Trajectory-Based, Probabilistic Risk Model for UAS Operations

To enable the safe integration of Unmanned Aircraft System (UAS) into the civil airspace, the European Aviation Safety Agency (EASA) has elaborated a new regulatory framework that is operation-centric and risk-based. Based on this principle, gaining authorization to conduct certain types of operations depends on a safety risk assessment. To harmonize this process, the Joint Authorities for Rulemaking on Unmanned Systems (JARUS) released a qualitative methodology called Specific Operation Risk Assessment (SORA). However, SORA is not a complete safety assessment tool since, in some cases, a quantitative risk analysis is still required. This work develops a probabilistic risk model that extends SORA to evaluate the ground risk and the air risk components along a specified UAS trajectory quantitatively. The proposed model is supplied with illustrative data and is validated in a representative UAS mission. In the future, the risk model will be exploited to develop a decision tool for determining the minimum-risk trajectory when multiple, alternative routes are available

Automatic deployment of an RPAS Mission Manager to an ARINC-653 compliant system

[EN] The development process of avionics system requiring a high level of safety is subjected to rigorous development and verification standards. In order to accelerate and facilitate this process, we present a testbed that uses a suite of methods and tools to comply with aerospace standards for certification. To illustrate the proposed methodology, we designed a Mission Management System for Remotely Piloted Aircraft Systems (RPAS) that was deployed on a particular run-time execution platform called XtratuM, an ARINC-653 compliant system developed in our research group. The paper discusses the system requirements, the software architecture, the key issues for porting designs to XtratuM, and how to automatize this process. Results show that the proposed testbed is a good platform for designing and qualifying avionics applications.This research has been financed by the Institute of Control Systems and Industrial Computing (Ai2), and by projects GVA AICO/2015/126 (Ayudas para Grupos de Investigacion Consolidables) and GVA ACIF/2016/197 (Ayudas para la contratacion de personal investigador en formacion de caracter predoctoral) of the Spanish Regional Government "Generalitat Valenciana".Usach Molina, H.; Vila Carbó, JA.; Crespo, A.; Yuste Pérez, P. (2018). Automatic deployment of an RPAS Mission Manager to an ARINC-653 compliant system. Journal of Intelligent & Robotic Systems. 92(3-4):587-598. https://doi.org/10.1007/s10846-017-0694-3S587598923-4Aeronautical Radio, Inc.: ARINC specification 653-1. Avionics Application Software Standard Interface (2003)Bonasso, R., Kerri, R., Jenks, K., Johnson, G.: Using the 3T architecture for tracking Shuttle RMS procedures. In: Proceedings of the IEEE International Joint Symposia on Intelligence and Systems. IEEE, Rockville, MD, USA (1998) https://doi.org/10.1109/IJSIS.1998.685440fentISS: XtratuM Hypervisor Emulator (SKE) start guide. Tech. rep., Universidad Politècnica de València (2015)Fons, B.: Plataforma para diseño y ejecución de aplicaciones de aviónica. Universitat Politècnica de València, Master’s thesis (2013)International Civil Aviation Organization: Doc. 9613 AN/937: Performance-based Navigation (PBN) Manual, 4th edn. (2013)International Civil Aviation Organization: Doc. 10019, AN/507: Manual on Remotely Piloted Aircraft Systems (RPAS), 1st edn. (2015)Koehl, D.: SESAR initiatives for RPAS integration. In: ICAO Remotely Piloted Aircraft Systems Symposium. Montreal, Canada (2015)Masmano, M., Ripoll, I., Crespo, A., Metge, J.: XtratuM: A hypervisor for safety critical embedded systems. In: Proceedings of the 11th Real-Time Linux Workshop. Dresden, Germany (2009)Masmano, M., Valiente, Y., Balbastre, P., Ripoll, I., Crespo, A., Metge, J.: LithOS: A ARINC-653 guest operating for XtratuM. In: Proceedings of the 12th Real-Time Linux Workshop. Nairobi, Kenia (2010)McCarley, J.S., Wickens, C.D.: Human factors implications of UAVs in the national airspace. Tech. Rep. AHFD-05-05/FAA-05-01, University of Illinois, Institute of Aviation, Aviation Human Factors Division (2005)North Atlantic Treaty Organization: STANAG 4703: Light Unmanned Aircraft Systems Airworthiness Requirements. NATO Standarization Agency (2014)Radio Technical Commission for Aeronautics (RTCA): DO-178C/ED-12C Software Considerations in Airborne Systems and Equipment Certification. RTCA (2011)Ribeiro, L.R., Oliveira, N.M.R.: UAV autopilot controllers test platform using Matlab/Simulink and X-Plane. In: 40th ASEE/ IEEE Frontiers in Education Conference. IEEE, Washington, DC, USA (2010). https://doi.org/10.1109/FIE.2010.5673378Spitzer, C.R.: Digital Avionics Handbook: Elements, Software and Functions, 2nd edn. CRC Press (2006)The MathWorks Inc.: Simulink Coder Target Language Compiler (2012)Usach, H.: Integridad y tolerancia a fallos en sistemas de aviónica. Universitat Politècnica de València, Master’s thesis (2014)Usach, H., Fons, B., Vila, J., Crespo, A.: An autopilot testbed for IMA (Integrated Modular Avionics) architectures. In: Proceedings of the 19th IFAC Symposium on Automatic Control in Aerospace. Elsevier, Würzburg, Germany (2013). https://doi.org/10.3182/20130902-5-DE-2040.00076Usach, H., Vila, J., Crespo, A., Yuste, P.: A highly-automated RPAS Mission Manager for integrated airspace. In: Proceedings of the 5th International Conference on Application and Theory of Automation in Command and Control Systems, ATACCS’15. ACM, Toulouse, France (2015). https://doi.org/10.1145/2899361.289936

