Search results

This study is a systematic literature review of the application of artificial intelligence (AI) in safety-critical systems. The authors aim to present the current application status according to different AI techniques and propose some research directions and insights to promote its wider application.

A total of 92 articles were selected for this review through a systematic literature review along with a thematic analysis.

The literature is divided into three themes: interpretable method, explain model behavior and reinforcement of safe learning. Among AI techniques, the most widely used are Bayesian networks (BNs) and deep neural networks. In addition, given the huge potential in this field, four future research directions were also proposed.

This study is of vital interest to industry practitioners and regulators in safety-critical domain, as it provided a clear picture of the current status and pointed out that some AI techniques have great application potential. For those that are inherently appropriate for use in safety-critical systems, regulators can conduct in-depth studies to validate and encourage their use in the industry.

This is the first review of the application of AI in safety-critical systems in the literature. It marks the first step toward advancing AI in safety-critical domain. The paper has potential values to promote the use of the term “safety-critical” and to improve the phenomenon of literature fragmentation.

Railways are a well-known example of complex critical infrastructure, incorporating socio-technical systems with humans such as drivers, signallers, maintainers and passengers at the core. The technological evolution including interconnectedness and new ways of interaction lead to new security and safety risks that can be realised, both in terms of human error, and malicious and non-malicious behaviour. This study aims to identify the human factors (HF) and cyber-security risks relating to the role of signallers on the railways and explores strategies for the improvement of “Digital Resilience” – for the concept of a resilient railway.

Overall, 26 interviews were conducted with 21 participants from industry and academia.

The results showed that due to increased automation, both cyber-related threats and human error can impact signallers’ day-to-day operations – directly or indirectly (e.g. workload and safety-critical communications) – which could disrupt the railway services and potentially lead to safety-related catastrophic consequences. This study identifies cyber-related problems, including external threats; engineers not considering the human element in designs when specifying security controls; lack of security awareness among the rail industry; training gaps; organisational issues; and many unknown “unknowns”.

The authors discuss socio-technical principles through a hexagonal socio-technical framework and training needs analysis to mitigate against cyber-security issues and identify the predictive training needs of the signallers. This is supported by a systematic approach which considers both, safety and security factors, rather than waiting to learn from a cyber-attack retrospectively.

The concern about Safety‐critical Systems highlighted in this and other publications, and at meetings and conferences in Europe and the United States has, perhaps, influenced the United Kingdom bodies responsible for research to call for proposals under the Safety Critical Systems Advanced Technology Programme. The UK's Department of Trade and Industry (DTI) and its Science and Engineering Research Council (SERC) have made £12 million available for such proposals: £9 million from the DTI and £3 million from SERC. Practice in the UK is that to be eligible for support a proposer must collaborate and involve three or more independent partners, with at least two from industry. The Workplan was published in the JFIT News Issue, No. 17, 1990, and the following summary provides an excellent insight into this important area. The three main areas are placed under the headings: “Technologies”; “Human Factors”; and “Unification”.

Gives reports and surveys of selected current research and developments in systems and cybernetics. They include: A calculus of ethics for a systemic world, Biocybernetics, Neuroscience, Neural technology, Computational model for chocolate, Safety‐critical systems (SCSs), Scientific and technical information from Russia, Cybernetics and systems control, Automation and cybernetics, UK science research.

This paper aims to show the current situation and additional requirements for the aircraft automation systems based on the lessons learned from the two 737 MAX crashes.

In this study, the Swiss cheese model was used to find the real root causes of the 737 MAX accidents. Then, the results have been compared with the actions taken by the manufacturers and authorities. Based on the comparison, the necessary improvements to prevent such accidents are defined. Regarding the faulty sensor that forms the accidents, a synthetic sensor was developed using an aerodynamic model.

It has been proven that the safety-critical automation systems should not be designed by relying on a single set of sensor data. Automation levels should be defined in a standard way. Depending on the defined automation level, the system must be designed as either fail-safe or fail-operational system. When designing backup systems, it should be decided by looking at not only whether it has power but also the accuracy of the incoming signals.

Aviation certification requirements related to automation systems need to be revised and improved. With this context, it was revealed that the certification processes for automation systems should be re-evaluated and updated by aviation authorities, especially Federal Aviation Administration and European Union Aviation Safety Agency.

Task sharing between automation system and pilot based on the classification of automation levels and determining certification requirements accordingly has been brought to the agenda. A synthetic Angle of Attack sensor was developed by using an aerodynamic model for fault detection and diagnosis.

At the Corporate Computer Security '89 Conference, held in London, UK, earlier this year there was a plea for a computer security code of practice to curb increasing industrial sabotage. In the UK such a code is to be introduced after increasing concern about system sabotage through industrial espionage. At this computer industry conference cases of such espionage by intelligence services, vandals, disenchanted employees and terrorist groups were cited. An estimate of the cost of computer failures and sabotage has been made by the accountants Coopers and Lybrand who say that these activities are costing companies up to a billion pounds a year.

The CAN (Controller Area Network) standard, ISO 11898, is now ubiquitous in industrial automation environments. CAN is used with defined application layers for implementing sensor/actuator level distributed control applications. Protocols such as Honeywell's SDS, ODVA's DeviceNet (Allen Bradley) and CANopen are well‐known device level networks which are based on the CAN protocol. A new time‐triggered protocol for CAN, referred to as TTCAN, is under development where the real‐time scheduling of the network traffic can be formally verified. This paper introduces the new TTCAN protocol and suggests that TTCAN has the potential to provide new solutions in industrial automation applications. TTCAN has the potential to replace some conventional pneumatic, hydraulic and other mechanical safety‐critical control systems with a reliable electronic network. The emergence of 42‐volt technology from the automotive world will further complement the TTCAN technology to provide some unique industrial automation solutions.

Specially designed robots are now being produced for exploration under the sea and for use in outer space. Some will become the forerunners of the “driverless vehicle” on earth.

Proper function of landing gear plays a crucial role in the safe operation of an airplane. Traditional landing gear control system utilizes centralized control technology. The relatively heavy wire harness and low reliability accompanied with this technology make it logical to transfer from traditional control to real‐time distributed control. This paper aims to look into a new landing gear control system based on time‐triggered architecture (TTA).

In this paper, a new landing gear control system based on TTA is proposed. The reliability of the proposed system is investigated using a combination of Markov analysis and MIL‐HDBK‐217 methods.

The results show that by integration of TTP/C and TTP/A technologies, the advantages of both are achieved. A very high level of reliability is obtained. This increases the confidence when adopting distributed landing gear control technology.

The paper presents a new landing gear control system based on TTA, the reliability of which is very high.