High-integrity navigation: A frequency-domain approach

This paper seeks to provide an autonomous navigation systems engineer with the tools and insights needed to design a high-integrity navigation system. The term "high integrity" is used here to describe a system that is robust to failure and at the very least can be guaranteed upon failure to attain a " safe" state. By designing for high integrity, the designer is acknowled ging the fact that at some point in time, the system will fail. The time be tween failures may be maximized by choosing high-reliability components, bu t nevertheless the components (whether they be sensors, actuators, mechanic s, computers, or even mathematical models) will at some time fail in potent ially unpredictable ways. A navigation system is said to have high integrit y if a guarantee is provided that while individual components may fail, the system as a whole will never fail in a catastrophic manner, and therefore Hill not require any human intervention. Without the guarantee of integrity , autonomous navigation systems will be difficult, if not impossible, to de ploy in real-world applications. This paper aims to provide this guarantee by determining the necessary conditions that are required for a navigation system to be considered of high integrity. Frequency-domain techniques are used to model the contribution of sensor and process faults to navigation s ystem performance. This methodology provides the foundation needed to desig n navigation systems with enough frequency redundant information to make po ssible reliable fault detection and identification over the entire operatin g frequency spectrum.