Safeguarding water’s digital tranformation: 7 lessons from the car and aircraft industries

Effective utilisation of data, digital twins and robotics have the potential to improve how we manage complex water systems. The car and aircraft industries can share valuable lessons when it comes to digital adoption, risk mitigation and accident avoidance, writes Dragan Savic.

Over the last two decades, modern digital technology has transformed our society by improving the planning and management of complex systems. Banking, transportation, marketing, entertainment and tourism industries have all witnessed huge disruption.

The water sector, too, has seen increased applications of wireless sensor networks, autonomous robots and sophisticated artificial intelligence tool applications. Given the multifaceted challenges surrounding water, this acceleration of digitalisation appears inevitable to improve how we manage this precious resource.

However, there will inevitably be additional risks associated with those developments. One benefit of being behind the digital curve is that the sector has the opportunity to learn from others that are more advanced in terms of automation and digital transformation.

For example – the aviation and automotive sectors have made significant strides towards full automation. The introduction of digital technological advances, coupled with the drive for increased automation have also contributed to several high-profile failures in sectors where safety is of paramount importance.

Limits to driver-assistance systems (DAS)

Since the first challenge by the Defense Advanced Research Projects Agency (DARPA) in 2004, there has been a huge interest in research and industry in autonomous or “self-driving” cars. Nowadays, it is more accurate to call them driver-assistance systems (DAS) as they help drivers by acting autonomously or alerting them to potential problems and avoid collisions, but cannot be considered fully automated.

Tesla is the leading producer of plug-in electric cars. The organisation’s Autopilot software can match speed with traffic conditions, keep within a lane, change lanes, transition from one road to another, exit the road when the destination is near, self-park when near a parking spot, and be summoned to and from the user’s garage.

However, the rapid development of self-driving cars has also resulted in a few high-profile collisions of Tesla, Google and Uber cars, which are the most prominent companies trialling DAS. Some of those collisions ended up with fatal outcomes. A number of these occurred due to the DAS not being able to recognise a stationary obstacle on the road, like when a Tesla car collided with a parked fire truck, or to understand and give a right of way to other vehicles or to detect and avoid pedestrians.

Airplane autopilot system

Another case is the Boeing 737 Max and its Manoeuvring Characteristics Augmentation System (MCAS) software that is suspected to have played a role in two aircraft crashes with significant loss of life.

With more than 50 years of service and over 15,000 planes sold, the Boeing 737 is the best-selling aircraft in the world. However, two fatal crashes of the 737 Max in 2018 and 2019 within five months of each other, which killed a combined 346 passengers, have led to questions about its safety and subsequently to the worldwide grounding of the aircraft in March of 2019.

The two accidents happened shortly after take-off and while the aircraft was gaining altitude, while the on-board software (MCAS) repeatedly engaged and forced the aircraft to nose-dive (Sgobba, 2019). This pointed to a potential flaw with MCAS, which was designed to automatically activate and stabilise the aircraft by nudging its nose back down.

By identifying what went wrong with the new technology in the cases listed above, it should be possible to learn from them and prevent future failures in water. Here are seven cases we can apply to water.

1) Always keep humans in the loop
The impact of digitalisation and automation in the water sector can mainly be felt by utility personnel. Increasingly capable digital and automation systems can bring fundamental change to how complex natural and engineered systems are protected, controlled and operated.

However, despite huge investments in innovation and implementation of automation in the fields such as automotive and aircraft industries, operating systems that require the highest possible level of safety still rely on trained airline pilots and vehicle drivers. For the water sector this means that despite smart software, including AI and ML solutions, these automation systems will still require a highly skilled workforce to ensure safe future operation of water systems.

2) Ensure awareness and training on technology
People involved in managing water systems must not only understand their complex nature to be able to manage them more effectively, but also be trained in how to use digital technology systems aimed at improving their performance and to understand their limitations.

For example, the fact that the 737 Max pilots involved in the two crashes were not fully aware, or may not have been told about MCAS, makes these automation systems vulnerable and at risk of causing serious failures. The overconfidence of drivers in the capabilities of the car automation software, such as the Tesla Autopilot, might have contributed to serious vehicle crashes due to drivers mistakenly believing the cars can operate independently.

Even a simple renaming of the Autopilot into a driver-assist system may help to clarify the fact that drivers always need to be alert when in control of a vehicle. For the water utility personnel, the level of training and documentation required has to be such that they are fully aware of the capabilities and limitations of automation systems to take full advantage of their capabilities.

