This article develops and experimentally tests a supervisory risk controller used to increase the safety of drone operations. Its task is to monitor the state of the drone and environment and to use this information to automatically change safety-critical parameters in real-time during operation.

A case study of a tethered industrial inspection drone is considered. A system theoretic process analysis (STPA) is performed to identify how the system can fail. A Dynamic Decision Network (DDN), used as an online risk model, is built based on the results of the STPA. An optimization approach is used to choose an optimal parameter configuration that ensures an acceptable risk level.

Through experimental tests, it is demonstrated how the supervisory risk controller is able to identify the state of the drone and the environment by combining information from multiple measurements over time and how it chooses values for the maximum speed, safety distance, and maximum vertical acceleration that produces an acceptable risk level. The parameters are updated during flight based on the output from the supervisory risk controller. When no parameter set can ensure an acceptable risk level then a recommendation of aborting the mission is sent to the human operator.

Video of the experimental results can be found at https://youtu.be/RKhG9bguRJY