Hellen Gill

Category: Education

Presentation Description

No description available.


Presentation Transcript

Systems and Software Research for Safety-Critical Aviation Systems: 

Systems and Software Research for Safety-Critical Aviation Systems Helen Gill, Ph.D. CISE/CNS National Science Foundation

Aviation Context for Safety-Critical Software and Systems Research: 

Aviation Context for Safety-Critical Software and Systems Research Vehicle technology research Platforms: materials, fuel-efficiency, range, … Hypersonics, supersonics, subsonics, rotorcraft, … Software-integrated systems, software control Today’s US airspace and flight experience UAV progress: Access5, Unite Alliance, National Institute of Aerospace High altitude, long endurance vehicles Growing civilian usage Commercial aviation: Industry under economic duress Concentration at hubs CIP/TSA waiting queues Airspace configuration and management progress: …?

Aviation Context (continued): 

Aviation Context (continued) Tomorrow’s civilian airspace? (capacity/structure) Large scale, long range transport, transatlantic/global regulation? Shuttles/commuters, business jet cooperatives, air taxis, … Mandatory technology increase for general aviation Wider UAV deployment, (mixed airspace?) Technology-enabled: GPS/satellite navigation, CA systems.… Consequences for software certification: More systems components will be safety-critical Increased automation required to support capacity (reduced separation) Technology push to increase pace, decrease cost of certification More aircraft configurations to certify Global compliance requirements

Aviation Systems as Critical Infrastructure: 

Aviation Systems as Critical Infrastructure Requirement for secure, available systems Robustness No essential flaws in safety design Software: How can we be sure? System and Software: How can we be sure? What is the future for evaluated products? TECHNOLOGY READINESS LEVELS* TRL 1: Basic principles observed and reported TRL 2: Technology concept and/or application formulated TRL 3: Analytical and experimental critical function and/or characteristic proof-of-concept TRL 4: Component and/or breadboard validation in laboratory environment TRL 5: Component and/or breadboard validation in relevant environment TRL 6: System/subsystem model or prototype demonstration in a relevant environment (ground or space) TRL 7: System prototype demonstration in a space environment TRL 8: Actual system completed and “flight qualified” through test and demonstration (ground or space) TRL 9: Actual system “flight proven” through successful mission operations *A White Paper, April 6, 1995, John C. Mankins, Advanced Concepts Office Office of Space Access and Technology NASA

Federal Activities towards Critical Infrastructure Protection: 

Federal Activities towards Critical Infrastructure Protection HSPD-7 ISACs, NIPP, SCCs, etc. CIP R&D Planning National CIP R&D Plan CIIP R&D Plan NSTC Committee structure CT – Committee on Technology Networking, IT R&D Subcommittee Infrastructure Subcommittee Critical Information Infrastructure Protection Interagency Working Group (to be renamed) NITRD High Confidence Software and Systems Coordinating Group NSTC CT NITRD HEC CIIP HCSS … Infrastructure H&NS …

National CIP R&D Plan April 8, 2005: 

National CIP R&D Plan April 8, 2005 Themes: Detection and Sensor Systems Protection and Prevention Entry and Access Portals Insider Threats Analysis and Decision Support Systems Response, Recovery, and Reconstitution New and Emerging Threats and Vulnerabilities Advanced Infrastructure Architectures and Systems Design Human and Social Issues NCIP R&D Roadmap identifies three strategic goals: National Common Operating Picture Secure National Communication Network Resilient, Self-Healing, Self-Diagnosing Infrastructure http://www.bfrl.nist.gov/PSSIWG/documents/2004NCIP_R&D_Plan_FINAL.pdf

Some “Grand Challenges”: 

