VarelaCarlos AFOSR DDDAS Annual Review Jan 2016
So5ware for Data Streaming AnalyBcs and its ApplicaBon to Safer Flight Systems
ALESSANDRO GALLI SHIGERU IMAI CARLOS A. VARELA WENNAN ZHU W O R L D W I D E C O M P U T I N G L A B O R AT O R Y D E PA R T M E N T O F C O M P U T E R S C I E N C E R E N S S E L A E R P O LY T E C H N I C I N S T I T U T E
Annual Review of the AFOSR DDDAS Program Arlington, VA, January 28, 2016
US Airways Flight 1549 On January 15, 2009, US Airways Flight 1549 was struck by
birds and lost thrust from both engines Captain Sullenberger successfully ditched the aircra5 over the Hudson river without causing any loss of life
Map and picture are from Wikipedia (h4ps://en.wikipedia.org/wiki/US_Airways_Flight_1549)
2
Research Goal: An Expert-Level Flight Assistant Updated weather Cloud
InformaBon from other planes
Expert-Level Flight Assistant PILOTS* System Avionics ApplicaBon Aircra5 sensors
Corrected inputs
Measured error
3D terrain data
External real-1me data inputs LeH engine is damaged …
Corrected outputs
Stochastic & Logic-based Flight Assistant (to be developed)
Failure DetecBon & Data CorrecBon (MathemaBcal funcBon pa^erns used to idenBfy failure modes)
Iden1fied failure
*: ProgrammIng Language for spaBO-Temporal data Streaming applicaBons
Airplane pilots Failure & Recommended ac1ons We should land at airport X immediately!
Research Challenges (1/4) A quanBtaBve spaBal and temporal logic as a formalism: ¡
¡
To enable reasoning about data streams that associate values to specific points or intervals of space and Bme. To enable geometric reasoning capabiliBes, in parBcular, trigonometric formulae to calculate with aircra5 speeds, headings, range, and endurance. v
Speed (horizontal)
α
Direction
a
Aircraft
w,x
Wind, crosswind
r
Runway
Ground speed and crosswind as func1ons of airspeed, wind, and runway heading
4
1/27/16
Research Challenges (2/4) Extensions to logic programming to support stochas1c reasoning. ¡
¡ ¡
Language extensions to standard Horn clause-based knowledge bases to incorporate probabilities. Special language support for spatial and temporal data streams. Incremental reasoning algorithms to dynamically re-compute logical queries efficiently as new data gets injected into the application. If…
then…
New pilot report: icing en route
New route
New winds aloft
New altitude
New surface winds at destination
New airport
Imminent engine failure
Nearest airport
5
Dynamic Data-Driven Flight Plan Adapta1on Examples
1/27/16
Research Challenges (3/4) Data streaming analyBcs in real-Bme using cloud compuBng ¡
¡
¡
More data are expected to be available through the Internet and in-flight through Next GeneraBon TransportaBon system (ADS-B by 2020). Reason about spaBal and temporal data in real-Bme ÷ Give pilots be4er informaOon to make more accurate judgments during crucial emergency moments Offline and online components ÷ Analyzing key historical data and relaOvely staOc data (e.g., terrain, aircraH models) offline ÷ Combining it with dynamic data (e.g., failure condiOons, weather) for real-Ome decision making
6
1/27/16
Research Challenges (4/4) Domain-specific programming languages are needed for data
scienBsts ¡ ¡ ¡
Easier data analyses, informaBon generaBon, decision support. SeparaBon of concerns Enables compiler (staBc) and middleware (dynamic) opBmizaBons
7
1/27/16
Dynamic Data-Driven Avionics Systems Using a data-driven feedback loop, DDDAS systems conBnuously analyze spaBo-temporal data streams coming from airplane sensors, idenBfying potenBal failure modes, and correcBng erroneous data when possible. The resulBng capability is a new layer of logical redundancy in addiBon to exisBng physical redundancy for safer flight systems. New mathemaBcal concepts: ¡
¡
New DDDAS so5ware: PILOTS programming language ¡
¡
Error signatures ÷ MathemaOcal funcOon pa4erns with constraints arising on specific (failure-induced) data stream errors/anomalies. Mode likelihood vectors ÷ StochasOc selecOon of DDDAS system operaOon mode based on well-behaved sets of error signatures.
Enables declaraBve (high-level) definiBon of DDDAS data streaming applicaBon models (input-output relaBonships between data streams), error signatures, and error correcBon funcBons. PILOTS so5ware detects specific (e.g., failure-induced) data errors based on their signatures and autonomously corrects data before processing it according to the applicaBon model.
We have applied the developed DDDAS avionics concepts/so5ware to data from the following two commercial flight accidents and confirmed their effecBveness: ¡
¡
Air France AF447 accident in June 2009: The airspeed sensor failure of the AF447 flight is successfully detected and corrected a5er 5 seconds from the beginning of the failure. Overall error mode detecBon accuracy reaches 96.31%. Tuninter 1153 accident in August 2005: The underweight condiBon due to the installaBon of an incorrect fuel sensor is successfully detected with 100% accuracy during the cruise phase of flight.
