Aparna Kansal & Amy Pritchett Georgia Institute of Technology, Atlanta, GA This work is funded by NASA Curtis E. Hanson, Technical Monitor Simulating Faults.

Slides:

Advertisements

Similar presentations

Making the System Operational

Advertisements

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 20 Slide 1 Critical systems development 2.

Chapter 19: Network Management Business Data Communications, 5e.

Model Checker In-The-Loop Flavio Lerda, Edmund M. Clarke Computer Science Department Jim Kapinski, Bruce H. Krogh Electrical & Computer Engineering MURI.

Key-word Driven Automation Framework Shiva Kumar Soumya Dalvi May 25, 2007.

Alternate Software Development Methodologies

5 december 2011 Living Probabilistic Asset Management Dr.ir. J.A. van den Bogaard.

Systems Engineering in a System of Systems Context

TRANSIMS Research and Deployment Project TRACC TSM Staff Dr. Vadim Sokolov Dr. Joshua Auld Dr. Kuilin Zhang Mr. Michael Hope.

The Comparison of the Software Cost Estimating Methods

AT 209 Introduction to Civil Unmanned Aerial Systems (UAS)

Knowledge Acquisitioning. Definition The transfer and transformation of potential problem solving expertise from some knowledge source to a program.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

Lecture Nine Database Planning, Design, and Administration

 QUALITY ASSURANCE:  QA is defined as a procedure or set of procedures intended to ensure that a product or service under development (before work is.

NASA Space Launch System (SLS) Independent Verification and Validation (IV&V) Analysis Processes within Enterprise Architecture (EA) September 11, 2013.

Presented to: MPAR Working Group By: William Benner, Weather Processors Team Manager (AJP-1820), FAA Technical Center Date: 19 March 2007 Federal Aviation.

Design, Implementation and Maintenance

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 2 Slide 1 Systems engineering 1.

Engineering Systems of.

Unit 3a Industrial Control Systems

TECHNOLOGY DEMONSTRATOR OF 7-CHANNEL DIGITAL FLIGHT DATA RECORDER AS AVIONICS TEACHING AID USING STATIC MODEL AIRCRAFT Authors 1. Wg Cdr Nikhil Verma,

Chapter : Software Process

CS 4310: Software Engineering

Romaric GUILLERM Hamid DEMMOU LAAS-CNRS Nabil SADOU SUPELEC/IETR.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 27 Slide 1 Quality Management 1.

Dr. Pedro Mejia Alvarez Software Testing Slide 1 Software Testing: Building Test Cases.

May 2010Approval of Experimental Aircraft for Instrument Flight APPROVAL OF EXPERIMENTAL AIRCRAFT FOR INSTRUMENT FLIGHT Richard L (Dick) Newman (M) and.

System Testing There are several steps in testing the system: –Function testing –Performance testing –Acceptance testing –Installation testing.

Chapter 2 The process Process, Methods, and Tools

18 September Licensing for Next Generation Signalling Buddhadev Dutta Chowdhury 27 th April 2012.

© Grant Thornton | | | | | Guidance on Monitoring Internal Control Systems COSO Monitoring Project Update FEI - CFIT Meeting September 25, 2008.

Software Reliability SEG3202 N. El Kadri.

Chapter 8 – Software Testing Lecture 1 1Chapter 8 Software testing The bearing of a child takes nine months, no matter how many women are assigned. Many.

Software Software is omnipresent in the lives of billions of human beings. Software is an important component of the emerging knowledge based service.

Chapter 2 Process: A Generic View

Computerised Air Traffic Management Tools - Benefits and Limitations OMAR BASHIR (March 2005)

SOFTWARE DESIGN.

Design engineering Vilnius The goal of design engineering is to produce a model that exhibits: firmness – a program should not have bugs that inhibit.

The roots of innovation Future and Emerging Technologies (FET) Future and Emerging Technologies (FET) The roots of innovation Proactive initiative on:

Software Testing Yonsei University 2 nd Semester, 2014 Woo-Cheol Kim.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 20 Slide 1 Critical systems development 3.

2004/12/13 National Tsing Hua University, Taiwan1 USING KNOWLEDGE-BASED INTELLIGENT REASONING TO SUPPORT DYNAMIC COLLABORATIVE DESIGN Allen T.A. Chiang*,

Development of Methodologies for Independent Verification and Validation of Neural Networks NAG OSMA-F001-UNCLASS Methods and Procedures.

Systems Analysis and Design in a Changing World, Fourth Edition

Nonbehavioral Specifications Non-behavioral Characteristics Portability Portability Reliability Reliability Efficiency Efficiency Human Engineering.

