The use of Interaction Laws on Air Traffic Control for Specifying Dependable Interactions Apt 02 03/04/2007 Domain Analysis Rodrigo Paes [email protected].

The use of Interaction Laws on Air Traffic Control for Specifying Dependable Interactions

Apt 0203/04/2007

Domain Analysis

Rodrigo Paes

[email protected]

Rodrigo Paes - [email protected] © LES/PUC-Rio

Agenda

• Typical Scenario

– Flight Plan Approval

– Take Off

– En route

– Landing

• Dependability

– Fault-tolerance (controllers and pilots)

– DepExp

• Laws

• Implementation … so far


Flight plan approval

(Flight Plan, Airplane information)

Approve plan

Ground instructions

Ground instructions


Take off

(Ask permission to take-off)

(permission)

takeoff


En route

intersections

airways

radarcontroller

sector

weather


Sequence diagram under normal situations


Laws

• During the flight approval

– If the controller approves the flight plan, it must be verified if the airplane has the minimum autonomy, i.e.,

• A -> B -> C + 45 min.

• (DEP) (ARR) (ALT) (reserva)

• During the flight

– Airplanes must keep a safe distance

• Both vertical and horizontal

• Landing

– There is minimum amount of time between two landings


Dependability

• Risk analysis (what can go wrong?)

– Communication failures

• Airplane – Controller

• Radar – Controller

– Controller unavailability

– Controller behaves against the laws

• She authorizes the take off of an airplane not in conformance with the minimum autonomy rule

• She informs changes in the flight plan. However these changes are not in conformance with the “safe distance” rule

• She does not comply with thee minimum time interval rule while authorizing the landing

– Airplane behaves against the laws

• She changes the flight plan with no authorization from the controller


Dependability

• Dependability Explicit Computing

– We can keep continuously improving the system by:

• Assessing bad controllers and aircraft and perform actions to deal with them

– Assessment can be done automatically by monitoring the laws

– Dependability data

• Controllers

• Aircraft

– Examples

• Each time a controller or an aircraft performs an action that is not in conformance with the laws, then we should update the dependability database


XMLaw

• Scenes

takeOff

monitoring

controllerOrders

handOver

landing


TakeOff

takeOff{msg1{airplane, controller, handshake($flightPlan,$airplaneInfo)}msg2{controller, airplane, $groundInstructions}msg3{airplane, controller, askPermission}msg4{controller, airplane, ok}

s1{initial}s5{success}

t1{s1->s2, msg1}t2{s2->s3, msg2}t3{s3->s4, msg3}t4{s4->s5, msg4, [checkMinimumAutonomy]}

// takeOff scene's constraintscheckMinimumAutonomy{br.pucrio.CheckMinimumAutonomy}

}


Monitoring

monitoring{

msg1{radar, controller, $flightProgressStrip}

msg2{airplane, controller, $flightProgressStrip}

msg3{airplane, controller, landing}

s1{initial}

s3{success}

t1{s1->s2, msg1}

t2{s1->s2, msg2}

t3{s2->s2, msg1}

t4{s2->s2, msg2}

t5{s2->s3, msg3}

}


ControllerOrders

controllerOrders{

msg1{controller, airplane, $changeFlightPlan}

msg2{controller, airplane, end}

s1{initial}

s3{success}

t1{s1->s2, msg1}

t2{s2->s2, msg1}

t3{s2->s3, end}

}


Handover

handover{

msg1{controller, airplane, $switchController}

s1{initial}

s2{success}

t1{s1->s2, msg1}

}


landing

landing{

msg1{airplane, controller, $askPermission}

msg2{controller, airplane, ok}

s1{initial}

s3{success}

t1{s1->s2, msg1}

t2{s2->s3, ok, [checkMinimumDistance]}

// landing scene's constraints

checkMinimumDistance{br.pucrio.CheckMinimumDistance}

}


Actions globais

// Global action

informControllerAndAirplane{(takeOff.checkMinimumAutonomy), br.pucrio.InformControllerAndAirplane}

detectFlightPlanChanges{(monitoring.t1, monitoring.t2, monitoring.t3, monitoring.t4, controllerOrders.t1, controllerOrders.t2)}


Next steps

• Implementation level

– Integrate with XMLaw

• Change the interpreter of MLaw

– Implement Graphical Visualization

• Research

– Read Jean-Pierre’s Project

– Write Tech Report

• Focus on the flexibility of Laws to deal with dependability

DEMO


Bibliografia Preliminar

• Sales, C. R., Sala de Regulamento de Tráfego Aéreo; http://www.airandinas.com/ - acessado em 18/01/2007

• Ljungberg, M. and A. Lucas, The OASIS Air Traffic Management System, in Second Pacific Rim International Conference on Artificial Intelligence. 1992: Seoul, Korea.

• Ndovie, B., Simulation of a conflict management system for air traffic control, in Second International Working Conference on CKBS. 1994: DAKE Centre, University of Keele.

• Felici, M., Capturing Emerging Complex Interactions - Safety Analysis in ATM, in Workshop on Complexity in Design and Engineering. 2005: Edinburgh, Scotlad.

Obrigado!

Rodrigo Paes

[email protected]

The use of Interaction Laws on Air Traffic Control for Specifying Dependable Interactions Apt 02 03/04/2007 Domain Analysis Rodrigo Paes [email protected].

Documents

s2 rodrigo paes

controller slide

landing airplane

lespucrio laws

lespucrio landing landing

lespucrio takeoff takeoff

lespucrio handover handover

lespucrio cenrio tpico