Rongyao Cai,Xiao Xv,Zhengming Lu,Kexin Zhang,Yong Liu

DOI: https://doi.org/10.1109/isas61044.2024.10552597

2024-01-01

Abstract:Fault tree analysis is the most commonly used methodology in industrial safety analysis to predict the probability or frequency of system failure. Although fault tree analysis has been proposed for more than six decades, the assumptions used in most commercial fault tree analysis codes have not changed significantly, which limits the ability of the method to represent design, operation, and maintenance characteristics in the context of the increasing complexity and specialization of modern industrial systems. The basic setup of traditional fault trees is unable to include dependencies between events, time-varying failures, and repair rate realities to explain complex maintenance strategies. To address the above shortcomings, we propose a fusion tree model combining fault tree and attack tree, and simplify the causal structure of the fusion tree by modularization, and utilize the dynamic Markov model to represent the complex coupling relationship between components or nodes. Finally, we demonstrate the calculation process of fusion tree in pressure vessel systems with temporal control.

Charles Dickerson,Rosmira Roslan,Siyuan Ji

DOI: https://doi.org/10.1109/TR.2018.2849013

2018-05-01

Abstract:Fault analysis and resolution of faults should be part of any end-to-end system development process. This paper is concerned with developing a formal transformation method that maps control flows modeled in UML Activities to semantically equivalent Fault Trees. The transformation method developed features the use of propositional calculus and probability theory. Fault Propagation Chains are introduced to facilitate the transformation method. An overarching metamodel comprised of transformations between models is developed and is applied to an understood Traffic Management System of Systems problem to demonstrate the approach. In this way, the relational structure of the system behavior model is reflected in the structure of the Fault Tree. The paper concludes with a discussion of limitations of the transformation method and proposes approaches to extend it to object flows, State Machines and functional allocations.

Software Engineering

Changyong Chu,Weikang Yang,Yajun Chen

DOI: https://doi.org/10.3390/s24186021

IF: 3.9

2024-09-19

Sensors

Abstract:As embedded systems become increasingly complex, traditional reliability analysis methods based on text alone are no longer adequate for meeting the requirements of rapid and accurate quantitative analysis of system reliability. This article proposes a method for automatically generating and quantitatively analyzing dynamic fault trees based on an improved system model with consideration for temporal characteristics and redundancy. Firstly, an "anti-semantic" approach is employed to automatically explore the generation of fault modes and effects analysis (FMEA) from SysML models. The evaluation results are used to promptly modify the system design to meet requirements. Secondly, the Profile extension mechanism is used to expand the SysML block definition diagram, enabling it to describe fault semantics. This is combined with SysML activity diagrams to generate dynamic fault trees using traversal algorithms. Subsequently, parametric diagrams are employed to represent the operational rules of logic gates in the fault tree. The quantitative analysis of dynamic fault trees based on probabilistic models is conducted within the internal block diagram of SysML. Finally, through the design and simulation of the power battery management system, the failure probability of the top event was obtained to be 0.11981. This verifies that the design of the battery management system meets safety requirements and demonstrates the feasibility of the method.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Yuehai Wang,Menghan Xu,Hongling Zhao,Jiaojiao Li

DOI: https://doi.org/10.2991/meic-15.2015.136

2015-01-01

Abstract:In analog circuit automatic generating fault tree field, several problems are as below: currently the fault tree model had not strong structural to provide the detail realization method to automatic generating fault tree and only used Support Vector Machine algorithm to automatic generating fault tree the accuracy and stability are insufficient, the generating fault tree method is non-portable. Paper combines the SVM algorithm and the fault tree model based on IEEE 1232, analyzes the characteristics of the new fault tree model, designs and put forwards the automatic generating fault tree method, the stability and the accuracy of the generated fault tree are improved, and the portability of the automatic generating fault tree method is strengthened. Paper designs and implements the automatic generating fault tree model based on IEEE1232; the results show that the feasibility of the plan, the accuracy and the stability of the new fault tree model are improved.

Kai Hoefig,Andreas Joanni,Marc Zeller,Francesco Montrone,Martin Rothfelder,Rakshith Amarnath,Peter Munk,Arne Nordmann

DOI: https://doi.org/10.48550/arXiv.2105.15015

2021-05-31

Software Engineering

Abstract:The importance of mission or safety critical software systems in many application domains of embedded systems is continuously growing, and so is the effort and complexity for reliability and safety analysis. Model driven development is currently one of the key approaches to cope with increasing development complexity, in general. Applying similar concepts to reliability, availability, maintainability and safety (RAMS) analysis activities is a promising approach to extend the advantages of model driven development to safety engineering activities aiming at a reduction of development costs, a higher product quality and a shorter time-to-market. Nevertheless, many model-based safety or reliability engineering approaches aim at reducing the analysis complexity but applications or case studies are rare. Therefore we present here a large scale industrial case study which shows the benefits of the application of component fault trees when it comes to complex safety mechanisms. We compare the methodology of component fault trees against classic fault trees and summarize benefits and drawbacks of both modeling methodologies.

