How to Conquer the Safety Issues of Highly Automated Systems
Dr. Henning Butz
Automation – specifically referred to as “Assistant Functions” – in most cases is implemented to systems for the purpose of comfort and efficiency augmentation. Basically such implementations are expected to provide the desired function with a high level of confidentiality, continuity and reliability. Thus, the system shall perform as expected without unintended interruption under each operating condition that might occur. Sadly, this expectation isn’t always satisfied. Especially when the level of automation is high, failures and mal-functions can develop to safety cases, which mean risk to systems and people. To prevent such risks, additional assistant functions are implemented, which shall – in case of failures – keep the system function within controllable limits. Growing system complexity and in-transparency however, is the price one has to pay for it. When humans are concerned with such systems, they often find them hardly to comprehend and impossible to predict in their behavior. On top of that, an exhaustive validation of the system state space against an arbitrary operation environment is difficult to achieve. As a consequence important safety goals may be missed and the safety margin shrinks. This effect concerns the complete life-cycle of a system: at development and under operation. The paper will explain why and where those mechanisms occur and how they can be identified and conquered. Some examples from autonomous driving and flying will highlight the methods which are applied in order to achieve and maintain a dependable safety margin even in case of highly extended automation.
Henning Butz worked for Airbus (Hamburg, Bremen, Toulouse) from 1986 to 2009 in the fields of Systems- and Process-Engineering. For more than ten years he held the position as the Head of the Avionic Department at Airbus Hamburg and Bremen. 2010 Henning started a new career as an international consultant and interim manager for various branches of the transport systems business. The focus of his work lies on system safety, processes, methods and human-machine-interference. Presently Henning is working as Head of Systems for Freighter Aircraft development at Pacific Aviation Inc., San Diego / Bremen. Henning Butz studied Physics, Electrical and Systems Engineering at the Universities of Bremen and Karlsruhe, Germany.