This is part 3 of the following series:

  1. Originating requirements
  2. Use cases
  3. Product requirements specification (this document)
  4. Logical and physical architecture

The document refines the high-level requirements into system-level specifications. To contribute more contents, analyze and elaborate further the constraints, performances, and behaviors by the domain-specific knowledge (Mechanical / Electrical / Optical / Software). More importantly, suggest verification plans to test each one.

How to use this document

The document refines and analyzes the system-level requirements. Since good system-level requirements aren’t complete unless they are testable, verification is also planned. The goal of this phase is to provide the engineering team with the inputs they need to architect the product.

System engineering V-model. System Requirements refine and internalize the stakeholder needs in the engineering level, and in turn can be verified by Verification Plans.

This is communicated via a Product Requirements Specification (PRS). For ease of review, the PRS has been divided into three separate parts – the Constraint Specification, the Functional Specification, and the Verification Plan. A note on nomenclature – ‘system-level requirements’ are captured in the constraints specification items and in the Behavior Diagrams/functions of the Functional Specifications.

The Constraint Specification contains constraints on the system such as physical characteristics and the environment. The Functional Specification includes the behavior and performance requirements. The Verification Plan contains high level test planning, and traceability back to the system level requirements.

Documents are generated on-demand from a central System Model Database. The contents of Product Requirement and Specifications (PRS) are gathered from the system-level requirements and verifications plans. All chapters can be traced back to the Originating requirements.

The main items used in this Constraint/Functional specification phase trace from the use cases developed in the previous phase. Walking through the use cases step by step is a systematic method to decompose the relevant requirements.

The verification item is used to plan verification activities at a high level. This allows the stakeholders and engineers to agree on the depth and complexity of testing required. Knowing this, testing schedules, cost, and equipment can be planned, and detailed test procedures written.

System requirements and functions are decomposed from the use cases, which in turn is verified by the Verification plans

Constraint specifications

Localization

sys-1: Valid pose computation

  • Allocation: sw
  • Discipline: sw
The localization system shall compute a valid pose.

Rationale: Planning and control depend on a usable vehicle pose estimate. This requirement captures the stakeholder intent that downstream autonomy functions must not operate without localization output that the system considers valid.

Satisfies:

  • [ucd-1] Autonomous operation: The autonomy stack supports continuous automated vehicle motion....

Designs directly impacted by this:

  • [fnc-1.1] Compute valid pose: The localization function shall compute a valid pose estimate for downstream autonomy functions....
  • [ver-1] Verify valid pose computation: 1. Operate the localization system with representative sensor inputs. 1. Confirm that the system outputs a pose estimate usable by downstream planning and control interfaces. 1. Record the conditions under which the pose is considered valid. ...
  • [int-1] Pose estimate interface: The localization subsystem publishes the most recent vehicle pose estimate to the planner....

Verification plans:

  • [ver-1] Verify valid pose computation: 1. Operate the localization system with representative sensor inputs. 1. Confirm that the system outputs a pose estimate usable by downstream planning and control interfaces. 1. Record the conditions under which the pose is considered valid. ...

sys-2: Pose publication rate

  • Allocation: sw
  • Discipline: sw
The localization system shall make the most recent pose estimate available at x Hz.

Rationale: Downstream consumers need timely localization data rather than stale state information. This requirement reflects the intent that planning and control receive fresh pose updates at a defined interface rate.

Satisfies:

  • [ucd-1] Autonomous operation: The autonomy stack supports continuous automated vehicle motion....

Designs directly impacted by this:

  • [fnc-1.2] Publish pose: The localization function shall publish the most recent pose estimate to downstream consumers....
  • [ver-2] Verify pose publication rate: 1. Operate the localization system while sampling the published pose interface. 1. Measure the update rate of the most recent pose estimate. 1. Confirm that the measured update rate meets the allocated x Hz requirement. ...
  • [int-1] Pose estimate interface: The localization subsystem publishes the most recent vehicle pose estimate to the planner....

Verification plans:

  • [ver-2] Verify pose publication rate: 1. Operate the localization system while sampling the published pose interface. 1. Measure the update rate of the most recent pose estimate. 1. Confirm that the measured update rate meets the allocated x Hz requirement. ...

Control

sys-3: Control computation

  • Allocation: sw
  • Discipline: sw
The control system shall compute an accurate control command.

Rationale: The stakeholder intent is that the controller produce commands accurate enough for safe and effective vehicle motion. This captures the expected outcome behind the requirement even though the imported source does not yet define measurable acceptance limits.

Satisfies:

  • [ucd-1] Autonomous operation: The autonomy stack supports continuous automated vehicle motion....

Designs directly impacted by this:

  • [fnc-1.3] Compute control command: The control function shall compute a control command from the selected trajectory....
  • [ver-3] Assess control command accuracy requirement: 1. Review the control command requirement and identify the missing accuracy metric and operating conditions. 1. Define measurable acceptance criteria before attempting a formal verification procedure. 1. Reclassify this item to a test or analysis me...
  • [int-3] Control command interface: The controller provides control commands to the vehicle actuators....

Verification plans:

  • [ver-3] Assess control command accuracy requirement: 1. Review the control command requirement and identify the missing accuracy metric and operating conditions. 1. Define measurable acceptance criteria before attempting a formal verification procedure. 1. Reclassify this item to a test or analysis me...

Functional specifications

fnc-1: Support autonomous operation

Support automated motion through localization, planning, and control.
Acquire sensor observations[fnc-1.1] Compute valid pose[fnc-1.2] Publish poseGenerate trajectory[fnc-1.3] Compute control commandSend command to actuatorsAutonomous mode active?yesno
Activity diagram "fnc-1: Support autonomous operation"

fnc-1.1: Compute valid pose

The localization function shall compute a valid pose estimate for downstream autonomy functions.

Linked requirements:

  • [sys-1] Valid pose computation: The localization system shall compute a valid pose. ...

fnc-1.2: Publish pose

The localization function shall publish the most recent pose estimate to downstream consumers.

Linked requirements:

  • [sys-2] Pose publication rate: The localization system shall make the most recent pose estimate available at x Hz....

fnc-1.3: Compute control command

The control function shall compute a control command from the selected trajectory.

Linked requirements:

  • [sys-3] Control computation: The control system shall compute an accurate control command. ...

Verification plan

ver-1: Verify valid pose computation

1. Operate the localization system with representative sensor inputs. 1. Confirm that the system outputs a pose estimate usable by downstream planning and control interfaces. 1. Record the conditions under which the pose is considered valid.

Linked requirements:

ver-2: Verify pose publication rate

1. Operate the localization system while sampling the published pose interface. 1. Measure the update rate of the most recent pose estimate. 1. Confirm that the measured update rate meets the allocated x Hz requirement.

Linked requirements:

ver-3: Assess control command accuracy requirement

1. Review the control command requirement and identify the missing accuracy metric and operating conditions. 1. Define measurable acceptance criteria before attempting a formal verification procedure. 1. Reclassify this item to a test or analysis method once the requirement becomes verifiable.

Linked requirements: