Context: As we move towards higher levels of automation in autonomous driving, we see an increase in functionality that either assists or takes over in both normal and emergency scenarios. These new functionalities can be intentionally switched off by the user, but can also be deactivated unintentionally by (i) accident, (ii) a software malfunction, (iii) a hardware defect, or (iv) an intrusion. Aim: In addition to already applied methods at design time, we aim to recognise mistimed and/or unintended deactivation of vehicle functions, in particular, driver assistance functions (ADAS), at run-time. Upon recognition of the occurrence, we propose to inform the user and the original equipment manufacturer (OEM) in order to improve both the future and the current system behaviour, to support development processes, and to support already conducted safety measures. Method: Based on a feature subset, selected by streaming feature selection, we learn the nominal behaviour of the driver in the interaction with ADAS functions in order to find deviations. The approach considers the technical challenges of automotive E/E architectures and is optimised to reduce communication and computational complexity. We evaluate this approach with recorded real car data from customers participating in a field study. Results: Based on eight datasets, we traced a total of 17 state-of-the-art ADAS functions per participant, yielding to a total of 136 runs. We observed that during 24 among them, the user deactivated the functions at least once for more than a few seconds. For 13 of these 24 runs, we were able to detect and flag possible non-nominal behaviour. Conclusion: As at least one participant configured a convincingly large number of ADAS functions, we need a dynamic system to monitor the configuration of these functions actively. Our approach was capable of detecting potential non-nominal behaviour in up to 52% (13/24) out of these reconfigurations. This result is promising and will recei...