Safety Assessment of Unmanned Aerial Vehicle ...

Download PDF
36 downloads 13592 Views 226KB Size Report
Comment
The results obtained allowed to identify and define critical areas and corrective ... Weight (MTOW), UAS ANTEX-X02 ALPHA EXTENDED should comply with.
Safety Assessment of Unmanned Aerial Vehicle Systems: Practical Application 1 1

Gonçalves, P.; 2 Sobral, J.; 3 Ferreira, L. 2

3

[email protected]; [email protected]; [email protected]

1

Portuguese Air Force Development and Innovation Research Centre (CIDIFA), Academia da Força Aérea, Av. Leite de Vasconcelos, N.º 4 2614-506 Amadora, Portugal 2

2

Mechanical Engineering Department, ISEL – Instituto Superior de Engenharia de Lisboa, Rua Conselheiro Emídio Navarro, 1, 1959-007 Lisboa, Portugal

Centre for Marine Technology and Engineering (CENTEC), Instituto Superior Técnico, Universidade de Lisboa, Av. Rovisco Pais, 1049-001 Lisboa, Portugal 3

Faculty of Engineering of University of Porto (FEUP), Universidade do Porto, Rua Dr. Roberto Frias,

Abstract The focus of the research centre of Portuguese Air Force Academy in recent years has been the projects involving unmanned aerial vehicles as a result of its extensive experience in the development and construction of unmanned aircraft of Class I (with mass up to 25kg). The experience and knowledge accumulated over years in this type of aircraft, was transferred to larger aircraft that required to be subject to a prior airworthiness certification process for its operation. This paper shows the result of work in the evaluation of the safety of military UAV ANTEX systems. It will be presented the methodologies (SAE ARP 4761) employed in carrying out the safety assessment of ANTEX, as well as the tools (FMECA, FTA) used to evaluate and classify the identified risks. The results obtained allowed to identify and define critical areas and corrective actions that have made the level of risk identified acceptable to the regulatory authority, obtaining in this way too the guidelines for the development of the maintenance plan that will ensure the continued airworthiness of the ANTEX UAV systems.

1. Introduction Nowadays, unmanned aerial vehicles are employed in various areas such as: complex military missions; maritime surveillance; border surveillance; environmental monitoring; agriculture, etc. However, the UAS operators face a tremendous difficulty: the mistrust feeling that still exists about these systems. In order to produce a higher level of confidence in the UAS and its operations, so as to facilitate the operation authorization process, regulatory authorities require the presentation of a Safety Assessment process, usually developed in the design phase which identifies the most feared events in operation of a particular UAS, its consequences and mitigation measures implemented to reduce the severity of failures. However, and in accordance with the recommendations in Article 8 of the Convention on International Civil Aviation (ICAO) (ICAO, 2011), "No aircraft capable of being flown without a pilot shall be flown without a pilot over the territory of the contracting State without special authorization by que State and in Accordance with the terms of such authorization ... ". This assumption stems from the need that regulators have to make the integration of various types of aircraft (manned and unmanned) in the National Airspace System (DeGarmo, 2004) (Evans and Nicholson, 2007). Thus, although there is still no regulatory framework suitable for the UAS, it is assumed that manned aircraft or unmanned share a high degree of commonality related to the airworthiness (ICAO, 2011) (EASA, 2009) (EDA, 2014) (EASA, 2015). Since most analyses would probably rely in what is currently prescribed for manned aircraft. the “UAS certification will be based on a determination of equivalence with the existing Certification Specifications (CS) developed for manned aircraft, wherever possible“ (EASA, 2009).

One of the essential analyses in a UAV airworthiness certification process is the safety assessment, because the results of this analysis will determine the level of security for airworthiness (EASA, 2015). Several regulators (FAA, EASA, CAA) accept the use of USAR (Unmanned Systems Airworthiness Requirements), developed by the French Military Authorities, and later updated by NATO FINAS group to STANAG 4671, as a reference for defining the basis for the airworthiness certification process as long the applicable airworthiness codes are identified (EASA, 2009). The safety assessment is a comprehensive and thorough analysis where each function performed by the UAV and its systems requires an evaluation of the possible failure modes, and their consequences, as well as mitigation measures required to reduce the risk in operation to an acceptable level. At the beginning of the UAV operation, during the certification process exists an uncertainty related to the response of the aircraft towards feared events, despite the identification of system vulnerabilities and the development of mitigation measures at safety assessment process. In this sense, we intend to present the application of Safety Assessment process defined in SAE 4761 to UAS ANTEX-X02 ALPHA EXTENDED. Therefore, section 2 briefly describes the Safety Assessment process inherent to UAVs. Section 3 presents the application of Safety Assessment process to UAS ANTEX-X02 ALPHA EXTENDED. Section 4 states the conclusions related to the application of Safety Assessment to an UAS.

2. Safety Assessment Safety assessment is often used to develop and verify the requirements on the design of aircrafts providing an evaluation of their functions and systems responsible for safety functions. The safety assessment of a UAS includes more aspects than the aircraft by itself, also taking into account the control ground station, data links, mission planning and type, autonomy level, operation environment and flight conditions and the interoperability with ATC and other aircrafts (SAE, 1996). Safety assessment, which is most time qualitative, can also be quantitative through a process that encompasses (SAE, 1996): • A Functional Hazard Assessment (FHA) – Aircraft functions analysis that allows to identify and classify the potential functional failure conditions according to their severity; • A Preliminary System Safety Assessment (PSSA) – Systematic evaluation of systems architecture in accordance to its implementation and based on the FHA and classification of failure conditions in order to verify items’ requirements; • A System Safety Assessment (SSA) – Systematic evaluation of all systems in order to verify that the main safety requirements are met. Several airworthiness military standards refer the requirements for safety assessment addressing them to UAS operating in non-segregated airspace (STANAG 4671, STANAG 4702 and STANAG 4703). Due to the Maximum Take-off Weight (MTOW), UAS ANTEX-X02 ALPHA EXTENDED should comply with STANAG 4703 requirements. The STANAG 4671 concerning Unmanned Aerial Vehicles Systems Airworthiness Requirements (USAR) refers that an UAV must be designed to reduce risk to people, UAV crew and third parties in order to set it at an acceptable level for regulators (NATO, 2009). These requirements are presented as an arrangement of event probability and the severity, resulting in a risk reference system, as shown in Table 1. Table 1 – Risk Reference System (adapted from NATO (2009)) Probability (P) No Minor Safety Effect Frequent (P>10-3 h-1) A U Probable (P>10-3 h-1) A A -3 -1 Remote (P>10 h ) A A Extremely Remote (P>10-3 h-1) A A Extremely Improbable (P