8
Air France Flight 447 June 1st 2009, Flight 447 from Rio de Janeiro to Paris Thunderstorm caused airspeed sensors (pitot tubes) to ice and fail Autopilot system not able to deal with data failures---disengaged Pilots unable to react to erroneous data in a Bmely manner,
eventually stalling the plane into the AtlanBc Ocean
http://www.bea.aero/en/enquetes/flight.af.447/ rapport.final.en.php
http://upload.wikimedia.org/wikipedia/commons/ 4/4a/Air_France_Flight_447_path.png
9
1/27/16
Data Redundancy Primary cause of the AF447 accident: incorrect airspeed Airspeed could have been recomputed from ground speed and wind
speed ¡
Take advantage of data redundancy between independently produced inputs airspeed ground speed
wind
wind speed
ground speed = airspeed + wind speed 10
1/27/16
Dynamic Data-Driven Avionics Systems To facilitate development of smarter (flight) data
streaming systems, we invesBgate:
1. Programming technology that can model spaBo-temporal data streaming applicaBons easily ÷ PILOTS (ProgrammIng Language for spaOO-Temporal data Streaming apps)
2. Error detecBon using error signatures and error correcBon based on data redundancy
11
1/27/16
Error Signatures An error signature is a constrained mathemaBcal funcBon pa^ern
defined as follows: ¡
where, ÷ : a funcOon of Ome ÷ : a vector of constants ÷ : a set of constraint predicates
An error signature sample is a parBcular funcBon in an error
signature ¡
12
1/27/16
Mode Likelihood Vectors Calculate the distance between measured error e and a signature Si
Calculate the mode likelihood vector
If 2nd greatest element of L is greater than significance threshold τ, error is unknown, else greatest element of L determines current error mode. τ = 0.70 L = error mode = unknown
τ = 0.80 L = error mode = 2 13
1/27/16
PILOTS: System Architecture Applica1on Model ¡
Compute outputs and errors repeatedly
Data Selec1on: from heterogeneous to homogeneous data ¡
SelecBon operaBons to approximate data as a conBguous space
Error Analyzer: error detecBon and correcBon Incoming Data Streams
Request data at a specified frequency
d1 '
d2 (x, y, z, t)
d2 '
oM (Corrected)Outputs
Application Model
e1 e2
dN'
...
dN (x, y, z, t)
...
...
Data Selection
...
d1 (x, y, z, t)
Outgoing Data Streams o1 o2
eL
Errors
(Corrected) Data
Current Current Location Time
Error Analyzer
14
1/27/16
Air France Flight 447 Data extracted from the final report of Air France Flight 447 ¡
¡
¡
airspeed, air angle: extracted from the graphs ÷ Real pitot tube failure is recorded ground speed, ground angle: extracted from the graphs wind speed, wind angle: “the wind and temperature charts show that the average effecOve wind along the route can be esOmated at approximately ten knots tail-wind.” ÷ wind speed ß 10 knots ÷ wind angle ß air angle
15
http://www.bea.aero/docspa/2009/fcp090601.en/pdf/annexe.03.en.pdf
1/27/16
Air France AF447 PILOTS Demo
16
1/27/16
Tuninter 1153 Flight Accident Flight from Bari, Italy to Djerba, Tunisia on August 6th, 2005 ATR-72 ditched into the Mediterranean sea
16 of 39 people on board died Bari, Italy
Actual route
x
¡
Planned route
Palermo, Italy
Djerba, Tunisia
h4p://www.airdisaster.com/photos/ts-lbb/5.shtml “Final Accident Report for TS-LBB” h4p://www.ansv.it/cgi-bin/eng/FINAL%20REPORT%20ATR%2072.pdf
17
“Mayday” TV Series on Tuninter 1153 h4ps://youtu.be/aCrZwctnNWo?t=1904
Initial Cause of the Accident Incorrect fuel quanBty indicator (FQI) installment ¡ ¡
FQI for ATR-72 was not working properly (LED failure) Technicians replaced the FQI with one designed for ATR-42 ÷ FQI showed 2,700 kg of fuel, but fuel actually weighed 550 kg ÷ Pilots did not realize data error eventually leading to fuel exhausOon
“Final Accident Report for TS-LBB” h4p://www.ansv.it/cgi-bin/eng/ FINAL%20REPORT%20ATR%2072.pdf
18
PILOTS Program program WeightCheck; /* v_a : airspeed , w: weight , h: altitude */ inputs v_a , w, h(t) using closest (t); outputs corrected_w : w at every 10 sec; errors e: v_a - (6.4869E+01 + 1.4316E-02 * w + 6.6730E-03 * h + (-3.7716E-07) * w * h + (-2.4208E-07) * w * w + (-1.1730E-07) * h * h) + 2.59; signatures S0(K): e = K, -2 < K, K < 2 "Normal"; 4.69 corresponds to 10% S1(K): e = K, 4.69 < K "Underweight"; discrepancy in weight correct S1: w = 3.34523E-12 * (sqrt(1.09278E+22 * h * h + (-1.65342E+27) * h + (-3.69137E+29) * v_a + 1.01119E+32) – 2.32868E+11 * h + 8.83906E+15); end
