Integrity and Continuity of GPS-based Collision Warning Systems using Vehicle-to-vehicle Communication
Gustavo Lee and Mathieu Joerger, University of Arizona
This paper describes the design and implementation of a safety risk evaluation method for a GPS-based automotive collision warning system using vehicle-to-vehicle (V2V) communication.
V2V is an automobile communication system that can be used to effectively recognize collision situations earlier and more accurately than human drivers. It relies on broadcast of GPS-based position and velocity estimates between nearby vehicles to warn drivers about potential hazards. V2V communication systems use dedicated short-range communications (DSRC), a technology designed to support a variety of applications for vehicular communication. DSRC is a two-way short to medium-range wireless communications capability that permits very high data transmission that is key in safety-critical applications.
The U.S. Federal Communications Commission has allocated 75 MHz of licensed spectrum in the 5.9 GHz band for use by Intelligent Transportations Systems (ITS) vehicle safety and mobility applications. In addition, in the SAE J2735 Standard, the DSRC committee specifies a set of messages and their formats to support vehicle-based applications. Of particular relevance to this work is the basic safety message (BSM), which conveys critical vehicle state information that includes vehicle position, positional accuracy, speed, heading, braking status, and vehicle size.
V2V communications utilizing DSRC have an operational range of up to 300 meters. Within this range, V2V applications have the potential to significantly reduce occurrences of crashes through real time advisories alerting drivers to imminent hazards. GPS-based relative positioning using V2V is subject to alteration and loss of GPS signal. But unlike vehicle-resident sensors (e.g. cameras and lidars), GPS/V2V is not impacted by weather, light, or dust, and can sense out-of-sight vehicles occluded behind other vehicles or around building corners. This capability addresses scenarios where an oncoming vehicle emerges from behind a truck or from a blind alley. In those situations, GPS/V2V can sense threats that a radar or camera cannot.
There are three safety applications that the National Highway Traffic Safety Administration (NHTSA) believes can be enabled by V2V, and could not be addressed by any current, vehicle-resident sensor or camera-based system .
The first concept is the intersection movement assist (IMA). IMA warns the driver of a vehicle when it is not safe to enter an intersection due to a high probability of colliding with one or more vehicles at both controlled intersections (where a signal is present) and uncontrolled intersections (where only a stop or yield-sign is present). The second concept is the left turn assist (LTA). LTA warns the driver of a vehicle, when entering an intersection, not to turn left in front of another vehicle traveling in the opposite direction. This is especially critical when the driver’s line-of-sight is blocked by a vehicle also making a left turn from the opposite direction. The third concept is the emergency electronic brake light (EEBL). EEBL enables a vehicle to warn its driver to brake in a situation where another V2V-equipped vehicle decelerates quickly but may not be directly in front of the warning vehicle. V2V would allow the driver to “see through” vehicles or poor weather conditions to know that traffic ahead may be coming to an abrupt stop.
NHTSA indicates that the first two applications alone could result in a 50% reduction in crashes, injuries, and fatalities every year. Applied to the full national vehicle fleet, this could potentially eliminate 400,000 to 600,000 crashes, prevent 190,000 to 270,000 injuries and save 780 to 1,080 lives each year once fully deployed.
Previous papers describe collision avoidance or collision warning algorithms. For example, Huang et al. describe a collision pre-warning algorithm based on V2V communication . Ahrems takes it one step further and establishes a predefined safety zone around each vehicle . Mihaita et al. present experiments that focus on the positional accuracy of DSRC-equipped vehicles . They do so experimentally and evaluate the impact of positioning errors on false alerts. Other papers describing collision warnings focus on communication protocols, e.g., they describe methods for achieving low latency in message delivery, for efficient bandwidth usage, and for preventing packet collisions for simultaneously broadcast messages. In the literature, safety risk in collision warning is not rigorously quantified.
In response, this paper describes new methods to guarantee the safety of GPS/V2V collision warning systems by quantifying integrity and continuity . Integrity and continuity are performance metrics used in commercial aviation navigation, which has a proven safety record. Integrity is a measure of trust in sensor information. Continuity is the ability to complete a mission without interruption, and is impacted by false alerts. This paper uses analytical integrity and continuity evaluation methods to set requirements on V2V BSM data, thereby providing safe collision warning alerts under nominal, fault-free sensor conditions.
