Review of car operation safety system elements

The paper includes a review of the following terms: anthropotechnical system, a layered model of an object operation process, safe car operation system structure. The current and predicted solutions in terms of car equipment impact on the safety of a driver-vehicle-road system were presented in detail. 1 An anthropotechnical system model The operating process in an anthropotechnical system (Fig. 1) can be understood as the flows and transformations of substances, energy and information. The quantitative and qualitative values of these flows and transformations in a distinguished moment, determine the instantaneous state of a system. It is not hard to notice that an operating system of technical objects is formed by anthropotechnical systems with specific operating tasks (use or maintenance) [1]. Fig. 1. Anthropotechnical system model in a structural approach. 2 A three-layer operating process model The purpose of the utility phase of operation is – of course – generating the required operating effect, namely, execution of a operating task. Three main processes may be distinguished in the operating phase (Fig. 2) [1, 2]: 1) the operating process, leading to the execution of an operating task; 2) the destructive process, counteracting task execution, which can be divided into three component sub-processes: initiating process, damage process, failure process; 3) anti-destructive process, which can be divided into three component sub-processes: shielding process, intervention process, rescue process [3,4]. * Corresponding author: tadeusz.dabrowski@wat.edu.pl © The Authors, published by EDP Sciences. This is an open access article distributed under the terms of the Creative Commons Attribution License 4.0 (http://creativecommons.org/licenses/by/4.0/). MATEC Web of Conferences 182, 01017 (2018) https://doi.org/10.1051/matecconf/201818201017 17th International Conference Diagnostics of Machines and Vehicles


An anthropotechnical system model
The operating process in an anthropotechnical system (Fig. 1) can be understood as the flows and transformations of substances, energy and information.The quantitative and qualitative values of these flows and transformations in a distinguished moment, determine the instantaneous state of a system.It is not hard to notice that an operating system of technical objects is formed by anthropotechnical systems with specific operating tasks (use or maintenance) [1].

A three-layer operating process model
The purpose of the utility phase of operation isof coursegenerating the required operating effect, namely, execution of a operating task.Three main processes may be distinguished in the operating phase (Fig. 2) [1,2]: 1) the operating process, leading to the execution of an operating task; 2) the destructive process, counteracting task execution, which can be divided into three component sub-processes: initiating process, damage process, failure process; 3) anti-destructive process, which can be divided into three component sub-processes: shielding process, intervention process, rescue process [3,4].

Destructive process component characteristics
Initiating process involves the activation of trigger factors, which may initiate a destructive process.
The triggering factors may be of "neutral" nature, associated with the operating process or "aggressive" nature, in the form of overriding, interference, etc.
Damage process precedes and leads to the state of task unworthiness, i.e., a state, which makes it impossible to execute (complete) a task.
Reaching the state of task unworthiness may result in the occurrence of two situation types: operatingas well as a destructive processare interrupted in a "natural" manner; apparent operation (although the task is not being executed) is ongoing and the destructive process is developing; in this case, the destructive process becomes a failure process.Failure process involves the destruction of consecutive elements of a technical object and its surrounding, and the destruction of previously generated effect.
In order to maintain task worthiness of an anthropotechnical system (SAT) one canand often shouldequip an object's operating system with a safety system (security system), designed to generate anti-destructive activities.
In an operating system containing a safety system, a destructive process may be "halted" (or at least slowed down) at the level of the trigger factors or the damage process level, and the failure consequences may also be limited.

The characteristics of anti-destructive process components
A shielding process involves supervision, namely, observation and detection (if present) of trigger factors and their deactivation.
An intervention process involves supervising a damage process (if present) and activating intervention, halting or slowing down factors.
A rescue process involves supervising a failure process (if present) and the activation of activities protecting a selected object and environment zone, and a previously generated effect against destruction.These actions are shown in figure 3.

