration
Vehicle;
The processing means of emergency stop refer to that, when fault level is catastrophe failure, vehicle brake is opened, wheel lock up;
Task management module 4 is coped with for making corresponding counter-measure to current task according to troubleshooting means
Measure includes tasks interrupt, task continues and task weight-normality is drawn;Wherein,
Tasks interrupt is the vehicle for the processing for carrying out emergency stop, refers to that vehicle pauses immediately all current movements;
Task continues, and is to refer to that vehicle then move by last pause for the processing means that do not handle or bypass
It continues to execute;
Task weight-normality is drawn, and refers to that vehicle restarts new movement, and the movement for not having to the last time for considering vehicle is
What.
Data management module 5, for when being abnormal and after carrying out failure triggering, to malfunction coding, failure-description, touching
The critical data of hair time and the subsystem in all automated driving systems is backed up, and the reason that searches problem from the background is facilitated, and
Solve the problems, such as internal processes;Wherein, the critical data content of backup includes sensing data, control data, track data, driving
Data, fault code, operation note and task record.
Specific embodiment 2:
A kind of exception management system of automatic driving vehicle of present embodiment, the fault processing module 3 further include
Manpower intervention interface, for by the failure reset or bypass, triggering it no longer when vehicle triggers failure.
Specific embodiment 3:
A kind of exception management system of automatic driving vehicle of present embodiment, the abnormality detection module 1 generate event
The malfunction coding rule of barrier information is that each subsystem internal failure level includes hardware-level event in the automated driving system
Barrier and algorithm level failure;Wherein, hardware-level failure (is examined by detection sensor working condition, data content by sensor
The data content of survey) screening is carried out, and merge multisensor and judged;Algorithm level failure is sentenced by internal system logic
It is fixed, when system, which is run, occurs abnormal, then output it in the form of malfunction coding;
Malfunction coding records four fault attributes: module, failure modes, failure serial number occur for fault level;Fault level
It is divided into normal, warning, generic failure, catastrophe failure, respectively corresponds INFO, WARN, ERROR, FATAL, replace table with initial
Show in coding;It includes perception, positioning, decision, control, communication that module, which occurs,;Failure modes are demonstrated by failure in certain subsystem
In specific category, each subsystem view actual conditions use different classifications principle;Failure serial number located specific defect content;
It to sum up, is that the failure that each subsystem generates is encoded as naming rule.
Specific embodiment 4:
A kind of abnormality eliminating method of automatic driving vehicle of present embodiment, the processing method include following step
It is rapid:
Step 1: by being believed in abnormality detection module statistical collection automated driving system by the failure that subsystems generate
Breath is stored in csv file in the form of a list;Wherein, the fault message attribute of storage has: number, description, grade, vehicle shape
State, task status reset license and bypass license;The fault message that subsystems generate is advised by same set of malfunction coding
Then generate;Wherein, the subsystems in automated driving system include perception subsystem, positioning subsystem, decision-making subsystem, control
Subsystem, communication subsystem;
Step 2: program is loaded into csv file after starting, each level is started to work, by failure trigger module to abnormal inspection
All fault messages for surveying module collection carry out concentration judgement, obtain the fault level of fault message, and send it to event
Hinder processing module;Wherein, fault level is ranked up from high to low are as follows: normal, warning, generic failure and catastrophe failure;
Step 3: by fault processing module to all failure grade informations received according to fault level from low to high
It is ranked up, starts to handle the corresponding failure of fault level according still further to fault level from high to low, and check current
Whether failure is bypassed, and current failure is directly handled if not being bypassed, if being bypassed, handles next event in order
Barrier;When handling each failure, the coding and description information of the failure can be all recorded in csv file, to check and position mistake
Accidentally;Wherein, processing means include following five kinds of modes when handling failure, i.e., do not handle, reset, bypassing, sliding and stop, is anxious
Stop;And
The processing means of bypass refer to, when failure is bypassed, then system can permanently ignore current failure, until the failure
By-passing signal disappear, can just trigger the failure again;
The processing means of reset refer to, by reset signal, system temporarily can all remove the failure having occurred and that, directly
It is triggered again to new failure;
The sliding processing means stopped refer to that, when fault level is warning or generic failure, vehicle is stopped with maximum deceleration
Vehicle;
The processing means of emergency stop refer to that, when fault level is catastrophe failure, vehicle brake is opened, wheel lock up;
Step 4: corresponding counter-measure is made to current task according to troubleshooting means by task management module,
Counter-measure includes tasks interrupt, task continues and task weight-normality is drawn;Wherein,
Tasks interrupt is the vehicle for the processing for carrying out emergency stop, refers to that vehicle pauses immediately all current movements;
Task continues, and is to refer to that vehicle then move by last pause for the processing means that do not handle or bypass
It continues to execute;
Task weight-normality is drawn, and refers to that vehicle restarts new movement, and the movement for not having to the last time for considering vehicle is
What;
Step 5: when being abnormal and after carrying out failure triggering, being retouched to malfunction coding, failure by data management module
State, the critical data of the subsystem of triggered time and all automated driving systems is backed up, facilitate backstage to search problem reason,
With solve the problems, such as internal processes;Wherein, the critical data content of backup includes sensing data, control data, track data, row
Car data, fault code, operation note and task record.
