In recent years, the enormous investments in Automated Driving Systems (ADSs) have distinctly advanced ADS technologies. Despite promises made by several high profile auto-makers, it has however become clear that the challenges involved for deploying ADS have been drastically underestimated. This paper focuses on the challenge of providing sufficient evidence to support the safety claims of ADSs. The provisioning of such evidence clearly relates both to technical maturity of ADS systems (including actual experiences from deploying such systems), and on the development of methodologies for reasoning about ADS safety claims. Contrary to previous generations of automotive systems, common design, development, verification and validation methods for safety critical systems do not suffice to cope with the increased complexity and operational uncertainties of an ADS. Therefore, the aim of this paper is to provide an understanding of existing methods focusing on the development of a safe ADS and, most importantly, identifying the associated challenges and gaps.

We present eight challenges, collectively distinguishing ADSs from safety critical systems in general, and discuss the existing methods in the light of these eight challenges. Based on this discussion, a set of research gaps are identified.