Bayesian Validation Based Fault Tree Analysis for Enhancing Autonomous Vehicle Safety

Abstract

Ensuring the safety of autonomous vehicles in complex and uncertain environments remains a critical challenge. While ISO 26262 provides a robust framework for functional safety, it primarily focuses on hazards arising from hardware or software malfunctions. The Safety of the Intended Functionality (SOTIF), defined in ISO 21448, extends the traditional ISO 26262 safety framework by addressing hazards that arise from performance limitations and functional insufficiencies, even in the absence of system faults. Addressing such hazards requires methodologies that go beyond traditional fault-based analysis and are capable of representing uncertainty and causal dependencies. Fault Tree Analysis (FTA) is a widely used safety assessment method within ISO 26262 Functional Safety (FuSa) framework. However, traditional FTA is limited by its binary event structure, static assumptions and inability to capture probabilistic dependencies between variables. These limitations constrain its applicability in SOTIF-related safety analysis, where context-dependent and performance-driven hazards are critical. By integrating FTA with Bayesian Network (BN), these limitations can be addressed, that enabling probabilistic inference, representation of causal dependencies, and dynamic risk quantification. This thesis proposes an integrated methodology that combines FTA with BN to support probabilistic safety analysis in alignment with SOTIF principles. The approach remains the deductive, structured hierarchy of FTA while incorporating the probabilistic reasoning capabilities of BN. This integration enables the representation of multi-state variables, explicit modeling of interdependencies, and dynamic risk quantification through Bayesian inference. The proposed methodology is validated through two case studies. The first focuses on collision scenarios in autonomous driving to demonstrate the integration of FTA with BN, the result shows the perception system is the main contributor to collision risk in autonomous vehicles. The second case study examines object detection failure to evaluate the framework's alignment with SOTIF principles by modeling performance limitations and triggering conditions. Results show that adverse weather and occlusion are the most significant contributors to object detection failures, with posterior probabilities of 45.76% and 58.72%, respectively. The findings demonstrate the framework's ability to capture causal relationships and provide both qualitative and quantitative insights of SOTIF-related hazards. By aligning with ISO 26262 and ISO 21448, this research advances a comprehensive and extensible safety assessment approach that accounts for both fault-based and performance-based hazards in autonomous vehicle systems.