15 research outputs found

    Scheduling for Urban Air Mobility using Safe Learning

    Full text link
    This work considers the scheduling problem for Urban Air Mobility (UAM) vehicles travelling between origin-destination pairs with both hard and soft trip deadlines. Each route is described by a discrete probability distribution over trip completion times (or delay) and over inter-arrival times of requests (or demand) for the route along with a fixed hard or soft deadline. Soft deadlines carry a cost that is incurred when the deadline is missed. An online, safe scheduler is developed that ensures that hard deadlines are never missed, and that average cost of missing soft deadlines is minimized. The system is modelled as a Markov Decision Process (MDP) and safe model-based learning is used to find the probabilistic distributions over route delays and demand. Monte Carlo Tree Search (MCTS) Earliest Deadline First (EDF) is used to safely explore the learned models in an online fashion and develop a near-optimal non-preemptive scheduling policy. These results are compared with Value Iteration (VI) and MCTS (Random) scheduling solutions.Comment: In Proceedings FMAS2022 ASYDE2022, arXiv:2209.1318

    Hazard elimination using backwards reachability techniques in discrete and hybrid models

    Get PDF
    Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Aeronautics and Astronautics, February 2002.Includes bibliographical references (leaves 173-181).One of the most important steps in hazard analysis is determining whether a particular design can reach a hazardous state and, if it could, how to change the design to ensure that it does not. In most cases, this is done through testing or simulation or even less rigorous processes--none of which provide much confidence for complex systems. Because state spaces for software can be enormous (which is why testing is not an effective way to accomplish the goal), the innovative Hazard Automaton Reduction Algorithm (HARA) involves starting at a hypothetical unsafe state and using backwards reachability techniques to obtain enough information to determine how to design in order to ensure that state cannot be reached. State machine models are very powerful, but also present greater challenges in terms of reachability, including the backwards reachability needed to implement the Hazard Automaton Reduction Algorithm. The key to solving the backwards reachability problem lies in converting the state machine model into a controls state space formulation and creating a state transition matrix. Each successive step backward from the hazardous state then involves only one n by n matrix manipulation. Therefore, only a finite number of matrix manipulations is necessary to determine whether or not a state is reachable from another state, thus providing the same information that could be obtained from a complete backwards reachability graph of the state machine model. Unlike model checking, the computational cost does not increase as greatly with the number of backward states that need to be visited to obtain the information necessary to ensure that the design is safe or to redesign it to be safe. The functionality and optimality of this approach is proved in both discrete and hybrid cases.(cont.) The new approach of the Hazard Automaton Reduction Algorithm combined with backwards reachability controls techniques was demonstrated on a blackbox model of a real aircraft altitude switch. The algorithm is being implemented in a commercial specification language (SpecTRM-RL). SpecTRM-RL is formally extended to include continuous and hybrid models. An analysis of the safety of a medium term conflict detection algorithm (MTCD) for aircraft, that is being developed and tested by Eurocontrol for use in European Air Traffic Control, is performed. Attempts to validate such conflict detection algorithms is currently challenging researchers world wide. Model checking is unsatisfactory in general for this problem because of the lack of a termination guarantee in backwards reachability using model checking. The new state-space controls approach does not encounter this problem.by Natasha Anita Neogi.Ph.D

    Generalized modelling of a space station and determination of the transfer function

    Get PDF
    Thesis (S.M.)--Massachusetts Institute of Technology, Dept. of Aeronautics and Astronautics, 1999.Includes bibliographical references (leaves 127-132).An elementary structural model of a modular space station, such as the Russian Space Station Mir or the International Space Station (ISS), was formulated using Euler-Bernoulli beam theory. Based on structural dynamic techniques and modal analysis, a generalized method for deriving a theoretical transfer function between astronaut force inputs and station acceleration outputs is postulated. The validity of this transfer function can then be examined using the experimental force and acceleration data collected from Mir from the period of 1996 to 1998. In order to quantify astronaut-induced disturbances to the microgravity environment onboard a space station during long duration spaceflight, the Enhanced Dynamic Load Sensors (EDLS) Spaceflight experiment measured the forces and moments exerted by astronauts on the Russian Space Station Mir. Approximately 95% of all processed astronaut motions possessed a maximum force less that 275 N, a root mean square force less than 60 N and a power spectral density less than 22 Hz. Thus, astronaut motions are not the most stringent of design constraints upon a space station. Coupled with accelerometer data from the Space Acceleration Measurement System (SAMS), forces from crew motions can be temporally correlated with the overall acceleration of the Mir Space Station. An operator similar to the Fourier transform is developed in order to convert the force and acceleration data from the time domain into the frequency domain. A least-squares approach is used in order to obtain the optimal transfer function between the force and acceleration experimental data. The maximum residue of this transfer function was found at the pole at 0.375 Hz with a magnitude of approximately 7.5x10 -6, which is in accord with transient time domain analysis performed previously. Unfortunately, due to a lack of collocation between the EDLS force plate sensors and the SAMS accelerometer heads, a meaningful comparison between the theoretical transfer function and the experimental transfer function could not be conducted.by Natasha A. Neogi.S.M