Specific embodiment 5:
A kind of abnormality eliminating method of automatic driving vehicle of present embodiment further includes artificial in the step three
The step of intervention, for by the failure reset or bypass, triggering it no longer, to guarantee program when vehicle triggers failure
Operability when operation.
Specific embodiment 6:
A kind of abnormality eliminating method of automatic driving vehicle of present embodiment, in the step one, abnormality detection mould
The malfunction coding rule that block 1 generates fault message is that each subsystem internal failure level includes in the automated driving system
Hardware-level failure and algorithm level failure;Wherein, hardware-level failure passes through detection sensor working condition, data content
(data content of sensor detection) carries out screening, and merges multisensor and judged;Algorithm level failure passes through in system
Portion logic determines, when system, which is run, occurs abnormal, is then output it in the form of malfunction coding;
Malfunction coding records four fault attributes: module, failure modes, failure serial number occur for fault level;Fault level
It is divided into normal, warning, generic failure, catastrophe failure, respectively corresponds INFO, WARN, ERROR, FATAL, replace table with initial
Show in coding;It includes perception, positioning, decision, control, communication that module, which occurs,;Failure modes are demonstrated by failure in certain subsystem
In specific category, each subsystem view actual conditions use different classifications principle;Failure serial number located specific defect content;
It to sum up, is that the failure that each subsystem generates is encoded as naming rule.
Embodiment 1:
The invention is applied in the Unmanned Systems of a passenger car, the vehicle can be helped to send out in time in implementation procedure
Existing and solution failure, maintenance task state, the safety and stability traveling of support vehicles, and subtest personnel find equipment and program
The reason of generating failure improves maintenance efficiency.Specific example description is carried out to following key subsystem.
Failure name format uses A0B0C0D in the example, is divided into four parts.First part is fault level, with I,
W, E, F indicate normal, warning, generic failure, catastrophe failure;Second part is that module occurs for failure, is divided into perception, positioning, determines
Plan, control, communication subsystem respectively correspond number 01~05;Part III is failure modes, is divided by taking decision-making module as an example defeated
Enter dependence, function calculating, burst error, four class of outgoing inspection, respectively corresponds number 01~04;Part IV is each classification
Under failure serial number for example " cartographic information has not been obtained " and be decision-making module in input dependence classify serial number 02 generic failure,
It corresponds to malfunction coding " E030102 " coding rule is as shown in Figure 3;
After receiving the malfunction coding quoted, Fault Management System can traverse error listing library first, find the malfunction coding
Corresponding fault level and type carry out respective handling, while safeguarding currently performed task status such as failure " it has not been obtained
To cartographic information " corresponding fault level is generic failure, processing mode is orderly shutdown, and task status becomes interrupting, until
Map can be obtained successfully, and the fault clearance, task continues to execute;Error listing library stores all events in the operating system
Barrier, the corresponding attribute of failure are as shown in Figure 4.
