Integrated Safety Envelopes

Similar documents
Jager UAVs to Locate GPS Interference

Automatic Dependent Surveillance -ADS-B

Copyrighted Material - Taylor & Francis

Bayesian Filter to accurately track airport moving objects

Heterogeneous Control of Small Size Unmanned Aerial Vehicles

Center for Hybrid and Embedded Software Systems. Hybrid & Embedded Software Systems

ACAS Xu UAS Detect and Avoid Solution

EE Chapter 14 Communication and Navigation Systems

NextGen Aviation Safety. Amy Pritchett Director, NASA Aviation Safety Program

Ecological Interface Design for the Flight Deck

Israel Railways No Fault Liability Renewal The Implementation of New Technological Safety Devices at Level Crossings. Amos Gellert, Nataly Kats

An Approach to Fully Automatic Aircraft Collision Avoidance and Navigation

Framework and the Live, Virtual, and Constructive Continuum. Paul Lawrence Hamilton Director, Modeling and Simulation

There s a Lynx NGT-series solution to fit any need. MODEL COMPARISON. ADS B Out MHz Mode S ES. p p p p. ADS B In. 978 MHz UAT p p p p

KMD 550/850. Traffic Avoidance Function (TCAS/TAS/TIS) Pilot s Guide Addendum. Multi-Function Display. For Software Version 01/13 or later

Improving Airport Planning & Development and Operations & Maintenance via Skyline 3D Software

Executive Summary. Chapter 1. Overview of Control

Small Airplane Approach for Enhancing Safety Through Technology. Federal Aviation Administration

An Introduction to Airline Communication Types

Potential co-operations between the TCAS and the ASAS

TCAS Functioning and Enhancements

Transitioning Intelligence to Embedded Platforms

Copyright 2016 Rockwell Collins, Inc. All rights reserved. LVC for Autonomous Aircraft Systems Testing

Distributed Virtual Environments!

AN AUTONOMOUS SIMULATION BASED SYSTEM FOR ROBOTIC SERVICES IN PARTIALLY KNOWN ENVIRONMENTS

Microsoft ESP Developer profile white paper

A Review of Vulnerabilities of ADS-B

Test and Integration of a Detect and Avoid System

ASSEMBLY 39TH SESSION

Naturalistic Flying Study as a Method of Collecting Pilot Communication Behavior Data

ASSEMBLY 39TH SESSION

Applying Multisensor Information Fusion Technology to Develop an UAV Aircraft with Collision Avoidance Model

TECHNOLOGY DEVELOPMENT AREAS IN AAWA

Introduction to PBN and RNP

Interactive and Immersive 3D Visualization for ATC

NSF. Hybrid Systems: From Models to Code. Tom Henzinger. UC Berkeley. French Guyana, June 4, 1996 $800 million embedded software failure

GA and NextGen How technologies like WAAS and ADS-B will change your flying! Presented By Claire Kultgen

BASH TEAM NEW DEVELOPMENTS

HELISIM SIMULATION CREATE. SET. HOVER

Operational Benefits of Ground Based Augmentation Systems

TRB Workshop on the Future of Road Vehicle Automation

MOBILITY RESEARCH NEEDS FROM THE GOVERNMENT PERSPECTIVE

Table of Contents. Page # Title Name Department Arctic Research Team John Hedengren Multiple. C-UAS Center for Unmanned Aircraft Systems 12-20

Senior Design Projects: Sample Ethical Analyses

Countering Weapons of Mass Destruction (CWMD) Capability Assessment Event (CAE)

Technical and Commercial Challenges of V2V and V2I networks

Human Factors in Formation Flights for Air Cargo Delivery

Component Based Design for Embedded Systems

ADS-B and WFP Operators. Safety Advantages Security Concerns. Thomas Anthony Director U.S.C. Aviation Safety and Security Program ADS-B

Download report from:

Final Project Report. Abstract. Document information. ADS-B 1090 Higher Performance Study. Project Number Deliverable ID

AE4-393: Avionics Exam Solutions

Air Traffic Soft. Management. Ultimate System. Call Identifier : FP TREN-3 Thematic Priority 1.4 Aeronautics and Space

Experiences in. Flight Inspecting GBAS

Stanford Center for AI Safety

Distributed Robotics From Science to Systems

A Reconfigurable Guidance System

EXPERIMENTAL STUDIES OF THE EFFECT OF INTENT INFORMATION ON COCKPIT TRAFFIC DISPLAYS

ADS-B Primer. FlyQ EFB from Seattle Avionics. A pilot s guide to practical ADS-B information without the acronyms

Rockwell Collins ADS-B Perspective Bangkok March 2005

Report on Extended Kalman Filter Simulation Experiments

Cockpit Visualization of Curved Approaches based on GBAS

Experimental Study of Autonomous Target Pursuit with a Micro Fixed Wing Aircraft

A EUROCONTROL View on the Research Needs & the Network of Centres of Excellence

Integrated Navigation System

Cognitive conflicts in dynamic systems

Introduction. Traffic Symbology. System Description SECTION 12 ADDITIONAL FEATURES