19
Complex Dependencies Between Data Streams Air France 447 Model vg : ground speed vw : wind speed va : airspeed
w
vg
fq
va vw
h T pw
cf (angle of a^ack, flaps, landing gear, pitch, roll, yaw)
20
Tuninter 1153 Model
fq : fuel quanBty w : aircra5 weight h : alBtude T : temperature pw : engine power cf : aircra5 configuraBon
Physics-based Models Parameter Learning Model improvement for the Tuninter accident
Revisit aerodynamics theory
÷ Known constants
¡
÷ From data ÷ From linear regression Assuming cruise flight ÷ ÷
: : :
Coefficient of LiH (CL)
¡
21
h4p://upload.wikimedia.org/wikipedia/commons/thumb/ d/d1/LiH_curve.svg/300px-LiH_curve.svg.png
Analysis of Flight Accidents and Possible PrecauBonary Measures Flight
Date
Trans Asia Flight 235
February 4th 2015
Asiana Airlines Flight 214
Turkish Airlines Flight 522
DescripBon
PrecauBonary Measures
2 minutes aHer takeoff, pilots report engine flameout. Right engine failure alert, warning sounds for 3 sec. Crew reduces and then cuts the leH engine. July 6th 2013 Descent below visual glide path and impact with seawall. 82 seconds before impact at 1,600 H, autopilot was turned off and thro4les set to idle. Final approach speed was 34 knots below the target approach speed of 137 knots. Pilots unaware that the auto-thro4le was failing to maintain that speed. th February 25 AircraH had an automated reacOon which was 2009 triggered by a faulty radio alOmeter. Auto-thro4le decreased the engine power to idle during approach. Crew noOced too late. Although the pilots did try to hold the glide slope aHer increasing the thro4le, the auto-thro4le decreased it to idle again.
Decision support system to not turn off the leH engine. Internal glide-path assistance. Airspeed crosscheck.
Sensing the alOmeter error using crosschecks.
Imai, Blasch, Galli, Lee, Varela, “Airplane Flight Safety using Error-Tolerant Data Stream Processing”, IEEE AESM, in revision after initial review. 22
1/28/16
Analysis of Flight Accidents and Possible PrecauBonary Measures (cont.) Flight
Date
DescripBon
PrecauBonary Measures
BriOsh Jan. 17, 2008 Although aware of the outside temperature condiOons Check for fuel being -65C to -74C, the crew simply did not monitor the temperature when Airways Flight temperature of the fuel, which was well below freezing outside air temperature 38 point. A small quanOty of water within the fuel did outside normal range. freeze, causing ice on the fuel lines, ulOmately leading to fuel starvaOon near the final stages of approach. Azerbaijan Dec. 23, 2005 AHer climbing to 6,900 H entered a descending spiral Autude indicator Airlines Flight Oghtening from 500 m to 100 m. Absence of all three crosscheck. Re-create a 217 gyroscopes during the climb. Lack of pitch, roll, and virtual arOficial horizon heading performance. from non-gyroscopic data. Air Midwest January 8 th Elevator range of moOon cut to only 7 degrees out of Weight and systems Flight 5481 2003 the full 14. Stalled aHer take-off due to overloading and check from sensors maintenance error. onboard before departure. th Austral Lineas October 10 Pitot tube icing caused faulty airspeed readings. Pilots Airspeed crosscheck. Aereas Flight 1997 interpreted as a loss of engine power and added power. 2553 No improvement to airspeed, so they descended and increased the speed. Wing slats were torn off one wing and the plane became uncontrollable.
23
1/27/16
Data Generation for Different Failure Modes Data generaBon from Precision Flight Control’s CAT III Flight
Simulator at RPI’s Worldwide CompuBng Laboratory:
24
Towards a Data-Driven Failure Model Learning Toolkit Expand PILOTS language into a DDDAS Model Learning Toolkit to
include: ¡ ¡
¡
Montecarlo simulaBon to learn model parameters from data. Kalman filters to reduce the impact of noise in data and enable more robust models. ProbabilisBc (Bayesian) approach to conBnuously tune model to data.
25
Cloud-based Offline Data Analytics }
Scalable correlaBon analysis from hundreds of independently-measured sensor data streams à AutomaBng anomaly detecBon/correcBon model creaBon process
d1 d2
… … … dN
… Aircra5 sensor data streams 26
d1
Cloud Storage
?
d3
? ?
?
