WP4-07: Difference between revisions
Rotechnology (talk | contribs) (Created page with "=Run-Time Safety Checker= {|class="wikitable" | ID|| WP4-07 |- | Contributor || ROT |- | Levels || Functional |- | Require || Set of safety rules based on risk assessment |- | Provide || Increasing flight control thus preventing harm to drones, object or people. |- | Input || Sensor parameters |- | Output || Operational status |- | TRL || 3 |} ==General Description== The RSC (Run-Time Safety Checker) is a software module proposed to be used for control...") |
|||
(2 intermediate revisions by one other user not shown) | |||
Line 7: | Line 7: | ||
| Levels || Functional | | Levels || Functional | ||
|- | |- | ||
| Require || | | Require || Safety rules based on risk assessment | ||
|- | |- | ||
| Provide || Increasing flight control | | Provide || Increasing flight control to prevent harm to drones, objects or people. | ||
|- | |- | ||
| Input || Sensor parameters | | Input || Sensor parameters | ||
Line 16: | Line 16: | ||
|- | |- | ||
| TRL || 3 | | TRL || 3 | ||
|- | |||
| Contact || diego.grimani at rotechnology.it | |||
|} | |} | ||
==General Description== | ==General Description== | ||
The RSC (Run-Time Safety Checker) is a software module proposed to be used for control and management of the parameters that could be critical for the flight of the drone. | The RSC (Run-Time Safety Checker) is a software module proposed to be used for control and management of the parameters that could be critical for the flight of the drone. | ||
The implementation is based on the predefined Safety Rules, which define the functioning of the component | The implementation is based on the predefined Safety Rules, which define the functioning of the component. The RSC will be activated whenever one of the safety rules fails and it will implement a resolution procedure. The module requires the management of several parameters and their combination, as the conditions that may occur are various. | ||
==Specification and contribution== | ==Specification and contribution== | ||
In the C4D project it was considered a scenario regarding bad atmospheric conditions. | In the C4D project it was considered a scenario regarding bad atmospheric conditions. Specific temperature and humidity values can affect the navigation of the drone to the point of compromising the mission, so these parameters must be constantly monitored and kept under control. | ||
Two different risky situations have been considered: | Two different risky situations have been considered: | ||
* A critical battery temperature value, overcoming battery’s safe thresholds, can lead to an early battery discharge or compromise its | * A critical battery temperature value, overcoming battery’s safe thresholds, can lead to an early battery discharge or compromise its operability; | ||
* A combination of low temperature and high humidity could cause the icing phenomenon on drone’s control surfaces, compromising the flight attitude or, in the worst case, stalling it. | * A combination of low temperature and high humidity could cause the icing phenomenon on the drone’s control surfaces, compromising the flight attitude or, in the worst case, stalling it. | ||
The module monitors, at runtime, the | The module monitors, at runtime, the parameter values acquired by the on-board sensors. Sensor parameter values are the input of the Runtime Monitoring, which controls the range in which these values are. | ||
The ranges define three different | The ranges define three different states: safe, warning and critical, covering cases ranging from safe conditions for a normal flight, to the necessity for the drone to abort its mission and land immediately, since conditions for a safe flight are no longer guaranteed. | ||
The module activates a safety procedure whenever one or more thresholds are exceeded, in other words, every time a safety rule is broken. When this occurs, the module changes its state to Warning or Critical state, depending on the values of the parameters. | The module activates a safety procedure whenever one or more thresholds are exceeded, in other words, every time a safety rule is broken. When this occurs, the module changes its state to Warning or Critical state, depending on the values of the parameters. | ||
When the measured values identify a Warning or Critical state, the RSC activates a risky situation implementing the operations defined for specific status. | When the measured values identify a Warning or Critical state, the RSC activates a risky situation implementing the operations defined for that specific status. | ||
==Design and Implementation== | ==Design and Implementation== |
Latest revision as of 08:42, 10 March 2023
Run-Time Safety Checker
ID | WP4-07 |
Contributor | ROT |
Levels | Functional |
Require | Safety rules based on risk assessment |
Provide | Increasing flight control to prevent harm to drones, objects or people. |
Input | Sensor parameters |
Output | Operational status |
TRL | 3 |
Contact | diego.grimani at rotechnology.it |
General Description
The RSC (Run-Time Safety Checker) is a software module proposed to be used for control and management of the parameters that could be critical for the flight of the drone. The implementation is based on the predefined Safety Rules, which define the functioning of the component. The RSC will be activated whenever one of the safety rules fails and it will implement a resolution procedure. The module requires the management of several parameters and their combination, as the conditions that may occur are various.
Specification and contribution
In the C4D project it was considered a scenario regarding bad atmospheric conditions. Specific temperature and humidity values can affect the navigation of the drone to the point of compromising the mission, so these parameters must be constantly monitored and kept under control. Two different risky situations have been considered:
- A critical battery temperature value, overcoming battery’s safe thresholds, can lead to an early battery discharge or compromise its operability;
- A combination of low temperature and high humidity could cause the icing phenomenon on the drone’s control surfaces, compromising the flight attitude or, in the worst case, stalling it.
The module monitors, at runtime, the parameter values acquired by the on-board sensors. Sensor parameter values are the input of the Runtime Monitoring, which controls the range in which these values are. The ranges define three different states: safe, warning and critical, covering cases ranging from safe conditions for a normal flight, to the necessity for the drone to abort its mission and land immediately, since conditions for a safe flight are no longer guaranteed. The module activates a safety procedure whenever one or more thresholds are exceeded, in other words, every time a safety rule is broken. When this occurs, the module changes its state to Warning or Critical state, depending on the values of the parameters. When the measured values identify a Warning or Critical state, the RSC activates a risky situation implementing the operations defined for that specific status.
Design and Implementation
The component is delivered as a software library developed in C++. Its entry point is the RuntimeMonitor which takes as input a vector of float values containing the battery temperature, the external temperature and the humidity, as registered by the sensors. These are, subsequently, fed to the AssessmentManager which takes care of sorting calls to the RSCController and the DecisionHandler. Making use of the methods provided by the SafetyChecker, the RSCController evaluates the situation according to the values it received as input; afterwards, the DecisionHandler takes as input the output of the RSCController and sends out the situation assessment.
Reference
[1] Ranquist E., Steiner M., Argrow B., Exploring the range of weather impacts on UAS operations. 18th Conference on Aviation, Range and Aerospace Meteorology, Seattle, WA, 2017
[2] Apparatus for controlling safety of drone, Cho Sung-sik, Hoonmo Kim, 2016