Towards establishing a self-management architecture for dynamic risk management in 'intelligent' aero-engine control

Zeshan Kurd, Tim Kelly, John Alexander McDermid, Radu Calinescu, Marta Z. Kwiatkowska

Research output: Chapter in Book/Report/Conference proceedingChapter


In the past, intelligent adaptive controllers have been proposed and shown to achieve performance and safely objectives when operating within complex and highly dynamic problem domains such as Gas-Turbine Aero Engine control. The behaviour of control functions in safety critical software systems is typically bounded to prevent the occurrence of known system level hazards. These bounds are typically derived through safely analyses and can be implemented through the use of necessary design features. However, the unpredictability of real world problems can result in changes in the operating context that may invalidate the behavioural bounds themselves, for example, unexpected hazardous operating contexts as a result of failures or degradation. For highly complex problems it may be infeasible to determine the precise desired behavioural bounds of a function that addresses or minimises risk for hazardous operation cases prior to deployment. This paper presents an overview of the safety challenges associated with such a problem and how such problems might be addressed using self-* systems. The safely assurance goals can be used to influence the design of a self-management architecture that performs on-line risk management.
Original languageEnglish
Title of host publicationIET System Safety 2009
Place of PublicationLondon
PublisherIET and SaRS
Edition555 CP
ISBN (Print)978 1 84919 195 1
Publication statusPublished - Jan 2009

Cite this