In fault treating procedure, data management system can record the execution information of interim key, and be retained in file
The dominant term that middle retains is malfunction coding, and failure specifically describes, and fault location file is quick by record so as to tester
Positioning failure, and solution is found for example to failure " cartographic information has not been obtained " be recorded as " E030102, it has not been obtained
Cartographic information, guilty culprit file ".
Claims (6)
1. a kind of exception management system of automatic driving vehicle, it is characterised in that: the management system includes abnormality detection mould
Block, the fault message for being generated in statistical collection automated driving system by subsystems are stored in csv text in the form of a list
In part;Wherein, the fault message that subsystems generate is generated by same set of malfunction coding rule;Wherein, automatic Pilot
Subsystems in system include perception subsystem, positioning subsystem, decision-making subsystem, control subsystem, communication subsystem;
Failure trigger module obtains event for carrying out concentration judgement to all fault messages to abnormality detection module collection
Hinder the fault level of information, and sends it to fault processing module;Wherein, fault level is ranked up from high to low are as follows: just
Often, warning, generic failure and catastrophe failure;
Fault processing module, for being ranked up from low to high to all failure grade informations received according to fault level,
Start to handle the corresponding failure of fault level according still further to fault level from high to low, and checks whether current failure has
It is bypassed, current failure is directly handled if not being bypassed if being bypassed and handles next failure in order;Processing is each
When failure, the coding and description information of the failure can be all recorded in csv file;Wherein, processing means include following manner, i.e.,
Do not handle, reset, bypassing, slide stop, emergency stop;And
The processing means of bypass refer to, when failure is bypassed, then system can permanently ignore current failure, until the side of the failure
Road blackout can just trigger the failure again;
The processing means of reset refer to, by reset signal, system temporarily can all remove the failure having occurred and that, Zhi Daoxin
Failure trigger again;
The sliding processing means stopped refer to that, when fault level is warning or generic failure, vehicle is stopped with maximum deceleration;
The processing means of emergency stop refer to that, when fault level is catastrophe failure, vehicle brake is opened, wheel lock up;
Task management module, for making corresponding counter-measure, counter-measure packet to current task according to troubleshooting means
Include tasks interrupt, task continues and task weight-normality is drawn;Wherein,
Tasks interrupt is the vehicle for the processing for carrying out emergency stop, refers to that vehicle pauses immediately all current movements;
Task continues, be for the processing means that do not handle or bypass, refer to vehicle then the last movement suspended after
It is continuous to execute;
Task weight-normality is drawn, and refers to that vehicle restarts new movement, and does not have to consider that the last movement of vehicle is;
Data management module, for when being abnormal and after carrying out failure triggering, when to malfunction coding, failure-description, triggering
Between and the data of all subsystems backed up;Wherein, the data content of backup includes sensing data, control data, track
Data, travelling data, fault code, operation note and task record.
2. the exception management system of automatic driving vehicle according to claim 1, it is characterised in that: the troubleshooting mould
Block further includes manpower intervention interface, for by the failure reset or bypass, triggering it no longer when vehicle triggers failure.
3. the exception management system of automatic driving vehicle according to claim 2, it is characterised in that: the abnormality detection mould
The malfunction coding rule that block generates fault message is that each subsystem internal failure level includes hard in the automated driving system
Part level failure and algorithm level failure;Wherein, hardware-level failure is carried out by detection sensor working condition, data content
Screening, and merge multisensor and judged;Algorithm level failure determines occur by internal system logic when system is run
When abnormal, then output it in the form of malfunction coding;
Malfunction coding records four fault attributes: module, failure modes, failure serial number occur for fault level;Fault level is divided into
Normally, warning, generic failure, catastrophe failure, respectively correspond INFO, WARN, ERROR, FATAL, with initial instead of
In coding;It includes perception, positioning, decision, control, communication that module, which occurs,;Failure modes are demonstrated by failure in certain subsystem
Specific category, each subsystem view actual conditions use different classifications principle;Failure serial number located specific defect content;
It to sum up, is that the failure that each subsystem generates is encoded as naming rule.
