[SystemSafety] a public beta phase ???
mattsquair at gmail.com
Wed Aug 10 09:44:27 CEST 2016
Are people thinking about a transitional capability rather than making a
jump to full authority?
On Wed, Aug 10, 2016 at 12:50 PM, Driscoll, Kevin R <
kevin.driscoll at honeywell.com> wrote:
> > Is that presentation (or any variation) available anywhere?
> It will be posted to someplace on the AOW web (
> > Could you give a summary?
> I stayed away from the argument about whether software programmers at
> design time would make more or less mistakes than pilots in situ. I didn't
> think I had anything significant to add to previous discussions. Instead,
> I looked at the cost of implementing a dependable architecture for
> full-authority pilot assistance (PA) that would be "one subsystem to rule
> them all" (apology to Tolkien). Such PA would have access to almost every
> control in the cockpit (few exceptions, e.g., possibly nose-wheel steering
> and anything not required for safe flight) and that would make it
> multi-chapter "Level A++". This level of authority would be needed for
> single pilot operations (SPO) and reduced crew operations (RCO) where a
> single crew person incapacitation would be the whole crew. Additional
> points: crew incapacitation isn't that rare (about 30/yr in UK) and don't
> necessarily fail benignly (e.g., seizure kicks rudder hard-over). Some
> simple cockpit devices (e.g. circuit breakers and
> switches) which have no universally safe state would have to be replaced
> by quad actuators. There are a lot of such circuit breakers and switches
> in the cockpit. The PA computations would need four fault containment
> zones and at least triplex intercommunication (to tolerate just one
> Byzantine fault). The degree of PA invasiveness into existing systems
> would require a complete redesign of the cockpit; prohibitively expensive
> for retrofit and dubious for forward fit. Then, there's the control
> hand-back problem (aircrew not ready to accept control when it's thrown
> back to them in the event of a PA failure) and cryptography issues for the
> RCO case (latency and international legality).
> > -----Original Message-----
> > From: GRAZEBROOK, Alvery N [mailto:alvery.grazebrook at airbus.com]
> > Sent: Monday, August 08, 2016 05:20
> > To: Driscoll, Kevin R; systemsafety at lists.techfak.uni-bielefeld.de
> > Subject: RE: [SystemSafety] a public beta phase ???
> > Hi Kevin,
> >  ... The reason I was at Ames was to give a presentation titled
> > "Cyber Safety and Security for Pilot Assistance". Yes, that's semi-
> > autonomous air crew replacement (reduced crew operations, single pilot
> > operations, etc). Synopsis: I don't think it's viable in the
> > foreseeable future.
> > 
> > I'd be really interested to know what you think are the key hurdles
> > that make the various reduced-crew operations not viable yet. Is that
> > presentation (or any variation) available anywhere? Could you give a
> > summary?
> > Cheers,
> > Alvery
> > This email and its attachments may contain confidential and/or
> > privileged information. If you have received them in error you must
> > not use, copy or disclose their content to any person. Please notify
> > the sender immediately and then delete this email from your system.
> > This e-mail has been scanned for viruses, but it is the responsibility
> > of the recipient to conduct their own security measures. Airbus
> > Operations Limited is not liable for any loss or damage arising from
> > the receipt or use of this e-mail.
> > Airbus Operations Limited, a company registered in England and Wales,
> > registration number, 3468788. Registered office: Pegasus House,
> > Aerospace Avenue, Filton, Bristol, BS34 7PA, UK.
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
BEng (Mech) MSysEng
Mob: +61 488770655
Email: MattSquair at gmail.com
Website: www.criticaluncertainties.com <http://criticaluncertainties.com/>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the systemsafety