航空学报 > 2022, Vol. 43 Issue (7): 325354-325354   doi: 10.7527/S1000-6893.2021.25354

基于STPA-TOPAZ的低空无人机冲突解脱安全性分析

张宏宏1,2,3, 甘旭升1,2, 孙静娟1,2, 赵顾颢1,2, 韩宝华1,2   

  1. 1. 空军工程大学 空管领航学院, 西安 710051;
    2. 国家空管防相撞技术重点实验室, 西安 710051;
    3. 中国人民解放军 31664部队, 格尔木 816000
  • 收稿日期:2021-02-01 修回日期:2021-06-21 发布日期:2021-06-18
  • 通讯作者: 甘旭升,E-mail:ganxusheng123@163.com E-mail:ganxusheng123@163.com
  • 基金资助:
    国家自然科学基金(61601497);陕西省自然科学基础研究计划(2022JM-412);空军工程大学校长基金(XZJ2020005)

Analysis of low altitude UAV conflict resolution safety based on STPA-TOPAZ

ZHANG Honghong1,2,3, GAN Xusheng1,2, SUN Jingjuan1,2, ZHAO Guhao1,2, HAN Baohua1,2   

  1. 1. Air Traffic Control and Navigation College, Air Force Engineering University, Xi'an 710051, China;
    2. National Key Laboratory of Air Traffic Collision Prevention, Xi'an 710051, China;
    3. Unit 31664 of PLA, Golmud 816000, China
  • Received:2021-02-01 Revised:2021-06-21 Published:2021-06-18
  • Supported by:
    National Natural Science Foundation of China (61601497); Natural Science Basic Research Program of Shaanxi Province (2022JM-412);The President Foundation of Air Force Engineering University (XZJ2020005)

摘要: 为防止低空无人机(UAV)冲突解脱过程中发生危险接近或事故,将该过程的安全问题转化为控制问题,提出基于STPA-TOPAZ的低空无人机冲突解脱安全性分析方法。首先基于系统理论的事故模型和过程(STAMP),构建冲突解脱系统中的安全控制结构。然后利用系统理论过程分析(STPA)根据系统运行的上下文信息确定系统级事故和危险,识别出冲突解脱过程中的不安全控制行为,并分析产生不安全控制行为的关键致因。最后利用TOPAZ方法定量描述致因因素对系统安全的影响程度,找到制约系统安全的瓶颈。仿真结果表明了STPA-TOPAZ方法的有效性与优越性。

关键词: 无人机, 冲突解脱, 系统理论过程分析, TOPAZ, 安全评估

Abstract: To prevent the occurrence of dangerous approaches or accidents in the low-altitude UAV conflict resolution process, the security problem in the process was transformed into the control problem, and a conflict resolution security analysis method for the low altitude UAV was proposed based on STPA-TOPAZ. Firstly, based on Syster-Theoretic Accident Modeling and Processes (STAMP), the security control structure in the conflict resolution system is constructed. Then System-Theoretic Process Analysis (STPA) is used to determine system-level accidents and hazards based on the context information of system operation, identify the unsafe control behaviors in the process of conflict resolution, and analyze the key causes of unsafe control behaviors. Finally, the Traffic Organization and Perturbation Analyzer (TOPAZ) method is used to quantitatively describe the influence degree of the causal factors on system security, and identify the security bottleneck that restricts the system. The simulation results show the effectiveness and superiority of the STPA-TOPAZ method.

Key words: UAV, conflict resolution, system-theoretic process analysis, TOPAZ, safety assessmenthttp

中图分类号: