42,128 research outputs found
Projection Operator: A Step Towards Certification of Adaptive Controllers
One of the major barriers to wider use of adaptive controllers in commercial aviation is the lack of appropriate certification procedures. In order to be certified by the Federal Aviation Administration (FAA), an aircraft controller is expected to meet a set of guidelines on functionality and reliability while not negatively impacting other systems or safety of aircraft operations. Due to their inherent time-variant and non-linear behavior, adaptive controllers cannot be certified via the metrics used for linear conventional controllers, such as gain and phase margin. Projection Operator is a robustness augmentation technique that bounds the output of a non-linear adaptive controller while conforming to the Lyapunov stability rules. It can also be used to limit the control authority of the adaptive component so that the said control authority can be arbitrarily close to that of a linear controller. In this paper we will present the results of applying the Projection Operator to a Model-Reference Adaptive Controller (MRAC), varying the amount of control authority, and comparing controller s performance and stability characteristics with those of a linear controller. We will also show how adjusting Projection Operator parameters can make it easier for the controller to satisfy the certification guidelines by enabling a tradeoff between controller s performance and robustness
Closing the Certification Gaps in Adaptive Flight Control Software
Over the last five decades, extensive research has been performed to design and develop adaptive control systems for aerospace systems and other applications where the capability to change controller behavior at different operating conditions is highly desirable. Although adaptive flight control has been partially implemented through the use of gain-scheduled control, truly adaptive control systems using learning algorithms and on-line system identification methods have not seen commercial deployment. The reason is that the certification process for adaptive flight control software for use in national air space has not yet been decided. The purpose of this paper is to examine the gaps between the state-of-the-art methodologies used to certify conventional (i.e., non-adaptive) flight control system software and what will likely to be needed to satisfy FAA airworthiness requirements. These gaps include the lack of a certification plan or process guide, the need to develop verification and validation tools and methodologies to analyze adaptive controller stability and convergence, as well as the development of metrics to evaluate adaptive controller performance at off-nominal flight conditions. This paper presents the major certification gap areas, a description of the current state of the verification methodologies, and what further research efforts will likely be needed to close the gaps remaining in current certification practices. It is envisioned that closing the gap will require certain advances in simulation methods, comprehensive methods to determine learning algorithm stability and convergence rates, the development of performance metrics for adaptive controllers, the application of formal software assurance methods, the application of on-line software monitoring tools for adaptive controller health assessment, and the development of a certification case for adaptive system safety of flight
Robust multivariable predictive control: how can it be applied to industrial test stands ?
To cope with recent technological evolutions of air conditioning systems for aircraft, the French Aeronautical Test Center built a new test stand for certification at ground level. The constraints specified by the industrial
users of the process seemed antagonistic for many reasons. First, the controller had to be implemented on an industrial automaton, not adaptable to modern algorithms. Then the specified dynamic performances were very demanding, especially taking into account the wide operating ranges of the process. Finally, the proposed controller had to be easy for nonspecialist users to handle. Thus, the control design and implementation steps had to be conducted considering both theoretical and technical aspects. This finally led to the development of a new multivariable predictive controller, called alpha-MPC, whose main characteristic is the introduction of an extra tuning parameter alpha that has enhanced the overall control robustness. In particular, the H1-norm of the sensitivity functions can be significantly reduced by tuning this single new parameter. It turns out to be a simple but efficient way to improve the robustness of the initial algorithm. The other classical tuning parameters are still physically meaningful, as is usual with predictive techniques. The initial results are very promising and this controller has already been adopted
by the industrial users as the basis of the control part for future developments of the test stand
Making GDPR Usable: A Model to Support Usability Evaluations of Privacy
We introduce a new model for evaluating privacy that builds on the criteria
proposed by the EuroPriSe certification scheme by adding usability criteria.
Our model is visually represented through a cube, called Usable Privacy Cube
(or UP Cube), where each of its three axes of variability captures,
respectively: rights of the data subjects, privacy principles, and usable
privacy criteria. We slightly reorganize the criteria of EuroPriSe to fit with
the UP Cube model, i.e., we show how EuroPriSe can be viewed as a combination
of only rights and principles, forming the two axes at the basis of our UP
Cube. In this way we also want to bring out two perspectives on privacy: that
of the data subjects and, respectively, that of the controllers/processors. We
define usable privacy criteria based on usability goals that we have extracted
from the whole text of the General Data Protection Regulation. The criteria are
designed to produce measurements of the level of usability with which the goals
are reached. Precisely, we measure effectiveness, efficiency, and satisfaction,
considering both the objective and the perceived usability outcomes, producing
measures of accuracy and completeness, of resource utilization (e.g., time,
effort, financial), and measures resulting from satisfaction scales. In the
long run, the UP Cube is meant to be the model behind a new certification
methodology capable of evaluating the usability of privacy, to the benefit of
common users. For industries, considering also the usability of privacy would
allow for greater business differentiation, beyond GDPR compliance.Comment: 41 pages, 2 figures, 1 table, and appendixe
How explicit are the barriers to failure in safety arguments?
