Architecture and Information Requirements to Assess and Predict Flight Safety Risks During Highly Autonomous Urban Flight Operations

As aviation adopts new and increasingly complex operational paradigms, vehicle types, and technologies to broaden airspace capability and efficiency, maintaining a safe system will require recognition and timely mitigation of new safety issues as they emerge and before significant consequences occur. A shift toward a more predictive risk mitigation capability becomes critical to meet this challenge. In-time safety assurance comprises monitoring, assessment, and mitigation functions that proactively reduce risk in complex operational environments where the interplay of hazards may not be known (and therefore not accounted for) during design. These functions can also help to understand and predict emergent effects caused by the increased use of automation or autonomous functions that may exhibit unexpected non-deterministic behaviors. The envisioned monitoring and assessment functions can look for precursors, anomalies, and trends (PATs) by applying model-based and data-driven methods. Outputs would then drive downstream mitigation(s) if needed to reduce risk. These mitigations may be accomplished using traditional design revision processes or via operational (and sometimes automated) mechanisms. The latter refers to the in-time aspect of the system concept. This report comprises architecture and information requirements and considerations toward enabling such a capability within the domain of low altitude highly autonomous urban flight operations. This domain may span, for example, public-use surveillance missions flown by small unmanned aircraft (e.g., infrastructure inspection, facility management, emergency response, law enforcement, and/or security) to transportation missions flown by larger aircraft that may carry passengers or deliver products. Caveat: Any stated requirements in this report should be considered initial requirements that are intended to drive research and development (R&D). These initial requirements are likely to evolve based on R&D findings, refinement of operational concepts, industry advances, and new industry or regulatory policies or standards related to safety assurance

The effects of navigation sensors and spatial road network data quality on the performance of map matching algorithms

Map matching algorithms are utilised to support the navigation module of advanced transport telematics systems. The objective of this paper is to develop a framework to quantify the effects of spatial road network data and navigation sensor data on the performance of map matching algorithms. Three map matching algorithms are tested with different spatial road network data (map scale 1:1,250; 1:2,500 and 1:50,000) and navigation sensor data (global positioning system (GPS) and GPS augmented with deduced reckoning) in order to quantify their performance. The algorithms are applied to different road networks of varying complexity. The performance of the algorithms is then assessed for a suburban road network using high precision positioning data obtained from GPS carrier phase observables. The results show that there are considerable effects of spatial road network data on the performance of map matching algorithms. For an urban road network, the results suggest that both the quality of spatial road network data and the type of navigation system affect the link identification performance of map matching algorithms

Practical Cryptographic Civil GPS Signal Authentication

Abstract-A practical technique is proposed to authenticate civil GPS signals. The technique combines cryptographic authentication of the GPS navigation message with signal timing authentication based on statistical hypothesis tests to secure civil GPS receivers against spoofing attacks. The notion of GNSS signal authentication is defined in probabilistic terms. Candidate GPS signal authentication schemes are evaluated in terms of effectiveness and practicality leading to a proposal for incorporating digital signatures into the extensible GPS civil navigation (CNAV) message. The proposal is sufficiently detailed to facilitate near-term implementation of security-hardened civil GPS

2020 NASA Technology Taxonomy

This document is an update (new photos used) of the PDF version of the 2020 NASA Technology Taxonomy that will be available to download on the OCT Public Website. The updated 2020 NASA Technology Taxonomy, or "technology dictionary", uses a technology discipline based approach that realigns like-technologies independent of their application within the NASA mission portfolio. This tool is meant to serve as a common technology discipline-based communication tool across the agency and with its partners in other government agencies, academia, industry, and across the world

A safety assessment framework for Automatic Dependent Surveillance Broadcast (ADS-B) and its potential impact on aviation safety