4. the abnormality eliminating method that a kind of system using the claims carries out automatic driving vehicle, it is characterised in that: institute
The processing method stated the following steps are included:
Step 1: by the fault message generated in abnormality detection module statistical collection automated driving system by subsystems,
It is stored in csv file in the form of a list;Wherein, the fault message attribute of storage has: number, description, grade, vehicle-state,
Task status resets license and bypass license;The fault message that subsystems generate is by same set of malfunction coding rule
It generates;Wherein, the subsystems in automated driving system include perception subsystem, positioning subsystem, decision-making subsystem, control
Subsystem, communication subsystem;
Step 2: program is loaded into csv file after starting, each level is started to work, by failure trigger module to abnormality detection mould
All fault messages that block is collected carry out concentration judgement, obtain the fault level of fault message, and send it at failure
Manage module;Wherein, fault level is ranked up from high to low are as follows: normal, warning, generic failure and catastrophe failure;
Step 3: being carried out from low to high to all failure grade informations received according to fault level by fault processing module
Sequence, starts to handle the corresponding failure of fault level, and check current failure according still further to fault level from high to low
Whether it is bypassed, current failure is directly handled if not being bypassed if being bypassed and handles next failure in order;Place
When managing each failure, the coding and description information of the failure can be all recorded in csv file;Wherein, processing means include following
Mode, i.e., do not handle, reset, bypassing, slide stop, emergency stop;And
The processing means of bypass refer to, when failure is bypassed, then system can permanently ignore current failure, until the side of the failure
Road blackout can just trigger the failure again;
The processing means of reset refer to, by reset signal, system temporarily can all remove the failure having occurred and that, Zhi Daoxin
Failure trigger again;
The sliding processing means stopped refer to that, when fault level is warning or generic failure, vehicle is stopped with maximum deceleration;
The processing means of emergency stop refer to that, when fault level is catastrophe failure, vehicle brake is opened, wheel lock up;
Step 4: making corresponding counter-measure to current task according to troubleshooting means by task management module, cope with
Measure includes tasks interrupt, task continues and task weight-normality is drawn;Wherein,
Tasks interrupt is the vehicle for the processing for carrying out emergency stop, refers to that vehicle pauses immediately all current movements;
Task continues, be for the processing means that do not handle or bypass, refer to vehicle then the last movement suspended after
It is continuous to execute;
Task weight-normality is drawn, and refers to that vehicle restarts new movement, and does not have to consider that the last movement of vehicle is;
Step 5: by data management module when being abnormal and after carrying out failure triggering, to malfunction coding, failure-description,
The data of triggered time and all subsystems are backed up;Wherein, the data content of backup includes sensing data, control number
According to, track data, travelling data, fault code, operation note and task record.
5. a kind of abnormality eliminating method of automatic driving vehicle according to claim 4, it is characterised in that: the step
In three, further include the steps that manpower intervention, for by the failure reset or bypass, making it no longer when vehicle triggers failure
Triggering.
6. a kind of abnormality eliminating method of automatic driving vehicle according to claim 5, it is characterised in that: the step
In one, the malfunction coding rule that abnormality detection module 1 generates fault message is, in the automated driving system in each subsystem
