Aurora Innovation : Driverless Safety Report 2025
AUR
Driverless Safety Report 2025
Table of contents
A letter from CEO and co-founder Chris Urmson
04
Introduction
05
Executing our safety case
07
Aurora Driver for Freight
08
01 Ensure Proficiency
09
1.1 The Aurora Driver 10
1.2 Aurora's Operational Design Domain 16
1.3 Safety engineering 22
1.4 Testing the Aurora Driver 27
1.5 External HMI 35
1.6 Safety of the vehicle platform 36
1.7 Release process decisionmaking 37
02 Fail Safely 39
2.1 Responding safely to faults 40
2.2 Fault detection 41
2.3 Achieving the minimal risk condition 42
2.4 Redundancy 43
03 Continuously Improve 44
3.1 Safety performance indicators 45
3.2 Configuration and release management 46
04 Operate with Resilience 48
4.1 Cybersecurity 49
4.2 Incident response 52
4.3 Command Center 56
4.4 Foreseeable misuse 58
05 Be Trustworthy 59
5.1 Safety Management System 60
5.2 Safety Advisory Board 66
5.3 Safety metrics reporting 67
5.4 Industry best practices and standards 68
5.5 Vehicle operators 69
Conclusion 73
Appendix 74
Glossary 75
A letter from CEO and co-founder Chris Urmson
At Aurora, we are nearing the launch of our autonomous trucking product and, with it, are on the cusp of a new era of safer, more reliable transportation.
Since our founding, we have been driven by our mission to deliver the benefits of self-driving technology safely, quickly, and broadly. To do so, we've structured our business around safety-making it a leading factor in corporate decisionmaking, product development, fleet growth, and geographical expansion. We staunchly believe a thoughtful, pervasive, and vigilant safety approach that spans both product and organization is essential for responsible deployment of autonomous vehicles.
Now, we are publishing our 2025 Driverless Safety Report to transparently show our work and share safety expertise prior to initiating driverless operations. Throughout this report, we provide details about when, where, why, and how our product, the Aurora Driver, functions safely. We explain how we tackle risk management, redundancies, cybersecurity, remote assistance, and so much more.
Publishing detailed safety information is part of our commitment to earning the trust of all stakeholders with a vested interest in autonomous trucking. This includes government leaders and first responders, whose mandate to improve road safety aligns with our own. It includes our valued customers, who diligently improve the strength and efficiency of our supply chain every day. And, crucially, this includes the communities in which we operate, like in Texas where many consumers and businesses have already received goods hauled by Aurora Driver-powered autonomous trucks.
I am tremendously proud of the work our team has done to date, and am even more excited for what is to come. Our efforts build toward a shared vision for a safer transportation ecosystem and, in this moment, I have never been more confident in the promise of self-driving technology. Commercial launch will be a big milestone, and it is only the beginning for Aurora-our commitment to safety must be ubiquitous as we refine our product and expand to new frontiers.
As we take this next step, we invite you to join us on the journey to make our roads a safer place for everyone. We all have a stake in the future of transportation.
Chris Urmson
CEO & Co-founder
Introduction
The National Highway Traffic Safety Administration (NHTSA) has encouraged entities engaged in developing and deploying an automated driving system (ADS) to publish a Voluntary Safety Self-Assessment (VSSA) demonstrating how they address 12 priority safety design elements.
With this fourth edition of Aurora's VSSA, we continue to show how those 12 safety elements are reflected in our overall safety approach and provide additional detail on our approach to building and operating safe autonomous vehicles.1
We organized this report by five major principles and in alignment with our Safety Case Framework. This organization allows us to account for the development of our autonomous vehicle as a product, and also discuss the process and company-wide organizational factors that support each principle.
01 Ensure Proficiency
This principle focuses on our autonomous vehicles' capabilities, and the software, sensors, and computing systems necessary to enable autonomous driving under nominal conditions. In this section, we also discuss how we leverage our extensive virtual testing and monitor on-road performance to improve the Aurora Driver.
02 Fail Safely
This principle details how the Aurora Driver will respond when something goes wrong. This section emphasizes our Fault Management System, which is responsible for ensuring that the vehicle will be able to take appropriate action if a failure should occur.
03 Continuously Improve
This principle and section outline that we
have the appropriate safety metrics and
safety performance indicators in place to
provide feedback and early warning to enable
us to proactively address issues before they
can cascade further.
04 Operate with Resilience
This principle focuses on how we have
designed the Aurora Driver to withstand or
recover from threats. In this section, you will
find our cybersecurity approach and how
the vehicle will respond in the event of an
on-road incident.
