|
Operator ID: |
|
|
UAS Operating Safety Case |
|
|
Document reference number: |
|
|
Document version and date: |
|
|
Amendment Number |
Date |
Amended by |
Details of changes |
|
|
|
|
|
CAP722A Table 6
|
UAS Model |
Falcon 8 |
|
UAS design & manufaturing organisations |
Intel |
|
Empty Mass |
Empty weight: |
|
Maximum Take-Off Mass (MTOM) |
Take off weight: |
|
Dimensions for Rotorcraft / Multirotor |
|
|
Length of aircraft body |
|
|
Width of aircraft body |
|
|
Height of aircraft body |
|
|
Propeller Configuration |
|
|
Propeller Dimensions |
|
|
Sound power level |
|
|
Any other relevant information |
|
CAP722A Table 7
|
Maximum airspeed |
Max Airspeed - Manual Mode: Max Airspeed - Height Mode: Max Airspeed - GPS Mode: |
|
Minimum airspeed to maintain safe flight |
|
|
Normal/typical operating height |
Max altitude: |
|
Maximum operating height |
|
|
Maximum flight time during normal operation |
Flight time: |
|
Maximum flight time on an ISA day at cruising speed at normal/typical operating height. |
|
|
Maximum flight range on an ISA day (normal and emergency conditions) |
|
|
Glide distances |
|
|
Maximum radio range of the C2 Link |
Max data link range: |
CAP722A Table 8
|
Wind speed limits |
Max tolerable wind speed: |
|
Turbulence restrictions |
|
|
Precipitation limits |
|
|
OAT limits |
|
|
In-flight icing condition limits |
|
|
Any other relevant information |
CAP722A Table 9
|
Type of material |
|
|
Material characteristics or properties |
|
|
Any other relevant information |
CAP722A Table 10
|
Batteries: |
|
|
Battery type, model and manufacturer |
|
|
Quantity |
|
|
Arrangement |
|
|
Generator: |
|
|
Generator type, model and manufacturer |
|
|
Specification |
|
|
Electrical loads |
|
|
Electrical load shedding functionality |
|
|
Power supply redundancy |
|
|
Procedures to charge and discharge batteries. |
|
|
Safety provisions with regards to hazards inherent to high-voltage storage devices: |
|
|
Procedures in place for safe handling by any person who may come into contact with high-voltage storage devices |
|
|
Means of identifying high-voltage storage |
|
|
Safety provisions for any person discovering the UA following an accident. |
|
|
Procedures and safety provisions to mitigate the risk of battery thermal runaway. |
|
|
Procedures for monitoring high-voltage storage devices. |
|
|
HMI: |
|
|
Information indicated to the remote pilot. |
|
|
Alert messages indicated to the remote pilot. |
|
|
Any other relevant information |
|
CAP722A Table 11
|
Propulsion type |
|
|
Engines: |
|
|
Type, model and manufacturer |
Engines: |
|
Propeller type, model and manufacturer |
Rotor Diameter: |
|
Quantity |
Number of rotors: Rotor weight: |
|
Arrangement |
|
|
Power output |
|
|
Propeller guards |
|
|
In-flight restart functionality |
|
|
Performance monitoring |
|
|
Health monitoring |
|
|
Safety features and redundancy in the system that allow maintaining flight after a failure or degradation has occurred in the propulsion system. |
|
|
Fuel-powered propulsion system – Safety features to mitigate the risk of engine loss when the following hazards occur: |
|
|
Fuel starvation |
|
|
Fuel contamination |
|
|
Failed signal input from the control station |
|
|
Engine controller failure |
|
|
Indication to the remote pilot |
|
|
Electric-powered propulsion system: |
|
|
Power source and supply management with regards to other systems in the UA |
Power supply: |
|
Redundant power sources |
|
|
Maximum continuous power output of the motor |
|
|
Maximum peak power output of the motor |
|
|
Electrical distribution architecture |
|
|
Electrical load shedding functionality |
|
|
HMI: |
|
|
Information indicated to the remote pilot. |
|
|
Alert messages indicated to the remote pilot. |
|
|
Any other relevant information |
|
CAP722A Table 12
|
Fuel type |
|
|
Safety provisions with regards to hazardous substances within the fuel system: |