IMPLEMENTATION OF GNSS BASED SERVICES

Evolution from 3D to 4D radar

ARCHIVED REPORT. For data and forecasts on current programs please visit or call

DLR Project ADVISE-PRO Advanced Visual System for Situation Awareness Enhancement Prototype Introduction The Project ADVISE-PRO

Safety Enhancement SE (R&D) ASA - Research Attitude and Energy State Awareness Technologies

ASSESSING THE IMPACT OF A NEW AIR TRAFFIC CONTROL INSTRUCTION ON FLIGHT CREW ACTIVITY. Carine Hébraud Sofréavia. Nayen Pène and Laurence Rognin STERIA

Glossary of terms. Short explanation

Lecture 8 Receding Horizon Temporal Logic Planning & Compositional Protocol Synthesis

To Boldly Go. Emergenet, York, 20 th. April, (an occam-π mission on engineering emergence)

WRC-12 Implications for Terrestrial Services other than Mobile Broadband. John Mettrop BDT Expert. Scope

The Alaska Air Carriers Association. Supports and Advocates for the Commercial Aviation Community

Workshop on Intelligent System and Applications (ISA 17)

Modern ARINC 743B DO-229D and DO-253C GLSSU Solutions For Retrofit

V2X-Locate Positioning System Whitepaper

Connected and Autonomous Technology Evaluation Center (CAVTEC) Overview. TennSMART Spring Meeting April 9 th, 2019

Localization (Position Estimation) Problem in WSN

UAV CRAFT CRAFT CUSTOMIZABLE SIMULATOR

11 Traffic-alert and Collision Avoidance System (TCAS)

ELEVENTH AIR NAVIGATION CONFERENCE. Montreal, 22 September to 3 October 2003 TOOLS AND FUNCTIONS FOR GNSS RAIM/FDE AVAILABILITY DETERMINATION

P/N 135A FAA Approved: 7/26/2005 Section 9 Initial Release Page 1 of 10

Exam questions: AE3-295-II

Flight Simulation for Tomorrow's Aviation

15 th Annual Conference on Systems Engineering Research

PROGRESS ON THE SIMULATOR AND EYE-TRACKER FOR ASSESSMENT OF PVFR ROUTES AND SNI OPERATIONS FOR ROTORCRAFT

SmartFly Cirrus Cirrus. Flight Trainer

Become digitally disruptive: The challenge to unlearn

CRAFT HELI CRAFT CUSTOMIZABLE SIMULATOR. Customizable, high-fidelity helicopter simulator designed to meet today s goals and tomorrow s needs.

CPE/CSC 580: Intelligent Agents

Volkswagen Group: Leveraging VIRES VTD to Design a Cooperative Driver Assistance System

By Pierre Olivier, Vice President, Engineering and Manufacturing, LeddarTech Inc.

Cockpit GPS Quick Start Guide

ICAO SARPS AND GUIDANCE DOCUMENTS ON SURVEILLANCE SYSTEMS

ELEVENTH AIR NAVIGATION CONFERENCE. Montreal, 22 September to 3 October 2003 INTEGRATION OF GNSS AND INERTIAL NAVIGATION SYSTEMS

Transcription:

Integrated Safety Envelopes Built-in Restrictions of Navigable Airspace Edward A. Lee Professor, EECS, UC Berkeley NSF / OSTP Workshop on Information Technology Research for Critical Infrastructure Protection With thanks to: Adam Cataldo (Berkeley) David Corman (Boeing) Peter Huber (Forbes Magazine) Xiaojun Liu (Berkeley) Per Peterson (Berkeley) Shankar Sastry (Berkeley) Claire Thomlin (Stanford) Don Winter (Boeing) Sept. 19-20, 2002

The General Principle Networked systems can impose safety envelopes This is the intent of the air traffic control system Networks fail E.g. Malicious pilots can ignore air traffic control directives Components can locally impose safety envelopes Tighter envelopes may be required when networks fail Software-driven control systems enable imposition of safety envelopes at all levels of the network hierarchy Air traffic control Individual aircraft Individual engine Individual part Principle: Integrated Safety Envelopes ISE, Edward A. Lee 2

Flexible Networked Systems with Rich Functionality Networked embedded system with a rich set of safe behaviors Principle: Integrated Safety Envelopes ISE, Edward A. Lee 3

Compromised Networked Systems Falls back to Less Functionality Compromised system has fewer safe behaviors Principle: Integrated Safety Envelopes ISE, Edward A. Lee 4

Hierarchical Networked Systems With Locally Defined Safety Envelopes Compromised subsystem behavior within locally defined safety envelopes Principle: Integrated Safety Envelopes ISE, Edward A. Lee 5