05 Be Trustworthy
This principle focuses on ensuring that
Aurora is a responsible company that
embodies safety. We discuss how our
work as a company supports this principle
in this section.
1 References to Aurora within this document mean Aurora Operations, Inc. and its affiliated entities.
At Aurora, we are using a safety case-based approach to inform, guide, and determine that our technology is acceptably safe to operate on public roads.
A safety case is a logical argument, supported by evidence, intended to justify that a system is acceptably safe for a specific application in a specific operating environment. A structured argument includes a specific claim-such as that our self-driving vehicles are acceptably safe to operate on public roads-that is broken down into sub-claims, which are then ultimately supported by evidence. We believe a safety case is the most effective and efficient path to safe driverless operations, and is imperative for any company looking to safely deliver commercial-ready self-driving vehicles at scale.
Safety case-based approaches have been widely used in other safety-critical industries like nuclear, aviation, rail, and medical devices. The term "safety case" is also used in some existing voluntary automotive industry standards. We have adapted our safety case approach based on the best practices of these industries, and applied it to developing and operating autonomous vehicles. We have developed a Safety Case Framework that includes the claims we believe are necessary to assert that our vehicles are acceptably safe to operate on public roads across various use cases and Operational Design Domains (ODDs).2
From this overarching framework, we are developing and maintaining specific tailored safety cases that each contain the claims relevant for a specific use case (e.g., autonomous driving with vehicle operators or autonomous driving without vehicle operators within a specific ODD).
and ready to take over as necessary to ensure operational safety. Therefore our tailored safety case for this use case includes claims focused on vehicle controllability and vehicle operator hiring, training, and operational procedures, among others. However, as we approach the point of removing vehicle operators from the vehicles, these vehicle operator-centric claims will no longer be relevant. At that point, we will have completed a tailored safety case to include other claims from the Safety Case Framework related to demonstrating acceptably safe driverless operations within our ODD.
Currently, we have completed several safety cases for different vehicle platforms that require vehicle operators to be in the vehicle to supervise the Aurora Driver.
With this report update, we are on the verge of closing our driverless safety case for our initial launch route between Dallas and Houston, as described later in this report. We will continue to maintain multiple safety cases, each tailored for different use cases as appropriate and building on prior safety cases that have already been closed.
The Aurora Safety Case Framework takes into account the entire development lifecycle of our vehicles-from testing and operations involving vehicle operators to driverless operations. We have adopted a safety case-based approach because we believe it is the most logical and efficient manner to explain and demonstrate that our self-driving vehicles are acceptably safe to operate on public roads.
For example, when developing the Aurora Driver, we currently have vehicle operators in our vehicles moni-toring the performance of the Aurora Driver at all times
2https://aurora.tech/blog/aurora-unveils-first-ever-safety-case-framework. See the Ensure Proficiency section for an explanation of ODD.
Aurora Driver for Freight
Aurora's core product is the Aurora Driver. The Aurora Driver consists of the hardware, software, and data services required to safely and productively deploy and operate self-driving vehicles.
Aurora is building the Aurora Driver to scale across diverse vehicle platforms, and is prioritizing heavy-duty Class 8 trucks that haul trailers as our launch product. We call this product Aurora Driver for Freight, which combines the Aurora Driver with a set of services that provide carriers and private fleets with a reliable and scalable driver supply seamlessly integrated into their existing operations. The Aurora Driver is currently capable of autonomously hauling different trailer types; for example, we regularly haul dry van and refrigerated trailers, along with intermodal trailers.
In the coming year, the Aurora Driver for Freight will operate between terminals situated outside of dense urban areas, which enables us to aggregate loads from multiple customers into one place at either end of a major freight route. This approach reduces the extent of our off-highway driving and allows Aurora to control launch and landing operations, which includes pre- and post-trip inspections, service, and maintenance. Aurora is exploring delivering loads directly to select customers' endpoints in the next year as well.
1.1
The Aurora Driver
The Aurora Driver consists of the hardware, software, and data services required to safely deploy a self-driving vehicle, and we are designing the Aurora Driver so that it can operate with diverse vehicle platforms. This unified technology architecture not only allows us to leverage our development work across multiple use cases, but also enables us to scale across various vehicle platforms while maintaining consistent capabilities and performance.
10
Disclaimer
Aurora Innovation Inc. published this content on March 25, 2025, and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on March 25, 2025 at 17:14:14.848.