Risk-management of UAS robust autonomy for integration into civil aviation safety frameworks

This paper discusses a model of the civil aviation reg-ulation framework and shows how the current assess-ment of reliability and risk for piloted aircraft has a limited applicability for Unmanned Aircraft Systems (UAS) as technology moves towards higher levels of autonomous decision making. Then, a new frame-work for risk management of robust autonomy is pro-posed, which arises from combining quantified mea-sures of risk with normative decision making. The term Robust Autonomy describes the ability of an au-tonomous system to either continue or abort its oper-ation whilst not breaching a minimum level of accept-able safety in the presence of anomalous conditions. The term combines reliability, safety, and robust-ness. The decision making associated with risk man-agement requires quantifying probabilities associated with the measures of risk and also consequences of outcomes related to the behaviour of autonomy. The probabilities are computed from an assessment under both nominal and anomalous scenarios described by faults, which can be associated with the aircraft's ac-tuators, sensors, communication link, changes in dy-namics, and the presence of other aircraft in the op-erational space. The consequences of outcomes are characterised by a loss function quantifies the desir-ability of the outcome

Managers Handbook for Software Development

Methods and aids for the management of software development projects are presented. The recommendations are based on analyses and experiences with flight dynamics software development. The management aspects of organizing the project, producing a development plan, estimation costs, scheduling, staffing, preparing deliverable documents, using management tools, monitoring the project, conducting reviews, auditing, testing, and certifying are described

Development and implementation of the verification process for the shuttle avionics system

The background of the shuttle avionics system design and the unique drivers associated with the redundant digital multiplexed data processing system are examined. With flight software pervading to the lowest elements of the flight critical subsystems, it was necessary to identify a unique and orderly approach of verifying the system as flight ready for STS-1. The approach and implementation plan is discussed, and both technical problems and management issues are dealt with

Users' trust in information resources in the Web environment: a status report

This study has three aims; to provide an overview of the ways in which trust is either assessed or asserted in relation to the use and provision of resources in the Web environment for research and learning; to assess what solutions might be worth further investigation and whether establishing ways to assert trust in academic information resources could assist the development of information literacy; to help increase understanding of how perceptions of trust influence the behaviour of information users

Bi-Directional Safety Analysis for Product-Line, Multi-Agent Systems

Abstract. Safety-critical systems composed of highly similar, semi-autonomous agents are being developed in several application domains. An example of such multi-agent systems is a fleet, or “constellation ” of satellites. In constellations of satellites, each satellite is commonly treated as a distinct autonomous agent that must cooperate to achieve higher-level constellation goals. In previous work, we have shown that modeling a constellation of satellites or spacecraft as a product line of agents (where the agents have many shared commonalities and a few key differences) enables reuse of software analysis and design assets. We have also previously developed efficient safety analysis techniques for product lines. We now propose the use of Bi-Directional Safety Analysis (BDSA) to aid in system certification. We extend BDSA to product lines of multi-agent systems and show how the analysis artifacts thus produced contribute to the software’s safety case for certification purposes. The product-line approach lets us reuse portions of the safety analysis for multiple agents, significantly reducing the burden of certification. We motivate and illustrate this work through a specific application, a product-line, multi-agent satellite constellation