Fig. 3. Safety system action model
The operating effect is achieved as a consequence of executing an operating task, which is accompanied by integral destructive processes, triggered by a hazard system.The lack of preventive actions may result in a failure or even a disaster [5,6].In order to effectively prevent the effects of destructive processes, the selected objects and systems are fitted with safety systems.
Their task is to counteract the occurrence of trigger factors, and to stop, or at least limit, destructive processes [7].

Structure of a car operation safety system
A system, which implements the car operating process is an anthropotechnical system.The general structure of the system is shown in figure 4. Proper functioning of the three mentioned system components determines comprehensive safety of a vehicle operation process [8].
The following elements impacting road traffic safety are, among others, human-related [9,10,11]: • the skill of correct driving motor vehicles (ability of correct behaviour in traffic and to correctly assess a situation), also in the case of occurring hazards; • familiarity with legal regulations applicable to road traffic; • response time to occurring events.The following elements road-related within the analysed system [12,13]: • road form (descent and ascent slope, sharpness of turns, profile); • condition of the surface, its cohesiveness and bumpiness; • pavement type (concrete, asphalt, boulder, gravel and other); • road signage (lighting, horizontal, vertical) warning drivers against potential dangers; • atmospheric conditions (strong insolation, dawn, water, snow or ice covering the road pavement, sidewind gusts, fog); • traffic intensity (vehicle travel density); • intelligent transport systems [14,15].
The safety of road traffic participant is, however, mainly dependant of a motor vehicle and includes the proper functioning of three subsystems [16]: • vehicle active safety subsystem; • vehicle and passenger passive safety subsystem; • preventive safety subsystem.
As per figure 2, the terms "safety system" shall be understood as a task-oriented structure in the form shown in figure 5.A shielding subsystem is a set of measures and actions generating shielding factors preventing the appearance of factors exciting destructive processes within an operating system.
Example: Road traffic regulations, limiting the permissible speed over a given road segment.
An intervention subsystem is a set of measures and actions stimulating intervention factors, which completely stop, or at least slow down, destructive processes leading to permanent unfitness (failure/disaster).
A rescue subsystem is a set of measures and actions activating rescue factors, which are aimed at limiting the consequences of unfitness (failure/disaster).
Example: AirBag system, minimizing the consequences of a road incident.
At this point, it is worth noting that the structure of each of the aforementioned subsystems must include not only specified executive modules (sub-assemblies, procedures), but also diagnostic systems (supervising), which provide information about process ongoing in the system: operation and destructive.

A vehicle and passenger passive safety subsystem
A vehicle and passenger passive safety subsystem executes rescue actions and includes vehicle subsystems with automatic functioning, regardless of the driver participation.This means, that these systems are aimed at mitigating the effects of an already occurred collision.Their main objective is to limit the probability of injuries or death among a vehicle driver, its passengers or other road traffic participants (e.g.pedestrians, cyclists), as well as increase the safety of transported cargo.The operation of these systems takes place when a driver, regardless of the performed actions, has no impact on the road situation any more.A passive safety system includes: • appropriate design of the bodywork, chassis, seats, head rests, windows, pedals, steering wheel and more.• a basic passenger safety system: o safety belts (equipped with three mounting points, a self-rolling mechanism and a brake).• vehicle bodywork design (enabling visibility in any direction).

Preventive safety system
The term preventive safety system (i.e. a system executing shielding functions) is used to call all systems warning the driver and initiating his/her actions aimed at removing the possibility of a collision.These areusuallysystems functioning independently from the driver, and their task is to mitigate or remove a risk of potential collision probability [16,18].The preventive system impacts: • driver behaviour and prevents: o the driver falling asleep when driving, o starting a car in the event of the driver's intoxication; • other cars present in a traffic lane: o visible directly (mentioned ACC system), o based on information exchange between vehicles (IVCS, V2V); • other objects present in a traffic lane: o the presence and behaviour of other road users, o the presence of stationary obstacles; • crossing the lines separating traffic lanes (AFIL, LDW, ALKA); • presence and mixing of other vehicles or objects near the planned parking spot (PA, PAV).The preventive actions and procedures also include, of course, such elements of an anthropotechnical transport system as: highway code, road signs, police patrols, etc.
It is worth noting that the aforementioned classification of systems associated with car operation safety is sort of arbitrary, since more and more often these systems are structurally and technologically integrated, which makes their operation significantly inter-dependent.An example of such a situation may be the ABS, which is often an element of ASR, which in turn, is an ESP element, often being a component of ABC.