Peter Munk,Arne Nordmann

DOI: https://doi.org/10.1007/s10270-020-00782-w

2020-02-26

Abstract:Mastering the complexity of safety assurance for modern, software-intensive systems is challenging in several domains, such as automotive, robotics, and avionics. Model-based safety analysis techniques show promising results to handle this challenge by automating the generation of required artifacts for an assurance case. In this work, we adapt prominent approaches and propose to augment of SysML models with component fault trees (CFTs) to support the fault tree analysis and the failure mode and effects analysis. While most existing approaches based on CFTs are only targeting the system topology, e. g., UML class diagrams, we propose an integration of CFTs with SysML internal block diagrams as well as SysML activity diagrams. We realized our approach in a prototypical tool. We conclude with best practices and lessons learned that emerged from our case studies with an electronic power steering system and a boost recuperation system.

computer science, software engineering

Arne Nordmann,Peter Munk

DOI: https://doi.org/10.1145/3239372.3239373

2018-10-14

Abstract:Mastering the complexity of safety assurance for modern, software-intensive systems is challenging in several domains, such as automotive, robotics, and avionics. Model-based safety analysis techniques show promising results to handle this challenge by automating the generation of required artifacts for an assurance case. In this work, we adapt prominent approaches and propose facilitation of SysML models with component fault trees (CFTs) to support the fault tree analysis (FTA). While most existing approaches based on CFTs are only targeting the system topology, e. g., UML Class Diagrams, we propose an integration of CFTs with SysML Internal Block Diagrams as well as SysML Activity Diagrams. We conclude with best practices and lessons learned that emerged from applying our approach to automotive use-cases.

Marc Zeller,Francesco Montrone

DOI: https://doi.org/10.1109/ICSRS.2018.8688854

2021-06-01

Abstract:Fault Tree analysis is a widely used failure analysis methodology to assess a system in terms of safety or reliability in many industrial application domains. However, with Fault Tree methodology there is no possibility to express a temporal sequence of events or state-dependent behavior of software-controlled systems. In contrast to this, Markov Chains are a state-based analysis technique based on a stochastic model. But the use of Markov Chains for failure analysis of complex safety-critical systems is limited due to exponential explosion of the size of the model. In this paper, we present a concept to integrate Markov Chains in Component Fault Tree models. Based on a component concept for Markov Chains, which enables the association of Markov Chains to system development elements such as components, complex or software-controlled systems can be analyzed w.r.t. safety or reliability in a modular and compositional way. We illustrate this approach using a case study from the automotive domain.

Software Engineering

Zhen Li,Zhengqi Jiang,Dongsheng Wang,Zhaobin Wang

DOI: https://doi.org/10.1109/access.2020.3022016

IF: 3.9

2020-01-01

IEEE Access

Abstract:With the increasing scale and complexity of system, it is very necessary to analyze the safety of complex system. Fault tree is an effective method to safety analysis. However, traditional fault tree relies on manual construction and analysis. When fault nodes and systems are complex, the efficiency and correctness of manual analysis can hardly be guaranteed. To the varied understanding of analysts, it is difficult to ensure the consistency of failure mode and system architecture due to the different understanding from safety analysts and system designers. The same node needs fault analysis again in different systems, which has poor reusability and low efficiency. AltaRica is a fault-oriented Safety Modeling Language. It takes the guard transformation system(GTS) as its core, describes nodes and faults with a style of reusable object-oriented language, and describes information of interaction between nodes and systems through interface connections between nodes and nested systems. Therefore, this paper proposed an automatic system modeling and fault analysis method and its detailed computer algorithm on single class node, multiple nodes and nodes with subsystems based on AltaRica. Finally we developed a software prototype and carry out the automatic modeling and fault analysis in a detailed example. The results showed that the proposed method, algorithm and software prototype can realize automatic graphical modeling of the system on AltaRica, the automatic fault analysis is correct and efficient, has reusability of modeling and fault analysis, and greatly improve the accuracy, objectivity and efficiency of fault modeling and analysis.