…
d2
d1
0.8
?
dN
Virtual Machines Cost-Efficient High-Performance Data AnalyBcs
0.9
d3
…
d2 0.6
dN
d1 ≈ c∙d2
Aircra5 Sensor Stream Processing for Expert-Level Flight Assistant System Offline aircraft model creation
Flight Assistant System Baseline aircraft model
f
(5) Notify crew - Anomaly situation - Recommended actions
Sensor streams (20Gbytes/6hr flight)
(2) Terrain, airport, weather, pilot reports
Real-time aircraft sensor/ weather streams (up to 1Mbytes/sec) Controller
Online anomaly condition detection
(1) Anomaly detected!
(3) Probabilistic scenario evaluation (quantitative processing)
(4) Faster-than-realtime simulations http://jsbsim.sourceforge.net/
Expert-Level Flight Assistant System Cloud-based offline data analysis
Sensor streams (20Gbytes/ 6hr flight)
Baseline aircraft model
f
Online anomaly detection
Real-time aircraft sensor/ weather streams (up to 1Mbytes/sec)
Updated aircraft model
(4) Notify anomaly situation & Recommend actions for safe landing
Expert-Level Flight Assistant System (2) Formulate a flight planning problem
g
(1) Anomaly detected!
Controller
Time t1: initial coarse solution
(3) Incremental plan creation with increasing granularity
28
Time t3: fine-grained solution
Time t2: mediumgrained solution
+ t1 < t2 < t3
Cloud
Terrain & airport information
Aircra5 PosiBon Stream Processing for Efficient Air Traffic Management Air Traffic in the U.S. ¡ 87,000 flights per day (including private and commercial) ¡ Roughly 5,000 aircra5 are flying at any given moment ¡ Data rate for aircra5 posiBon and speed data streams: 120 [bits/msg] * 1 [msg/sec] * 5,000 = 73 [KB/sec] Air Traffic Management Problem ¡ Objec1ve: minimize the total delay ¡ ComputaBonally expensive due to exponenBal number of combinaBons ¡ FluctuaBng computaBonal demand ¡ Challenge: How to Bmely finish the computaBon while keeping the monetary cost as low as possible? à Elas1c stream processing in the cloud ¡ Imai, PaWerson, and Varela, “ElasBc Virtual Machine Scheduling for ConBnuous Air Traffic OpBmizaBon,” CCGrid, May 2016.
2PM EST
Related Work Airspeed EsBmaBon
S. Hansen. and M. Blanke: Diagnosis of Airspeed Measurement Faults for Unmanned Aerial Vehicles. IEEE TransacOons of Aerospace and Electronic Systems. Vol 50 (1), Jan. 2014, pp 224-239.
Wind Speed EsBmaBon
A.Cho, J.Kim, S.Lee, and C.Kee, Wind esOmaOon and airspeed calibraOon using a UAV with a single-antenna GPS receiver and pitot tube, IEEE TransacOons on Aerospace and Electronic Systems, vol.47, pp. 109--117, 2011.
Fault DetecBon and IsolaBon (FDI) for Aircra5
J. Gertler: Designing dynamic consistency relaOons for fault detecOon and isolaOon. InternaOonal Journal of Control. Vol. 73, Issue 8, 2000, pp 720-732 L. Trav´e-Massuy`es, T. Escobet, X. Olive: Diagnosability analysis based on component supported analyOcal redundancy relaOons. IEEE Trans. on Systems, Man and CyberneOcs, Part A : Systems and Humans 36(6), 1146–1160 (2006) M. L. Fravolini, V.Brunori, G.Campa, M.R. Napolitano, and M.La Cava: Structured analysis approach for the generaOon of structured residuals for aircraH FDI, IEEE TransacOons on Aerospace and Electronic Systems, vol. 45 (4), pp. 1466--1482, 2009. H. Khorasgani, D. Jung, G. Biswas , E. Frisk, M. Krysander:Robust residual selecOon for fault detecOon. Proc. IEEE Conference on Decision and Control, 2015, pp 5764-5769.
Fault DetecBon and IsolaBon (FDI) for Aerospace Systems
A.Zolghadri, Advanced model-based fdir techniques for aerospace systems: Today challenges and opportuniOes, Progress in Aerospace Sciences, vol.53, pp. 18--29, 2012. J.Marzat, H.Piet-Lahanier, F.Damongeot, and E.Walter, Model-based fault diagnosis for aerospace systems: a survey, Journal of Aerospace Engineering, vol. 226, no.10, pp. 1329--1360, 2012.
