Skeptical Dynamic Dependability Management for Automated Systems

Dynamic Dependability Management (DDM) is a promising approach to guarantee and monitor the ability of safety-critical Automated Systems (ASs) to deliver the intended service with an acceptable risk level. However, the non-interpretability and lack of specifications of the Learning-Enabled Components (LECs) used in ASs make this mission particularly challenging. Some existing DDM techniques overcome these limitations by using probabilistic environmental perception knowledge associated with predicting behavior changes for the agents in the environment. We propose to improve these techniques with a supervisory system that considers hazard analysis and risk assessment from the design stage. This hazard analysis is based on a characterization of the AS's operational domain (i.e., its scenario space, including unsafe ones). The proposed supervisory system also considers the uncertainty estimation and interaction between AS components through the whole perception-planning-control pipeline. Our framework then proposes leveraging and handling uncertainty from LEC components toward building safer ASs.