Artificial Intelligence (AI) and Machine Learning (ML) are rapidly transforming industries across the globe, from healthcare and finance to manufacturing and transportation. The automotive sector is no exception. As vehicles become increasingly connected, automated, and software-defined, AI technologies are being integrated into a growing number of functions, including driver assistance systems, perception and sensor fusion, predictive maintenance, cybersecurity, and autonomous driving capabilities.
Unlike traditional software systems, AI-based solutions rely on data-driven behavior rather than deterministic logic. While this enables unprecedented capabilities, it also introduces new challenges related to safety, transparency, robustness, verification, and lifecycle management. The performance of an AI system depends not only on its implementation but also on the quality of the data used to train, validate, and operate it. Furthermore, AI models may exhibit non-deterministic behavior, degrade over time, or encounter situations that were not represented during development.
To address these challenges, standardization bodies and industry organizations are developing frameworks that enable the safe, reliable, and auditable deployment of AI in safety-critical environments. In the automotive domain, ISO/PAS 8800:2024 and Automotive SPICE (ASPICE) 4.0 provide complementary guidance for governing the development, validation, deployment, and maintenance of AI-based systems. Together, these standards establish engineering practices, process requirements, and safety controls that help manufacturers and suppliers harness the benefits of AI while maintaining the rigorous safety expectations demanded by modern vehicles.
This article examines how ISO/PAS 8800 and ASPICE 4.0 work together to create a structured approach for the lifecycle management of AI-enabled automotive systems, and how responsibilities are shared between suppliers and Original Equipment Manufacturers (OEMs).
Requirements for System Manufacturers (Suppliers)
Suppliers are responsible for implementing and executing the Machine Learning Engineering (MLE) lifecycle, ensuring that AI models are developed, validated, and maintained according to established safety and quality requirements.
AI-Centric Lifecycle Management
Organizations developing AI systems must establish dedicated lifecycle processes that address the unique characteristics of machine learning. These processes encompass data acquisition and management, model training, validation, deployment, and post-release monitoring.
Machine Learning Engineering Processes
ASPICE 4.0 introduces a dedicated Machine Learning Engineering process group consisting of four core processes:
MLE.1 – Requirements Analysis
System-level requirements must be transformed into machine learning-specific requirements, including functional objectives, performance criteria, and assumptions regarding expected data distributions.
MLE.2 – Architecture Design
The architecture process defines the structure of the machine learning model, including network topology, activation functions, and acceptable hyperparameter ranges such as learning rates, regularization settings, and optimization strategies.
MLE.3 – Model Training
Suppliers must execute the training and optimization process using designated training and validation datasets. Model development continues until predefined acceptance and performance criteria are satisfied.
MLE.4 – Model Verification and Testing
Both the trained model and its deployed implementation must be verified against machine learning requirements using representative and independent test datasets to ensure compliance and operational readiness.
Data Governance and Quality Assurance
ASPICE SUP.11 and ISO/PAS 8800 emphasize rigorous data management practices. Suppliers are expected to control data collection, labeling, quality assurance, versioning, and traceability. Given the data-dependent nature of AI systems, data quality is considered as critical as, or even more critical than, traditional source code quality.
Explainability and Transparency
To support safety assessments and audits, manufacturers should incorporate Explainable AI (XAI) techniques such as saliency maps, feature attribution methods, or surrogate models. These mechanisms help engineers and assessors understand how AI systems reach their decisions.
Robustness and Uncertainty Management
AI systems must be designed with awareness of their inherent limitations in generalization. Appropriate measures should be implemented to quantify uncertainty, detect abnormal inputs, and manage non-deterministic behavior that could affect system safety.
Requirements for OEMs
OEMs are responsible for defining vehicle-level safety objectives, operational boundaries, and long-term governance of AI-enabled systems after deployment.
Item Definition and Hazard Analysis
At the vehicle level, OEMs must define the system under consideration and perform Hazard Analysis and Risk Assessment (HARA) activities. These analyses determine applicable Automotive Safety Integrity Levels (ASILs) and establish corresponding safety goals.
Operational Design Domain Definition
OEMs must clearly specify the Operational Design Domain (ODD), defining the environmental, geographical, and operational conditions under which the AI system is intended to operate safely. Examples include weather conditions, road categories, traffic scenarios, and geographic constraints.
Supplier Oversight and Collaboration
Under ASPICE ACQ.4, OEMs are required to establish effective interfaces with suppliers and continuously monitor compliance with agreed safety, quality, and performance objectives throughout the development lifecycle.
Post-Deployment Monitoring
ISO/PAS 8800 requires continuous operational monitoring after vehicle release. OEMs must implement mechanisms to detect model drift, performance degradation, unexpected behaviors, and previously unseen edge cases encountered during real-world operation.
Governance of Over-the-Air Updates
Any modification of deployed AI functionality, including retraining or model replacement through Over-the-Air (OTA) updates, must be subject to structured risk assessments. OEMs must ensure that updates do not invalidate previously established safety assumptions or compromise the approved safety envelope.
Shared Responsibilities and Cross-Functional Requirements
End-to-End Traceability
Both OEMs and suppliers must maintain bidirectional traceability between stakeholder requirements, safety objectives, machine learning requirements, datasets, model versions, verification activities, and validation outcomes. This traceability is essential for demonstrating compliance and supporting safety audits.
Human Oversight
AI-enabled automotive systems must remain subject to human supervision and authority throughout their lifecycle. Appropriate monitoring, intervention, and accountability mechanisms are necessary to ensure safe and ethical operation.
Integration with Existing Automotive Standards
AI safety activities defined by ISO/PAS 8800 should be integrated with existing automotive frameworks, including:
- ISO 26262 for Functional Safety
- ISO 21448 (SOTIF) for Safety of the Intended Functionality
- ISO/SAE 21434 for Cybersecurity Engineering
This integrated approach ensures that AI systems are protected not only against random failures but also against foreseeable misuse, operational limitations, and adversarial attacks, such as manipulated traffic signs designed to deceive machine learning algorithms.
Conclusion
ISO/PAS 8800 and ASPICE 4.0 provide a comprehensive framework for the safe development and operation of AI-enabled automotive systems. Suppliers focus on the engineering, validation, and robustness of machine learning models, while OEMs maintain responsibility for vehicle-level safety, operational governance, and lifecycle monitoring. Together, these standards establish the foundation for trustworthy and certifiable automotive AI systems.
Codeist - Software Consultancy and Advisory 