Fault Management Techniques in Human Spaceflight Operations

This paper discusses human spaceflight fault management operations. Fault detection and response capabilities available in current US human spaceflight programs Space Shuttle and International Space Station are described while emphasizing system design impacts on operational techniques and constraints. Preflight and inflight processes along with products used to anticipate, mitigate and respond to failures are introduced. Examples of operational products used to support failure responses are presented. Possible improvements in the state of the art, as well as prioritization and success criteria for their implementation are proposed. This paper describes how the architecture of a command and control system impacts operations in areas such as the required fault response times, automated vs. manual fault responses, use of workarounds, etc. The architecture includes the use of redundancy at the system and software function level, software capabilities, use of intelligent or autonomous systems, number and severity of software defects, etc. This in turn drives which Caution and Warning (C&W) events should be annunciated, C&W event classification, operator display designs, crew training, flight control team training, and procedure development. Other factors impacting operations are the complexity of a system, skills needed to understand and operate a system, and the use of commonality vs. optimized solutions for software and responses. Fault detection, annunciation, safing responses, and recovery capabilities are explored using real examples to uncover underlying philosophies and constraints. These factors directly impact operations in that the crew and flight control team need to understand what happened, why it happened, what the system is doing, and what, if any, corrective actions they need to perform. If a fault results in multiple C&W events, or if several faults occur simultaneously, the root cause(s) of the fault(s), as well as their vehicle-wide impacts, must be determined in order to maintain situational awareness. This allows both automated and manual recovery operations to focus on the real cause of the fault(s). An appropriate balance must be struck between correcting the root cause failure and addressing the impacts of that fault on other vehicle components. Lastly, this paper presents a strategy for using lessons learned to improve the software, displays, and procedures in addition to determining what is a candidate for automation. Enabling technologies and techniques are identified to promote system evolution from one that requires manual fault responses to one that uses automation and autonomy where they are most effective. These considerations include the value in correcting software defects in a timely manner, automation of repetitive tasks, making time critical responses autonomous, etc. The paper recommends the appropriate use of intelligent systems to determine the root causes of faults and correctly identify separate unrelated faults

Automated Testing of Android Apps: A Systematic Literature Review

Automated testing of Android apps is essential for app users, app developers and market maintainer communities alike. Given the widespread adoption of Android and the specificities of its development model, the literature has proposed various testing approaches for ensuring that not only functional requirements but also non-functional requirements are satisfied. In this paper, we aim at providing a clear overview of the state-of-the-art works around the topic of Android app testing, in an attempt to highlight the main trends, pinpoint the main methodologies applied and enumerate the challenges faced by the Android testing approaches as well as the directions where the community effort is still needed. To this end, we conduct a Systematic Literature Review (SLR) during which we eventually identified 103 relevant research papers published in leading conferences and journals until 2016. Our thorough examination of the relevant literature has led to several findings and highlighted the challenges that Android testing researchers should strive to address in the future. After that, we further propose a few concrete research directions where testing approaches are needed to solve recurrent issues in app updates, continuous increases of app sizes, as well as the Android ecosystem fragmentation

Comprehensive concept-phase system safety analysis for hybrid-electric vehicles utilizing automated driving functions

2019 Summer.Includes bibliographical references.Automotive system safety (SS) analysis involving automated driving functions (ADFs) and advanced driver assistance systems (ADAS) is an active subject of research but highly proprietary. A comprehensive SS analysis and a risk informed safety case (RISC) is required for all complex hybrid-vehicle builds especially when utilizing ADFs and ADAS. Industry standard SS procedures have been developed and are accessible but contain few detailed instructions or references for the process of completing a thorough automotive SS analysis. In this work, a comprehensive SS analysis is performed on an SAE-Level 2 autonomous hybrid-vehicle architecture in the concept phase which utilizes lateral and longitudinal automated corrective control actions. This paper first outlines a proposed SS process including a cross-functional SS working group procedure, followed by the development of an item definition inclusive of the ADFs and ADAS and an examination of 5 hazard analysis and risk assessment (HARA) techniques common to the automotive industry that were applied to 11 vehicle systems, and finally elicits the safety goals and functional requirements necessary for safe vehicle operation. The results detail functional failures, causes, effects, prevention, and mitigation methods as well as the utility of, and instruction for completing the various HARA techniques. The conclusion shows the resulting critical safety concerns for an SAE Level-2 autonomous system can be reduced through the use of the developed list of 116 safety goals and 950 functional safety requirements

Autonomous Systems, Robotics, and Computing Systems Capability Roadmap: NRC Dialogue

