Establishing a framework for dynamic risk management in 'intelligent' aero-engine control

Zeshan Kurd, Tim Kelly, John A. McDermid, Radu C. Calinescu, Marta Z. Kwiatkowska

Research output: Chapter in Book/Report/Conference proceedingChapter

Abstract

The behaviour of control functions in safety critical software systems is typically bounded to prevent the occurrence of known system level hazards. These bounds are typically derived through safety analyses and can be implemented through the use of necessary design features. However, the unpredictability of real world problems can result in changes in the operating context that may invalidate the behavioural bounds themselves, for example, unexpected hazardous operating contexts as a result of failures or degradation. For highly complex problems it may be infeasible to determine the precise desired behavioural bounds of a function that addresses or minimises risk for hazardous operation cases prior to deployment. This paper presents an overview of the safety challenges associated with such a problem and how such problems might be addressed. A self-management framework is proposed that performs on-line risk management. The features of the framework are shown in context of employing intelligent adaptive controllers operating within complex and highly dynamic problem domains such as Gas-Turbine Aero Engine control. Safety assurance arguments enabled by the framework necessary for certification are also outlined.
Original languageEnglish
Title of host publicationComputer Safety, Reliability, and Security 28th International Conference, SAFECOMP 2009, Hamburg, Germany, September 15-18, 2009. Proceedings
Place of PublicationBerlin (DE)
PublisherSpringer
Pages326-341
Number of pages16
Volume5775/2009
ISBN (Print)9783642044670
DOIs
Publication statusPublished - 3 Sep 2009

Publication series

NameLecture Notes in Computer Science
PublisherSpringer

Fingerprint

Engine Control
Aeroengine
Risk Management
Risk management
Engines
Safety
Self-management
Safety-critical Systems
Gas Turbine
Necessary
Control Function
Certification
Dynamic Problem
Hazard
Software System
Gas turbines
Hazards
Degradation
Minimise
Controller

Bibliographical note

The original publication is available at www.springerlink.com

Keywords

  • software systems
  • system level hazards

Cite this

Kurd, Z., Kelly, T., McDermid, J. A., Calinescu, R. C., & Kwiatkowska, M. Z. (2009). Establishing a framework for dynamic risk management in 'intelligent' aero-engine control. In Computer Safety, Reliability, and Security 28th International Conference, SAFECOMP 2009, Hamburg, Germany, September 15-18, 2009. Proceedings (Vol. 5775/2009, pp. 326-341). (Lecture Notes in Computer Science). Berlin (DE): Springer. https://doi.org/10.1007/978-3-642-04468-7_26
Kurd, Zeshan ; Kelly, Tim ; McDermid, John A. ; Calinescu, Radu C. ; Kwiatkowska, Marta Z. / Establishing a framework for dynamic risk management in 'intelligent' aero-engine control. Computer Safety, Reliability, and Security 28th International Conference, SAFECOMP 2009, Hamburg, Germany, September 15-18, 2009. Proceedings. Vol. 5775/2009 Berlin (DE) : Springer, 2009. pp. 326-341 (Lecture Notes in Computer Science).
@inbook{c8396f75f95842e0a70061943353573f,
title = "Establishing a framework for dynamic risk management in 'intelligent' aero-engine control",
abstract = "The behaviour of control functions in safety critical software systems is typically bounded to prevent the occurrence of known system level hazards. These bounds are typically derived through safety analyses and can be implemented through the use of necessary design features. However, the unpredictability of real world problems can result in changes in the operating context that may invalidate the behavioural bounds themselves, for example, unexpected hazardous operating contexts as a result of failures or degradation. For highly complex problems it may be infeasible to determine the precise desired behavioural bounds of a function that addresses or minimises risk for hazardous operation cases prior to deployment. This paper presents an overview of the safety challenges associated with such a problem and how such problems might be addressed. A self-management framework is proposed that performs on-line risk management. The features of the framework are shown in context of employing intelligent adaptive controllers operating within complex and highly dynamic problem domains such as Gas-Turbine Aero Engine control. Safety assurance arguments enabled by the framework necessary for certification are also outlined.",
keywords = "software systems, system level hazards",
author = "Zeshan Kurd and Tim Kelly and McDermid, {John A.} and Calinescu, {Radu C.} and Kwiatkowska, {Marta Z.}",
note = "The original publication is available at www.springerlink.com",
year = "2009",
month = "9",
day = "3",
doi = "10.1007/978-3-642-04468-7_26",
language = "English",
isbn = "9783642044670",
volume = "5775/2009",
series = "Lecture Notes in Computer Science",
publisher = "Springer",
pages = "326--341",
booktitle = "Computer Safety, Reliability, and Security 28th International Conference, SAFECOMP 2009, Hamburg, Germany, September 15-18, 2009. Proceedings",
address = "Germany",

