UAS procedures model with system architecture for safety analysis

As the number of unmanned aerial systems (UAS) keeps increasing, so do the safety risks they pose. One way of maintaining an acceptable risk level is that operational procedures are adequately designed and proven. Model-based approaches involve modeling procedures as a sequence of tasks with inputs and outputs. These tasks abstract away the complexity of the subsystem or actor who performs them. However, UAS procedures typically involve multiple actors and subsystems, each of which contributes to the risk of the operation. Accounting for these heterogeneous risk contributors allows new failure propagation paths to be revealed, understood and patched, leading to increased safety. In order to achieve this, we propose a methodology to connect the safety models of such contributors to our previous procedure models. We discuss and illustrate this methodology on a medium-sized fixed-wing UAV. We connect our procedure models to the UAV's functional architecture model, and use them to generate minimal sequences leading to a crash of the UAV. New sequences illustrating the contribution of the UAV's architecture are revealed that did not appear in our previous work on UAS procedures. This provides an opportunity to explore the contribution of the system's architecture to its overall safety through the procedures.