|
|
List of hazardous substances and their characteristics. |
|
|
Procedures in place for safe handling of the UA by any person who may come into contact with the hazardous substances. |
|
|
Means of identifying the hazardous substances. |
|
|
Safety provisions for any person discovering the UA following an accident. |
|
|
HMI: |
|
|
Information indicated to the remote pilot. |
|
|
Alert messages indicated to the remote pilot. |
|
|
Any other relevant information |
|
CAP722A Table 13
|
Design and operation of flight control units, surfaces, actuators, control linkages, etc. |
|
|
Flight controller: |
|
|
Type, model and manufacturer |
|
|
Functions |
|
|
Flight modes available |
|
|
Automatic functions: |
|
|
Take-off and landing |
|
|
Stabilisation |
|
|
Autopilot |
|
|
Return to home |
|
|
If functions are provided by COTS equipment, provide type, model and manufacturer. |
|
|
Safety features and redundancy in the system which allow maintaining flight after a failure or degradation of the flight control system, including indication to the remote pilot. |
|
|
HMI: |
|
|
Information indicated to the remote pilot. |
|
|
Alert messages indicated to the remote pilot. |
|
|
Any other relevant information |
|
CAP722A Table 14
|
Sensors |
|
|
Type, model and manufacturer |
Global Navigation Satellite System (GNSS): |
|
Quantity |
|
|
Telemetry links |
|
|
Method to determine current position. |
|
|
Method to navigate to intended destination. |
|
|
Automatic/automated navigation functions |
|
|
Geo-awareness functions |
|
|
Containment functions |
|
|
Safety features and redundancy in the system which allow maintaining flight after a failure or degradation has occurred in the navigation system: |
|
|
Backup means of navigation |
|
|
Detection of and response to loss of primary means and secondary means of navigation. |
|
|
Indication to the remote pilot |
|
|
HMI: |
|
|
Information indicated to the remote pilot. |
|
|
Alert messages indicated to the remote pilot. |
|
|
Any other relevant information |
|
CAP722A Table 15
|
DAA system functions |
|
|
Devices used |
|
|
Technology used |
|
|
Interface between the DAA system and the flight control computer |
|
|
Limitations of the DAA system |
|
|
Evidence of equipment qualification and approval. |
|
|
DAA event sequence: |
|
|
Level of automation |
|
|
Actions required by the remote pilot |
|
|
Means to verify normal system operation. |
|
|
HMI: |
|
|
Information indicated to the remote pilot. |
|
|
Alert messages indicated to the remote pilot. |
|
|
Any other relevant information |
|
CAP722A Table 16
|
|
|
Power sources, supply management and redundancy. |
|
|
Radio signal: |
|
|
Determination of the signal strength and health value. |
|
|
Threshold values which represent a critically degraded signal. |
|
|
Control handover between two CUs |
|
|
Safety features to mitigate the risk of inadvertent command activation: |
|
|
List of critical commands |
|
|
Mitigation means |
|
|
Safety features to mitigate the risk of display or HMI lock-up. |
|
|
Safety features to maintain flight-critical processing when multiple programs are running concurrently. |
|
|
HMI: |
|
|
Information indicated to the remote pilot. |
|
|
Radio signal strength and/or health indication to the remote pilot. |
|
|
Alert messages indicated to the remote pilot. |
|
|
Any other relevant information |
|
CAP722A Table 17
|
RLOS |
|
|
BRLOS |
|
|
Antennas: |
|
|
Type, model and manufacturer |
Control Links: |
|
Locations on the UAS |
|
|
Transceivers / Modems: |
|
|
Power levels |
|
|
Transmission schemes |
|
|
Operating frequencies |
|
|
Details of frequency spectrum approvals |
|
|
Maximum power output/range |
|
|
Type of signal processing |
|
|
Datalink margin in terms of the overall link bandwidth at the maximum anticipated distance from the CU. |
|
|
Operational C2 link management: |
|
|
Frequency switchovers |
