Run-Time Verification and Validation for Safety-Critical Flight Control Systems

Schierman, John D.; Ward, Dave; Dutoi, Brian; Aiello, A.; Berryman, John F.; DeVore, Michael D.; Storm, Walter; Wadley, Jason

doi:10.2514/6.2008-6338

Cited by 17 publications

(13 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Of particular interest to NASA GRC is the Run-Time Assurance (RTA) architecture developed by researchers at Barron Associates, Inc. in Charlottesville, VA. 26,27 This approach is designed to provide safety assurance for systems that consist of adaptive, non-deterministic or other advanced control algorithms that are costly, difficult or impossible to certify using current design-time verification approaches. The RTA framework (Figure 1) achieves this assurance by employing a safety monitor that continuously checks the states of the system to ensure that they remain within predetermined safe operating limits.…”

Section: A Run-time Assurance Frameworkmentioning

confidence: 99%

Towards Run-time Assurance of Advanced Propulsion Algorithms

Wong

Schierman

Schlapkohl

et al. 2014

50th AIAA/ASME/SAE/ASEE Joint Propulsion Conference

View full text Add to dashboard Cite

This paper covers the motivation and rationale for investigating the application of run-time assurance methods as a potential means of providing safety assurance for advanced propulsion control systems. Certification is becoming increasingly infeasible for such systems using current verification practices. Run-time assurance systems hold the promise of certifying these advanced systems by continuously monitoring the state of the feedback system during operation and reverting to a simpler, certified system if anomalous behavior is detected. The discussion will also cover initial efforts underway to apply a run-time assurance framework to NASA's model-based engine control approach. Preliminary experimental results are presented and discussed.

show abstract

Section: A Run-time Assurance Frameworkmentioning

confidence: 99%

Towards Run-time Assurance of Advanced Propulsion Algorithms

Wong

Schierman

Schlapkohl

et al. 2014

50th AIAA/ASME/SAE/ASEE Joint Propulsion Conference

View full text Add to dashboard Cite

show abstract

“…According to the results of the recent Air Force-funded Verification and Validation of Intelligent and Adaptive Control Systems (VVIACS) Program, design-time testing already consumes 27% of the total system development costs. According to the VVIACS study, emerging flight control system development may increase V&V to 67% of total development costs without using new technologies (Schierman et al, 2008).…”

Section: Limitations and Open Issues Of Current Validation Practicesmentioning

confidence: 99%

“…One possible solution is to combine run-time monitoring of advanced components with simple backup modules that provide a safe reversionary mode if undesirable behavior is detected. Such an architecture allows the V&V to be partitioned into design-time V&V (for the relatively simple monitoring and fail-safe subsystems), and run-time V&V (for the fully complex controller) (Schierman et al, 2008).…”

Section: Run-time Monitoring Of Operation Of Control Sub-systemsmentioning

confidence: 99%

From Validation of Medical Devices towards Validation of Adaptive Cyber-Physical Systems

Tavčar

Duhovnik

Horváth

2020

JID

View full text Add to dashboard Cite

Conventionally, designing of a technical system is completed in the product development phase in terms of all details and aspects. This can be done if the expected behavior and the conditions of operation are known in advance and can be validated before the product is launched on the market. Validation is typically based on a predictive analysis or simulation of the designed operation. However, this contradicts with the case of smart systems, such as smart cyber-physical systems (CPSs), which self-manage their operation or at least a part of it. Being able to adapt at run-time and evolve over time, smart CPSs cannot be validated using conventional deterministic approaches. This is especially true for smart CPSs used as instrumentation in the medical field. This gave the stimulation of our background research, the results of which are concisely summarized and critically concluded in this paper. The literature has been found fairly narrow in terms of novel validation approaches for self-managing smart systems. The main finding is that the tasks of operational and behavioral validation should be shared among the system designers and the designed systems. Designers need prognostic approaches, while systems need to construct validation plans and execute them at run-time. This needs validation-specific functionalities and context dependent mechanisms such as run-time validation frameworks or meta-models, objective-sensitive self-monitoring mechanisms, self-constraining and self-supporting mechanisms, and other enablers. Extensive foundational research and system prototype testing are deemed to be indispensable. To make the first small step in this direction, this paper proposes a concept for validation of smart medical CPSs. This relies on the following hypothesis: If a system has freedom for self-adaptation, then it should also be equipped with selfcontrol mechanism, meta-knowledge and a supervisory controller. It all together enables a purpose-and context dependent semantic reasoning about the operational and behavioral objectives. The paper suggests a number of topics for future research towards a run-time validation engine.

show abstract

“…It is expected that through the combined use of new advances in design-time V&V approaches along with the use of RTA systems during online operation, the system behavior can be provably bounded ], [ Schierman 2008], [Rudd 2009], ]. There are a number of advanced systems and systems-of-systems concepts that are of great interest to the Air Force (as well as NASA and the other branches of the Department of Defense (DoD)) and it is for these reasons that there is interest in further developing the RTA concept so these advanced systems can be certified for fielded operations.…”

Section: Motivation and Backgroundmentioning

confidence: 99%

Runtime Assurance Framework Development for Highly Adaptive Flight Control Systems

Schierman¹,

DeVore²,

Richards³

et al. 2015

View full text Add to dashboard Cite

The public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden, to Department of Defense, Washington Headquarters Services, Directorate for Information AFRL/RQQA SPONSORING/MONITORING AGENCY REPORT NUMBER(S) AFRL-RQ-WP-TR-2016-0001 DISTRIBUTION/AVAILABILITY STATEMENTApproved for public release; distribution unlimited. SUPPLEMENTARY NOTESThis is a Small Business Innovation Research (SBIR) Phase III report. Barron Associates, Inc. has waived its SBIR data rights, and the report has been approved for public release (PA Case Number: 88ABW-2016-1452; Clearance Date: 11 March 2016). ABSTRACTThis report was developed under a SBIR contract. This report describes the technical progress made by Barron Associates, Inc. and its partners in runtime assurance (RTA) systems, which hold the promise of protecting advanced systems that cannot be fully certified at design time due to their inherent complexity. A number of technical hurdles remain in the implementation of RTA systems for highly complex safety-critical systems, and the main objective of this effort was to further address these issues. One main focus of this project was to investigate the necessary structure of RTA frameworks for multi-level interacting feedback systems. As such, a challenge problem was constructed for a fleet of unmanned aircraft systems (UASs) performing a surveillance mission. The demonstration platform consisted of RTA systems for the inner-loop control, outer-loop guidance, ownship flight management, and fleet mission planning elements. The framework design and certification requirements for such a system were explored in this program. For the inner-loop, the concept of employing multiple transition controllers in the reversionary control system was studied. For all feedback levels, the required RTA checks were developed and the critical reversionary switching conditions defined. The interactions between the RTA protected systems and certified collision avoidance systems were also investigated. A safety case argument for design-time certification of the RTA protected systems was constructed using subsystem requirements contracts that were developed from a compositional reasoning approach explored over the course of the project.

show abstract

Run-Time Verification and Validation for Safety-Critical Flight Control Systems

Cited by 17 publications

References 4 publications

Towards Run-time Assurance of Advanced Propulsion Algorithms

Towards Run-time Assurance of Advanced Propulsion Algorithms

From Validation of Medical Devices towards Validation of Adaptive Cyber-Physical Systems

Runtime Assurance Framework Development for Highly Adaptive Flight Control Systems

Contact Info

Product

Resources

About