Towards Safety-Aware Mutation Testing for Autonomous Driving Systems

2026-06-26 · Source: cs.SE updates on arXiv.org · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Robotics & Autonomous Systems, Software Development & Engineering · Depth: Expert, extended

Summary

Safety-Aware Mutation Testing (SAMT) is a proposed paradigm shift for evaluating the test adequacy of Autonomous Driving Systems (ADS), addressing the lack of systematic criteria for stopping test scenario generation. Unlike traditional mutation testing, which injects faults into individual components, SAMT systematically injects temporally bounded faults into messages exchanged between ADS modules, simulating realistic interaction failures. This approach, detailed in a vision paper, derives mutant generation rules from top-down safety engineering frameworks like System-Theoretic Process Analysis (STPA). SAMT aims to provide a rigorous mechanism for evaluating test adequacy, enabling automated scenario generation, and guiding ADS repair. The process involves mutant generation, high-fidelity execution in environments like CARLA, equivalent mutant removal, and test suite improvement. This method shifts the testing focus from individual component reliability to system-level safety, particularly for module-based ADS.

Key takeaway

For MLOps Engineers or AI Scientists developing safety-critical Autonomous Driving Systems, you should consider adopting Safety-Aware Mutation Testing (SAMT) to rigorously assess test suite adequacy. This approach helps you identify system-level safety risks arising from module interactions, not just individual component failures. By integrating STPA-derived mutation operators, you can ensure your test scenarios target genuine hazards, guiding automated scenario generation and improving overall system safety.

Key insights

SAMT shifts ADS testing from component reliability to system safety by mutating inter-module messages based on safety engineering principles.

Principles

• Safety is an emergent system-level property.
• Mutation operators should derive from hazard analysis.
• Test adequacy claims must be falsifiable.

Method

SAMT generates mutants by injecting temporal faults into inter-module messages, executes them in high-fidelity simulation, removes equivalent mutants, and guides test suite improvement.

In practice

• Use STPA to derive mutation operators.
• Apply propagation analysis for mutant evaluation.
• Adapt SBST for scenario generation.

Topics

• Autonomous Driving Systems
• Mutation Testing
• System-Theoretic Process Analysis
• Software Safety
• Simulation-Based Testing
• MLOps

Best for: Research Scientist, Computer Vision Engineer, AI Scientist, Robotics Engineer, MLOps Engineer

Related on AIssential

• STMutants: A Mutation Testing Dataset for Structured Text Programs in Industrial Automation — STMutants provides the first public mutation testing benchmark for IEC 61131-3 Structured Text, enabling reproducible research and LLM evaluation for PLC software.
• Code isn’t the only thing causing your production failures​​​​‌‍​‍​‍‌‍‌​‍‌‍‍‌‌‍‌‌‍‍‌‌‍‍​‍​‍​‍‍​‍​‍‌​‌‍​‌‌‍‍‌‍‍‌‌‌​‌‍‌​‍‍‌‍‍‌‌‍​‍​‍​‍​​‍​‍‌‍‍​‌​‍‌‍‌‌‌‍‌‍​‍​‍​‍‍​‍​‍‌‍‍​‌‌​‌‌​‌​​‌​​‍‍​‍​‍‌‍​‌‍‌‌​​‍‍‌​‌‌​‌‍​‌‌‍​‌‍‍‌‍‌‌‍‌‍‌‌‌​‍‌‍‌‍‌‍​‌‍‌‌​‍‍‌‍​‌‍​‍‌‍‍‌‌‍‍‌‌​‌‍‌‌‌‍‍‌‌​​‍‌‍‌‌‌‍‌​‌‍‍‌‌‌​​‍‌‍‌‌‍‌‍‌​‌‍‌‌​‌‌​​‌​‍‌‍‌‌‌​‌‍‌‌‌‍‍‌‌​‌‍​‌‌‌​‌‍‍‌‌‍‌‍‍​‍‌‍‍‌‌‍‌​​‌‌‍‌‍​‍​​​‌‍‌‌‌‍​‍​‌‌‌‍‌‍​​​​‍‌​​‌​​‍​​​‌​‍‌​‌​​‍​​‌‌‍‌‍​‍‌​‍​​‌​‌‍‌​​‍​​‍‌‌‍‌‍​‌‌‍​‌‌‍​‍‌‍‌‍​​‍​​​​‌​‍​‌‍​​​​‍‌​‍‌‌​‌‍‌‌​​‌‍‌‌​‌‌‍​‍‌‍​‌‍‌‍‌‌‌​​‌‍‌​‌‌​​‍‌​​‌‍​‌‌‌​‌‍‍​​‌‌‌​‌‍‍‌‌‌​‌‍​‌‍‌‌​‌‍​‍‌‍​‌‌​‌‍‌‌‌‌‌‌‌​‍‌‍​​‌‌‍‍​‌‌​‌‌​‌​​‌​​‍‌‌​​‌​​‌​‍‌‌​​‍‌​‌‍​‍‌‌​​‍‌​‌‍‌‍​‌‍‌‌​​‍‍‌​‌‌​‌‍​‌‌‍​‌‍‍‌‍‌‌‍‌‍‌‌‌​‍‌‍‌‍‌‍​‌‍‌‌​‍‍‌‍​‌‍​‍‌‍‌‍‍‌‌‍‌​​‌‌‍‌‍​‍​​​‌‍‌‌‌‍​‍​‌‌‌‍‌‍​​​​‍‌​​‌​​‍​​​‌​‍‌​‌​​‍​​‌‌‍‌‍​‍‌​‍​​‌​‌‍‌​​‍​​‍‌‌‍‌‍​‌‌‍​‌‌‍​‍‌‍‌‍​​‍​​​​‌​‍​‌‍​​​​‍‌​‍‌‍‌‌​‌‍‌‌​​‌‍‌‌​‌‌‍​‍‌‍​‌‍‌‍‌‌‌​​‌‍‌​‌‌​​‍‌‍‌​​‌‍​‌‌‌​‌‍‍​​‌‌‌​‌‍‍‌‌‌​‌‍​‌‍‌‌​‍‌‍‌​​‌‍‌‌‌​‍‌​‌​​‌‍‌‌‌‍​‌‌​‌‍‍‌‌‌‍‌‍‌‌​‌‌​​‌‌‌‌‍​‍‌‍​‌‍‍‌‌​‌‍‍​‌‍‌‌‌‍‌​​‍​‍‌‌ — Production failures extend beyond code, necessitating autonomous SRE for complex systems.
• Testing AI Agents and Testing With AI Agents Are Two Sides of the Same Coin — The shift to probabilistic AI systems demands a unified quality strategy: both testing with AI agents and rigorously testing AI agents themselves.
• SREGym: A Live Benchmark for AI SRE Agents with High-Fidelity Failure Scenarios — SREGym provides a high-fidelity, live benchmark for AI SRE agents, revealing significant performance gaps in handling complex, real-world failures.
• RiskFlow: Fast and Faithful Safety-Critical Traffic Scenario Generation — RiskFlow generates realistic safety-critical traffic scenarios rapidly by transforming action sequences in a single forward pass, avoiding iterative denoising.
• On the Road With DRIVE AV — A hybrid AV stack combining end-to-end AI with a classical safety system offers both human-like driving and robust safety.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by cs.SE updates on arXiv.org.