30
1/27/16
QuesBons? Download open-source PILOTS 0.2.4 at:
h^p://wcl.cs.rpi.edu/pilots
Consider textbook:
ParBal support from: Air Force Office of ScienBfic Research DDDAS Program Dr. Frederica Darema (AFOSR Grant No. FA9550-11-1-0332, FA9550-15-1-0214), NaBonal Science FoundaBon EAGER/Dynamic Data Program (NSF Grant No. ECCS 1462342), Yamada CorporaBon Fellowship 31
MIT Press, June 2013 1/27/16
ALESSANDRO GALLI SHIGERU IMAI CARLOS A. VARELA WENNAN ZHU W O R L D W I D E C O M P U T I N G L A B O R AT O R Y D E PA R T M E N T O F C O M P U T E R S C I E N C E R E N S S E L A E R P O LY T E C H N I C I N S T I T U T E
Annual Review of the AFOSR DDDAS Program Arlington, VA, January 28, 2016
US Airways Flight 1549 On January 15, 2009, US Airways Flight 1549 was struck by
birds and lost thrust from both engines Captain Sullenberger successfully ditched the aircra5 over the Hudson river without causing any loss of life
Map and picture are from Wikipedia (h4ps://en.wikipedia.org/wiki/US_Airways_Flight_1549)
2
Research Goal: An Expert-Level Flight Assistant Updated weather Cloud
InformaBon from other planes
Expert-Level Flight Assistant PILOTS* System Avionics ApplicaBon Aircra5 sensors
Corrected inputs
Measured error
3D terrain data
External real-1me data inputs LeH engine is damaged …
Corrected outputs
Stochastic & Logic-based Flight Assistant (to be developed)
Failure DetecBon & Data CorrecBon (MathemaBcal funcBon pa^erns used to idenBfy failure modes)
Iden1fied failure
*: ProgrammIng Language for spaBO-Temporal data Streaming applicaBons
Airplane pilots Failure & Recommended ac1ons We should land at airport X immediately!
Research Challenges (1/4) A quanBtaBve spaBal and temporal logic as a formalism: ¡
¡
To enable reasoning about data streams that associate values to specific points or intervals of space and Bme. To enable geometric reasoning capabiliBes, in parBcular, trigonometric formulae to calculate with aircra5 speeds, headings, range, and endurance. v
Speed (horizontal)
α
Direction
a
Aircraft
w,x
Wind, crosswind
r
Runway
Ground speed and crosswind as func1ons of airspeed, wind, and runway heading
4
1/27/16
Research Challenges (2/4) Extensions to logic programming to support stochas1c reasoning. ¡
¡ ¡
Language extensions to standard Horn clause-based knowledge bases to incorporate probabilities. Special language support for spatial and temporal data streams. Incremental reasoning algorithms to dynamically re-compute logical queries efficiently as new data gets injected into the application. If…
then…
New pilot report: icing en route
New route
New winds aloft
New altitude
New surface winds at destination
New airport
Imminent engine failure
Nearest airport
5
Dynamic Data-Driven Flight Plan Adapta1on Examples
1/27/16
Research Challenges (3/4) Data streaming analyBcs in real-Bme using cloud compuBng ¡
¡
¡
More data are expected to be available through the Internet and in-flight through Next GeneraBon TransportaBon system (ADS-B by 2020). Reason about spaBal and temporal data in real-Bme ÷ Give pilots be4er informaOon to make more accurate judgments during crucial emergency moments Offline and online components ÷ Analyzing key historical data and relaOvely staOc data (e.g., terrain, aircraH models) offline ÷ Combining it with dynamic data (e.g., failure condiOons, weather) for real-Ome decision making
6
1/27/16
Research Challenges (4/4) Domain-specific programming languages are needed for data
scienBsts ¡ ¡ ¡
Easier data analyses, informaBon generaBon, decision support. SeparaBon of concerns Enables compiler (staBc) and middleware (dynamic) opBmizaBons
7
1/27/16
Dynamic Data-Driven Avionics Systems Using a data-driven feedback loop, DDDAS systems conBnuously analyze spaBo-temporal data streams coming from airplane sensors, idenBfying potenBal failure modes, and correcBng erroneous data when possible. The resulBng capability is a new layer of logical redundancy in addiBon to exisBng physical redundancy for safer flight systems. New mathemaBcal concepts: ¡
¡
New DDDAS so5ware: PILOTS programming language ¡
¡
Error signatures ÷ MathemaOcal funcOon pa4erns with constraints arising on specific (failure-induced) data stream errors/anomalies. Mode likelihood vectors ÷ StochasOc selecOon of DDDAS system operaOon mode based on well-behaved sets of error signatures.
Enables declaraBve (high-level) definiBon of DDDAS data streaming applicaBon models (input-output relaBonships between data streams), error signatures, and error correcBon funcBons. PILOTS so5ware detects specific (e.g., failure-induced) data errors based on their signatures and autonomously corrects data before processing it according to the applicaBon model.
We have applied the developed DDDAS avionics concepts/so5ware to data from the following two commercial flight accidents and confirmed their effecBveness: ¡
¡
Air France AF447 accident in June 2009: The airspeed sensor failure of the AF447 flight is successfully detected and corrected a5er 5 seconds from the beginning of the failure. Overall error mode detecBon accuracy reaches 96.31%. Tuninter 1153 accident in August 2005: The underweight condiBon due to the installaBon of an incorrect fuel sensor is successfully detected with 100% accuracy during the cruise phase of flight.
