40 4. SAFETY VALIDATION OF NEURAL NETWORKS
must include consideration for the volume of data, coverage of critical situations, minimization
of unknown critical situations, and representativeness of the operational environment [141].
Another challenge for autonomous vehicle applications is the adequacy of current stan-
dards such as ISO 26262 for safety validation of neural network systems. ese safety standards
have helped develop industry practices to address safety in a systematic way. However, Salay et
al. [217] noted that ISO 26262 in its current form does not address machine learning methods
adequately. Salay et al. identified five factors from machine learning which will likely impact
ISO 26262 and require changes in the standard: (i) identifying hazards, (ii) faults and failure
modes, (iii) use of training sets, (iv) level of machine learning usage, and (v) required software
techniques. First, identifying hazards, as specified by ISO 26262 currently, is an issue as ma-
chine learning can create new types of hazards which might not necessarily fit the definition
of hazards as given by the standard. erefore, the definition of hazards in ISO 26262 should
be revised to also consider harm potentially caused by complex behavioral interactions between
the autonomous vehicle and humans that are not due to a system malfunction. Second, faults
and failure modes will be further affected by machine learning methods as they will introduce
machine learning-specific faults in network topology, learning algorithm, or training set, which
will need to be addressed by ISO 26262. erefore, ISO 26262 should require the use of fault
detection tools and techniques which take into account the unique features of machine learning.
ird, the use of training sets is problematic from the perspective of ISO 26262 certification,
as it breaks an assumption made by the standard that component behavior is fully specified and
each refinement can be verified with respect to its specification. However, where training sets are
used in place of specifications, this assumption is not valid (as training sets are inherently incom-
plete). erefore, training set coverage should be considered instead of completeness. System
specification may be an issue for systems with more advanced functionality, such as perception
of the environment, as these may be inherently unspecifiable. Hence, complete specification re-
quirement in ISO 26262 should be relaxed. Fourth, the level of machine learning usage could
be a further issue as ISO 26262 assumes the software can be defined as an architecture con-
sisting of components and their interactions in a hierarchical structure. However, this is not
always the case for machine learning systems. For example, in end-to-end systems there are no
sub-components or hierarchical structure and therefore these systems challenge the assumptions
in the standard. Moreover, ISO 26262 mandates use of modularity principles such as restrict-
ing the size of components and maximizing the cohesion within a component, which could be
problematic for machine learning components that lack transparency and therefore cannot apply
these principles. Finally, the required software techniques in ISO 26262 are a further challenge
for machine learning methods as many of them assume that an imperative programming lan-
guage is being used. Salay et al. assessed the 75 software techniques required by ISO 26262 and
found that approximately 40% of these are not applicable to machine learning, while the rest are
either directly applicable or can be applied if adapted in some way. erefore, ISO 26262 soft-
ware techniques should perhaps focus more on the intent than on specific details. Additionally,