On Aurora’s first-quarter earnings call this month, CEO and co-founder Chris Urmson underscored the importance of fail-safe operations.
“Most of the time, we talk about these sexy machine-learning, computer-vision types of problems, which are obviously important,” Urmson said. “To actually have a commercially viable product, you have to deal with what happens when the product breaks in some way.”
Although companies are placing fail-safe issues at the forefront now, they’ve long been under consideration.
For Aurora, that has involved working with partner Volvo Autonomous Solutions to integrate its self-driving systems into Volvo’s VNL long-haul truck and develop redundant systems for braking, steering and propulsion.
Likewise, when Burnette started Kodiak in July 2018, he did not want to merely prepare for autonomous testing, in which he could rely on a human safety driver as a backup. He wanted to incorporate fallback conditions form the start.
“ ’Driver, take over,’ that’s a pretty logical and reasonable way to design the early stages, because you don’t have to worry about handling the system in a degraded form,” he said. “But that’s a shortcut approach. We said, from day one, we’re going to calculate both a nominal driving path and a fallback driving path, and we’ve built up the sophistication of these systems in parallel.”
Kodiak’s design separates its computational engine into two different systems: one that handles understanding the road environment, decision-making and other primary tasks, and another that’s certified to the most stringent Automotive Safety Integrity Level (ASIL-D) in the industry and can take control when a fault is detected and navigate to the side of the road. Waymo and Aurora have similar primary-and-backup computing architectures.
Mapping can be an industry challenge, because precise high-definition maps are harder to make. That’s not a challenge for Kodiak’s system, which relies less on high-definition maps and more on inferring its surroundings in real time.