3) Include manual, fail-safe intervention systems
Autonomous safety systems, such as those on aircraft and in cars, can introduce added risk by initiating actions without any human involvement. For example, it seems that the erroneous reading of the angle-of-attack sensor has caused the MCAS software to pitch the nose of the 737 Max aircraft down and cause it to stall and eventually led to the two crashes.

While the first 737 Max crash in Indonesia occurred before Boeing issuing clear instructions what pilots can do to remedy the situation, the second crash in Ethiopia happened after the pilots flying the Max received the training following on from the Indonesia crash.

The key problem seems to be with the MCAS system that was automatically activated multiple times. Although most digital solutions in the water sector are not fully automated, any future developments that involve automation should include fail-safe mechanisms. This will enable users to be alerted when they are initiating actions or the ability to initiate a manual intervention of the operator to remedy the situation.

4) Sensor redundancy is a good thing in safety-critical systems
Both the aircraft and car industries have embraced the power of sensor redundancy to protect human life. For example, safety of mass-produced vehicles is paramount and Tesla cars (and other “self-driving” cars) have a number of sensors that provide a high level of redundancy.

Tesla Model 3 includes a vision system that consists of eight cameras, which provide full visibility around the car within a radius of 250 metres, 12 ultrasonic sensors and a forward-facing radar system. However, they do not have LIDAR, while almost every other company working on self-driving cars uses the technology.

On the other hand, Boeing on 737 Max used only one sensor to feed data about the angle-of-attack to its automated MCAS safety system although the aircraft has two such sensors. As any sensor is prone to failure, providing redundancy and using both sensor signals would improve safety by indicating that one of them is sending erroneous data.

While the water industry still lags behind the automotive and aircraft industries in terms of the number and density of sensors in respect to the size of their systems, the increased level of redundancy will improve data quality and reduce the uncertainty associated with sensing data.

5) Don’t underestimate cybersecurity risks
Although cybersecurity breaches were not involved in any of the analysed transportation accidents, anecdotal evidence of white-hat hackers remotely taking control of a car and disabling its transmission as part of their research initiative is a cause for concern. The recent review of the incidents in the water sector indicates that safeguarding against cybersecurity threats is considered a high priority of utilities and governments.

The review identified 14 reported and documented incidents, ranging from a disgruntled former employee taking control of the automation systems and deliberately causing the release of millions of litres of raw sewage into the environment, to a utility that had fallen victim to a ransomware cyberattack where hackers demanded payment to restore access to its computer systems.

6) Consideration of ethics
The prospect of increased availability of self-driving cars brings another challenge for car designers and AI practitioners of dealing with situations where the AI software will have to take life and death decisions. Ethics-based decisions related to unavoidable fatal accidents, i.e., those situations where for the reaction time available no solutions can be found to avoid an accident, are of particular concern.

For example, a tragic hypothetical dilemma in which a self-driving car has to decide whether to run over a group of pedestrians or plunge off a cliff, killing its own occupants, demonstrates one of the potential ethics issues with AI.

The use of AI in the water sector often involves optimal allocation of scarce water resources. However, if automation is taken to its extreme, e.g., in times of severe droughts, where AI decides how to allocate resources to various users (e.g., crop irrigation vs. urban supply), the decision can lead to ethical questions about responsible AI.

7) Framing and the digital vocabulary
Despite the referenced accidents above, organisations such as Tesla have continued to disrupt the traditional car industry, amassing a loyal following. Part of the reason for leading this movement is not only creating a desirable product, but the way the organisation has framed electric vehicles as an experience. Owning a Tesla has become a way for life for many, with buyers becoming natural ambassadors taking to social media to praise the brand. Imagine if we could create a similar movement for tap water!

As water’s digital transformation progresses, it’s important to communicate the benefits to consumers by using the right vocabulary. We need to make sure we bring ratepayers along the digital journey, using additional data to drive consumer engagement, as well as operational improvements.

Safeguarding water’s digital transformation

Given the level of complexity involved with managing water systems, their critical nature (e.g., linking to health and food provision), the necessary safety culture in the industry and the state of digitalisation so far, the water sector has the opportunity to learn from other sectors that are more advanced in terms of automation and digital transformation.

The incidents analysed here occurred in the sectors with strong regulatory mechanisms and safety culture, thus indicating that similar concerns should be researched to safeguard the developing area of digital transformation in the water sector.

The lessons learned from the incidents in the transportation sector, which could at least partially be attributed to digitalisation and automation, are useful for establishing academic and industry based research agendas in the digital transformation and automation of  the water sector.

Dragan Savic.