Fleet-Scale Active Perception

Regulatory Framework

The regulatory perimeter around fleet perception has hardened substantially. SAE J3016 defines the levels of driving automation and the operational design domain (ODD) that bounds where each automation level may operate; demonstrating ODD adequacy is increasingly understood as a fleet-wide question rather than a per-vehicle question. NHTSA's Standing General Order (SGO) on crash and incident reporting, in conjunction with the AV TEST Initiative's public disclosure regime, requires operators to surface incidents and the perception conditions that surrounded them. ISO 21448 (Safety of the Intended Functionality, SOTIF) mandates systematic identification of triggering conditions — perceptual edge cases that are not faults under ISO 26262 but that nevertheless cause hazardous behavior. ISO 26262 itself imposes ASIL-rated requirements on perception components in the safety chain.

Beyond the vehicle, the regulatory texture extends to data and AI governance. The EU AI Act treats AV perception as a high-risk AI system under Annex III, requiring risk management, data governance, technical documentation, and post-market monitoring. The NIST AI RMF defines analogous obligations under U.S. governance practice. V2X messaging standards (SAE J2735 BSM, SPaT/MAP, and the emerging Cooperative Perception Message) define the wire format for inter-vehicle observation exchange. HD-mapping providers (HERE, TomTom, Mobileye REM) operate as crowdsourced perception fabrics with their own compliance posture. The convergent picture is that perception adequacy is a network property, evidenced through fleet-wide data, governed by composite regulation.

Architectural Requirement

What this regulatory texture requires is not a better sensor on each vehicle but an architectural mechanism by which the fleet, as a system, recognizes perceptual gaps and directs additional observation toward them. The requirement is fleet-scale active perception: a primitive by which one vehicle's forecast uncertainty becomes a solicitation that other credentialed vehicles, infrastructure sensors, or third-party fleets evaluate and may answer. The mechanism must be observable for SOTIF triggering-condition discovery, accountable for SGO incident reconstruction, governed for AI Act post-market monitoring, and interoperable across the V2X and HD-map ecosystem.

Single-robot active-perception literature (descending from Bajcsy 1988 through decades of next-best-view planning) treats this as a per-agent decision: the robot decides where to look next to reduce its own uncertainty. Fleet-scale active perception generalizes the principle. The fleet decides where additional observations should focus to reduce collective uncertainty under composite admissibility — the same architectural cycle, lifted from one robot to a credentialed multi-authority population.

Why Procedural Compliance Fails

The dominant industry response to fleet-perception adequacy has been procedural: scheduled fleet-data harvest, offline triggering-condition mining, periodic ODD review boards, and crowdsourced map updates on a publication cadence measured in days or weeks. The Mobileye REM model is the most mature instance of the procedural pattern — fleet vehicles aggregate observations, observations are processed, and an updated map layer is republished. Each procedural layer adds value, and none is wrong, but the composite cannot satisfy the architectural requirement for three reasons.

First, the procedural pattern is aggregative rather than directive. Vehicles contribute what they happen to observe; nothing in the architecture retasks observation capacity toward emerging uncertainty. A SOTIF triggering condition that manifests as a low-frequency perceptual edge case may go uncovered because no vehicle was directed to observe it. Second, the procedural pattern is per-domain. V2X CPM addresses vehicular cooperative perception; multi-robot SLAM addresses warehouse robotics; sensor-network coordination addresses environmental monitoring. Each has its own coordination mechanism, credentialing pattern, and failure mode. Cross-domain solicitation — a fleet operator soliciting observations from infrastructure sensors, smart-city deployments, or weather-service contributors — has no shared substrate. Third, the procedural pattern is unaccountable at the level the AI Act and NIST AI RMF now require. Post-market monitoring obligations presume an architectural artifact that records who solicited what, who responded, and under what authority; aggregative pipelines produce telemetry but not credentialed solicitation records.

The result is that fleet operators face an expanding compliance perimeter with a perception architecture that was designed for the prior regulatory generation. Each new regulation lands on the same aggregative substrate and is met with another procedural overlay. The compliance cost rises faster than the compliance posture improves. Worse, the procedural pattern obscures the gap rather than closing it: the operator generates ever-larger volumes of fleet telemetry that the regulator can demand but that the operator cannot, on inspection, demonstrate corresponds to active uncertainty resolution rather than incidental observation.

What the AQ Primitive Provides

The forecasting engine treats fleet perception as a closed-loop active-perception cycle at fleet timescale. When a vehicle's forecast uncertainty exceeds an operationally significant threshold — an unmapped construction zone, a degraded-weather perception envelope, an unexpected agent behavior pattern — the engine emits a credentialed observation solicitation. The solicitation propagates across the credentialed mesh as a first-class governed artifact: it carries the originating authority, the uncertainty descriptor, the admissibility constraints under which a response is acceptable, and the disclosure cost of the solicitation itself.