The limitations of the current civil aviation surveillance systems include a lack of coverage in some areas and low performance in terms of accuracy, integrity, continuity and availability particularly in high density traffic areas including airports, with a negative impact on capacity and safety. Automatic Dependent Surveillance Broadcast (ADS-B) technology has been proposed to address these limitations by enabling improved situational awareness for all stakeholders and enhanced airborne and ground surveillance, resulting in increased safety and capacity. In particular, its scalability and adaptability should facilitate its use in general aviation and in ground vehicles. This should, in principle, provide affordable, effective surveillance of all air and ground traffic, even on airport taxiways and runways, and in airspace where radar is ineffective or unavailable. The success of the progressive implementation of ADS-B has led to numerous programmes for its introduction in other parts of the World where the operational environment is considerably different from that of Australia. However, a number of critical issues must be addressed in order to benefit from ADS-B, including the development and execution of a safety case that addresses both its introduction into legacy and new systems’ operational concepts, the latter including the Single European Sky (SES) / Single European Sky ATM Research (SESAR) and the US’ Next Generation Air Transportation System (NexGEN). This requires amongst others, a good understanding of the limitations of existing surveillance systems, ADS-B architecture and system failures and its interfaces to the existing and future ATM systems. Research on ADS-B to date has not addressed in detail the important questions of limitations of existing systems and ADS-B failure modes including their characterisation, modelling and assessment of impact. The latter is particularly important due to the sole dependency of ADS-B on GNSS for information on aircraft state and its reliance on communication technologies such as Mode-S Extended Squitter, VHF Data Link Mode-4 (VDLM4) or Universal Access Transceiver (UAT), to broadcast the surveillance information to ground-based air traffic control (ATC) and other ADS-B equipped aircraft within a specified range, all of which increase complexity and the potential for failures. This thesis proposes a novel framework for the assessment of the ADS-B system performance to meet the level of safety required for ground and airborne surveillance operations. The framework integrates various methods for ADS-B performance assessment in terms of accuracy, integrity, continuity, availability and latency, and reliability assessment using probabilistic safety assessment methods; customized failure mode identification approach and fault tree analysis. Based on the framework, the thesis develops a failure mode register for ADS-B, identifies and quantifies the impact of a number of potential hazards for the ADS-B. Furthermore, this thesis identifies various anomalies in the onboard GNSS system that feeds aircraft navigation information into the ADS-B system. Finally, the thesis maps the ADS-B data availability and the quantified system performance to the envisioned airborne surveillance application’s requirements. The mapping exercise indicates that, the quantified ADS-B accuracy is sufficient for all applications while ADS-B integrity is insufficient to support the most stringent application: Airborne Separation (ASEP). In addition, some of the required performance parameters are unavailable from aircraft certified to DO-260 standard. Therefore, all aircraft must be certified to DO-260B standard to support the applications and perform continuous monitoring, to ensure consistency in the system performance of each aircraft.Open Acces

Air Force Institute of Technology Research Report 2012

This report summarizes the research activities of the Air Force Institute of Technology’s Graduate School of Engineering and Management. It describes research interests and faculty expertise; lists student theses/dissertations; identifies research sponsors and contributions; and outlines the procedures for contacting the school. Included in the report are: faculty publications, conference presentations, consultations, and funded research projects. Research was conducted in the areas of Aeronautical and Astronautical Engineering, Electrical Engineering and Electro-Optics, Computer Engineering and Computer Science, Systems and Engineering Management, Operational Sciences, Mathematics, Statistics and Engineering Physics

parMERASA Multi-Core Execution of Parallelised Hard Real-Time Applications Supporting Analysability

International audienceEngineers who design hard real-time embedded systems express a need for several times the performance available today while keeping safety as major criterion. A breakthrough in performance is expected by parallelizing hard real-time applications and running them on an embedded multi-core processor, which enables combining the requirements for high-performance with timing-predictable execution. parMERASA will provide a timing analyzable system of parallel hard real-time applications running on a scalable multicore processor. parMERASA goes one step beyond mixed criticality demands: It targets future complex control algorithms by parallelizing hard real-time programs to run on predictable multi-/many-core processors. We aim to achieve a breakthrough in techniques for parallelization of industrial hard real-time programs, provide hard real-time support in system software, WCET analysis and verification tools for multi-cores, and techniques for predictable multi-core designs with up to 64 cores

