We provide EU funding and world-class technical support to engineering and technology businesses.

Find out more about who we are and what we do

Stay in Touch

EventBrite logo Twitter logo RSS logo Linked In  logo Email us

Join our mailing list

Join our mailing list to receive notification of CPSE Labs events and upcoming calls

Smart Anything Everywhere

Cyber-Physical Systems Engineering Labs is part of the Smart Anything Everywhere initiative.

This project has received funding from the European Union's Horizon 2020 research and innovation programme under grant agreement No 644400.

SafeAM (Safety enhancement for autonomous robotic airfield management): application to lighting control and management

'The integration of HAZOP-UML into Sterela's tooling environment allows us to capitalize on the technology transfer for reuse in our current and future safety-related development projects'

Augustin Desfosses - Project Manager at Sterela

Problem and solution


According to the civil aviation regulation, the light intensity on airfields is to be measured and determines whether or not the runway can be open to air traffic. Currently, human maintenance operators perform the light inspection but this is a burdensome and unpleasant task. It has to be done late at night, typically from 1am to 4am. The repeated exposure to intense lights in surrounding dark may cause eye strain. The task would thus be a perfect fit for robotic operation. However, today, no robot is authorized on airports due to safety issues.

The project aimed to transfer and assess the safety-related technologies provided by Design Center France, which are relevant to help Sterela demonstrate that their robots can be safely deployed on airports. These technologies include model-based safety analysis (HAZOP-UML, Altarica), safety monitoring (SMOF), a component-based development framework (MAUVE), and a testing framework based on the MORSE simulator.

How did CPSE Labs help?

The project was a unique opportunity to provide an innovative SME with access to leading edge technology only available to research centers so far for the mutual benefit of verifying those technologies in a real world and challenging use case, and enabling the SME to reach out to new markets.

The technologies were applied at an early stage where some design decisions are still open and can be tuned to accommodate safety concerns. For example, an important requirement was that the air traffic controllers must keep the ability to re-open a runway as quickly as possible in case of a landing emergency. In that case, Sterela originally considered an automated runway evacuation procedure according to which the robot aborts its mission and rushes into a safe area. But the analysis by HAZOP-UML and Altarica demonstrated that the system safety should not depend on such a complex procedure: it would be very costly to implement the evacuation with the required integrity level. The automated evacuation function was then removed and replaced by a manual evacuation procedure, with a high integrity on the last known localization of the robot.

Another challenging requirement was the need to accommodate movement of the robot in close vicinity of lights and still ensure that there is no collision with any obstacle. The synthesis of anti-collision safety rules by SMOF revealed the need for an additional sensor that was originally not considered, in order to discriminate between low obstacles that can pass under the light measurement device and tall obstacles that cannot. It also revealed the need for a richer set of safety interventions than the emergency stop.

Finally, the MAUVE framework was used to develop a simplified version of the navigation control software, for the purpose of demonstrating the code generation and real-time analysis facilities offered by this framework. An intentionally faulty version of the control software was also created and interfaced with anti-collision rules: MORSE was then used to demonstrate the activation of the rules in simulated light inspection missions.


Assuming that 144 regional and 80 international airports in Europe will be equipped with the new technology within 5 years after the end of the experiment, Sterela expects to sell a total of 224 service robots representing an aggregated turnover exceeding €8.9 million after 5 years. Moreover, the runway light inspection is only one example of an integrated payload for robots in airport configuration. Robotic solutions could be used in this exact same environment, for other inspection tasks (fences and gates), runway sweeping, snow plowing, runway de-icing.

The project allowed Sterela to better identify the risks induced by the operation of such robots as well as the solutions to address them. Among the experimented technologies, more effort was put on applying the ones related to early design phases (HAZOP-UML, Altarica, SMOF) than to development and testing phases (MAUVE, MORSE). The transfer took different forms. HAZOP-UML was fully transferred to Sterela, who developed an in-house tool to integrate the technology into their lifecycle management platform. For Altarica, the conclusion of the experiment was to retain the technology but to externalize the expertise on it. Hence, a new partnership has been established with a company willing to acquire this technology (see experiment 4MOB-AIRMAN). For SMOF, it has been decided to integrate the synthesized safety rules into the robot architecture. An R&D development has been launched to implement the safety device in charge of the execution of the rules.

'The integration of HAZOP-UML into Sterela's tooling environment allows us to capitalize on the technology transfer for reuse in our current and future safety-related development projects'

Augustin Desfosses - Project Manager at Sterela


The project has produced concrete feedback on the design of the light inspection robot for its safe operation in airports. It also helped Sterela to identify strategic actions for the future. The application of the safety-related technologies yielded a number of software and modeling artifacts to be developed, including an in-house tool that integrates HAZOP-UML into Sterela's project environment.

Part of these outputs are made publicly available by means of publications, talks or archives of experimental artifacts:

  • Enhanced safety for airfield management. One-page description of the project, in a brochure distributed at Smart Anything Everywhere 2016, Brussels, Belgium.
  • Case Study Report: Safety rules synthesis for an autonomous robot, Lola Masson, Jérémie Guiochet, Hélène Waeselynck. Fast abstracts at International Conference on Computer Safety, Reliability, and Security (SAFECOMP), 2016, Trondheim, Norway. Author version available online.
  • Applying Safety methods to automated runway light inspection, Augustin Desfosses. Invited talk, CPSE Labs Workshop at International Conference on Computer Safety, Reliability, and Security (SAFECOMP), 2016, Trondheim, Norway. Slides available.
  • Synthesis of safety rules for active monitoring: application to an airport light measurement robot, Lola Masson, Jérémie Guiochet, Hélène Waeselynck, Augustin Desfosses, Marc Laval. In Proc. IEEE International Conference on Robotic Computing (IRC 2017), 2017, Taiwan. DOI: 10.1109/IRC.2017.11. Author version available online.
  • Downloadable archive of SMOF models.

Design centre

This experiment is supported by our France design centre

France design centre

Technology platforms


Sterela Logo


20 Nov 2015 - 19 Nov 2016
Funded under: CPSE Labs Call 1