1. Introduction

As artificial intelligence (AI) and machine learning (ML) become integral to automotive systems—ranging from Advanced Driver Assistance Systems (ADAS) to Automated Driving Systems (ADS)—traditional safety standards like ISO 26262 and ISO 21448 (SOTIF) require specialized extensions. ISO/PAS 8800 provides the necessary framework to address the unique risks associated with AI, specifically focusing on the non-deterministic nature of machine learning and the safety implications of data-driven development.

2. The AI Development Lifecycle for Safety

Safety-related AI development shifts the focus from manual coding to data curation and model training. The lifecycle includes:

• Requirements Definition: Defining the Safety Goals and Functional Safety Requirements (FSRs) that the AI component must satisfy.
• Data Collection and Management: Ensuring that the data used for training, validation, and testing is representative, complete, and free from safety-critical biases.
• Model Design and Training: Selecting appropriate architectures (e.g., Convolutional Neural Networks) and training regimes that prioritize robustness over mere accuracy.
• Verification and Validation (V&V): Implementing rigorous testing protocols, including formal methods, simulation, and real-world testing to ensure the model behaves predictably in its Operational Design Domain (ODD).

3. Key Concepts in ISO/PAS 8800 Development

3.1 Data Quality and Integrity

In AI safety, data is equivalent to source code. ISO/PAS 8800 emphasizes:

• Representativeness: Does the data cover all edge cases in the ODD?
• Labeling Accuracy: Ensuring that the ground truth used for training is verified and error-free.
• Independence: Keeping training, validation, and test datasets strictly separated to prevent overfitting and biased results.

3.2 Robustness and Resilience

Safety-related AI must be robust against perturbations. This involves testing for:

• Adversarial Robustness: Protection against small, intentional changes to input that could cause a misclassification.
• Distribution Shift: How the model handles data that differs slightly from its training set (e.g., different weather conditions or sensor noise).

4. Integration with ISO 26262 and ISO 21448

ISO/PAS 8800 acts as a bridge. It leverages the functional safety processes of ISO 26262 to manage hardware and system failures, while utilizing ISO 21448 (SOTIF) principles to address performance limitations and situational awareness errors inherent in AI systems.

5. Conclusion

Developing AI for safety-critical applications requires a fundamental shift in engineering mindset. By following the structured approach in ISO/PAS 8800, developers can build a compelling safety case that demonstrates the AI component is fit for use on public roads.