Skip to main content

A dependable approach to ATM systems


The project's major achievements are:

- adaptation of dependability methodology to ATM systems
- object model (supported by the standard Object Modelling Technique (OMT) formalism) and data-flow diagrams, representing the functions and data of a generic ATM system
- classification of services' importance
- allocation of severity levels to functions and components
- allocation of dependability objectives to functions and components
- assessment of the adequacy of database management systems' techniques to ATM systems, with regard to dependability requirements.
The increase of air traffic demand and the foreseen integration of air and ground segments implies additional but more stringent, and even more critical, requirements in the field of air traffic control. In the context of all the foreseen evolutions of ATM systems and their architecture, their fault tolerance design has not yet been given deep attention. The DAAS project initiated a systematic and rigorous methodology to define, build and assess dependability requirements of ATM systems, special attention being paid to integration of existing standards of the airborne field into this methodology.

Future work and results

Based on the ATM dependability objectives defined in DAAS, potential applications should be oriented towards the preliminary specification of a high reliability core application. This application could be, for instance, the Trajectory Negotiation Process, because it is a good example of airborne application involving air and ground computers in an air-ground ATM cooperation process. An additional application dealing specifically with ground topics, such as multisector planning, would have to be envisaged to complete the scope of this project follow-on. On the basis of low level airborne and ground dependability criteria, this preliminary specification would optimise, in terms of fault tolerance strategies, the hierarchical structure concept introduced in the previous Generic Approach to ATM System (GAAS) study, where central airborne/ground components are distributed through hierarchical layers.

The results of DAAS can be reused in related follow-on projects under the Fourth Framework Programme, the following issues being explored in the early stage:
- survey and analysis of state-of-the-art in ultra-reliable architecture applications;
- comprehensive examination of data network infrastructures, current bottlenecks and technical trends;
- consequent organisation of fault-tolerant algorithm methodology for GAAS-like architecture design (airborne and ground-based architectures) through the use of distribution, redundancy, processor grouping, fault-handling policies and mechanisms (fault masking, fault refinement, recovery blocks).

Exploitation potential and plans

The DAAS methodology can be directly applied in projects where dependability objectives have been fixed at the requirement level and for which a dependability study has been planned (for example, a dependability study will be required for the future EATMS prototype).

In projects for which no dependability study has been planned but where implicit dependability requirements exist (as for instance the ECARDA project PATIO), the following results of DAAS could be helpful at the functional level: object oriented model of a generic ATM system; allocation of importance levels to services; allocation of severity levels to functions.


Thomson-CSF Airsys
7 Rue Des Mathurins
92323 Bagneux

Participants (7)

Aérospatiale Société Nationale Industrielle SA
Daimler-Benz Aerospace/Airbus
75 Rue La Boetie
Sextant Avionique SA
Siemens Plessey Systems Ltd
United Kingdom
University of Rome