The first section of this paper describes critical elements of the vehicles’ encounter. We consider the example application of IMA, where two vehicles are approaching an intersection along perpendicular directions. Three intersection-centric time thresholds are defined. First, the collision threshold (CT) is the minimum acceptable difference between the vehicles’ times to reach the center of the intersection. A collision is declared if both vehicles reach the center of the intersection within a time interval CT. Second, a late alert threshold (LAT) is defined as the minimum time for the driver to bring the host vehicle to a stop before reaching the CT. The LAT accounts for the driver’s reaction time, and for the vehicle’s time-to-brake-and-stop at the current driving speed. Third, an early alert threshold (EAT) is defined as the maximum time for the host vehicle driver to start decelerating before CT. Braking too early with no apparent reason is a disruptive behavior that can cause hazardous situations.
The second section defines the integrity and continuity risks as applied to automotive GPS/V2V collision warning systems. A method is fist described to determine hazard states based on trajectory states, and to evaluate safety risks. A weighted least squares estimator is derived, which uses speedometer velocity and GPS position estimates for the host and intruder vehicles (obtained via V2V) to predict both vehicles’ trajectories until they reach the intersection. Trajectory states are then converted to hazard states, which include: time for the host and intruder vehicles to reach the CT, and the time to closest point of approach (CPA).
A hazard exists if the following events occur simultaneously: the actual time for the host vehicle to reach CT is less than or equal to the LAT, and the actual times for the host and target vehicles to CPA are both less than or equal to CT. A hazard does not exist when any of the aforementioned conditions is not true. Similar definitions are given for the event ‘sensing a hazard’, but in terms of estimated times instead of actual times.
The integrity risk is then defined as the probability of late alerts, i.e., the probability that the host vehicle does not sense a hazard, given that a hazard actually exists. On the other hand, the continuity risk is the probability of early alerts, i.e., the probability that the host vehicle predicts a hazard, given that a hazard does not exist.
In the third section of the paper, the early and late alert thresholds are modified to account for sensor and BSM uncertainty. A method is presented to respectively reduce the EAT and increase the LAT by multiples of the standard deviation of the estimated time to reach CT. For the LAT, the multiplying factor is set to achieve a predefined integrity risk requirement allocation. The paper shows that this allocation makes conservative assumptions to deal with the fact that the three hazard states are statistically correlated. For the EAT, the factor is a continuity risk multiplier set to limit the risk of false alerts.
Performance is evaluated by covariance analysis and direct simulations for example sensor specifications and safety requirements found in recent publications. A sensitivity analysis is carried out to identify key parameters. Preliminary results indicate that current vehicle-resident standalone GPS do not provide sufficient position accuracy to meet safety requirements in most typical driving scenarios.
The method presented in this work provides the means to set sensor requirements on collision warning systems to meet early and late alert thresholds while ensuring pre-defined integrity and continuity risk requirements.
 Harding, J., Powell, G., R., Yoon, R., Fikentscher, J., Doyle, C., Sade, D., Lukuc, M., Simons, J., & Wang, J. (2014, August). Vehicle-to-vehicle communications: Readiness of V2V technology for application. (Report No. DOT HS 812 014). Washington, DC: National Highway Traffic Safety Administration.
 Jamoom, M. B., Joerger, M., and Pervan, B., “Unmanned Aircraft System Sense-and-Avoid Integrity and Continuity Risk,” Journal of Guidance, Control, and Dynamics, Vol.39, No.3, Mar 2016, pp. 498-509.
 Chung-Ming Huang, Shih-Yang Lin, Chia-Ching Yang, Chih-Hsun Chou.: 'A Collision Pre-Warning Algorithm based on V2V Communication'. Proc. Int. Conf. International Conference on Ubiquitous Information Technologies & Applications, Fukuoka, 20-22 December 2009, pp. 1-6.
 J. Ahrems, “Collision warning algorithm for passage of an uncontrolled road intersection”, in Proc. 14th Biennial Baltic Electronics Conf. (BEC 2014). Tallinn, Estonia, 2014 pp. 49-52.
 Mihaita A.S., Tyler Paul, Wall John, Vecovsky Vanessa, Cai Chen, “Positioning and collision alert investigation for DSRC-equipped light vehicles through a case study in CITI”, ITS World Congress Montreal, October 29 – November 2, 2017.