}

Kurd, Z, Kelly, T, McDermid, JA, Calinescu, RC & Kwiatkowska, MZ 2009, Establishing a framework for dynamic risk management in 'intelligent' aero-engine control. in Computer Safety, Reliability, and Security 28th International Conference, SAFECOMP 2009, Hamburg, Germany, September 15-18, 2009. Proceedings. vol. 5775/2009, Lecture Notes in Computer Science, Springer, Berlin (DE), pp. 326-341. https://doi.org/10.1007/978-3-642-04468-7_26

Establishing a framework for dynamic risk management in 'intelligent' aero-engine control. / Kurd, Zeshan; Kelly, Tim; McDermid, John A.; Calinescu, Radu C.; Kwiatkowska, Marta Z.

Computer Safety, Reliability, and Security 28th International Conference, SAFECOMP 2009, Hamburg, Germany, September 15-18, 2009. Proceedings. Vol. 5775/2009 Berlin (DE) : Springer, 2009. p. 326-341 (Lecture Notes in Computer Science).

Research output: Chapter in Book/Report/Conference proceedingChapter

TY - CHAP

T1 - Establishing a framework for dynamic risk management in 'intelligent' aero-engine control

AU - Kurd, Zeshan

AU - Kelly, Tim

AU - McDermid, John A.

AU - Calinescu, Radu C.

AU - Kwiatkowska, Marta Z.

N1 - The original publication is available at www.springerlink.com

PY - 2009/9/3

Y1 - 2009/9/3

N2 - The behaviour of control functions in safety critical software systems is typically bounded to prevent the occurrence of known system level hazards. These bounds are typically derived through safety analyses and can be implemented through the use of necessary design features. However, the unpredictability of real world problems can result in changes in the operating context that may invalidate the behavioural bounds themselves, for example, unexpected hazardous operating contexts as a result of failures or degradation. For highly complex problems it may be infeasible to determine the precise desired behavioural bounds of a function that addresses or minimises risk for hazardous operation cases prior to deployment. This paper presents an overview of the safety challenges associated with such a problem and how such problems might be addressed. A self-management framework is proposed that performs on-line risk management. The features of the framework are shown in context of employing intelligent adaptive controllers operating within complex and highly dynamic problem domains such as Gas-Turbine Aero Engine control. Safety assurance arguments enabled by the framework necessary for certification are also outlined.

AB - The behaviour of control functions in safety critical software systems is typically bounded to prevent the occurrence of known system level hazards. These bounds are typically derived through safety analyses and can be implemented through the use of necessary design features. However, the unpredictability of real world problems can result in changes in the operating context that may invalidate the behavioural bounds themselves, for example, unexpected hazardous operating contexts as a result of failures or degradation. For highly complex problems it may be infeasible to determine the precise desired behavioural bounds of a function that addresses or minimises risk for hazardous operation cases prior to deployment. This paper presents an overview of the safety challenges associated with such a problem and how such problems might be addressed. A self-management framework is proposed that performs on-line risk management. The features of the framework are shown in context of employing intelligent adaptive controllers operating within complex and highly dynamic problem domains such as Gas-Turbine Aero Engine control. Safety assurance arguments enabled by the framework necessary for certification are also outlined.

KW - software systems

KW - system level hazards

UR - http://www.scopus.com/inward/record.url?scp=70350448148&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-04468-7_26

DO - 10.1007/978-3-642-04468-7_26

M3 - Chapter

SN - 9783642044670

VL - 5775/2009

T3 - Lecture Notes in Computer Science

SP - 326

EP - 341

BT - Computer Safety, Reliability, and Security 28th International Conference, SAFECOMP 2009, Hamburg, Germany, September 15-18, 2009. Proceedings

PB - Springer

CY - Berlin (DE)

ER -

Kurd Z, Kelly T, McDermid JA, Calinescu RC, Kwiatkowska MZ. Establishing a framework for dynamic risk management in 'intelligent' aero-engine control. In Computer Safety, Reliability, and Security 28th International Conference, SAFECOMP 2009, Hamburg, Germany, September 15-18, 2009. Proceedings. Vol. 5775/2009. Berlin (DE): Springer. 2009. p. 326-341. (Lecture Notes in Computer Science). https://doi.org/10.1007/978-3-642-04468-7_26