Some “Grand Challenges” Medical devices and systems of the future Now: Practitioner closes the loop; sensor feeds to TV monitor, manual settings Future: Closed-loop patient monitoring and delivery systems, “plug and play” operating rooms/ICUs/home care Flight-critical aviation systems of the future Now: Federated designs, pilot closes the loop Future: Integrated designs; autonomy vs. pilot control SCADA systems of the future Now: Telemetry, sensor feeds to control center, centralized decision support Future: Hierarchical, decentralized, highly-automated, market/policy driven, closed-loop + supervisory control Now: Information-centric, human-closes-loop, distributed a priori, soft real-time, not secured Future: Feedback control, open and hierarchical supervisory control, mobile, aggregated, soft and hard real-time, secured

Technology Grand Challenges: 

Technology Grand Challenges Property and mechanism composition for dependable systems of all kinds: single, composite, and ad hoc aggregations of (RT, FT, secure) Cooperative distributed/aggregated systems (systems technology for aggregated systems) Robust, self-checking, self-healing, controllable systems (computation and control) Evidence-based design and composition technology, to produce systems with certifiably dependable behavior Dependable technology for an already- emerging class of future, critical systems

Cross-cutting Technical Challenges: 

Cross-cutting Technical Challenges Future distributed, real-time embedded system characteristics/requirements: Open, reconfigurable topology, group membership Styles: Integrated, peer-to-peer, “plug and play”, service-oriented Fixed & mobile, RF/optical/wired/ wireless networking modalities Mixed-initiative and highly autonomous operation Complex multi-modal behavior, discrete-continuous (hybrid) control Reconfigurable, multi-hierarchy supervisory control; vertical and horizontal interoperation End-to-end security, “self-healing” System certification Status: many experimental systems, some science Interesting results, but not yet a principled science/engineering base Focus on situation awareness, sensor nets, and simulation, not control infrastructure

Embedded Software and System Control Problem: 

Embedded Software and System Control Problem Control Software Physical/Biological/Engineered System Closing the loop around combined behaviors… Frequency Phase Hardware Platform Processing and Networking Sensing Mode, Thread switching Periodic calculation Energy Management Execution Rate Dynamic scheduling, resource management Latency Bandwidth Clock rate Energy production, consumption Voltage scaling Coordination Actuation State: Kinematic, Thermal, Electromagnetic, Optical, Chemical,… Latency Latency Stability

Research Goal: Assured Systems Software Technology Base: 

Coordinated control systems applications Unmanned autonomous air vehicles, automotive applications SCADA systems for power grid, pipeline control Remote, tele-operated surgery? OR, ICU, EMT of the future? Nano/bio devices? … Key areas for potential research Open control platforms Reconfigurable coordinated control Computational and networking substrate Assured RTOS, networking,… Middleware Virtual machines Research Goal: Assured Systems Software Technology Base

Specific Challenges for Hybrid Systems: 

Specific Challenges for Hybrid Systems Multi-system/multi-modal supervisory control Dynamically “aggregated” multi-hierarchy supervisory control Beyond stability: time-bounded convergence Safe complex transition Accommodating multi-system uncertainty Implications of tractable computational methods for modal structure “Useable design” considerations for modal structure

Report Card: Software Certification TRL ? : 

Report Card: Software Certification TRL ? Analysis tools (4?) Signficant progress, acceptance of static analysis C, C++, Java remain challenging Model checking viable for bug-finding System software technology base (2) “Evaluated products” not in sight, NIAP notwithstanding; lack of systematic safety evaluation RTOS, VM, middleware chaos Lack of integration of security, safety, fault tolerance, real-time technology Certification for adaptive systems (1) Model acquisition Mode transition, reconfiguration

Certification Challenges: Tools for Assured Applications: 

Certification Challenges: Tools for Assured Applications Comprehensive safety design, analysis Failure modes and effects analysis tool chain, system and software Software design for failure modes

HCSS and NSF/CISE Actions: 

HCSS and NSF/CISE Actions

NITRD HCSS Coordinating Group Assessment Actions : 