|
|
Contingency situations |
|
|
Third party link service provider |
|
|
Radio signal: |
|
|
Determination of the signal strength and health value |
|
|
Threshold values which represent a critically degraded signal. |
|
|
Minimum and average assured data rates |
|
|
Minimum and average assured latencies |
|
|
Design features and procedures to maintain availability, continuity, and integrity of the datalink: |
|
|
RF or other interference |
|
|
Flight beyond communications range |
|
|
Antenna masking |
|
|
Loss of CU functionality |
|
|
Loss of UA functionality |
|
|
Atmospheric attenuation |
|
|
Safety features to mitigate the risk of loss of C2 link: |
|
|
C2 links redundancy |
|
|
Automatic triggering of an emergency recovery function |
|
|
Automatic return to home |
|
|
Safety features to mitigate the risk of harmful interference. |
|
|
HMI: |
|
|
Information indicated to the remote pilot. |
|
|
Radio signal strength and/or health indication to the remote pilot. |
|
|
Alert messages indicated to the remote pilot. |
|
|
Any other relevant information |
|
CAP722A Table 18
|
Antennas: |
|
|
Type, model and manufacturer |
|
|
Locations on the UAS |
|
|
Communication method: |
|
|
VHF |
|
|
GSM network |
|
|
Satellite |
|
|
Safety features to mitigate the loss of communication function: |
|
|
Primary communication means |
|
|
Secondary / back-up communication means |
|
|
HMI: |
|
|
Information indicated to the remote pilot. |
|
|
Radio signal strength and/or health indication to the remote pilot. |
|
|
Alert messages indicated to the remote pilot. |
|
|
Any other relevant information |
|
CAP722A Table 19
|
Wheels, skids, rails, launchers, etc. |
|
|
If various mechanisms can be fitted: |
|
|
Primary mechanism |
|
|
Secondary mechanisms |
|
|
Operational conditions/requirements for each mechanism. |
|
|
Any other relevant information |
|
CAP722A Table 20
|
Mode of operation |
|
|
Safety features which mitigate the risk of loss of control or situational awareness. |
|
|
Means to verify normal system operation. |
|
|
HMI: |
|
|
Information indicated to the remote pilot. |
|
|
Alert messages indicated to the remote pilot. |
|
|
Any other relevant information |
|
CAP722A Table 21
|
Type, model and manufacturer |
|
|
Locations on the UA |
|
|
Colour |
|
|
Operation |
|
|
Operating modes |
|
|
Purpose |
|
|
HMI: |
|
|
Information indicated to the remote pilot. |
|
|
Alert messages indicated to the remote pilot. |
|
|
Any other relevant information |
|
CAP722A Table 22
|
Types |
|
|
Mass |
Payload weight (camera and gimbal): |
|
Interfaces with the UA: |
|
|
Mechanical interface |
|
|
Electrical interface |
|
|
Data interface |
|
|
Release mechanism |
|
|
Any other interface |
|
|
Procedures to install the payload onto the UA. |
|
|
Effects of the payload on the UA |
|
|
Sensors |
|
|
Safety features to mitigate the risk of the payload affecting the flight of the UA: |
|
|
Effects on aerodynamics |
|
|
Effects of electro-magnetic interference. |
|
|
Effects of electrical power and / or data connection failures on the UAS. |
|
|
Effects of complete detachment of the payload from the UA (either caused by a failure or through intentional lowering / dropping of the payload). |
|
|
Effects of partial detachment of the payload from the UA. |
|
|
Distraction of the remote pilot generated by the payload during flight. |
|
|
Procedures to verify the attachment points to the UA. |
|
|
Procedures to verify the UA MTOM and CG location. |
|
|
Procedures to detect and mitigate any failure of the payload in flight. |
|
|
Safety provisions with regards to hazards inherent to the payload |
|
|
Procedures in place for safe handling of the payload. |
|
|
Means of identifying hazards. |
|
|
HMI: |
|
|
Information indicated to the remote pilot. |
|
|
Alert messages indicated to the remote pilot. |
|
|
Any other relevant information |
|
CAP722A Table 23
|