Forecasting the development tendencies for systems increasing the operating safety of motor means of transport
EyeSight 1  The leading safety technology is introduced to Subaru vehicles in the form of a stereoscopic camera, aimed at equipping a driver with a digital "second pair of eyes".The basic assumption of this system is constant observation of the road based on a 3D image, which is processed in terms of identifying other object present in the vicinity of the vehicle (cars, motorcyclists, cyclists, pedestrians and other), also taking into account their speed and distance.In the event of detecting a potential hazard, the numerous functions the EyeSight is equipped with, may be used in two areas: • driver assistance: o traffic lane assistant, o adaptive cruise control, o information about the previous vehicle moving; • accident prevention: o pre-collision emergency braking, o anti-collision choke valve management, o anti-collision obstacle by-passing assistant.Pedestrian Airbag Technology 2  A high number of traffic accident deaths and injuries induce to designing systems aimed at improving the safety of pedestrians.A pedestrian airbag can often be found in modern cars.Its task is to mitigate the consequences of some head-on collisions with pedestrians.An airbag is installed by the windshield of the vehicle, under the engine compartment cover.Sensors placed in the front bumped constantly transmit a signal to the control unit.Should it change, and the hit object is verified as similar to a human leg, the system is activated, and its operation can be divided into four stages: • raising (by 10 cm) and locking the rear part of the engine compartment cover, • filling of the external airbag, • turning on emergency lights, • braking system switching into the emergency braking standby state.The full sequence of actions from the moment of activation until complete filling takes several hundredths of a second.A filled airbag takes the lower part of the front poles, one third of the windscreen and the entire wiper cavity.eCall Manufacturers of cars previously leaving the dealerships, in order to obtain a homologation, were obliged to include the following systems as standard equipment: tyre pressure control, ABS, ASR.Since March 2018, the group of obligatory safety-increasing systems was expanded with the eCall system (Emergency Call, a European road accident notification system) [19].
The fundamental task of the system, also called "the black box", is to limit the number of road accident deaths, and also improve the functioning of emergency services in sudden situations.
The assumption of the initiative is to provide a Pan-European service, available for all EU Member States, as well as for other countries, wanting to join the project.All new vehicles, regardless of the country, brand and location are equipped with the system.The fit-out of vehicles is expanded for the needs of the project with the following elements: • SSB measuring module (sensor set), • GPS vehicle positioning device, • digital camera (or a set of cameras), • additional sensors, • a processor with fixed memory and an operating interface, • manual notification device, • GSM transceiver.After recording a serious road incident, the sensors in the vehicle automatically activate the eCall system, establishing a phone connection with the area-relevant Publish Safety Answering Point (PSAP), and at the same time, sends an MSD (minimum set of data) alarm message, which includes: car description (type of vehicle, type of fuel), number of passengers, time of incident, detailed location and driving direction 3 .There is also a possibility to manually activate the system through the SOS panel installed inside the passenger compartment, which enables contact with the 112 emergency number.Such application enables calling the services also by the people in other vehicles, who are the victims of an accident or any other random events (e.g.fire).
Automatic event recognition takes place on the basis of sensor indications, which send a message in the event of any of the vehicle axes exceeding its limit load (acceleration).Despite the protests, vehicle drivers will not have the possibility to deactivate eCall, while being ensured that during normal operation, it does not collect any data.
Due to the technical components of the eCall system, there is an opportunity to develop other additional services, already existing or planned (e.g.electronic road toll collection system or a digital tachograph).The integration and optimization of a broader range of solutions within an open and consistent system architecture may positively influence cost reduction, increasing of usefulness and efficiency, as well as future improvement and expansion of their functionality.
According to the experts, the use of eCall will significantly improve the response time of emergency services by 50% in the cities and by as much as 60% in undeveloped areas.This may translate into several thousand more people saved per year.