Portion's failure level includes hardware-level failure and algorithm level failure;Wherein, hardware-level failure is worked by detection sensor
State, data content carry out screening, and merge multisensor and judged;Algorithm level failure is sentenced by internal system logic
It is fixed, when system, which is run, occurs abnormal, then output it in the form of malfunction coding;
Malfunction coding records four fault attributes: module, failure modes, failure serial number occur for fault level;Fault level is divided into
Normally, warning, generic failure, catastrophe failure, respectively correspond INFO, WARN, ERROR, FATAL, with initial instead of
In coding;It includes perception, positioning, decision, control, communication that module, which occurs,;Failure modes are demonstrated by failure in certain subsystem
Specific category, each subsystem view actual conditions use different classifications principle;Failure serial number located specific defect content;
It to sum up, is that the failure that each subsystem generates is encoded as naming rule.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910612301.2A CN110254439A (en) | 2019-07-06 | 2019-07-06 | The exception management system and abnormality eliminating method of automatic driving vehicle |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910612301.2A CN110254439A (en) | 2019-07-06 | 2019-07-06 | The exception management system and abnormality eliminating method of automatic driving vehicle |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110254439A true CN110254439A (en) | 2019-09-20 |
Family
ID=67925080
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910612301.2A Pending CN110254439A (en) | 2019-07-06 | 2019-07-06 | The exception management system and abnormality eliminating method of automatic driving vehicle |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110254439A (en) |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110682920A (en) * | 2019-12-09 | 2020-01-14 | 吉利汽车研究院(宁波)有限公司 | Automatic driving control system, control method and equipment |
| CN111028384A (en) * | 2019-12-12 | 2020-04-17 | 苏州智加科技有限公司 | Intelligent fault classification method and system for automatic driving vehicle |
| CN111123887A (en) * | 2019-12-10 | 2020-05-08 | 新石器慧通(北京)科技有限公司 | Unmanned vehicle fault processing method and device, electronic equipment and storage medium |
| CN111665062A (en) * | 2020-05-29 | 2020-09-15 | 中汽院智能网联科技有限公司 | Design method for testing route of open road of ADAS (advanced data analysis System) |
| CN112213117A (en) * | 2020-10-15 | 2021-01-12 | 北京百度网讯科技有限公司 | Vehicle testing method, device, equipment and storage medium |
| CN112477882A (en) * | 2020-11-11 | 2021-03-12 | 北汽福田汽车股份有限公司 | Vehicle fault processing method and device, vehicle and medium |
| CN112572466A (en) * | 2020-11-24 | 2021-03-30 | 苏州泛像汽车技术有限公司 | Control method of self-adaptive unmanned sweeper |
| CN112937887A (en) * | 2019-12-10 | 2021-06-11 | 广州极飞科技股份有限公司 | Method and device for determining fault reason of unmanned equipment |
| CN112937910A (en) * | 2019-12-10 | 2021-06-11 | 广州极飞科技股份有限公司 | Unmanned aerial vehicle fault detection method and device, storage medium and processor |
| EP3842313A1 (en) * | 2019-12-26 | 2021-06-30 | TuSimple, Inc. | System-level malfunction indicator in autonomous vehicles |
| CN113085882A (en) * | 2021-04-02 | 2021-07-09 | 北京易控智驾科技有限公司 | Fault processing method and device, electronic equipment and storage medium |
| CN113085881A (en) * | 2021-04-02 | 2021-07-09 | 北京易控智驾科技有限公司 | Fault processing method and device, electronic equipment and storage medium |
| CN113147776A (en) * | 2021-03-17 | 2021-07-23 | 黑芝麻智能科技(上海)有限公司 | Hot backup fault processing system and method for vehicle and vehicle adopting hot backup fault processing system |
| CN113525701A (en) * | 2021-07-09 | 2021-10-22 | 深圳市好盈科技有限公司 | Intelligent fault indication method and device for unmanned aerial vehicle power system |
| CN113859250A (en) * | 2021-10-14 | 2021-12-31 | 泰安北航科技园信息科技有限公司 | Intelligent automobile information security threat detection system based on driving behavior abnormity identification |