Illustration of the Principle: Softwalls Enforce no-fly zones in the on-board avionics. Carry on-board a 3-D database with no-fly-zones. Localization technology identifies aircraft position. GPS + inertial navigation system System is not networked and not hackable. Improves aircraft safety prevents controlled flight into terrain. Principle: Maximize pilot authority Subject to the no-fly zone constraint Maintain aircraft responsivity ISE, Edward A. Lee 6

No-Fly Zone with Harsher Enforcement There are already regions of space into which aircraft can t fly. The idea is to make some of these virtual. ISE, Edward A. Lee 7

Trajectory with Maximally Uncooperative Pilot Assumptions: speed: 0.1 miles/sec = 360 miles/hour Max rate of turn: M = 2π/20 radians/sec min turning radius: speed/m = 0.32 miles pilot regains steerage towards wall pilot controls saturate bias starts, pilot counteracts pilot turns towards the wall nautical miles the wall ISE, Edward A. Lee 8

Aircraft is Diverted by a Blending Controller, which Combines a Bias with Pilot Directives Sailing analogy: weather helm with straight rudder with turned rudder Even with weather helm, the craft responds to fine-grain control as expected. force of the wind on the sails turned rudder keeps the trajectory straight ISE, Edward A. Lee 9

Related Methods Ground proximity warning systems Automatic ground avoidance systems TCAS & ACAS collision avoidance Potential field methods for air-traffic control Honeywell TCAS These all share one feature: localization of safety envelopes. Rockwell conflict resolution ISE, Edward A. Lee 10

Issues Reducing pilot authority is dangerous reduces ability to respond to emergencies ISE, Edward A. Lee 11

Is There Any Aircraft Emergency Severe Enough to Justify Trying to Land on Fifth Ave? ISE, Edward A. Lee 12

Issues Reducing pilot authority is dangerous reduces ability to respond to emergencies There is no override switch in the cockpit ISE, Edward A. Lee 13

No-Fly Zone with Harsher Enforcement There is no override in the cockpit that allows pilots to fly through this. ISE, Edward A. Lee 14

Issues Reducing pilot authority is dangerous reduces ability to respond to emergencies There is no override switch in the cockpit Localization technology could fail GPS can be jammed ISE, Edward A. Lee 15

Localization Issues GPS falls back to Inertial navigation Accurate, robust localization technology is an essential technology. Localization is the technology for reliably and accurately knowing the location of an object. ISE, Edward A. Lee 16

Issues Reducing pilot authority is dangerous reduces ability to respond to emergencies There is no override switch in the cockpit Localization technology could fail GPS can be jammed Deployment could be costly how to retrofit older aircraft? ISE, Edward A. Lee 17

Deployment Fly-by-wire aircraft a software change Older aircraft autopilot level? Phase in prioritize airports ISE, Edward A. Lee 18

Issues Reducing pilot authority is dangerous reduces ability to respond to emergencies There is no override switch in the cockpit Localization technology could fail GPS can be jammed Deployment could be costly how to retrofit older aircraft? Deployment could take too long software certification ISE, Edward A. Lee 19

Softwalls Works When Air Traffic Control Fails This seems largely orthogonal of air traffic control, and could complement safety methods deployed there. It is self-contained on a single aircraft. Improves robustness of any air traffic control system. ISE, Edward A. Lee 20

Issues Reducing pilot authority is dangerous reduces ability to respond to emergencies There is no override switch in the cockpit Localization technology could fail GPS can be jammed Deployment could be costly how to retrofit older aircraft? Deployment could take too long software certification Fully automatic flight control is possible throw a switch on the ground, take over plane ISE, Edward A. Lee 21

UAV Technology (Unoccupied Air Vehicle) e.g. Global Hawk (Northrop Grumman) Technology Support Working Group (TSWG), office of the Secretary of Defense, recommends against any partial control approach. Their feeling is that there is only one feasible strategy: a single trigger, either on-board or remote control, that would assume complete control and take the plane to a safe base. Northrop Grumman has such a system in the Global Hawk UAV that some believe can be dropped-in to passenger airliners. ISE, Edward A. Lee 22

Potential Problems with Switching to Ground Control When Threat is Detected Human-in-the-loop delay on the ground authorization for takeover delay recognizing the threat Security problem on the ground hijacking from the ground? takeover of entire fleet at once? Requires radio communication hackable jammable This does not follow the principle ofintegrated Safety Envelopes ISE, Edward A. Lee 23

Integrated Safety Envelopes Research Agenda Defining hierarchical safety envelopes Model-based design Fault and threat detection On-line models Fault and threat isolation Mode changes to impose safety envelopes Predictable mode transitions Avoid emergent behavior, propagating effects Adapting existing systems Models must include the phase-in transition Policy issues Limiting authority ISE, Edward A. Lee 24

Conclusions Don t have to choose between large, centralized control, and decentralized, semi-autonomous actors. Use both Failures or threats tighter safety envelopes Need control algorithms that maintain safe operating parameters and maximize local authority subject to the safety constraints. ISE, Edward A. Lee 25

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback