Interlocking Safety Cases for Unmanned Autonomous Systems in Urban Environments

The growing adoption of small unmanned aircraft systems (sUAS) for tasks such as eCommerce, aerial surveillance, and environmental monitoring introduces the need for new safety mechanisms in an increasingly cluttered airspace. Safety assurance cases (SAC) provide a state-of-the-art solution for reasoning about system and software safety in numerous safety-critical domains. We propose a novel approach based on the idea of interlocking safety cases. The sUAS infrastructure safety case (iSAC) specifies assumptions and applies constraints upon the behavior of sUAS entering the airspace. Each sUAS then demonstrates compliance to the iSAC by presenting its own (partial) safety case (uSAC) which connects to the iSAC through a set of interlock points. To enforce a 'trust but verify' policy, sUAS conformance is monitored at runtime while it is in the airspace and its behavior is described using a reputation model based on the iSAC's expectations of its behavior.