Empirical exploration of air traffic and human dynamics in terminal airspaces

Air traffic is widely known as a complex, task-critical techno-social system, with numerous interactions between airspace, procedures, aircraft and air traffic controllers. In order to develop and deploy high-level operational concepts and automation systems scientifically and effectively, it is essential to conduct an in-depth investigation on the intrinsic traffic-human dynamics and characteristics, which is not widely seen in the literature. To fill this gap, we propose a multi-layer network to model and analyze air traffic systems. A Route-based Airspace Network (RAN) and Flight Trajectory Network (FTN) encapsulate critical physical and operational characteristics; an Integrated Flow-Driven Network (IFDN) and Interrelated Conflict-Communication Network (ICCN) are formulated to represent air traffic flow transmissions and intervention from air traffic controllers, respectively. Furthermore, a set of analytical metrics including network variables, complex network attributes, controllers' cognitive complexity, and chaotic metrics are introduced and applied in a case study of Guangzhou terminal airspace. Empirical results show the existence of fundamental diagram and macroscopic fundamental diagram at the route, sector and terminal levels. Moreover, the dynamics and underlying mechanisms of "ATCOs-flow" interactions are revealed and interpreted by adaptive meta-cognition strategies based on network analysis of the ICCN. Finally, at the system level, chaos is identified in conflict system and human behavioral system when traffic switch to the semi-stable or congested phase. This study offers analytical tools for understanding the complex human-flow interactions at potentially a broad range of air traffic systems, and underpins future developments and automation of intelligent air traffic management systems.Comment: 30 pages, 28 figures, currently under revie

An analytic framework to assess organizational resilience

Background: Resilience Engineering is a paradigm for safety management that focuses on coping with complexity to achieve success, even considering several conflicting goals. Modern socio-technical systems have to be resilient to comply with the variability of everyday activities, the tight-coupled and underspecified nature of work and the nonlinear interactions among agents. At organizational level, resilience can be described as a combination of four cornerstones: monitoring, responding, learning and anticipating. Methods: Starting from these four categories, this paper aims at defining a semi-quantitative analytic framework to measure organizational resilience in complex socio-technical systems, combining the Resilience Analysis Grid (RAG) and the Analytic Hierarchy Process (AHP). Results: This paper presents an approach for defining resilience abilities of an organization, creating a structured domain-dependent framework to define a resilience profile at different levels of abstraction, to identify weaknesses and strengths of the system and thus potential actions to increase system’s adaptive capacity. An illustrative example in an anaesthesia department clarifies the outcomes of the approach. Conclusions: The outcome of the RAG, i.e. a weighted set of probing questions, can be used in different domains, as a support tool in a wider Safety-II oriented managerial action to bring safety management into the core business of the organization

Architecture and Information Requirements to Assess and Predict Flight Safety Risks During Highly Autonomous Urban Flight Operations

As aviation adopts new and increasingly complex operational paradigms, vehicle types, and technologies to broaden airspace capability and efficiency, maintaining a safe system will require recognition and timely mitigation of new safety issues as they emerge and before significant consequences occur. A shift toward a more predictive risk mitigation capability becomes critical to meet this challenge. In-time safety assurance comprises monitoring, assessment, and mitigation functions that proactively reduce risk in complex operational environments where the interplay of hazards may not be known (and therefore not accounted for) during design. These functions can also help to understand and predict emergent effects caused by the increased use of automation or autonomous functions that may exhibit unexpected non-deterministic behaviors. The envisioned monitoring and assessment functions can look for precursors, anomalies, and trends (PATs) by applying model-based and data-driven methods. Outputs would then drive downstream mitigation(s) if needed to reduce risk. These mitigations may be accomplished using traditional design revision processes or via operational (and sometimes automated) mechanisms. The latter refers to the in-time aspect of the system concept. This report comprises architecture and information requirements and considerations toward enabling such a capability within the domain of low altitude highly autonomous urban flight operations. This domain may span, for example, public-use surveillance missions flown by small unmanned aircraft (e.g., infrastructure inspection, facility management, emergency response, law enforcement, and/or security) to transportation missions flown by larger aircraft that may carry passengers or deliver products. Caveat: Any stated requirements in this report should be considered initial requirements that are intended to drive research and development (R&D). These initial requirements are likely to evolve based on R&D findings, refinement of operational concepts, industry advances, and new industry or regulatory policies or standards related to safety assurance

