Presentation is loading. Please wait.

Presentation is loading. Please wait.

Certification Challenges for Autonomous Flight Control System Mr. David B. Homan AFRL Air Vehicles Directorate (937) 255 - 4026.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Certification Challenges for Autonomous Flight Control System Mr. David B. Homan AFRL Air Vehicles Directorate (937) 255 - 4026."— Presentation transcript:

1 Certification Challenges for Autonomous Flight Control System Mr. David B. Homan AFRL Air Vehicles Directorate david.homan@wpafb.af.mil (937) 255 - 4026

2 VACC Technical Paper Nr. VAO-04-288. Cleared for Public Release on 11 Aug 04. AFRL-WS 04-0578 To be effective assets in the force structure and mission plans, UAS’s must … Be Safe & Reliable Be Responsive & Effective Be Interoperable Not Adversely Effect Operations Capability Cooperative Airspace Operations Background

3 VACC Technical Paper Nr. VAO-04-288. Cleared for Public Release on 11 Aug 04. AFRL-WS 04-0578 Background: Flight Safety and Manned/Unmanned Functional Migration Flight Critical Mission Critical Manned Aircraft Unmanned Aircraft Flight Mgmt Vehicle Mgmt Mission Mgmt Vehicle Mgmt On-board Off-board On-board Off-board Pilot is Integrator and Contingency Manager; FMS is mostly advisory. Flight Mgmt FMS and VMS provide Integration and Contingency Mgmt; Operator manages at high-level. Situational awareness Situational awareness? For UAVs, “Pilot Function” becomes huge design and V&V issue

4 VACC Technical Paper Nr. VAO-04-288. Cleared for Public Release on 11 Aug 04. AFRL-WS 04-0578 Background: V&V Requirements Flight Critical Mission Critical System Focus is Performance/Security Performance Metric: Throughput and Bandwidth [event driven] Assurance Metric: Probability of Mission Success [Simplex or Back- up] Confidence Rqmt: Performance and security are validated. Consequence of Failure: Potential mission failure System Focus is Performance/Assurance Performance Metric: Sampling Rate and Latency [time triggered] Assurance Metric: Probability of Loss of Control and N x Fail Op/Fail Safe [Triplex or Quad] Confidence Rqmt: Performance and Assurance must be validated; [Failure Modes and Effects Testing] Consequence of Failure: Loss of Aircraft, potential loss of life Rule of Thumb: When you mix mission with flight criticality, the testing is held to most stringent requirement. Consequence of Failure: Loss of Aircraft, potential loss of life Developmental Timeline: Flight Critical ready by First Flight! Any changes requires Total Re-test! Flight Critical V&V isn’t just a software issue, it’s a system issue!! Failure Modes and Effects Testing

5 VACC Technical Paper Nr. VAO-04-288. Cleared for Public Release on 11 Aug 04. AFRL-WS 04-0578 New Capabilities Challenge V&V Mixed Criticality Architecture: Non-obtrusive co-existence of mixed criticality Adaptive/Learning/Multi-Modal Functions: Indeterminate or untraceable functionality Mixed Initiative/Authority Mgmt: Human/autonomy or autonomy/autonomy interactions Multi-Entity Systems: Functions that encompass multiple platforms. Sensor Fusion/Integration: Highly confident sensor-derived information These new systems/capabilities Need to be affordably provable New Capabilities (and increasing complexity) are presenting new challenges to the V&V problem.

6 VACC Technical Paper Nr. VAO-04-288. Cleared for Public Release on 11 Aug 04. AFRL-WS 04-0578 Mixed Criticality Challenge How can we separate the mission and flight critical functionality as to guarantee safety? SOA: Middleware that provides time/space partitioning (ARINC 653). Issue: Both Criticalities use common HW resources (i.e. processors, backplanes, busses etc); how do we determine PLOC and fault tolerance? Understand failure mechanisms for partitioning Non-critical function must not take out shared resources…Or the probability of its occurrence is predictable… Need guarantee on fault tolerance A A A B B C backplanes Serial bus Processors X X X Answer may reside in a SW/HW architecture specifically designed for mixed operation

7 VACC Technical Paper Nr. VAO-04-288. Cleared for Public Release on 11 Aug 04. AFRL-WS 04-0578 Adaptive/Learning/Multimodal Challenge How can we trust functionality that we may not be able to fully test? SOA: We must try to test the complete functional envelope (till $$ runs out…)! Issue: Some new Control capabilities are untraceable and/or non-deterministic Adaptive systems Huge test space Perfect Input data Learning systems Environmental stimuli Lost memory Multi-modal systems Mode transition stability Mode synchronization Recovery mode Answer may reside in bounding the function in run- time to known safe behavior.

8 VACC Technical Paper Nr. VAO-04-288. Cleared for Public Release on 11 Aug 04. AFRL-WS 04-0578 Mixed Initiative Challenge How can man and autonomy safely interact? SOA: Human operator always get authority! Issue: Human operator may not have all the information or be able to comprehend situation in real-time: Situational Awareness versus Response Time Assessment of UAV mode/state/health Assessment of surrounding environment “Consequence of mishap” is a factor Complete system health is a factor Workload is a factor AF Poster Child: Auto-Aerial Refueling (AAR) Answer may reside in a authority management specification that would allow the correct party to have decision authority.

