Final Report Summary - ONBASS (On-board active safety system)
1. further theoretical and conceptual development of the active safety principles for aviation and formation of theoretical model(s) to analyse the limits of this principle's applicability;
2. Research and development (R&D) of basic fault tolerant hardware elements for the on-board part of the active safety system for aviation;
3. concepts, design and development of a resilient system software core for the active safety system for aviation.
This scope can be achieved by work in the following closely related areas:
- researching of operational model and development of a theoretical model of flight risk;
- development of rigorous system requirements for the realisation of PASS;
- research, conceptual design and development of system software;
- research, conceptual design and prototype development for on-board embedded hardware.
In summary, the scientific and technological objectives of ONBASS were:
- to define the theoretical limits for safety improvements by means of proper use of available flight data, i.e. how and how much information about a flight can be used to provide improved safety;
- to suggest schemes and the means by which aviation safety systems should be organised so as to enable effective flight information processing;
- to analyse the complexity of real-time flight data and how to make it simpler;
- to establish the required performance and reliability levels for the active safety system and its main elements (on-board, on-ground, national / international / European level);
- to investigate the role of the main 'agents' responsible for risk and theoretical ways to tolerate/address them;
- to research the software aspects associated with robust and reliable safety-critical onboard software (specification languages, formal methods and tools);
- to conduct analysis and modelling of essential features and elements;
- to design and develop the system software structures for active safety systems;
- to analyse, model, design and develop the hardware for active safety systems;
- to investigate, analyse and define the economics and business aspects associated with the PASS approach in the long-term.
The project was structured into broader activity packages, as follows:
Theory and operational model
The objective of this work was the development of theoretical and operational models of aircraft exploitation in terms of a formation of a safety profile and monitoring. After a systematic survey of the application domain and the processing of existing statistical data in the application domain, the profile of flight risk for commercial and general aviation was developed. Having this data in combination with the analysis of existing systems available, a conclusion was made about features of operational models that will enable an operational risk analysis in real-time of flight. From the operational risk analysis model a reliability model of flight was derived, aiming at the possibility of real-time prognosis of flight risk. Finally, the programming of the reliability model was done and a simulation of its operation in real-time data processing was given.
System requirements analysis
The objectives of this work were to:
1. clearly and concisely define the overall requirements of the system both from the external point of view of its users and also in terms of its internal function;
2. ensure that the safety context and safety requirements are clearly defined;
3. understand which certification and qualification standards are relevant and to what extent;
4. define what the system must do, and must not do, for each distinct kind of user and what interaction there is with the user, and how it will be represented;
5. define the interfaces both externally to the devices operational context, internally within the device between subsystems, and within subsystems between components;
6. define the hardware architecture to provide the reliability and fault tolerance required;
7. define the system software (runtime) required to support the hardware and to present a resilient set of services to the application software. Define the application software required to meet the needs of each kind of user;
8. ensure that the design is traceable and verifiable by audit, and that the prototype's function is testable in practical terms.
The objectives of this work package were to:
1. design and implement a new generation of system software for embedded real time systems with a focus on support for hardware fault tolerance, reconfigurability, consistency self-checking and recovery during operation;
2. develop new integral design methodology for developing such systems, improving the state of the art in terms of correctness, robustness and resource efficiency with an emphasis on hardware / software co-design;
3. develop recovery techniques within the real time system to support dynamic reconfiguration of the hardware during and after fault detection / reconfiguration, whilst preserving state and synchronisation in a rigorous way;
4. apply the aforementioned systems to safety-critical aviation control and demonstrate with the PASS application.
The main objective of this work package consisted in developing a highly reliable system including fault tolerant processors, system memory, flight memory and communication interfaces. This work package also included the proof of the fault tolerant mechanism. The reliability of the system hardware has been proven analytically and practically.
Integration, verification and demonstration
The objective of this work package was to integrate the verified software modules on the respective hardware prototypes and to perform an overall system verification making use of suitable simulation and laboratory set-ups. Once the overall system performance was verified, the demonstrator was demonstrated in real flights in November 2007.
The ONBASS system, by design, possesses a number of innovative features as far as its operational characteristics. These innovative features offer the users of the ONBASS system a series of benefits of which the most predominant are described in following:
- Real-time active safety - will greatly assist in reducing the number of general aviation (as the primary field of application) accidents and resulting casualties.
- Fault-tolerant ONBASS system processor and RAM - will result in extremely high reliability and availability of the system and very rare on-site maintenance actions.
- Fault-tolerant ONBASS flight data memory - will result in a high integrity and trustworthiness of the stored data.
- Resilient ONBASS software core - will greatly contribute in the extremely high reliability and availability of the system, as well as in the uninterrupted and efficient provision of the system's services.
- Independent power supply - will ensure that recording of crucial aircraft parameters continues even prior to / during a hazardous situation / accident or even in the event of the loss of aircraft power.
The initial target market for the ONBASS system will obviously have to be European GA aircraft. This is only reasonable as the geographic distribution and business 'reach' of the ONBASS partners mostly covers this continent. Further, setting-up distribution channels and building on the business contacts and partnerships of the partners would make potential sales in this region much more likely and straight-forward.