Marc Zeller,Kai Hoefig,Jean-Pascal Schwinn

DOI: https://doi.org/10.48550/arXiv.2105.15002

2021-05-31

Software Engineering

Abstract:The growing size and complexity of software in embedded systems poses new challenges to the safety assessment of embedded control systems. In industrial practice, the control software is mostly treated as a black box during the system's safety analysis. The appropriate representation of the failure propagation of the software is a pressing need in order to increase the accuracy of safety analyses. However, it also increase the effort for creating and maintaining the safety analysis models (such as fault trees) significantly. In this work, we present a method to automatically generate Component Fault Trees from Continuous Function Charts. This method aims at generating the failure propagation model of the detailed software specification. Hence, control software can be included into safety analyses without additional manual effort required to construct the safety analysis models of the software. Moreover, safety analyses created during early system specification phases can be verified by comparing it with the automatically generated one in the detailed specification phased.

Hsiang-Kai Lo,Chin-Yu Huang,Yung-Ruei Chang,Wei-Chih Huang,Jun-Ru Chang

DOI: https://doi.org/10.1109/tencon.2005.300968

2006-01-01

Abstract:Fault trees theories have been used in years because they can easily provide a concise representation of failure behavior of general non-repairable fault-tolerant systems. But the defect of traditional fault trees is lack of accuracy when modeling dynamic failure behavior of certain systems with fault-recovery process. A solution to this problem is called behavioral decomposition. A system will be divided into several dynamic or static modules, and each module can be further analyzed using BDD or Markov chains separately. In this paper, we will show a decomposition scheme that independent subtrees of a dynamic module are detected and solved hierarchically for saving computation time of solving Markov chains without losing unacceptable accuracy when assessing components sensitivities. In the end, we present our analyzing software toolkit that implements our enhanced methodology.

Danhua Wang,Jingui Pan

2010-01-01

Abstract:In practice, engineers find that software quality depends heavily on the maturity and reliability of the software process. Therefore, organizations are placing increased attentions on finding an efficient way of integrating elements of software process in order to produce high quality software with lower cost and risk. Various kinds of techniques are used to manage, monitor and analyze software process. We proposed an idea of modeling software process in Little-JIL language, and then introduce automatic Fault Tree Analysis (FTA) technique and Failure Mode and Effect Analysis (FMEA) technique, two fully-fledged and widely used safety analysis techniques, to analyze software process. Results of these two techniques can be combined to improve software process, which may lead to software products with higher quality and reliability, also lower cost and risk.

Wolfgang Weber,Heidemarie Tondok,Michael Bachmayer

DOI: https://doi.org/10.1007/978-3-540-39878-3_23

2003-01-01

Abstract:The fault tree analysis is a well established method in system safety and reliability assessment. We transferred the principles of this technique to an assembler code analysis, regarding any incorrect output of the software as the undesired top-level event. Starting from the instructions providing the outputs and tracing back to all instructions contributing to these outputs a hierarchical system of references is generated that may graphically be represented as a fault tree. To cope with the large number of relations in the code, a tool suite has been developed, which automatically creates these references and checks for unfulfilled preconditions of instructions. The tool was applied to the operational software of an inertial measurement unit, which provides safety critical signals for artificial stabilization of an aircraft. The method and its implementation as a software tool is presented and the benefits, surprising results, and limitations we have experienced are discussed.

Thi Kim Nhung Dang,Milan Lopuhaä-Zwakenberg,Mariëlle Stoelinga

2024-03-13

Abstract:Fault tree analysis is a vital method of assessing safety risks. It helps to identify potential causes of accidents, assess their likelihood and severity, and suggest preventive measures. Quantitative analysis of fault trees is often done via the dependability metrics that compute the system's failure behaviour over time. However, the lack of precise data is a major obstacle to quantitative analysis, and so to reliability analysis. Fuzzy logic is a popular framework for dealing with ambiguous values and has applications in many domains. A number of fuzzy approaches have been proposed to fault tree analysis, but -- to the best of our knowledge -- none of them provide rigorous definitions or algorithms for computing fuzzy unreliability values. In this paper, we define a rigorous framework for fuzzy unreliability values. In addition, we provide a bottom-up algorithm to efficiently calculate fuzzy reliability for a system. The algorithm incorporates the concept of $\alpha$-cuts method. That is, performing binary algebraic operations on intervals on horizontally discretised $\alpha$-cut representations of fuzzy numbers. The method preserves the nonlinearity of fuzzy unreliability. Finally, we illustrate the results obtained from two case studies.

