Establishing a Framework for Dynamic Risk Management in ‘Intelligent’ Aero-Engine Control

  • Zeshan Kurd
  • Tim Kelly
  • John McDermid
  • Radu Calinescu
  • Marta Kwiatkowska
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5775)

Abstract

The behaviour of control functions in safety critical software systems is typically bounded to prevent the occurrence of known system level hazards. These bounds are typically derived through safety analyses and can be implemented through the use of necessary design features. However, the unpredictability of real world problems can result in changes in the operating context that may invalidate the behavioural bounds themselves, for example, unexpected hazardous operating contexts as a result of failures or degradation. For highly complex problems it may be infeasible to determine the precise desired behavioural bounds of a function that addresses or minimises risk for hazardous operation cases prior to deployment. This paper presents an overview of the safety challenges associated with such a problem and how such problems might be addressed. A self-management framework is proposed that performs on-line risk management. The features of the framework are shown in context of employing intelligent adaptive controllers operating within complex and highly dynamic problem domains such as Gas-Turbine Aero Engine control. Safety assurance arguments enabled by the framework necessary for certification are also outlined.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Zeshan Kurd
    • 1
  • Tim Kelly
    • 1
  • John McDermid
    • 1
  • Radu Calinescu
    • 2
  • Marta Kwiatkowska
    • 2
  1. 1.High Integrity Systems Engineering Group Department of Computer ScienceUniversity of YorkYorkUK
  2. 2.University of OxfordComputing LaboratoryOxfordUK

Personalised recommendations