Architectural Design of a Safe Mission Manager for Unmanned Aircraft Systems

[EN] Civil Aviation Authorities are elaborating a new regulatory framework for the safe operation of Unmanned Aircraft Systems (UAS). Current proposals are based on the analysis of the specific risks of the operation as well as on the definition of some risk mitigation measures. In order to achieve the target level of safety, we propose increasing the level of automation by providing the on-board system with Automated Contingency Management functions. The aim of the resulting Safe Mission Manager System is to autonomously adapt to contingency events while still achieving mission objectives through the degradation of mission performance. In this paper, we discuss some of the architectural issues in designing this system. The resulting architecture makes a conceptual differentiation between event monitoring, decision-making on a policy for dealing with contingencies and the execution of the corresponding policy. We also discuss how to allocate the different Safe Mission Manager components to a partitioned, Integrated Modular Avionics architecture. Finally, determinism and predictability are key aspects in contingency management due to their overall impact on safety. For this reason, we model and verify the correctness of a contingency management policy using formal methods.This work was supported by the Spanish Regional Government "Generalitat Valenciana" under contract ACIF/2016/197.Usach Molina, H.; Vila Carbó, JA.; Torens, C.; Adolf, FM. (2018). Architectural Design of a Safe Mission Manager for Unmanned Aircraft Systems. Journal of Systems Architecture. 90:94-108. https://doi.org/10.1016/j.sysarc.2018.09.003S941089

Reconfigurable Mission Plans for RPAS

[EN] This paper deals with the problem of formally defining and specifying Mission Plans for Remotely Piloted Aircraft Systems (RPAS). Firstly, the profile of RPAS missions is highly variable and different from those of commercial flights. Route variability from the planned route is frequent due to operating conditions and, especially, contingencies. For this reason, RPAS Mission Plans should be reconfigurable: they should allow the nominal plan to be modified during flight time. Secondly, aviation authorities may require the ability to operate in an autonomous mode in response to Command and Control (C2) link losses. As a result, RPAS Mission Plans should specify all possible routings and behaviors in greater detail. The Reconfigurable Mission Plan concept introduced in this paper expands on current flight plans by providing a level of description that improves predictability and allows for reconfiguration, contingency handling, and higher levels of automation and pilot assistance. The paper presents a detailed discussion of RPAS contingency handling and develops a formal specification of the Reconfigurable Mission Plan concept. The paper also develops algorithms for dynamically configuring Mission Plan routes that might mitigate the effect of contingencies. Finally, the whole proposal is validated with a prototype implementation and a proof of concept.This work was supported by the Spanish Regional Government Generalitat Valenciana under contract ACIF/2016/197.Usach Molina, H.; Vila Carbó, JA. (2020). Reconfigurable Mission Plans for RPAS. Aerospace Science and Technology. 96:1-20. https://doi.org/10.1016/j.ast.2019.105528S1209