NITRD HCSS Coordinating Group Assessment Actions National workshops on: High Confidence Medical Device Software and Systems (HCMDSS), Planning Workshop, Arlington VA, November 2004, http://www.cis.upenn.edu/hasten/hcmdss-planning/ National R&D Road-mapping Workshop, Philadelphia, Pennsylvania, June 2005, http://www.cis.upenn.edu/hcmdss/ High Confidence Aviation Systems (title TBD) Planning Workshop, Seattle, WA, November 21-22, 2005 National R&D Road-mapping Workshop, venue TBD, June/July 2006 High Confidence Critical Infrastructures: “The Electric Power Grid: Beyond SCADA” Planning EU-US Planning meeting, October, 2005 US Planning Workshop, Washington, DC, November-December, 2005 Workshops US National R&D Road-mapping Workshop, venue TBD, March, 2006 EU-US Workshop, Framework Program 7 linkage

NITRD HCSS Coordinating Group Assessment Actions (continued): 

NITRD HCSS Coordinating Group Assessment Actions (continued) Backdrop: NSF/OSTP Critical Infrastructure Protection Workshop, Leesburg, VA, September 2002, http://www.eecs.berkeley.edu/CIP/ NSF Workshop, on CIP for SCADA, Minneapolis MN, October 2003 http://www.adventiumlabs.org/NSF-SCADA-IT-Workshop/index.html National Academies’ study: “Sufficient Evidence? Design for Certifiably Dependable Systems”, http://www7.nationalacademies.org/cstb/project_dependable.html HCSS real-time operating systems research needs assessment: Real-time embedded systems information technology base evaluation and prospectus: September-October 2005 Scope: secure RTOS, virtual machines, middleware Industry input (NDA): System integration houses, labs, FFRDCs, RTOS/middleware vendor perspective, OMG National Coordination Office summary report(s) derived from workshops, industry input sessions, NAS study

Conclusion: A Possible PSERC Research Agenda?: 

Conclusion: A Possible PSERC Research Agenda? Exploit renewables and distributed generation/micro-grid research as CIP breakthrough opportunity. Why? Concept development hotbed for systems of secure, distributed, real-time embedded systems Vector for change via new and emerging markets, decentralization Fosters US competitiveness in control systems and embedded systems technologies Foster multi-disciplinary work that includes the IT research community. Why? Leverage; investment multiplier NSF CISE-ENG grass-roots enthusiasm for cooperation in this area (Tomsovic, Baheti, Schwartzkopf, Rodriguez, Rotea, Gill, …) Initial NSF/DoE/DHS cooperation for secure electric power systems (Cyber Trust) Who else will do this?

So Far: NSF CISE Investments in Critical Infrastructure, Power Systems : 

So Far: NSF CISE Investments in Critical Infrastructure, Power Systems CISE/CNS Computer Systems Research Program Embedded and Hybrid Systems disciplinary area (Watch for new emphasis areas in FY 2006 announcement) CISE/CNS Networking Research “Clean Slate” Internet research initiative Planning grant: study on real-time networking for critical infrastructures NSF Science and Technology Center: TRUST UC Berkeley, with Vanderbilt, Cornell, Stanford, CMU, … http://trust.eecs.berkeley.edu/ Engineering Research Centers: current competition Information Technology Research, competition ended, active grants remain (EU-US linkages, G.3 and D.4): Center for Hybrid and Embedded Systems (CHESS), UC Berkeley Secure and Robust IT Architectures to Improve Survivability of the Power Grid, CMU/WSU Multi-Layered Architecture for Reliable and Secure Large-Scale Networks, CMU Infrastructure Programs: Major Research Infrastructure: Laboratory to Study FACTS Device Interactions, U. of Missouri at Rolla Cyber Trust (FY 2005 Center-Scale portfolio, TBA 2-3 weeks)

Thank you: 

Thank you

High-Confidence Software and Systems (HCSS) Agencies: 

High-Confidence Software and Systems (HCSS) Agencies Air Force Research Laboratories* Army Research Office* Defense Advanced Research Projects Agency Department of Energy Federal Aviation Administration* Food and Drug Administration* National Air & Space Administration National Institutes of Health National Institute of Science and Technology National Science Foundation National Security Agency Office of Naval Research* * Cooperating agencies

authorStream Live Help