| CN114194212A (en) * | 2021-12-16 | 2022-03-18 | 广西汽车集团有限公司 | Fault diagnosis method, automatic driving domain controller and vehicle |
| WO2023273921A1 (en) * | 2021-06-30 | 2023-01-05 | 长城汽车股份有限公司 | Vehicle drive control method, apparatus and system, and storage medium and vehicle |
| CN116501008A (en) * | 2023-03-31 | 2023-07-28 | 北京辉羲智能科技有限公司 | Fault management system for automatic driving control chip |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2005068262A1 (en) * | 2004-01-19 | 2005-07-28 | Toyota Jidosha Kabushiki Kaisha | Failure sensing device of vehicle control system |
| CN107020957A (en) * | 2017-04-10 | 2017-08-08 | 重庆长安汽车股份有限公司 | A kind of fault handling method of pure electric automobile, system and pure electric automobile |
| CN108769225A (en) * | 2018-06-05 | 2018-11-06 | 北京智行者科技有限公司 | Emergency vehicle processing method |
| CN108958227A (en) * | 2018-08-09 | 2018-12-07 | 北京智行者科技有限公司 | Car fault diagnosis method |
| CN210258395U (en) * | 2019-07-06 | 2020-04-07 | 深圳数翔科技有限公司 | Abnormality management system for autonomous vehicle |
-
2019
- 2019-07-06 CN CN201910612301.2A patent/CN110254439A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2005068262A1 (en) * | 2004-01-19 | 2005-07-28 | Toyota Jidosha Kabushiki Kaisha | Failure sensing device of vehicle control system |
| CN107020957A (en) * | 2017-04-10 | 2017-08-08 | 重庆长安汽车股份有限公司 | A kind of fault handling method of pure electric automobile, system and pure electric automobile |
| CN108769225A (en) * | 2018-06-05 | 2018-11-06 | 北京智行者科技有限公司 | Emergency vehicle processing method |
| CN108958227A (en) * | 2018-08-09 | 2018-12-07 | 北京智行者科技有限公司 | Car fault diagnosis method |
| CN210258395U (en) * | 2019-07-06 | 2020-04-07 | 深圳数翔科技有限公司 | Abnormality management system for autonomous vehicle |
Cited By (23)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110682920B (en) * | 2019-12-09 | 2020-04-21 | 吉利汽车研究院(宁波)有限公司 | Automatic driving control system, control method and equipment |
| CN110682920A (en) * | 2019-12-09 | 2020-01-14 | 吉利汽车研究院(宁波)有限公司 | Automatic driving control system, control method and equipment |
| CN111123887A (en) * | 2019-12-10 | 2020-05-08 | 新石器慧通(北京)科技有限公司 | Unmanned vehicle fault processing method and device, electronic equipment and storage medium |
| CN112937887A (en) * | 2019-12-10 | 2021-06-11 | 广州极飞科技股份有限公司 | Method and device for determining fault reason of unmanned equipment |
| CN112937910A (en) * | 2019-12-10 | 2021-06-11 | 广州极飞科技股份有限公司 | Unmanned aerial vehicle fault detection method and device, storage medium and processor |
| CN111028384A (en) * | 2019-12-12 | 2020-04-17 | 苏州智加科技有限公司 | Intelligent fault classification method and system for automatic driving vehicle |
| CN111028384B (en) * | 2019-12-12 | 2021-09-28 | 苏州智加科技有限公司 | Intelligent fault classification method and system for automatic driving vehicle |
| EP3842313A1 (en) * | 2019-12-26 | 2021-06-30 | TuSimple, Inc. | System-level malfunction indicator in autonomous vehicles |
| US11726124B2 (en) | 2019-12-26 | 2023-08-15 | Tusimple, Inc. | System-level malfunction indicator in autonomous vehicles |
| CN111665062A (en) * | 2020-05-29 | 2020-09-15 | 中汽院智能网联科技有限公司 | Design method for testing route of open road of ADAS (advanced data analysis System) |
| CN112213117A (en) * | 2020-10-15 | 2021-01-12 | 北京百度网讯科技有限公司 | Vehicle testing method, device, equipment and storage medium |
| CN112477882A (en) * | 2020-11-11 | 2021-03-12 | 北汽福田汽车股份有限公司 | Vehicle fault processing method and device, vehicle and medium |
| CN112572466A (en) * | 2020-11-24 | 2021-03-30 | 苏州泛像汽车技术有限公司 | Control method of self-adaptive unmanned sweeper |
| CN113147776A (en) * | 2021-03-17 | 2021-07-23 | 黑芝麻智能科技(上海)有限公司 | Hot backup fault processing system and method for vehicle and vehicle adopting hot backup fault processing system |
| CN113085882A (en) * | 2021-04-02 | 2021-07-09 | 北京易控智驾科技有限公司 | Fault processing method and device, electronic equipment and storage medium |
| CN113085881A (en) * | 2021-04-02 | 2021-07-09 | 北京易控智驾科技有限公司 | Fault processing method and device, electronic equipment and storage medium |
| WO2023273921A1 (en) * | 2021-06-30 | 2023-01-05 | 长城汽车股份有限公司 | Vehicle drive control method, apparatus and system, and storage medium and vehicle |