9 VACC Technical Paper Nr. VAO-04-288. Cleared for Public Release on 11 Aug 04. AFRL-WS 04-0578 Multi-Entity Challenge How can trust systems with multiple players to safely perform cooperative functions? SOA: Keep humans away and hope for the best… Issue: Entities participating in the coordinated function may not be part of individual V&V testing: Linked Interface Control Documents? Entities with different manufacturers? System Configuration Management? Mission-specific programming? Answer may reside in a specification for contingency management, based on system degradation

10 VACC Technical Paper Nr. VAO-04-288. Cleared for Public Release on 11 Aug 04. AFRL-WS 04-0578 High Confidence Sensing Challenge How can we trust visual/radar systems for flight critical functions? SOA: Brute force and analytic redundancy Issue: Mission-style sensors don’t have acceptable real-time methods for FDIR… Sensors will likely be multi-function! Redundant HW may not be answer, redundant information? Built-in-test may not provide good real-time coverage. Reliable signal processing/sensor fusion software Answer may reside in sensor designs that compensate for sensor degradation and plan for contingencies

Download ppt "Certification Challenges for Autonomous Flight Control System Mr. David B. Homan AFRL Air Vehicles Directorate (937) 255 - 4026."

Similar presentations

Jerry Gordon Lead Systems Engineer, AAI Corporation.

Jerry Gordon Lead Systems Engineer, AAI Corporation.
Operational Risk Management (ORM)

Operational Risk Management (ORM)
EECE499 Computers and Nuclear Energy Electrical and Computer Eng Howard University Dr. Charles Kim Fall 2013 Webpage: www.mwftr.com/CNE.html.

EECE499 Computers and Nuclear Energy Electrical and Computer Eng Howard University Dr. Charles Kim Fall 2013 Webpage:
Aviation Safety ProgramIntegrated Resilient Aircraft Control Aviation Safety ProgramIntegrated Resilient Aircraft Control Integrated Resilient Aircraft.

Aviation Safety ProgramIntegrated Resilient Aircraft Control Aviation Safety ProgramIntegrated Resilient Aircraft Control Integrated Resilient Aircraft.
“We give the US Air Force its Wings” Air Force Research Laboratory Air Vehicles Directorate: Cooperative Airspace Operations 3 March 05 Air Force Research.

“We give the US Air Force its Wings” Air Force Research Laboratory Air Vehicles Directorate: Cooperative Airspace Operations 3 March 05 Air Force Research.
ASTM UMV Autonomy and Control Sub-Committee F41.01

ASTM UMV Autonomy and Control Sub-Committee F41.01
1 Quality Objects: Advanced Middleware for Wide Area Distributed Applications Rick Schantz Quality Objects: Advanced Middleware for Large Scale Wide Area.

1 Quality Objects: Advanced Middleware for Wide Area Distributed Applications Rick Schantz Quality Objects: Advanced Middleware for Large Scale Wide Area.
REAL-TIME SOFTWARE SYSTEMS DEVELOPMENT Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.

REAL-TIME SOFTWARE SYSTEMS DEVELOPMENT Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.
Sense & Avoid for UAV Systems

Sense & Avoid for UAV Systems
Design of a Certifiably Dependable Next- Generation Air Transportation System Stephen A. JacklinMichelle M. Eshow Michael R. LowryDave McNally Ewen Denny.

Design of a Certifiably Dependable Next- Generation Air Transportation System Stephen A. JacklinMichelle M. Eshow Michael R. LowryDave McNally Ewen Denny.
System Integration Management (SIM)

System Integration Management (SIM)
Presented to: MPAR Working Group By: William Benner, Weather Processors Team Manager (AJP-1820), FAA Technical Center Date: 19 March 2007 Federal Aviation.

Presented to: MPAR Working Group By: William Benner, Weather Processors Team Manager (AJP-1820), FAA Technical Center Date: 19 March 2007 Federal Aviation.
©Ian Sommerville 2006Critical Systems Slide 1 Critical Systems Engineering l Processes and techniques for developing critical systems.

©Ian Sommerville 2006Critical Systems Slide 1 Critical Systems Engineering l Processes and techniques for developing critical systems.
INTEGRATED PROGRAMME IN AERONAUTICAL ENGINEERING Coordinated Control, Integrated Control and Condition Monitoring in Uninhabited Air-Vehicles Ian Postlethwaite,

INTEGRATED PROGRAMME IN AERONAUTICAL ENGINEERING Coordinated Control, Integrated Control and Condition Monitoring in Uninhabited Air-Vehicles Ian Postlethwaite,
Industry Session – Mixed Criticality and Multi-Core David Corman Program Director, Cyber Physical Systems National Science Foundation 1.

Industry Session – Mixed Criticality and Multi-Core David Corman Program Director, Cyber Physical Systems National Science Foundation 1.
Software Reliability: The “Physics” of “Failure” SJSU ISE 297 Donald Kerns 7/31/00.

Software Reliability: The “Physics” of “Failure” SJSU ISE 297 Donald Kerns 7/31/00.
THNS 2010 Open supervision platforms for smart and sustainable cities, Yves PERREAL, Strategic studies Director, THALES.

THNS 2010 Open supervision platforms for smart and sustainable cities, Yves PERREAL, Strategic studies Director, THALES.
REAL-TIME SOFTWARE SYSTEMS DEVELOPMENT Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.

REAL-TIME SOFTWARE SYSTEMS DEVELOPMENT Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.
Flight Critical Systems Software Certification Initiative A Presentation to SAE Aerospace Control and Guidance Systems Committee, Meeting 95 2 March 05.

Flight Critical Systems Software Certification Initiative A Presentation to SAE Aerospace Control and Guidance Systems Committee, Meeting 95 2 March 05.
Condition-based Maintenance Plus Structural Integrity (CBM+SI) & the Airframe Digital Twin Pamela A. Kobryn & Eric J. Tuegel Structural Mechanics Branch.

Condition-based Maintenance Plus Structural Integrity (CBM+SI) & the Airframe Digital Twin Pamela A. Kobryn & Eric J. Tuegel Structural Mechanics Branch.

Similar presentations

Ads by Google