Autonomous cars
Undoubtedly another phase in the development of the automotive industryafter the current stage of drive assist and facilitationwill be replacing the driver and introducing autonomous cars on public roads.Ultimately, the role of the "driver" shall be limited only to selecting the route or its destination.A car will be responsible for safe transport of passengers from point A to point B, without their intervention.
For many years, this idea had been deemed a fantasy, but it is now slowly turning into reality.Already in 2013, the American state of Nevada allowed prototype versions of such vehicles for road traffic.In September 2016, first Uber4 cars without a driver entered the streets of Pittsburgh, and next, attempts were made in congested San Francisco.In the case of serially manufactured cars, Tesla and Volvo (V90 and S90) are in the lead, offering models, which could travel long distances on autopilot only.Tesla manufacturers took a step further introducing an option for a car to autonomously leave a garage and wait for the passengers in front of the house front door.
Taking into account the handling properties, autonomous cars do not differ from traditional cars.Although the intention of the manufacturers was to limit the role of a man to a minimum, currently available vehicles are equipped with a steering wheel, making it possible to take control over at any moment.
Autonomous vehicles are equipped with an advanced on-board computer, as well as a great deal of sensors.Necessary equipment of such cars includes: a built-in GPS module, laser rangefinders mapping the area, as well as cameras detecting heat and motion, and cameras monitoring the behaviours in the immediate vicinity.The most important used tool is advanced terrain mapping, and the GPS maps themselves are rather a supporting element.
The main assumption in regard to autonomous cars is safety, achieved through, among others, eliminating the human factor errors and a more efficient clash-prevention.However, a computer is not always able to appropriately react to a road situation, therefore, the currently available vehicles with an autopilot, constantly monitor whether a driver is concentrated on the road.The advantages increasing safety include a fact that cars without drivers strictly follow speed limits and other applicable regulations.

Conclusions
Based on the presented review, the following conclusions can be formulated: • The task of a safety system is to maintain an anthropotechnical system in a state of safety.It is achieved through counteracting the appearance of trigger factors, as well as preventing or at least mitigating the effects of destructive processes.• A motor vehicle safety system includes the following task-oriented modules: shielding (e.g.road traffic regulations), intervention (e.g.ABS), emergency (e.g.AirBag).• The safety of road traffic participant depends on the interaction of individual traffic components: humancarroad.The safety depending on a motor vehicle covers the correct functioning of the following subsystems: o a preventive safety system (shielding function)systems warning a driver and initiating his/her actions aimed at avoiding a collision, acting independently from the driver; o vehicle active safety subsystem (intervention function)systems impacted by a driver, thus allowing to decrease or avoid a collision risk; o vehicle and passenger passive safety subsystem (rescue system)systems aimed at mitigating the effects of an already occurred collision, with automatic operation, independent from the driver.
• The current technological trends are aimed at solutions, which aid and facilitate driving.
Modern car systems can "see" in the dark, identify objects in the vicinity, and if necessary, stop autonomously, in order to avoid a road collision.• Another stage in the development of the automotive industry will be, undoubtedly, replacing the driver himself and introducing autonomous cars on public roads.Their task will be to deliver passengers from point A to point B, without any intervention from the passengers.Both for car companies, as well as legislative bodies, safety is currently the main priority, and the cars leaving the showrooms are characterized by extensive equipment in this field.

Fig. 2 .
Fig. 2. Three-layered operating model for an object equipped with a safety system.
• additional passenger restrain and protection system: They enable decreasing or avoiding a collision risk, which means, they are systems that allow the driver to take action prior to a collision, aimed at avoiding it.
o Automatic accident notification system, o On-board extinguishing systems, o Systems isolating engine fuel supply, o Systems decoupling the battery from the vehicle's electrical system.Motor vehicle active safety systemVehicle active safety system performs intervention functions and covers all systems, which are impacted by the driver.