Patent attributes
In embodiments of an autonomous vehicle platform and safety architecture, safety managers of a safety-critical system monitor outputs of linked components of the safety-critical system. The linked components comprise at least three components, each of which is configured to produce output indicative of a same event independent from the other linked components by using different input information than the other linked components. The safety managers also compare the outputs of the linked components to determine whether each output indicates the occurrence of a same event. When the output of one linked component does not indicate the occurrence of an event that is indicated by the outputs of the other linked components, the safety managers identify the one linked component as having failed. Based on this, the outputs of the other linked components are used to carry out operations of the safety-critical system without using the output of the failed component.