8
Air France Flight 447 June 1st 2009, Flight 447 from Rio de Janeiro to Paris Thunderstorm caused airspeed sensors (pitot tubes) to ice and fail Autopilot system not able to deal with data failures---disengaged Pilots unable to react to erroneous data in a Bmely manner,
eventually stalling the plane into the AtlanBc Ocean
http://www.bea.aero/en/enquetes/flight.af.447/ rapport.final.en.php
http://upload.wikimedia.org/wikipedia/commons/ 4/4a/Air_France_Flight_447_path.png
9
1/27/16
Data Redundancy Primary cause of the AF447 accident: incorrect airspeed Airspeed could have been recomputed from ground speed and wind
speed ¡
Take advantage of data redundancy between independently produced inputs airspeed ground speed
wind
wind speed
ground speed = airspeed + wind speed 10
1/27/16
Dynamic Data-Driven Avionics Systems To facilitate development of smarter (flight) data
streaming systems, we invesBgate:
1. Programming technology that can model spaBo-temporal data streaming applicaBons easily ÷ PILOTS (ProgrammIng Language for spaOO-Temporal data Streaming apps)
2. Error detecBon using error signatures and error correcBon based on data redundancy
11
1/27/16
Error Signatures An error signature is a constrained mathemaBcal funcBon pa^ern
defined as follows: ¡
where, ÷ : a funcOon of Ome ÷ : a vector of constants ÷ : a set of constraint predicates
An error signature sample is a parBcular funcBon in an error
signature ¡
12
1/27/16
Mode Likelihood Vectors Calculate the distance between measured error e and a signature Si
Calculate the mode likelihood vector
If 2nd greatest element of L is greater than significance threshold τ, error is unknown, else greatest element of L determines current error mode. τ = 0.70 L = error mode = unknown
τ = 0.80 L = error mode = 2 13
1/27/16
PILOTS: System Architecture Applica1on Model ¡
Compute outputs and errors repeatedly
Data Selec1on: from heterogeneous to homogeneous data ¡
SelecBon operaBons to approximate data as a conBguous space
Error Analyzer: error detecBon and correcBon Incoming Data Streams
Request data at a specified frequency
d1 '
d2 (x, y, z, t)
d2 '
oM (Corrected)Outputs
Application Model
e1 e2
dN'
...
dN (x, y, z, t)
...
...
Data Selection
...
d1 (x, y, z, t)
Outgoing Data Streams o1 o2
eL
Errors
(Corrected) Data
Current Current Location Time
Error Analyzer
14
1/27/16
Air France Flight 447 Data extracted from the final report of Air France Flight 447 ¡
¡
¡
airspeed, air angle: extracted from the graphs ÷ Real pitot tube failure is recorded ground speed, ground angle: extracted from the graphs wind speed, wind angle: “the wind and temperature charts show that the average effecOve wind along the route can be esOmated at approximately ten knots tail-wind.” ÷ wind speed ß 10 knots ÷ wind angle ß air angle
15
http://www.bea.aero/docspa/2009/fcp090601.en/pdf/annexe.03.en.pdf
1/27/16
Air France AF447 PILOTS Demo
16
1/27/16
Tuninter 1153 Flight Accident Flight from Bari, Italy to Djerba, Tunisia on August 6th, 2005 ATR-72 ditched into the Mediterranean sea
16 of 39 people on board died Bari, Italy
Actual route
x
¡
Planned route
Palermo, Italy
Djerba, Tunisia
h4p://www.airdisaster.com/photos/ts-lbb/5.shtml “Final Accident Report for TS-LBB” h4p://www.ansv.it/cgi-bin/eng/FINAL%20REPORT%20ATR%2072.pdf
17
“Mayday” TV Series on Tuninter 1153 h4ps://youtu.be/aCrZwctnNWo?t=1904
Initial Cause of the Accident Incorrect fuel quanBty indicator (FQI) installment ¡ ¡
FQI for ATR-72 was not working properly (LED failure) Technicians replaced the FQI with one designed for ATR-42 ÷ FQI showed 2,700 kg of fuel, but fuel actually weighed 550 kg ÷ Pilots did not realize data error eventually leading to fuel exhausOon
“Final Accident Report for TS-LBB” h4p://www.ansv.it/cgi-bin/eng/ FINAL%20REPORT%20ATR%2072.pdf
18
PILOTS Program program WeightCheck; /* v_a : airspeed , w: weight , h: altitude */ inputs v_a , w, h(t) using closest (t); outputs corrected_w : w at every 10 sec; errors e: v_a - (6.4869E+01 + 1.4316E-02 * w + 6.6730E-03 * h + (-3.7716E-07) * w * h + (-2.4208E-07) * w * w + (-1.1730E-07) * h * h) + 2.59; signatures S0(K): e = K, -2 < K, K < 2 "Normal"; 4.69 corresponds to 10% S1(K): e = K, 4.69 < K "Underweight"; discrepancy in weight correct S1: w = 3.34523E-12 * (sqrt(1.09278E+22 * h * h + (-1.65342E+27) * h + (-3.69137E+29) * v_a + 1.01119E+32) – 2.32868E+11 * h + 8.83906E+15); end