Contents include the following: Introduction. Process, Mission Drivers, Deliverables, and Interfaces. Autonomy. Crew-Centered and Remote Operations. Integrated Systems Health Management. Autonomous Vehicle Control. Autonomous Process Control. Robotics. Robotics for Solar System Exploration. Robotics for Lunar and Planetary Habitation. Robotics for In-Space Operations. Computing Systems. Conclusion

Secure Communication in Disaster Scenarios

Während Naturkatastrophen oder terroristischer Anschläge ist die bestehende Kommunikationsinfrastruktur häufig überlastet oder fällt komplett aus. In diesen Situationen können mobile Geräte mithilfe von drahtloser ad-hoc- und unterbrechungstoleranter Vernetzung miteinander verbunden werden, um ein Notfall-Kommunikationssystem für Zivilisten und Rettungsdienste einzurichten. Falls verfügbar, kann eine Verbindung zu Cloud-Diensten im Internet eine wertvolle Hilfe im Krisen- und Katastrophenmanagement sein. Solche Kommunikationssysteme bergen jedoch ernsthafte Sicherheitsrisiken, da Angreifer versuchen könnten, vertrauliche Daten zu stehlen, gefälschte Benachrichtigungen von Notfalldiensten einzuspeisen oder Denial-of-Service (DoS) Angriffe durchzuführen. Diese Dissertation schlägt neue Ansätze zur Kommunikation in Notfallnetzen von mobilen Geräten vor, die von der Kommunikation zwischen Mobilfunkgeräten bis zu Cloud-Diensten auf Servern im Internet reichen. Durch die Nutzung dieser Ansätze werden die Sicherheit der Geräte-zu-Geräte-Kommunikation, die Sicherheit von Notfall-Apps auf mobilen Geräten und die Sicherheit von Server-Systemen für Cloud-Dienste verbessert

Design of equipment safety & reliability for an aseptic liquid food packaging line through maintenance engineering

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.The organisation of maintenance, in the Aseptic Liquid Food (ALF) industry, represents an important management task that enables a company to pursue higher manufacturing effectiveness and improved market share. This research is concerned with the process to design and implement maintenance tasks. These two complementary processes (design and implementation) have been thought and designed to answer the particular needs of food industry regarding product safety and equipment reliability. Numerous maintenance engineering researchers have focused on maintenance engineering and reliability techniques highlighting the contribution of maintenance in achieving world class manufacturing and competitive advantage. Their outcome emphasizes that maintenance is not a “necessary evil” because of costs associated, but it can be considered an “investment” that produces an added value which generates a real company profit. The existing maintenance engineering techniques pursue equipment reliability at minimum cost; but in food industry, food safety represents the most critical issue to address and solve. The research methodology chosen is based on case studies coming from ALF industries. These show that low maintenance effectiveness could have dramatic effects on final consumers and on the company’s image and underline the need of a maintenance design and implementation process that takes into consideration all critical factors relevant to liquid food industry. The analysis of measurable indicators available, represents a tool necessary to show the status of critical performance indicators and reveals the urgency of a research necessary to address and solve the maintenance problems in food industry. The literature review underlines the increasing regulations in place in food industry and that no literature is available to define a maintenance design and implementation process for ALF and in general for food industry. The literature review enabled also the gap existing between theory and real maintenance status, in the ALF, to be identified and the aim of the research was to explore this gap. The analysis of case studies and Key Performance Indicators (KPI’s) available highlights the problem and the literature review provides the knowledge necessary to identify the process to design and implement maintenance procedures for ALF industry. The research findings provide a useful guide to identify the process to design maintenance tasks able to put under control food safety and equipment reliability issues. Company’s restraining forces and cultural inertia, that work against new maintenance procedures, have been analysed and a maintenance implementation process have been designed to avoid losing the benefits produced by the design phase. The analysis of condition monitoring systems shows devices and techniques useful to improve product safety, equipment reliability, and then maintenance effectiveness. This research aimed to fill the gap in the existing literature showing the solution to manage both food safety and production effectiveness issues in food industry. It identifies a maintenance design process able to capture all conceivable critical factors in food industry and to provide the solution to design reliable task lists. Furthermore, the maintenance implementation process shows the way to maximize the maintenance design outcome through the empowerment of equipment operators and close cooperation with maintenance and quality specialists. The new maintenance design and implementation process represents the answer to the research problem and a reliable solution that allows the food industry to improve food safety and production effectiveness