Safety cases embody arguments that demonstrate how safety properties of a system are upheld. Such cases implicitly document the barriers that must exist between hazards and vulnerable components of a system. For safety certification, it is the analysis of these barriers that provide confidence in the safety of the system. The explicit representation of hazard barriers can provide additional insight for the design and evaluation of system safety. They can be identified in a hazard analysis to allow analysts to reflect on particular design choices. Barrier existence in a live system can be mapped to abstract barrier representations to provide both verification of barrier existence and a basis for quantitative measures between the predicted barrier behaviour and performance of the actual barrier. This paper explores the first stage of this process, the binding between explicit mitigation arguments in hazard analysis and the barrier concept. Examples from the domains of computer-assisted detection in mammography and free route airspace feasibility are examined and the implications for system certification are considered
On the tailoring of CAST-32A certification guidance to real COTS multicore architectures
The use of Commercial Off-The-Shelf (COTS) multicores in real-time industry is on the rise due to multicores' potential performance increase and energy reduction. Yet, the unpredictable impact on timing of contention in shared hardware resources challenges certification. Furthermore, most safety certification standards target single-core architectures and do not provide explicit guidance for multicore processors. Recently, however, CAST-32A has been presented providing guidance for software planning, development and verification in multicores. In this paper, from a theoretical level, we provide a detailed review of CAST-32A objectives and the difficulty of reaching them under current COTS multicore design trends; at experimental level, we assess the difficulties of the application of CAST-32A to a real multicore processor, the NXP P4080.This work has been partially supported by the Spanish Ministry of Economy and Competitiveness (MINECO) under grant
TIN2015-65316-P and the HiPEAC Network of Excellence.
Jaume Abella has been partially supported by the MINECO under Ramon y Cajal grant RYC-2013-14717.Peer ReviewedPostprint (author's final draft
A summary of rotorcraft handling qualities research at NASA Ames Research Center
The objectives of the rotorcraft handling qualities research program at Ames Research Center are twofold: (1) to develop basic handling qualities design criteria to permit cost effective design decisions to be made for helicopters, and (2) to obtain basic handling qualities data for certification of new rotorcraft configurations. The research on the helicopter handling qualities criteria has focused primarily on military nap-of-the-earth (NOE) terrain flying missions, which are flown in day visual meteorological conditions (VMC) and instrument meteorological conditions (IMC), or at night. The Army has recently placed a great deal of emphasis on terrain flying tactics in order to survive and effectively complete the missions in modern and future combat environments. Unfortunately, the existing Military Specification MIL-H 8501A which is a 1961 update of a 1951 document, does not address the handling qualities requirements for terrain flying. The research effort is therefore aimed at filling the void and is being conducted jointly with the Army Aeromechanics Laboratory at Ames. The research on rotorcraft airworthiness standards with respect to flying qualities requirements was conducted to collaboration with the Federal Aviation Administration (FAA)
The European Citizens' Initiative - Guidelines and Recommendations for Practical Implementation
The present guidelines and recommendations on the implementation of Regulation (EU) No 211/2011 on the citizens' initiative (hereafter: 'the Regulation') are intended as a concise reference document for the Member States' (MS) competent authorities (and have been prepared partly at their request) but will, on many points, also prove helpful for organisers. They cover various stages of the citizens' initiative procedure, in particular those related to the certification of online collection systems and the verification of statements of support. To a large extent, these guidelines and recommendations re-state, clarify or update advice that the Commission has previously provided, either in non-papers, in written correspondence, or at meetings of the ECI Expert Group. They may need to be revised over time based on the experiences of the competent MS authorities and the Commission with these procedures
Design Challenges for GDPR RegTech
The Accountability Principle of the GDPR requires that an organisation can
demonstrate compliance with the regulations. A survey of GDPR compliance
software solutions shows significant gaps in their ability to demonstrate
compliance. In contrast, RegTech has recently brought great success to
financial compliance, resulting in reduced risk, cost saving and enhanced
financial regulatory compliance. It is shown that many GDPR solutions lack
interoperability features such as standard APIs, meta-data or reports and they
are not supported by published methodologies or evidence to support their
validity or even utility. A proof of concept prototype was explored using a
regulator based self-assessment checklist to establish if RegTech best practice
could improve the demonstration of GDPR compliance. The application of a
RegTech approach provides opportunities for demonstrable and validated GDPR
compliance, notwithstanding the risk reductions and cost savings that RegTech
can deliver. This paper demonstrates a RegTech approach to GDPR compliance can
facilitate an organisation meeting its accountability obligations
- …