Chapter 8 Lecture 1 Software Testing. Program testing Testing is intended to show that a program does what it is intended to do and to discover program.

Cognitive Engineering Perspective of ASAS Amy Pritchett Cognitive Engineering Center School of Aerospace Engineering Georgia Tech Atlanta, GA.

Distributed Models for Decision Support Jose Cuena & Sascha Ossowski Pesented by: Gal Moshitch & Rica Gonen.

SOFTWARE ENGINEERING. Objectives Have a basic understanding of the origins of Software development, in particular the problems faced in the Software Crisis.

Computational Simulation of Authority-Responsibility Mismatches in Air-Ground Function Allocation Raunak Bhattacharyya (Georgia Tech) Martijn IJtsma (TU.

Designing Abstract Interfaces for Device Independency Designing Abstract Interfaces for Device Independency Review of A Procedure for Designing Abstract.

RLV Reliability Analysis Guidelines Terry Hardy AST-300/Systems Engineering and Training Division October 26, 2004.

Review of Parnas’ Criteria for Decomposing Systems into Modules Zheng Wang, Yuan Zhang Michigan State University 04/19/2002.

1 Overview of Maintenance CPRE 416-Software Evolution and Maintenance-Lecture 3.

Smart Home Technologies

Slide 1 Security Engineering. Slide 2 Objectives l To introduce issues that must be considered in the specification and design of secure software l To.

Application of Maximum Entropy Principle to software failure prediction Wu Ji Software Engineering Institute BeiHang University.

The Utilization of Artificial Intelligence in a Hybrid Intrusion Detection System Authors ： Martin Botha, Rossouw von Solms, Kent Perry, Edwin Loubser.

Software Quality Control and Quality Assurance: Introduction

Software Architecture in Practice

Chapter 8 – Software Testing

FAULT TOLERANCE TECHNIQUE USED IN SEAWOLF SUBMARINE

IEEE Std 1074: Standard for Software Lifecycle

Chapter 13 Quality Management

Fault Tolerance Techniques of The Boeing 777

Review and comparison of the modeling approaches and risk analysis methods for complex ship system. Author: Sunil Basnet.

Presentation transcript:

Aparna Kansal & Amy Pritchett Georgia Institute of Technology, Atlanta, GA This work is funded by NASA Curtis E. Hanson, Technical Monitor Simulating Faults in Integrated Systems and their Impact on the Aircraft 33 rd Digital Avionics Systems Conference October 5-9, 2014

Introduction 2

Complex Integrated Aircraft Systems Aparna Kansal | 33rd Digital Avionics Systems Conference 3 Autopilot Pilots Fault Management Adaptive Control Sensors Control Surfaces

Complex Systems 4 System Behavior Cannot be determined just by study of component behavior Addition of Components Increases system complexity Safety and Hazards Difficult to consider all hazards in design Emergence Dynamic interactions between components can cause unexpected behavior Characteristics of Complex Systems Convenience Distributed, no central control Convenient to develop system components independently Ease of maintenance and updating Concept of emergence Aparna Kansal | 33rd Digital Avionics Systems Conference

“Aerospace Recommended Practice 4754 Rev. A: Guidelines for Development of Civil Aircraft and Systems”, Existing Guidelines for Validating Aircraft Components Their Concerns:  Conventional safety assessment techniques inadequate  Non-deterministic developmental errors  Unavailability of suitable numerical methods for characterizing errors  Large number of test cases required Their Suggestions:  Qualitative approach  Top-down iterative approach from aircraft-level downwards Guidelines and recommended practices adopted by aircraft regulatory authorities large-scale aircraft systems 5 Functional System Electronic Hardware Development Life-Cycle (DO-254/ ED-80) System Design Information Function, Failure & Safety Information Safety Assessment Process Guidelines & Methods (ARP 4761) Aircraft & System Development Processes (ARP 4754/ ED-79) Guidelines for Integrated Modular Avionics (DO-297/ ED-124) Software Development Life-Cycle (DO-178C/ ED-12C) Safety Assessment of Aircraft in Commercial Service (DO-178C/ ED-12C) Operation Development PhaseIn-Service/Operational Phase Intended Aircraft Function Validation can be streamlined by directing testing around the construct of axioms, i.e., Assumptions and design considerations, and System-level interactions due to the violation of these axioms Aparna Kansal | 33rd Digital Avionics Systems Conference

