An In Depth Look at the Federal Automated Vehicles Policy

The National Highway Traffic Safety Administration (NHTSA) has issued its Federal Automated Vehicles Policy.  Although this policy applies solely to on-road vehicles, CNH’s recent introduction of a concept autonomous tractor suggests that NHTSA’s policy may have agricultural implications too.  This post takes a deeper look at NHTSA’s Automated Vehicles Policy.

New Holland's NHDrive Concept Autonomous Tractor

New Holland's NHDrive Concept Autonomous Tractor

First, autonomous tractors, combines, and other potential farm vehicles will have two roles: in the field activities and over-the-road transportation to the field.  NHTSA’s policy would presumably apply to on road travel only, as there are no laws that prohibit autonomous farm vehicles from operating in a private field. After all, an irrigation pivot is effectively an autonomous farm vehicle, performing a task in the field without a human driver.

NHTSA finds two enormous benefits to autonomous vehicles.  The first potential benefit is safety.  Autonomous vehicles can perform more safely than their human driven counterparts.  NHTSA sees huge potential for improvement here, as 35,092 people died last year on public roads in the US. Human error is the leading cause of fatalities.

The second benefit is mobility.  Autonomous vehicles can improve mobility for those that cannot afford a car today, or those that cannot drive because of age or disability.  Cities will reconfigure how space is utilized, according to NTHSA, when autonomous vehicles become common.

The safety and mobility benefits apply to autonomous tractors and farm equipment as well, but the real benefit for agriculture is in reducing labor costs and increasing efficiency. 

The NTSHA policy officially adopts the SAE’s 6 levels of autonomy.  These are:

  • At SAE Level 0, the human driver does everything;
  • At SAE Level 1, an automated system on the vehicle can sometimes assist the human driver conduct some parts of the driving task;
  • At SAE Level 2, an automated system on the vehicle can actually conduct some parts of the driving task, while the human continues to monitor the driving environment and performs the rest of the driving task;
  • At SAE Level 3, an automated system can both actually conduct some parts of the driving task and monitor the driving environment in some instances, but the human driver must be ready to take back control when the automated system requests;
  • At SAE Level 4, an automated system can conduct the driving task and monitor the driving environment, and the human need not take back control, but the automated system can operate only in certain environments and under certain conditions; and
  • At SAE Level 5, the automated system can perform all driving tasks, under all conditions that a human driver could perform them.

Levels 3-5 are unique in that the automated system is primarily responsible for monitoring the environment.  NTSHA calls operation at these levels Highly Automated Vehicles, or “HAVs.” 

NHTSA provides guidance for various HAV systems and requests that manufacuturers test and evaluate their vehicles under a variety of conditions.  The guideance is best explained in a chart:

NHTSA requests that all current manufacturers of HAVs voluntarily submit reports regarding how the guidance was followed in the form a “Safety Assessment Letter.”  The safety assessment report includes the following areas:

  • Data Recording and Sharing
  • Privacy
  • System Safety
  • Vehicle Cybersecurity
  • Human Machine Interface
  • Crashworthiness
  • Consumer Education and Training
  • Registration and Certification
  • Post-Crash Behavior
  • Federal, State and Local Laws
  • Ethical Considerations
  • Operational Design Domain
  • Object and Event Detection and Response
  • Fall Back (Minimal Risk Condition)
  • Validation Methods

For each category, the letter should indicate whether the vehicle met the requirements or whether the category is not applicable. A new Safety Assessment Letter should be submitted whenever new software is uploaded to the HAV.

NTSHA's guidance also has a policy on data recording. NTSHA requests that manufacturers and other entities have a documented process for testing, vali­dation, and collection of event, incident, and crash data, for the purposes of recording malfunctions, degradations, or failures  that can be used to establish the cause of such issues. NTSHA sees data sharing as a means for  improving safety. It also can be an admission of guilt from a manufacturer or cast blame on a passenger or operator.

Together with data collection, NTSHA states that individual privacy should be protected.  NTSHA provides guidance to manufacturers for drafting privacy policies related to data collection from HAVs, which should take into account:

a. Transparency: provide consumers with accessible, clear, meaningful data privacy and security notices/agreements which should incorporate the baseline protections outlined in the White House Consumer Privacy Bill of Rights and explain how Entities collect, use, share, secure, audit, and destroy data generated by, or retrieved from, their vehicles;

b. Choice: offer vehicle owners choices regarding the collection, use, sharing, retention, and deconstruction of data, including geolocation, biometric, and driver behavior data that could be reasonably linkable to them personally (i.e., personal data);

c. Respect for Context: use data collected from production HAVs only in ways that are consistent with the purposes for which the data originally was collected (as explained in applicable data privacy notice/agreements);

d. Minimization, De-Identification and Retention: collect and retain only for as long as necessary the minimum amount of personal data required to achieve legitimate business purposes, and take steps to de-identify sensitive data where practical, in accordance with applicable data privacy notices/agreements and principles;

e. Data Security: implement measures to protect data that are commensurate with the harm that would result from loss or unauthorized disclosure of the data;

f. Integrity and Access: implement measures to maintain the accuracy of personal data and permit vehicle operators and owners to review and correct such information when it is collected in away that directly or reasonably links the data to a specific vehicle or person; and

g. Accountability: take reasonable steps, through such activities as evaluation and auditing of privacy and data protections in its approach and practices, to ensure that the entities that collect or receive consumers’ data comply with applicable data privacy and security agreements/notices.

NTSHA is also concerned with cybersecurity.  The rise of autonomous vehicles creates opportunities for nefarious persons to intentionally cause personal and property damage. Therefore, NTHSA urges that cybersecurity considerations be incorporated into design and testing.

Another area relevant to autonomous farm vehicles is what NTSHA calls the Human Machine Interface (HMI) or the user interface.  NTSHA urges that at a minimum, the HMI should include information that the HAV is:

  • Functioning properly;
  • Currently engaged in automated driving mode;
  • Currently “unavailable” for automated driving;
  • Experiencing a malfunction with the HAV system; and
  • Requesting control transition from the HAV system to the operator.

In designs where an HAV is intended to operate without a human driver or occupant, the remote dispatcher or central control authority should be able to know the status of the HAV at all times. This guidance seems especially relevant to autonomous farm vehicles, where a central dispatcher monitors the functions of machines operating in the field.  

Finally, one other aspect of the NTSHA policy is discussion of a “Fall Back” position.  NTSHA states that all manufacturers should build into their systems a “minimal risk condition” that occurs whenever a serious problem is encountered.  This may mean that a human operator regains control or the vehicle, the vehicle begins operating in a degraded state, or the vehicle shuts down. 

Summary:  There is a lot to digest in NTSHA’s guidance. Although these guidelines do not apply to farm vehicles operating autonomously in the field, they provide healthy checklists for manufacturers to check-off when designing highly autonomous farm machinery. For autonomous farm vehicles that will operate on public roads, these guidelines are even more important. 

If nothing else, I suggest that the ag industry use these guidelines as a framework to create their own policy and guidance for autonomous farm vehicles.

 

 

Comment