Hazards in advising autonomy: Inferring hazard causes in UAS dynamics

Some results from applying a novel dynamic hazard modeling approach are described. It is posited that the system modeling approach developed in this work facilitates both the systematic application of a Hazard and Operability (HAZOP) study and supports a complementary inference approach, effectively supporting "diagnosis" of possible design faults, or system defects, from the concept phase onwards in the development of autonomous systems. In this context, the paper describes results arising from an ongoing investigation determining and developing tools for the identification and assessment of hazards likely to arise with the system reliability and behavioral aspects of automatic system advisory functions - such as might be found in a system advisory function facilitating critical decision-making in an autonomous vehicle. A suitable example of this is in a simplified representation of the advisory functions and rules embodied in an Unmanned Autonomous System (UAS) within its “Sense & Avoid” capability. Such advisory functions are required to show that they can ensure safe behavior in order that an airborne autonomous system may then operate within un-segregated airspace. In consideration then of a particular research question arising with this research - how might independent system reliability models, physical and dynamical models, and perhaps historical accident data be combined to determine performance bounds, set safety constraints and aid system evaluation of advisory systems? - work has so far considered the nature of the relevant dynamical and behavioral models in the context of hazard assessment. Having now produced a representative model and associated behavior based results, a method of measuring the validity of these results is described with an example. Additional work is yet to be undertaken to process the validation measures and refine the hazard modeling process.