Early Afternoon Concurrent Sessions: Critical Issues: Presentation: System Safety Modeling of Alternative Geofencing Configurations for Small UAS
Location
San Tan Ballroom
Topic Area
UNMANNED AERIAL SYSTEMS CERTIFICATION
Other Topic Area
UAS Integration into the NAS, Safety risk modeling
Abstract
As is well known, the integration of small Unmanned Aircraft Systems (sUAS) or “drones” into the National Airspace System (NAS) has captured significant industry, academic, regulatory and media attention. For sUAS that typically fly low and slow, the possibility of a mid-air collision with a nearby general aviation aircraft needs to be studied from a system safety perspective to identify possible hazards and to assess mitigations. The Aviation System Risk Model (ASRM) is a first-generation socio-technical model that uses a Bayesian Belief Network (BBN) methodology to integrate possible hazards to assess a non-linear safety risk metric. Using inductive logic, the ASRM may be used to evaluate underlying causal factors linked to the air vehicle and/or to the systems and procedures that lead to the unsafe state and the probabilistic interactions among these factors that contribute to the safety risk. The ASRM can also assess the projected impact of mitigations. Recently, the ASRM has been updated with the use of the Hazard Classification and Analysis System (HCAS) that provides an analytic structure for categorizing hazards related to the UAS, Airmen, Operations and the Environment. In this paper, the ASRM, together with the HCAS, is demonstrated with a notional scenario that involves a sUAS being used for aerial surveillance in the siting of a wind turbine farm near the Yukon River in Alaska. It is conjectured that the sUAS interacts with a general aviation aircraft flying in the nearby vicinity from a local airport. The sUAS being used is a fixed wing-type where there is a failure of the separation assurance function since the UAS leaves its Area of Operation (AO) due to a Ground Control Station (GCS) transmission disruption (from faulty maintenance) and by the waypoints being incorrectly programmed. In the modeling approach, the time-dependent effects of wind velocity, wind sensor faults, and wind sensor accuracy are also included. In particular, the system safety study focuses on alternative geofencing mitigations proposed by Atkins (2014) such as using a single onboard processor that integrates the datalink, autopilot and geofencing functions vs. the use of a separate processor solely for the geofencing function. The alternative geofencing configurations are modeled as separate “objects” or sub-nets in a fault tree-type analysis. The geofencing fault tree analyses can then be iteratively linked with the top-level network to comparatively assess the efficacies of the alternative geofencing configurations on reducing the likelihood of the sUAS leaving its’ AO. The ASRM safety risk results for the notional scenario are presented and interpreted. It is suggested that the safety risk model may also be used to strategically assess alternative “assured containment” concepts as posited by Hayhurst et al. (2015).
References:
Atkins, E.M. (2014), “Autonomy as an enabler of economically-viable, beyond-line-of-sight, low-altitude UAS application with acceptable risk,” AUVSI Unmanned Systems, Orlando, FL, May 12-15, pp. 200-211.
Hayhurst, K.J., N.A. Neogi, and H.A. Verstynen (2015), “A Case Study for Assured Containment,” International Conference on Unmanned Aircraft Systems (ICUAS), Denver Marriott Tech Center, Denver, CO, June 9-2, pp. 260-268.
Start Date
16-1-2016 1:00 PM
End Date
16-1-2016 2:00 PM
Other Format Preference
I plan to submit a paper with a presentation
Chair/Note/Host
Co-Chairs: Jimmy Clem, CEO Unmanned Aerial Consulting; Dan Macchiarella, Dean, College of Aviation, ERAU-DB
Keywords
Aviation, Unmanned Aircraft Systems, Small Unmanned Aircraft Systems, Geofencing, System safety; UAS Integration in the NAS, National Airspace, NAS, Drone, Drone Integration, SUAS
Scholarly Commons Citation
Luxhoj, James T., "Early Afternoon Concurrent Sessions: Critical Issues: Presentation: System Safety Modeling of Alternative Geofencing Configurations for Small UAS" (2016). Aviation / Aeronautics / Aerospace International Research Conference. 36.
https://commons.erau.edu/aircon/2016/Saturday/36
Early Afternoon Concurrent Sessions: Critical Issues: Presentation: System Safety Modeling of Alternative Geofencing Configurations for Small UAS
San Tan Ballroom
As is well known, the integration of small Unmanned Aircraft Systems (sUAS) or “drones” into the National Airspace System (NAS) has captured significant industry, academic, regulatory and media attention. For sUAS that typically fly low and slow, the possibility of a mid-air collision with a nearby general aviation aircraft needs to be studied from a system safety perspective to identify possible hazards and to assess mitigations. The Aviation System Risk Model (ASRM) is a first-generation socio-technical model that uses a Bayesian Belief Network (BBN) methodology to integrate possible hazards to assess a non-linear safety risk metric. Using inductive logic, the ASRM may be used to evaluate underlying causal factors linked to the air vehicle and/or to the systems and procedures that lead to the unsafe state and the probabilistic interactions among these factors that contribute to the safety risk. The ASRM can also assess the projected impact of mitigations. Recently, the ASRM has been updated with the use of the Hazard Classification and Analysis System (HCAS) that provides an analytic structure for categorizing hazards related to the UAS, Airmen, Operations and the Environment. In this paper, the ASRM, together with the HCAS, is demonstrated with a notional scenario that involves a sUAS being used for aerial surveillance in the siting of a wind turbine farm near the Yukon River in Alaska. It is conjectured that the sUAS interacts with a general aviation aircraft flying in the nearby vicinity from a local airport. The sUAS being used is a fixed wing-type where there is a failure of the separation assurance function since the UAS leaves its Area of Operation (AO) due to a Ground Control Station (GCS) transmission disruption (from faulty maintenance) and by the waypoints being incorrectly programmed. In the modeling approach, the time-dependent effects of wind velocity, wind sensor faults, and wind sensor accuracy are also included. In particular, the system safety study focuses on alternative geofencing mitigations proposed by Atkins (2014) such as using a single onboard processor that integrates the datalink, autopilot and geofencing functions vs. the use of a separate processor solely for the geofencing function. The alternative geofencing configurations are modeled as separate “objects” or sub-nets in a fault tree-type analysis. The geofencing fault tree analyses can then be iteratively linked with the top-level network to comparatively assess the efficacies of the alternative geofencing configurations on reducing the likelihood of the sUAS leaving its’ AO. The ASRM safety risk results for the notional scenario are presented and interpreted. It is suggested that the safety risk model may also be used to strategically assess alternative “assured containment” concepts as posited by Hayhurst et al. (2015).
References:
Atkins, E.M. (2014), “Autonomy as an enabler of economically-viable, beyond-line-of-sight, low-altitude UAS application with acceptable risk,” AUVSI Unmanned Systems, Orlando, FL, May 12-15, pp. 200-211.
Hayhurst, K.J., N.A. Neogi, and H.A. Verstynen (2015), “A Case Study for Assured Containment,” International Conference on Unmanned Aircraft Systems (ICUAS), Denver Marriott Tech Center, Denver, CO, June 9-2, pp. 260-268.