Collaborative Verification-Driven Engineering of Hybrid Systems

Hybrid systems with both discrete and continuous dynamics are an important model for real-world cyber-physical systems. The key challenge is to ensure their correct functioning w.r.t. safety requirements. Promising techniques to ensure safety seem to be model-driven engineering to develop hybrid systems in a well-defined and traceable manner, and formal verification to prove their correctness. Their combination forms the vision of verification-driven engineering. Often, hybrid systems are rather complex in that they require expertise from many domains (e.g., robotics, control systems, computer science, software engineering, and mechanical engineering). Moreover, despite the remarkable progress in automating formal verification of hybrid systems, the construction of proofs of complex systems often requires nontrivial human guidance, since hybrid systems verification tools solve undecidable problems. It is, thus, not uncommon for development and verification teams to consist of many players with diverse expertise. This paper introduces a verification-driven engineering toolset that extends our previous work on hybrid and arithmetic verification with tools for (i) graphical (UML) and textual modeling of hybrid systems, (ii) exchanging and comparing models and proofs, and (iii) managing verification tasks. This toolset makes it easier to tackle large-scale verification tasks

Identifying how automation can lose its intended benefit along the development process : a research plan

Doctoral Consortium Presentation © The Authors 2009Automation is usually considered to improve performance in virtually any domain. However it can fail to deliver the target benefit as intended by those managers and designers advocating the introduction of the tool. In safety critical domains this problem is of significance not only because the unexpected effects of automation might prevent its widespread usage but also because they might turn out to be a contributor to incident and accidents. Research on failures of automation to deliver the intended benefit has focused mainly on human automation interaction. This paper presents a PhD research plan that aims at characterizing decisions for those involved in development process of automation for safety critical domains, taken under productive pressure, to identify where and when the initial intention the automation is supposed to deliver can be lost along the development process. We tentatively call such decisions as drift and the final objective is to develop principles that will allow to identify and compensate for possible sources of drift in the development of new automation. The research is based on case studies and is currently entering Year 2

Adoption of vehicular ad hoc networking protocols by networked robots

This paper focuses on the utilization of wireless networking in the robotics domain. Many researchers have already equipped their robots with wireless communication capabilities, stimulated by the observation that multi-robot systems tend to have several advantages over their single-robot counterparts. Typically, this integration of wireless communication is tackled in a quite pragmatic manner, only a few authors presented novel Robotic Ad Hoc Network (RANET) protocols that were designed specifically with robotic use cases in mind. This is in sharp contrast with the domain of vehicular ad hoc networks (VANET). This observation is the starting point of this paper. If the results of previous efforts focusing on VANET protocols could be reused in the RANET domain, this could lead to rapid progress in the field of networked robots. To investigate this possibility, this paper provides a thorough overview of the related work in the domain of robotic and vehicular ad hoc networks. Based on this information, an exhaustive list of requirements is defined for both types. It is concluded that the most significant difference lies in the fact that VANET protocols are oriented towards low throughput messaging, while RANET protocols have to support high throughput media streaming as well. Although not always with equal importance, all other defined requirements are valid for both protocols. This leads to the conclusion that cross-fertilization between them is an appealing approach for future RANET research. To support such developments, this paper concludes with the definition of an appropriate working plan

Training of Crisis Mappers and Map Production from Multi-sensor Data: Vernazza Case Study (Cinque Terre National Park, Italy)

This aim of paper is to presents the development of a multidisciplinary project carried out by the cooperation between Politecnico di Torino and ITHACA (Information Technology for Humanitarian Assistance, Cooperation and Action). The goal of the project was the training in geospatial data acquiring and processing for students attending Architecture and Engineering Courses, in order to start up a team of "volunteer mappers". Indeed, the project is aimed to document the environmental and built heritage subject to disaster; the purpose is to improve the capabilities of the actors involved in the activities connected in geospatial data collection, integration and sharing. The proposed area for testing the training activities is the Cinque Terre National Park, registered in the World Heritage List since 1997. The area was affected by flood on the 25th of October 2011. According to other international experiences, the group is expected to be active after emergencies in order to upgrade maps, using data acquired by typical geomatic methods and techniques such as terrestrial and aerial Lidar, close-range and aerial photogrammetry, topographic and GNSS instruments etc.; or by non conventional systems and instruments such us UAV, mobile mapping etc. The ultimate goal is to implement a WebGIS platform to share all the data collected with local authorities and the Civil Protectio