    An Initial Examination for Verifying Separation Algorithms by Simulation

    Get PDF
    An open question in algorithms for aircraft is what can be validated by simulation where the simulation shows that the probability of undesirable events is below some given level at some confidence level. The problem is including enough realism to be convincing while retaining enough efficiency to run the large number of trials needed for high confidence. The paper first proposes a goal based on the number of flights per year in several regions. The paper examines the probabilistic interpretation of this goal and computes the number of trials needed to establish it at an equivalent confidence level. Since any simulation is likely to consider the algorithms for only one type of event and there are several types of events, the paper examines under what conditions this separate consideration is valid. This paper is an initial effort, and as such, it considers separation maneuvers, which are elementary but include numerous aspects of aircraft behavior. The scenario includes decisions under uncertainty since the position of each aircraft is only known to the other by broadcasting where GPS believes each aircraft to be (ADS-B). Each aircraft operates under feedback control with perturbations. It is shown that a scenario three or four orders of magnitude more complex is feasible. The question of what can be validated by simulation remains open, but there is reason to be optimistic

    Comparison of Aircraft Models and Integration Schemes for Interval Management in the TRACON

    Get PDF
    Reusable models of common elements for communication, computation, decision and control in air traffic management are necessary in order to enable simulation, analysis and assurance of emergent properties, such as safety and stability, for a given operational concept. Uncertainties due to faults, such as dropped messages, along with non-linearities and sensor noise are an integral part of these models, and impact emergent system behavior. Flight control algorithms designed using a linearized version of the flight mechanics will exhibit error due to model uncertainty, and may not be stable outside a neighborhood of the given point of linearization. Moreover, the communication mechanism by which the sensed state of an aircraft is fed back to a flight control system (such as an ADS-B message) impacts the overall system behavior; both due to sensor noise as well as dropped messages (vacant samples). Additionally simulation of the flight controller system can exhibit further numerical instability, due to selection of the integration scheme and approximations made in the flight dynamics. We examine the theoretical and numerical stability of a speed controller under the Euler and Runge-Kutta schemes of integration, for the Maintain phase for a Mid-Term (2035-2045) Interval Management (IM) Operational Concept for descent and landing operations. We model uncertainties in communication due to missed ADS-B messages by vacant samples in the integration schemes, and compare the emergent behavior of the system, in terms of stability, via the boundedness of the final system state. Any bound on the errors incurred by these uncertainties will play an essential part in a composable assurance argument required for real-time, flight-deck guidance and control systems,. Thus, we believe that the creation of reusable models, which possess property guarantees, such as safety and stability, is an innovative and essential requirement to assessing the emergent properties of novel airspace concepts of operation

    Formal Assurance for Cognitive Architecture Based Autonomous Agent

    Get PDF
    Autonomous systems are designed and deployed in different modeling paradigms. These environments focus on specific concepts in designing the system. We focus our effort in the use of cognitive architectures to design autonomous agents to collaborate with humans to accomplish tasks in a mission. Our research focuses on introducing formal assurance methods to verify the behavior of agents designed in Soar, by translating the agent to the formal verification environment Uppaal

    A Framework for Probabilistic Evaluation of Interval Management Tolerance in the Terminal Radar Control Area

    Get PDF
    Projections of future traffic in the national airspace show that most of the hub airports and their attendant airspace will need to undergo significant redevelopment and redesign in order to accommodate any significant increase in traffic volume. Even though closely spaced parallel approaches increase throughput into a given airport, controller workload in oversubscribed metroplexes is further taxed by these approaches that require stringent monitoring in a saturated environment. The interval management (IM) concept in the TRACON area is designed to shift some of the operational burden from the control tower to the flight deck, placing the flight crew in charge of implementing the required speed changes to maintain a relative spacing interval. The interval management tolerance is a measure of the allowable deviation from the desired spacing interval for the IM aircraft (and its target aircraft). For this complex task, Formal Methods can help to ensure better design and system implementation. In this paper, we propose a probabilistic framework to quantify the uncertainty and performance associated with the major components of the IM tolerance. The analytical basis for this framework may be used to formalize both correctness and probabilistic system safety claims in a modular fashion at the algorithmic level in a way compatible with several Formal Methods tools

    A Review of Current and Prospective Factors for Classification of Civil Unmanned Aircraft Systems

    Get PDF
    While progress is being made on integrating unmanned aircraft systems (UAS) into our national airspace on a broad scale, much work remains to establish appropriate certification standards and operational procedures, particularly with respect to routine commercial operations. This paper summarizes research to examine the extent to which today's civil aircraft taxonomy applies to UAS, and, if needed, how that taxonomy could be amended to better cover different UAS designs and operations. Factors that shape the current taxonomy, as defined in the Federal Aviation Regulations, were assessed for applicability to UAS, potential incompatibilities were identified, and additional factors were proposed that might be useful for an updated aircraft taxonomy intended to cover UAS. The results suggest the possibility of constructing new groups in the taxonomy for UAS under a restricted category that share common airworthiness standards. Establishing distinct groups for UAS and associated standards that enable low risk operations for compensation or hire could be a timely step toward full integration. Such a step would allow the civil aviation industry and regulators to gain valuable experience with UAS while carefully controlling access and potential harm to the aviation system as a whole
    corecore