Participating units — other vehicles in the same fleet, infrastructure sensors operating under interoperability agreements, third-party fleets with cross-recognition credentials, even Mobileye-REM-style aggregators — consume the solicitation through their own admissibility framework. Each unit decides, under its own governance, whether to retask observation capacity in response. The response is itself a credentialed action that the originating engine consumes as updated observation. The cycle operates at the fleet timescale that SOTIF triggering-condition coverage and AI Act post-market monitoring demand, not at the per-vehicle timescale of single-robot active perception nor at the publication cadence of aggregative HD-map pipelines.

The configurations differ across domains — what counts as forecast uncertainty for traffic perception is not what counts as forecast uncertainty for grid load or weather observation — but the architectural mechanism is invariant. Cross-domain cooperative perception becomes possible because the substrate is shared. A vehicular fleet's solicitation can reach smart-city camera networks, V2X-equipped infrastructure, drone-fleet operators conducting overflight, and weather services tracking environmental envelope conditions, each contributing under credentialed cross-recognition. The Mobileye REM aggregation pattern gains a complementary primitive: forecast-driven solicitation that retasks observation capacity rather than only aggregating what fleets happen to observe. The combination — REM-style aggregation plus solicitation-driven retasking — produces fleet-scale active perception that neither pattern delivers alone.

Compliance Mapping

The primitive maps directly onto the obligations that current architectures satisfy procedurally. ISO 21448 SOTIF triggering-condition discovery is supported by the solicitation log: every uncertainty-driven solicitation, the responses received, and the resulting perception update is a structured artifact suitable for the SOTIF argument. ISO 26262 traceability on perception components is preserved because solicitations are credentialed at the originating authority and admissibility-evaluated at each responder. SAE J3016 ODD adequacy is evidenced fleet-wide rather than per-vehicle, because the solicitation record demonstrates active coverage of the operational envelope.

NHTSA SGO incident reporting is strengthened: post-incident reconstruction can show what the fleet knew, when uncertainty was solicited, and how the response stream did or did not resolve the perceptual gap before the incident. The EU AI Act's post-market monitoring obligation under Annex III is met natively by the credentialed solicitation log, which is precisely the artifact the Act presumes. NIST AI RMF mapping, measure, and manage functions align with the engine's uncertainty-emission, admissibility-evaluation, and response-consumption phases. V2X SAE J2735 messaging interoperates with the solicitation as a payload class, including the emerging Cooperative Perception Message. HD-map providers — HERE, TomTom, Mobileye REM — interoperate as credentialed responders in the mesh rather than as parallel aggregation silos. The cumulative effect is that compliance evidence becomes a byproduct of normal operation rather than a separate procedural workstream.

Adoption Pathway

Adoption is layered rather than wholesale. A fleet operator first deploys the forecasting engine alongside an existing perception stack, treating the engine as a shadow uncertainty observer that emits solicitations in non-binding mode. Solicitations are logged but not yet acted upon; the operator gains an immediate SOTIF triggering-condition discovery artifact and an AI Act post-market monitoring substrate. The second layer activates intra-fleet response: vehicles within the same fleet authority consume solicitations and retask observation under the operator's existing governance. The third layer extends to credentialed cross-fleet and infrastructure responders under interoperability agreements, beginning with V2X-equipped corridors and HD-map provider partnerships.

The fourth layer integrates cross-domain responders: smart-city camera networks, weather-service contributors, and drone-fleet observation under credentialed cross-recognition. At each layer, the architectural mechanism is unchanged; what expands is the credentialed population that can respond. Fleet operators reach AI Act, SOTIF, and SGO compliance posture not by adding procedural overlays but by populating the architectural substrate that the regulatory generation now presumes.

Operationally, the adoption pathway preserves existing investments. The Mobileye REM aggregation pipeline continues to operate as a responder population within the credentialed mesh; HERE and TomTom HD-map services interoperate as governed responders rather than as parallel data silos; V2X-equipped corridors and roadside units carry solicitation payloads alongside existing SAE J2735 BSM and SPaT/MAP traffic. The fleet operator's existing perception stack — sensor fusion, prediction, planning — is unchanged below the forecasting engine. What the engine adds is the closed-loop active-perception cycle that the regulatory environment increasingly demands and that single-vehicle architectures cannot, by construction, produce.

The strategic implication for fleet operators is that fleet-scale active perception becomes a compliance moat as much as an engineering capability. Operators who populate the architectural substrate early generate the SOTIF triggering-condition coverage, the SGO incident reconstruction record, and the AI Act post-market monitoring artifact at the cadence the regulatory environment will continue to tighten. Operators who defer continue to absorb compliance cost at procedural overlay rates while their perception adequacy posture stagnates. The patent positions the primitive at the layer where cooperative active perception scales beyond the single-robot research that produced the underlying principle, into the fleet-wide active-perception architecture that the regulatory environment now requires.