19
Complex Dependencies Between Data Streams Air France 447 Model vg : ground speed vw : wind speed va : airspeed
w
vg
fq
va vw
h T pw
cf (angle of a^ack, flaps, landing gear, pitch, roll, yaw)
20
Tuninter 1153 Model
fq : fuel quanBty w : aircra5 weight h : alBtude T : temperature pw : engine power cf : aircra5 configuraBon
Physics-based Models Parameter Learning Model improvement for the Tuninter accident
Revisit aerodynamics theory
÷ Known constants
¡
÷ From data ÷ From linear regression Assuming cruise flight ÷ ÷
: : :
Coefficient of LiH (CL)
¡
21
h4p://upload.wikimedia.org/wikipedia/commons/thumb/ d/d1/LiH_curve.svg/300px-LiH_curve.svg.png
Analysis of Flight Accidents and Possible PrecauBonary Measures Flight
Date
Trans Asia Flight 235
February 4th 2015
Asiana Airlines Flight 214
Turkish Airlines Flight 522
DescripBon
PrecauBonary Measures
2 minutes aHer takeoff, pilots report engine flameout. Right engine failure alert, warning sounds for 3 sec. Crew reduces and then cuts the leH engine. July 6th 2013 Descent below visual glide path and impact with seawall. 82 seconds before impact at 1,600 H, autopilot was turned off and thro4les set to idle. Final approach speed was 34 knots below the target approach speed of 137 knots. Pilots unaware that the auto-thro4le was failing to maintain that speed. th February 25 AircraH had an automated reacOon which was 2009 triggered by a faulty radio alOmeter. Auto-thro4le decreased the engine power to idle during approach. Crew noOced too late. Although the pilots did try to hold the glide slope aHer increasing the thro4le, the auto-thro4le decreased it to idle again.
Decision support system to not turn off the leH engine. Internal glide-path assistance. Airspeed crosscheck.
Sensing the alOmeter error using crosschecks.
Imai, Blasch, Galli, Lee, Varela, “Airplane Flight Safety using Error-Tolerant Data Stream Processing”, IEEE AESM, in revision after initial review. 22
1/28/16
Analysis of Flight Accidents and Possible PrecauBonary Measures (cont.) Flight
Date
DescripBon
PrecauBonary Measures
BriOsh Jan. 17, 2008 Although aware of the outside temperature condiOons Check for fuel being -65C to -74C, the crew simply did not monitor the temperature when Airways Flight temperature of the fuel, which was well below freezing outside air temperature 38 point. A small quanOty of water within the fuel did outside normal range. freeze, causing ice on the fuel lines, ulOmately leading to fuel starvaOon near the final stages of approach. Azerbaijan Dec. 23, 2005 AHer climbing to 6,900 H entered a descending spiral Autude indicator Airlines Flight Oghtening from 500 m to 100 m. Absence of all three crosscheck. Re-create a 217 gyroscopes during the climb. Lack of pitch, roll, and virtual arOficial horizon heading performance. from non-gyroscopic data. Air Midwest January 8 th Elevator range of moOon cut to only 7 degrees out of Weight and systems Flight 5481 2003 the full 14. Stalled aHer take-off due to overloading and check from sensors maintenance error. onboard before departure. th Austral Lineas October 10 Pitot tube icing caused faulty airspeed readings. Pilots Airspeed crosscheck. Aereas Flight 1997 interpreted as a loss of engine power and added power. 2553 No improvement to airspeed, so they descended and increased the speed. Wing slats were torn off one wing and the plane became uncontrollable.
23
1/27/16
Data Generation for Different Failure Modes Data generaBon from Precision Flight Control’s CAT III Flight
Simulator at RPI’s Worldwide CompuBng Laboratory:
24
Towards a Data-Driven Failure Model Learning Toolkit Expand PILOTS language into a DDDAS Model Learning Toolkit to
include: ¡ ¡
¡
Montecarlo simulaBon to learn model parameters from data. Kalman filters to reduce the impact of noise in data and enable more robust models. ProbabilisBc (Bayesian) approach to conBnuously tune model to data.
25
Cloud-based Offline Data Analytics }
Scalable correlaBon analysis from hundreds of independently-measured sensor data streams à AutomaBng anomaly detecBon/correcBon model creaBon process
d1 d2
… … … dN
… Aircra5 sensor data streams 26
d1
Cloud Storage
?
d3
? ?
?