Air Force Institute of Technology Research Report 2017

This Research Report presents the FY18 research statistics and contributions of the Graduate School of Engineering and Management (EN) at AFIT. AFIT research interests and faculty expertise cover a broad spectrum of technical areas related to USAF needs, as reflected by the range of topics addressed in the faculty and student publications listed in this report. In most cases, the research work reported herein is directly sponsored by one or more USAF or DOD agencies. AFIT welcomes the opportunity to conduct research on additional topics of interest to the USAF, DOD, and other federal organizations when adequate manpower and financial resources are available and/or provided by a sponsor. In addition, AFIT provides research collaboration and technology transfer benefits to the public through Cooperative Research and Development Agreements (CRADAs)

Safety‐oriented discrete event model for airport A‐SMGCS reliability assessment

A detailed analysis of State of the Art Technologies and Procedures into Airport Advanced-Surface Movement Guidance and Control Systems has been provided in this thesis, together with the review ofStatistical Monte Carlo Analysis, Reliability Assessment and Petri Nets theories. This practical and theoretical background has lead the author to the conclusion that there is a lack of linkage in between these fields. At the same of time the rapid increasing of Air Traffic all over the world, has brought in evidence the urgent need of practical instruments able to identify and quantify the risks connected with Aircraft operations on the ground, since the Airport has shown to be the actual ‘bottle neck’ of the entire Air Transport System. Therefore, the only winning approach to such a critical matter has to be multi-disciplinary, sewing together apparently different subjects, coming from the most disparate areas of interest and trying to fulfil the gap. The result of this thesis work has come to a start towards the end, when a Timed Coloured Petri Net (TCPN) model of a ‘sample’ Airport A-SMGCS has been developed, that is capable of taking into account different orders of questions arisen during these recent years and tries to give them some good answers. The A-SMGCS Airport model is, in the end, a parametric tool relying on Discrete Event System theory, able to perform a Reliability Analysis of the system itself, that: • uses a Monte Carlo Analysis applied to a Timed Coloured Petri Net, whose purpose is to evaluate the Safety Level of Surface Movements along an Airport • lets the user to analyse the impact of Procedures and Reliability Indexes of Systems such as Surface Movement Radars, Automatic Dependent Surveillance-Broadcast, Airport Lighting Systems, Microwave Sensors, and so on… onto the Safety Level of Airport Aircraft Transport System • not only is a valid instrument in the Design Phase, but it is useful also into the Certifying Activities an in monitoring the Safety Level of the above mentioned System with respect to changes to Technologies and different Procedures.This TCPN model has been verified against qualitative engineering expectations by using simulation experiments and occupancy time schedules generated a priori. Simulation times are good, and since the model has been written into Simulink/Stateflow programming language, it can be compiled to run real-time in C language (Real-time workshop and Stateflow Coder), thus relying on portable code, able to run virtually on any platform, giving even better performances in terms of execution time. One of the most interesting applications of this work is the estimate, for an Airport, of the kind of A-SMGCS level of implementation needed (Technical/Economical convenience evaluation). As a matter of fact, starting from the Traffic Volume and choosing the kind of Ground Equipment to be installed, one can make predictions about the Safety Level of the System: if the value is compliant with the TLS required by ICAO, the A-SMGCS level of Implementation is sufficiently adequate. Nevertheless, even if the Level of Safety has been satisfied, some delays due to reduced or simplified performances (even if Safety is compliant) of some of the equipment (e.g. with reference to False Alarm Rates) can lead to previously unexpected economical consequences, thus requiring more accurate systems to be installed, in order to meet also Airport economical constraints. Work in progress includes the analysis of the effect of weather conditions and re-sequencing of a given schedule. The effect of re-sequencing a given schedule is not yet enough realistic since the model does not apply inter arrival and departure separations. However, the model might show some effect on different sequences based on runway occupancy times. A further developed model containing wake turbulence separation conditions would be more sensitive for this case. Hence, further work will be directed towards: • The development of On-Line Re-Scheduling based on the available actual runway/taxiway configuration and weather conditions. • The Engineering Safety Assessment of some small Italian Airport A-SMGCSs (Model validation with real data). • The application of Stochastic Differential Equations systems in order to evaluate the collision risk on the ground inside the Place alone on the Petri Net, in the event of a Short Term Conflict Alert (STCA), by adopting Reich Collision Risk Model. • Optimal Air Traffic Control Algorithms Synthesis (Adaptive look-ahead Optimization), by Dynamically Timed Coloured Petri Nets, together with the implementation of Error-Recovery Strategies and Diagnosis Functions