Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

Comparing Sensors' Characteristics on a Robotic System: The EWaSAP Results Against Designers' Non Theoretical Approaches

No description

Ioannis Dokas

on 25 March 2015

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Comparing Sensors' Characteristics on a Robotic System: The EWaSAP Results Against Designers' Non Theoretical Approaches

Comparing Sensors’ Characteristics on a Robotic System:
The EWaSAP Results Against Designers’ Non-Theoretical Approaches

An extension of STPA for the identification of early warning signs indicating the presence of flaws, the violation of safety constraints and assumptions
Forces analysts to think about the characteristics of the sensors that should be installed
Emphasis on the provision of situation awareness via the introduction of awareness actions

EWaSAP detected both the already existing and those not integrated due to cost trade off factors

Satisfactory results - validity is provided
It is possible with EWaSAP to detect more sensor characteristics compared to experienced designers
Aim of the Study
To compare the sensors’ characteristics for accident prevention selected by EWaSAP against those determined by the non-theoretical approaches used by the developers of a robotic system
6th EU Framework research program

Lasted from 2007 until 2011

Aim: Develop a new robot locomotion technology that could effectively be used for manipulating small objects autonomously or in close cooperation with humans

Maria Mikela Chatzimichailidou, Ioannis M. Dokas

Department of Civil Engineering,
Democritus University of Thrace,

idokas@civil.duth.gr; mikechat@civil.duth.gr

To make a controller capable of providing situation awareness to other controllers within or outside the system whenever data indicating the presence of threats and vulnerabilities have been perceived and comprehended.
1. “All clear” signals
2. Warnings
3. Alerts
4. Algedonic signals
Types of Awareness Actions
Transmition of:
The Combined STPA / EWaSAP Procedure
(STPA 4) Restate any flaws identified in the previous step as safety constraints and repeat steps (STPA 3) and EW(3)
(STPA 1) Identify the hazards in the system - translate these into top-level safety constraints
(STPA 2) Create the control structure
STPA 2a) Identify potentially hazardous control actions
Four general categories:
i. A required control action to maintain safety is not provided
ii. An incorrect or unsafe control action is provided that induces a loss.
iii. A potentially correct or adequate control action is provided too early, too late, or out of sequence.
iv. A correct control action is stopped too soon
STPA 2b) Restate the inadequate control actions as safety constraints
(STPA 3) Determine how the potentially hazardous control actions can occur

STPA 3a) For each controller in the control structure diagram,
create a model of the process it controls

STPA 3b) Examine the parts of the process control loops, using the
guidewords of the generic process control loop flaws
EW (1) Identify anyone outside the system in focus who needs to be informed about the perceived progress of the hazard or about its occurrence (i.e. emergency responders)
EW (2) Identify useful sensory services installed in or possessed by systems outside of the system in focus and establish synergy
EW 2a) For each top level safety constraint identify those signs which indicate to the surrounding systems its violation
EW 2b) Find those systems in the surrounding environment with sensors capable of perceiving the signs defined in EW(2a) and request to establish synergy.
EW (3) Enforce Internal Awareness Actions
EW 3a) Describe what needs to be monitored, and what type of features/capabilities the sensors must have so that to make the appropriate controllers capable of perceiving the occurrence of a flaw and the violation of
designing assumptions
EW 3b) Define which patterns of perceived data indicate the occurrence of the flaw and/or the violation of its designing assumptions
EW 3c) Update the process models of the controllers with appropriate awareness and control actions
EW 3d ) For each perceived warning sign of the previous step, define its meta-data/attribute values (i.e. how the message will be coded/written by the transmitter) as to ensure that it will be perceived and ultimately understood by the appropriate controller/s
- EWaSAP was applied with the guidance of 4 designers
- 8 two-hour meetings with the ACROBOTER designers

- 5 meetings: make sure that considerable data was gathered, terminology was clarified, and the control structure diagram of ACROBOTER was optimized

- STPA and EWaSAP was applied

- 6th and 7th meeting: the designers marked on a checklist the presence/absence of the sensors’ characteristics identified by EWaSAP

- 8th meeting: we recapitulated the facts and presented the EWaSAP total results, i.e. the sensors and their characteristics, and the corresponding early warning signs,
together with the comparative results
99 safety requirements
114 sensor characteristics
97 were considered beneficial
Three types of results:
The ACROBOTER designers
(1) thought about them and had them
(2) thought about them, but did not have them - reasons: cost trade-off
(3) did not even think about them

33 were present
2 were attributed to humans / not to a sensory devise
69 were not been met due to cost
10 were not been thought of

“Since we wanted to be
inline with the budget
, we were aware right from the beginning that we were about to
exclude some short of technology
(and we finally did so), thus
accident preventive measures were intentionally not formally recognised
. But your results go far
beyond our imagination
… Maybe our in depth knowledge and expertise
made us feel too much confidence
, that we finally integrated only those typical components, which are
widely known and used by colleagues
in our research branch.” -
Grid of anchor points
Swinging unit
Full transcript