Simulation Approach 6

Simulation Framework  Simulation-based model to identify emergent behavior arising due to interactions between aircraft components in an integrated system, through the violation of their key axiomatic conditions 7 Component functions Axiomatic set of Conditions Communication Channels Aircraft dynamics Aircraft state variables System Components Aircraft External Agent Violate axiom Introduce disturbance/fault Simulation Framework Elements Aparna Kansal | 33rd Digital Avionics Systems Conference

Simulation Execution 8 Aparna Kansal | 33rd Digital Avionics Systems Conference Identify component functions Implement in simulation framework Simulate fault introduction and recovery Apply model in simulation environment, introduce fault and recovery at fixed times Integrate components, apply aircraft model, set up faults due to axiom violation Emulate components as dynamic representations of key functions

Scripts Work Models Simulation Environment: Work Models that Compute (WMC) Aparna Kansal | 33rd Digital Avionics Systems Conference 9 Actions Agents Resources Scenario Aircraft Components Environment Resources

Case Study 10

Motivation Script Fault Management Axiom: No control reversal, sign is always known 6 DOF Aircraft Sensors Adaptive Control Introduce Fault Fault Detection Time Repair Fault

Rudder Reversal USAir Flight 427, Boeing (September 8, 1994) 12 Rudder pedal/yaw damper input Hydraulic Power Control Unit Input rod Servo Valve slide movement Rudder Panel movement Wake Turbulence Sudden yaw damper input rod movement Servo valve slides jam Left rudder movement with right input Abnormal Condition Axiom: Servo valve cannot jam/only jam temporarily Rudder application in opposite direction will cause rudder to move towards neutral position Complex System Conditions System Behavior Axiom Violation Aparna Kansal | 33rd Digital Avionics Systems Conference

Elevator Reversal: Simulation Configuration in WMC Components Adaptive Control: Adapts to change in dynamics to maintain aircraft stability Fault Management: Checks aircraft state and reports any fault to adaptive control Axioms Adaptive Control: Direction of pitching moment is known for given elevator input Fault Management: Detect and notify fault to the adaptive control before loss of control Aircraft State 6DOF Aircraft in continuous descent for landing from ft Aircraft state updated every 0.05 seconds Monitor elevator angle, altitude, vertical speed and pitch angle Fault Introduction Elevator reversal: Alt ft, IAS<250 kts, time 1000 sec Fault detected after certain time, updated to adaptive control Fault duration is varied 13 A DBC Aparna Kansal | 33rd Digital Avionics Systems Conference

Elevator Reversal: Study 14 Aparna Kansal | 33rd Digital Avionics Systems Conference Onset of Control Reversal 1 sec 2 sec 5 sec 10 sec 12 sec

Conclusion 15

Contributions Aparna Kansal | 33rd Digital Avionics Systems Conference 16 Outcomes from Case Study Component failures can be simulated by violating component axioms to identify their impact on the integrated system and the aircraft. Such simulations can identify requirements for other components The timing of components executing a task is an important criteria to consider WMC Simulation Environment Ability to allow a range of component models Allows each component to specify its own update time Using shared format for storing data as resources allows for simple models to be generated quickly Incorporating simple representations of component models is sufficient to obtain an initial understanding of the effects of violating axioms Its streamlined form allows for a large number of runs examining a number of test cases in lesser time As the design and test program progresses, potential also exists to include progressively detailed – and ultimately complete – models of the components

Contributions Aparna Kansal | 33rd Digital Avionics Systems Conference 17 Focusing Test Cases on Component Axioms Helps quickly focus test cases on probable, though unexpected, adverse behaviors Helps identify possible emergent behavior due to violation of assumptions made for the functioning of the aircraft components Looks at the effect on the integrated system as a whole when axioms of any component are violated, which is required for validation of complex systems

Acknowledgements Mr. Curtis E. Hanson, NASA Armstrong Flight Research Center, Technical Monitor VELCRO Research Team CEC Lab Members This work is sponsored by: The National Aeronautics and Space Administration 18 Aparna Kansal | 33rd Digital Avionics Systems Conference

References  Johnson, E.N. and Calise, A.J., “Limited Authority Adaptive Flight Control for Reusable Launch Vehicles,” AIAA Journal of Guidance, Control, and Dynamics, Vol. 26, No. 6, pp ,  Johnson, E.N. and Pritchett, A.R., “Generic Pilot and Flight Control Model for Use in Simulation Studies,” AIAA Modeling and Simulation Technologies Conference,  Pritchett, A.R., Feigh, K.M., Kim, S.Y. and Kannan, S., “Work Models that Compute to Support the Design of Multi-Agent Concepts of Operation,” AIAA Journal of Aerospace Information Systems, to appear Aparna Kansal | 33rd Digital Avionics Systems Conference 19

Thank You! Questions? 20