Detecting Dissimilar Classes of Source Code Defects

Software maintenance accounts for the most part of the software development cost and efforts, with its major activities focused on the detection, location, analysis and removal of defects present in the software. Although software defects can be originated, and be present, at any phase of the software development life-cycle, implementation (i.e., source code) contains more than three-fourths of the total defects. Due to the diverse nature of the defects, their detection and analysis activities have to be carried out by equally diverse tools, often necessitating the application of multiple tools for reasonable defect coverage that directly increases maintenance overhead. Unified detection tools are known to combine different specialized techniques into a single and massive core, resulting in operational difficulty and maintenance cost increment. The objective of this research was to search for a technique that can detect dissimilar defects using a simplified model and a single methodology, both of which should contribute in creating an easy-to-acquire solution. Following this goal, a ‘Supervised Automation Framework’ named FlexTax was developed for semi-automatic defect mapping and taxonomy generation, which was then applied on a large-scale real-world defect dataset to generate a comprehensive Defect Taxonomy that was verified using machine learning classifiers and manual verification. This Taxonomy, along with an extensive literature survey, was used for comprehension of the properties of different classes of defects, and for developing Defect Similarity Metrics. The Taxonomy, and the Similarity Metrics were then used to develop a defect detection model and associated techniques, collectively named Symbolic Range Tuple Analysis, or SRTA. SRTA relies on Symbolic Analysis, Path Summarization and Range Propagation to detect dissimilar classes of defects using a simplified set of operations. To verify the effectiveness of the technique, SRTA was evaluated by processing multiple real-world open-source systems, by direct comparison with three state-of-the-art tools, by a controlled experiment, by using an established Benchmark, by comparison with other tools through secondary data, and by a large-scale fault-injection experiment conducted using a Mutation-Injection Framework, which relied on the taxonomy developed earlier for the definition of mutation rules. Experimental results confirmed SRTA’s practicality, generality, scalability and accuracy, and proved SRTA’s applicability as a new Defect Detection Technique

Towards a framework for environmental risk assessment of CCS: subsea engineering systems

Nowadays, we are observing a continuous rise in trends of greenhouse gasses’ concentration in the atmosphere, especially of carbon dioxide, and this is, in great part, attributable to human activities. The first detrimental effects on climate have already been observed and ever more long-term changes in weather patterns should be expected if no concrete action to contrast these trends is put in practice. The scientific community is thus suggesting innovative and practical solutions for both mitigating climate change and adapting to its impacts: carbon capture and storage (CCS) is one such option. CCS involves capturing carbon dioxide (CO2) from power plants, industrial activities and any other sources of CO2 and storing it in a geological formation. The appeal of this technique resides in the fact that CCS is able to combine the use of fossil fuels, on which our society still relies a lot, with the environmental exigency to cut carbon dioxide’s emissions. However, despite the interesting mitigation option offered by CCS, there is the impelling need, as for any other human activity, to assess and manage risk; this work is intended to do so. The focus is, more precisely, on marine environmental risk posed by CO2 leakages, as how this risk should be addressed still represents a largely debated topic. Specific risks can be associated to each of the stages of a CCS system (capture, transport and storage). The focus of this work is on the subsea engineering system, thus, offshore pipelines (transport) and injection / plugged and abandoned wells (part of the storage). The aim of this work is to start approaching the development of a complete and standardized practical procedure to perform a quantified environmental risk assessment for CCS, with reference to the specific activities mentioned above. Such an effort would be of extreme relevance not only for companies willing to implement CCS, as a methodological guidance, but also, by uniformizing the ERA procedure, to begin changing people’s perception about CCS, that happens to be often discredited due to the evident lack of systematized methods to assess the impacts on the marine environment. The backbone structure of the framework developed sees the integration of ERA’s main steps, which are the problem formulation, exposure assessment, effect assessment and risk characterization, and those belonging to the well-known quantified risk assessment (QRA). This, in practice, meant giving relevance to the identification of possible hazards, before the fate of CO2 in seawater could be described (exposure assessment), and estimating the frequencies of the leakage scenarios, in order to finally describe risk as a combination of magnitude of the consequences and their frequency. The framework developed by this work is, however, at a preliminary stage, as not every single aspect has been dealt with in the required detail, thus, several alternative options are presented to be used depending on the situation. Further specific studies should address their accuracy and efficiency and solve the knowledge gaps emerged, in order to establish and validate a final and complete procedure. Regardless of the knowledge gaps and uncertainties, that surely need to be addressed, this preliminary framework can already find some relevance in on field applications, as a non-stringent guidance to perform CCS ERA, and, anyways, it constitutes the foundation of the final framework