| CN113525701A (en) * | 2021-07-09 | 2021-10-22 | 深圳市好盈科技有限公司 | Intelligent fault indication method and device for unmanned aerial vehicle power system |
| CN113859250A (en) * | 2021-10-14 | 2021-12-31 | 泰安北航科技园信息科技有限公司 | Intelligent automobile information security threat detection system based on driving behavior abnormity identification |
| CN114194212A (en) * | 2021-12-16 | 2022-03-18 | 广西汽车集团有限公司 | Fault diagnosis method, automatic driving domain controller and vehicle |
| CN114194212B (en) * | 2021-12-16 | 2023-08-04 | 广西汽车集团有限公司 | Fault diagnosis method, automatic driving domain controller and vehicle |
| CN116501008A (en) * | 2023-03-31 | 2023-07-28 | 北京辉羲智能科技有限公司 | Fault management system for automatic driving control chip |
| CN116501008B (en) * | 2023-03-31 | 2024-03-05 | 北京辉羲智能信息技术有限公司 | Fault management system for automatic driving control chip |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110254439A (en) | The exception management system and abnormality eliminating method of automatic driving vehicle | |
| CN210258395U (en) | Abnormality management system for autonomous vehicle | |
| KR20190107080A (en) | Cloud-based vehicle fault diagnosis method, apparatus and system | |
| Vanderhaegen | A non-probabilistic prospective and retrospective human reliability analysis method—application to railway system | |
| CN109782747B (en) | Fault detection method and device | |
| KR102141988B1 (en) | The realtime bus safety and reliability integrated indicator monitoring method for autonomous public bus and the system of the same | |
| CN114148377B (en) | Train control method, device, equipment and storage medium based on lockout point | |
| DE102015116987A1 (en) | Vehicle emergency activation | |
| CN110501989B (en) | Train operation fault filtering method and device | |
| CN110533794A (en) | Vehicle risk management method, computer installation and computer readable storage medium | |
| CN113066200A (en) | Transportation vehicle monitoring system and monitoring method based on big data and intelligent Internet of vehicles | |
| AU2017327430A1 (en) | Monitoring infrastructure facilities by means of geo-clustering | |
| KR20160009156A (en) | System and method for providing vehicle repairing service | |
| Correa-Jullian et al. | Safety hazard identification for autonomous driving systems fleet operations in mobility as a service | |
| CN116384755A (en) | Method and device for determining cooperative driving safety of vehicle Lu Yun, vehicle and storage medium | |
| CN114915541B (en) | System fault elimination method and device, electronic equipment and storage medium | |
| Correa-Jullian et al. | Modeling fleet operations of autonomous driving systems in mobility as a service for safety risk analysis | |
| CN114387802B (en) | Remote take-over system and method for unmanned mining truck of surface mine | |
| CN115220436A (en) | Remote takeover security guarantee method and system, computer equipment and storage medium | |
| CN110362087A (en) | The method and device of remote auto diagnosis anti-collision equipment failure | |
| CN114911982A (en) | Vehicle fault early warning method and device, terminal equipment and storage medium | |
| CN109976317A (en) | Robot safety control method, device, robot system and storage medium | |
| CN114218295A (en) | Traffic equipment data abnormity monitoring and early warning method and system | |
| Wu et al. | The safety design suggestions of autonomous mine transportation system | |
| CN113311835A (en) | Method for reducing driving risk of automatic driving vehicle |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20240328 Address after: Building 3, 7th Floor, Gaosheng Plaza, No. 163 Yingbin Avenue, Xinhua Street, Huadu District, Guangzhou City, Guangdong Province, 510802 Applicant after: Guangzhou Carl Power Technology Co.,Ltd. Country or region after: China Address before: 518118 No.1, Jinlong Avenue, pinghuan community, Malian street, Pingshan District, Shenzhen City, Guangdong Province Applicant before: Shenzhen Shuxiang Technology Co.,Ltd. Country or region before: China |
|
| TA01 | Transfer of patent application right |