Autonomous take-off and landing for unmanned aircraft system: Risk and safety analysis

The aim of this paper is to conceive the possibility of applying the Required Navigation Performance (RNP) requirements where Global Navigation Satellite System (GNSS) augmentations are considered for the Automatic Take-Off and Landing (ATOL). An aircraft, belonging to the Medium Altitude Long Endurance (MALE) category of Unmanned Aerial System (UAS) has been considered as case-study. Once the avionic architecture has been designed, the Safety and risk analysis was carried out with a particular focus on Functional Hazard Analysis and Fault Tree Analysis techniques. The proposed methodology allows the researchers to evaluate the reliability of each avionic equipment and the safety level of the whole avionic system. Furthermore, the results pointed out the main criticalities of the architecture and some future in-depth studies are proposed

Software Architecture Risk Containers

Our motivation is to determine whether risks such as im- plementation error-proneness can be isolated into three types of con- tainers at design time. This paper identifies several container candidates in other research that fit the risk container concept. Two industrial case studies were used to determine which of three container types tested is most effective at isolating and predicting at design time the risk of im- plementation error-proneness. We found that Design Rule Containers were more effective than Use Case and Resource Containers

Improving Aircraft Engines Prognostics and Health Management via Anticipated Model-Based Validation of Health Indicators

The aircraft engines manufacturing industry is subjected to many dependability constraints from certification authorities and economic background. In particular, the costs induced by unscheduled maintenance and delays and cancellations impose to ensure a minimum level of availability. For this purpose, Prognostics and Health Management (PHM) is used as a means to perform online periodic assessment of the engines’ health status. The whole PHM methodology is based on the processing of some variables reflecting the system’s health status named Health Indicators. The collecting of HI is an on-board embedded task which has to be specified before the entry into service for matters of retrofit costs. However, the current development methodology of PHM systems is considered as a marginal task in the industry and it is observed that most of the time, the set of HI is defined too late and only in a qualitative way. In this paper, the authors propose a novel development methodology for PHM systems centered on an anticipated model-based validation of HI. This validation is based on the use of uncertainties propagation to simulate the distributions of HI including the randomness of parameters. The paper defines also some performance metrics and criteria for the validation of the HI set. Eventually, the methodology is applied to the development of a PHM solution for an aircraft engine actuation loop. It reveals a lack of performance of the original set of HI and allows defining new ones in order to meet the specifications before the entry into service

Advanced Techniques for Assets Maintenance Management

16th IFAC Symposium on Information Control Problems in Manufacturing INCOM 2018 Bergamo, Italy, 11–13 June 2018. Edited by Marco Macchi, László Monostori, Roberto PintoThe aim of this paper is to remark the importance of new and advanced techniques supporting decision making in different business processes for maintenance and assets management, as well as the basic need of adopting a certain management framework with a clear processes map and the corresponding IT supporting systems. Framework processes and systems will be the key fundamental enablers for success and for continuous improvement. The suggested framework will help to define and improve business policies and work procedures for the assets operation and maintenance along their life cycle. The following sections present some achievements on this focus, proposing finally possible future lines for a research agenda within this field of assets management

Cross-layer system reliability assessment framework for hardware faults

System reliability estimation during early design phases facilitates informed decisions for the integration of effective protection mechanisms against different classes of hardware faults. When not all system abstraction layers (technology, circuit, microarchitecture, software) are factored in such an estimation model, the delivered reliability reports must be excessively pessimistic and thus lead to unacceptably expensive, over-designed systems. We propose a scalable, cross-layer methodology and supporting suite of tools for accurate but fast estimations of computing systems reliability. The backbone of the methodology is a component-based Bayesian model, which effectively calculates system reliability based on the masking probabilities of individual hardware and software components considering their complex interactions. Our detailed experimental evaluation for different technologies, microarchitectures, and benchmarks demonstrates that the proposed model delivers very accurate reliability estimations (FIT rates) compared to statistically significant but slow fault injection campaigns at the microarchitecture level.Peer ReviewedPostprint (author's final draft

Towards the Model-Driven Engineering of Secure yet Safe Embedded Systems

We introduce SysML-Sec, a SysML-based Model-Driven Engineering environment aimed at fostering the collaboration between system designers and security experts at all methodological stages of the development of an embedded system. A central issue in the design of an embedded system is the definition of the hardware/software partitioning of the architecture of the system, which should take place as early as possible. SysML-Sec aims to extend the relevance of this analysis through the integration of security requirements and threats. In particular, we propose an agile methodology whose aim is to assess early on the impact of the security requirements and of the security mechanisms designed to satisfy them over the safety of the system. Security concerns are captured in a component-centric manner through existing SysML diagrams with only minimal extensions. After the requirements captured are derived into security and cryptographic mechanisms, security properties can be formally verified over this design. To perform the latter, model transformation techniques are implemented in the SysML-Sec toolchain in order to derive a ProVerif specification from the SysML models. An automotive firmware flashing procedure serves as a guiding example throughout our presentation.Comment: In Proceedings GraMSec 2014, arXiv:1404.163

A synthesis of logic and bio-inspired techniques in the design of dependable systems

Much of the development of model-based design and dependability analysis in the design of dependable systems, including software intensive systems, can be attributed to the application of advances in formal logic and its application to fault forecasting and verification of systems. In parallel, work on bio-inspired technologies has shown potential for the evolutionary design of engineering systems via automated exploration of potentially large design spaces. We have not yet seen the emergence of a design paradigm that effectively combines these two techniques, schematically founded on the two pillars of formal logic and biology, from the early stages of, and throughout, the design lifecycle. Such a design paradigm would apply these techniques synergistically and systematically to enable optimal refinement of new designs which can be driven effectively by dependability requirements. The paper sketches such a model-centric paradigm for the design of dependable systems, presented in the scope of the HiP-HOPS tool and technique, that brings these technologies together to realise their combined potential benefits. The paper begins by identifying current challenges in model-based safety assessment and then overviews the use of meta-heuristics at various stages of the design lifecycle covering topics that span from allocation of dependability requirements, through dependability analysis, to multi-objective optimisation of system architectures and maintenance schedules

Combined automotive safety and security pattern engineering approach

Automotive systems will exhibit increased levels of automation as well as ever tighter integration with other vehicles, traffic infrastructure, and cloud services. From safety perspective, this can be perceived as boon or bane - it greatly increases complexity and uncertainty, but at the same time opens up new opportunities for realizing innovative safety functions. Moreover, cybersecurity becomes important as additional concern because attacks are now much more likely and severe. However, there is a lack of experience with security concerns in context of safety engineering in general and in automotive safety departments in particular. To address this problem, we propose a systematic pattern-based approach that interlinks safety and security patterns and provides guidance with respect to selection and combination of both types of patterns in context of system engineering. A combined safety and security pattern engineering workflow is proposed to provide systematic guidance to support non-expert engineers based on best practices. The application of the approach is shown and demonstrated by an automotive case study and different use case scenarios.EC/H2020/692474/EU/Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems/AMASSEC/H2020/737422/EU/Secure COnnected Trustable Things/SCOTTEC/H2020/732242/EU/Dependability Engineering Innovation for CPS - DEIS/DEISBMBF, 01IS16043, Collaborative Embedded Systems (CrESt