…
d2
d1
0.8
?
dN
Virtual Machines Cost-Efficient High-Performance Data AnalyBcs
0.9
d3
…
d2 0.6
dN
d1 ≈ c∙d2
Aircra5 Sensor Stream Processing for Expert-Level Flight Assistant System Offline aircraft model creation
Flight Assistant System Baseline aircraft model
f
(5) Notify crew - Anomaly situation - Recommended actions
Sensor streams (20Gbytes/6hr flight)
(2) Terrain, airport, weather, pilot reports
Real-time aircraft sensor/ weather streams (up to 1Mbytes/sec) Controller
Online anomaly condition detection
(1) Anomaly detected!
(3) Probabilistic scenario evaluation (quantitative processing)
(4) Faster-than-realtime simulations http://jsbsim.sourceforge.net/
Expert-Level Flight Assistant System Cloud-based offline data analysis
Sensor streams (20Gbytes/ 6hr flight)
Baseline aircraft model
f
Online anomaly detection
Real-time aircraft sensor/ weather streams (up to 1Mbytes/sec)
Updated aircraft model
(4) Notify anomaly situation & Recommend actions for safe landing
Expert-Level Flight Assistant System (2) Formulate a flight planning problem
g
(1) Anomaly detected!
Controller
Time t1: initial coarse solution
(3) Incremental plan creation with increasing granularity
28
Time t3: fine-grained solution
Time t2: mediumgrained solution
+ t1 < t2 < t3
Cloud
Terrain & airport information
Aircra5 PosiBon Stream Processing for Efficient Air Traffic Management Air Traffic in the U.S. ¡ 87,000 flights per day (including private and commercial) ¡ Roughly 5,000 aircra5 are flying at any given moment ¡ Data rate for aircra5 posiBon and speed data streams: 120 [bits/msg] * 1 [msg/sec] * 5,000 = 73 [KB/sec] Air Traffic Management Problem ¡ Objec1ve: minimize the total delay ¡ ComputaBonally expensive due to exponenBal number of combinaBons ¡ FluctuaBng computaBonal demand ¡ Challenge: How to Bmely finish the computaBon while keeping the monetary cost as low as possible? à Elas1c stream processing in the cloud ¡ Imai, PaWerson, and Varela, “ElasBc Virtual Machine Scheduling for ConBnuous Air Traffic OpBmizaBon,” CCGrid, May 2016.
2PM EST
Related Work Airspeed EsBmaBon
S. Hansen. and M. Blanke: Diagnosis of Airspeed Measurement Faults for Unmanned Aerial Vehicles. IEEE TransacOons of Aerospace and Electronic Systems. Vol 50 (1), Jan. 2014, pp 224-239.
Wind Speed EsBmaBon
A.Cho, J.Kim, S.Lee, and C.Kee, Wind esOmaOon and airspeed calibraOon using a UAV with a single-antenna GPS receiver and pitot tube, IEEE TransacOons on Aerospace and Electronic Systems, vol.47, pp. 109--117, 2011.
Fault DetecBon and IsolaBon (FDI) for Aircra5
J. Gertler: Designing dynamic consistency relaOons for fault detecOon and isolaOon. InternaOonal Journal of Control. Vol. 73, Issue 8, 2000, pp 720-732 L. Trav´e-Massuy`es, T. Escobet, X. Olive: Diagnosability analysis based on component supported analyOcal redundancy relaOons. IEEE Trans. on Systems, Man and CyberneOcs, Part A : Systems and Humans 36(6), 1146–1160 (2006) M. L. Fravolini, V.Brunori, G.Campa, M.R. Napolitano, and M.La Cava: Structured analysis approach for the generaOon of structured residuals for aircraH FDI, IEEE TransacOons on Aerospace and Electronic Systems, vol. 45 (4), pp. 1466--1482, 2009. H. Khorasgani, D. Jung, G. Biswas , E. Frisk, M. Krysander:Robust residual selecOon for fault detecOon. Proc. IEEE Conference on Decision and Control, 2015, pp 5764-5769.
Fault DetecBon and IsolaBon (FDI) for Aerospace Systems
A.Zolghadri, Advanced model-based fdir techniques for aerospace systems: Today challenges and opportuniOes, Progress in Aerospace Sciences, vol.53, pp. 18--29, 2012. J.Marzat, H.Piet-Lahanier, F.Damongeot, and E.Walter, Model-based fault diagnosis for aerospace systems: a survey, Journal of Aerospace Engineering, vol. 226, no.10, pp. 1329--1360, 2012.
30
1/27/16
QuesBons? Download open-source PILOTS 0.2.4 at:
h^p://wcl.cs.rpi.edu/pilots
Consider textbook:
ParBal support from: Air Force Office of ScienBfic Research DDDAS Program Dr. Frederica Darema (AFOSR Grant No. FA9550-11-1-0332, FA9550-15-1-0214), NaBonal Science FoundaBon EAGER/Dynamic Data Program (NSF Grant No. ECCS 1462342), Yamada CorporaBon Fellowship 31
MIT Press, June 2013 1/27/16