UAS launch and recovery systems |
|
|
Power sources |
|
|
Transportation equipment |
|
|
Backup or emergency equipment |
|
|
Procedures to transport UA, CU, battery/fuel, and other equipment between operation sites and from the loading/off-loading area to the take-off/landing area. |
|
|
Storage of ground support equipment. |
|
|
Suitability of the ground support equipment and transportation method with regards to the UAS components’ fragility, sensitivity or inherent hazards. |
|
|
Ground support equipment standards |
|
|
Ground support equipment manufacturer's recommendations. |
|
|
Any other relevant information |
CAP722A Table 24
|
Maintenance manual: |
|
|
Structure |
|
|
Maintenance procedures: |
|
|
Inspections |
|
|
Overhaul |
|
|
Repairs |
|
|
Assurance of repair procedures |
|
|
Batteries maintenance during storage periods |
|
|
Origin of each procedure |
|
|
Maintenance schedules |
|
|
Procedures to record maintenance that has been carried out. |
|
|
Storage of maintenance records |
|
|
Staff qualification and levels of approval. |
|
|
Procedures to use the manual by the Maintenance staff |
|
|
Configuration control |
|
|
Any other relevant information |
|
CAP722A Table 25
|
Sources of procurement |
|
|
Process to confirm the suitability of the part. |
|
|
Any other relevant information |
CAP722A Table 26
|
Hardware, software, and firmware version control |
|
|
Modification standards |
|
|
Modification records storage |
|
|
Safety assessment associated with the modification |
|
|
Any other relevant information |
CAP722A Table 27
|
Step 1 – Identify the main functions of the UAS. |
|
||||
|
Step 2 – Identify the sub-functions. |
|
||||
|
Step 3 – Consider the ways each function may fail. |
|
||||
|
Step 4 – Identify the failure conditions. |
|
||||
|
Step 5 – Select those failure conditions that may lead to mid-air collision or harm to uninvolved people on the ground. (Identified Hazard) |
|
||||
|
Step 6 – Assurance |
|
||||
|
Step 7 – Describe the consequence of the failure condition. |
|
||||
|
Step 8 – Describe the failure modes. (Unmitigated Failures) |
|
||||
|
Step 9 – Identify the single points of failure. |
|
||||
|
Step 10 – Describe the risk mitigation means. |
|
||||
CAP722A Table 28
Flight System | |
| Type | V-shaped Octocopter |
| Size | 768x817x160mm |
| Engines | 8 electrical, brushless (sensorless) motors with 125W max. power each |
| Rotor Diameter | 8" (~20cm) |
| Number of rotors | 8 |
| Rotor weight | 6g |
| Empty weight | 1.2kg |
| Payload weight (camera and gimbal) | 0.8kg |
| Take off weight | 2.8kg |
| Flight time | Up to 16-2 6mins |
| Max data link range | 1km+ |
| Max altitude | 4,000m MSL |
| Max video link range | 1km+ (FCC version) |
| Max tolerable wind speed | 12m/s (GPS mode) 16m/s (Height mode, Manual mode) |
| Power supply | 2x IntelĀ® Powerpack 4000 (redundant setup) |
Navigation Sensors | |
| AscTec* Trinity Control Unit | Triple redundant Inertial Measurement Unit (IMU: barometer, compass, accelerometers, gyroscopes) |
| Global Navigation Satellite System (GNSS) | GPS and GLONASS |
Performance | |
| Max Airspeed - Manual Mode | 18m/s |
| Max Airspeed - Height Mode | 18m/s |
| Max Airspeed - GPS Mode | 4.5m/s standard/ up to 10m/s in mapping flights |
| Climb/sink rate - Manual Mode | 6 to 10m/s |
| Climb/sink rate - Height Mode | 3m/s |
| Climb/sink rate - GPS Mode | 3m/s |
| Turn rate - Manual Mode/Height Mode | 115 degrees/s |
| Turn rate - GPS Mode | 75 degrees/s |
Wireless Communication | |
| Control Links | Two independent (diversity) command and control links - 2.4GHz adaptive FHSS link 100mW |
| Digital video link | Low latency digital link. 5.1GHz with up to 250mW. Resolution depending on payload, up to 1080p full HD |
Data source: https://www.intel.com/content/www/us/en/drones/falcon-8-drone-brief.html
Generated using dronespec.info
Source data acquired 2023-02-05 10:09:05