Continental uses Safety Domain Control Unit as fallback path in automated driving

Continental is adding a further safety level to highly automated driving in the form of a specific electronics architecture.

In addition to a central control unit for automated driving – the Assisted & Automated Driving Control Unit – the technology company uses a Safety Domain Control Unit (SDCU) as a fallback path in order to stop the vehicle safely, even in the event of a functional failure in the primary automation path.

As such, Continental is systematically using the principle of redundancy and diverse design that has already proven itself in the aviation sector. There are one or more fallback paths for every central system and they are independent of each other. Since the SDCU also acts as the airbag control unit, its priority availability – including energy reserve and a crashproof installation location in the vehicle – is guaranteed.

With the additional fallback path of the SDCU, Continental ensures that the vehicle can still be brought to a safe stop if the main automation functionality fails. Conventional safety-relevant systems currently in use have been designed with fail-safe in mind.

This means that if the system malfunctions, safety is maintained by identifying the fault and putting the faulty system out of operation. This approach is possible because the driver is still at hand as a fail-safe to brake and steer manually, for example, if required.

“It is precisely this fallback path that may not be available in highly automated vehicles, since the driver is allowed to focus on other things and cannot be requested, in a fraction of a second, to take control of the vehicle immediately after a possible failure,” said Maged Khalil, Head of Advanced Systems Architecture Design at Systems & Technology in the Chassis & Safety division.

Source: Continental