Artificial Intelligence

Lu Chen,Jian Jiao,Jiping Fan,Fuchun Ren

DOI: https://doi.org/10.1109/rams.2016.7447978

2016-01-01

Abstract:Fault propagation identification is an indispensable task in complex system safety analysis. With the growing of system scale and complexity, it is hard for the traditional safety analysis techniques, which depend mainly on analysts' personal skills and experiences, to keep completeness and timeliness; moreover, some failure modes may be neglected and failure effects misjudged during the analysis. Formal science provides a new way to solve this problem, where formal verification method such as model checking can automatically validate whether the system design satisfies the given safety requirements, which can reduce an analysts' repetitive work and design cost, and improve the efficiency and quality of safety analysis. However, there is lack of a deliberate and reasonable way to build system models because of the diversity and flexibility of languages used for model checking, which results in that it is difficult to specify and model system quickly and accurately, and leads to some deviation in model checking. In this paper, a system modeling and safety property specifying approach using symbolic language SMV is proposed, including guidance on the mapping relationships between the formal language elements and system functions, architecture and failure modes; moreover, how to define system specifications and safety requirements using temporal logic formulas is discussed as well. Finally, a case study about airborne system safety analysis is provided, in which the counter-examples that do not meet system specifications can be identified automatically using model checker NuSMV to find out fault events and their propagation that can result in accidents.

Junyan Qian,Baowen Xu

2007-01-01

Journal of Computational Information Systems

Abstract:Model checking is one of the most practical techniques for automatic formal verification to ensure the correctness of design specifications. Statecharts that extends the finite state machine is a visual language for specifying the behavior of complex reactive system. Model checking whether Statecharts model satisfies the required properties has become an important issue. The usual way to model checking Statecharts is to flat it and apply a model checking tool to verify the resulting model, but it exists state space explosion problem. In order to avoid the problem, we present an approach to model checking directly Statecharts without the flattening, a straightforward way to verify Statecharts. Based on the automata theory of model checking and the Statecharts operational semantics used labeled transition system, an algorithm for verifying LTL properties of the system, whose complexity is polynomial in the size of the Statecharts, was developed.

Han Yujie,Lü Zhengliang,Lin Zhiwen,Wang Hong,Yang Shiyuan

2010-01-01

Journal of Computer Research and Development

Abstract:As an approach for system testability analysis and fault diagnosis,multi_signal flow graph modeling method represents the dependency relationship between faults and tests using a directed graph.The method based on the traditional fault model needs to know the exact communication relationship between each function,bringing the inconvenience for modeling.In this paper,we present a multi-functional fault model which refines the functional fault,allowing modeling more easily.Furthermore,this article illustrates the dependency matrix generation algorithm and corresponding testability analysis method of the modeling method based on the multi-functional fault model.And also,an example about the whole process is discussed.This method has been applied on the TADS(testability analysis and diagnosis system) software platform.

Qiang Wang,Jiayang Yu,Ruicong Xia,Qiuhan Liu,Sirong Tong,Yachen Shen

DOI: https://doi.org/10.1016/j.jfranklin.2024.106940

IF: 4.246

2024-05-26

Journal of the Franklin Institute

Abstract:Recently, the reliability analysis of complex engineering systems has been confronted with a range of challenges, including fuzziness, multiple states, and common cause failures. In particular, factors such as changes in the working environment and human error contribute to the fuzzy probability value for each state in the system, which brings great challenges to its reliability analysis. In this paper, a new reliability analysis method for fuzzy multi-state system with common cause failure is proposed, which developed the fault tree analysis method and fuzzy set theory. First, a model integrating common cause failure with fuzzy T-S fault tree analysis model has been illustrated, and the equivalent model is given. Meanwhile, a novel fuzzy arithmetic method based on the weakest n-dimension T-norm is designed to solve the proposed model. Finally, the aircraft power system is analyzed as an example to verify the effectiveness of the proposed method. The result shows that the proposed method effectively enhances the capacity of failure tree analysis in assessing the reliability of complex systems characterized by multiple states, fuzziness, and common cause failures.

automation & control systems,engineering, electrical & electronic, multidisciplinary,mathematics, interdisciplinary applications

Sebastian Reiter,Marc Zeller,Kai Hoefig,Alexander Viehl,Oliver Bringmann,Wolfgang Rosenstiel

DOI: https://doi.org/10.48550/arXiv.2106.03368

2021-06-07

Software Engineering

Abstract:The growing complexity of safety-relevant systems causes an increasing effort for safety assurance. The reduction of development costs and time-to-market, while guaranteeing safe operation, is therefore a major challenge. In order to enable efficient safety assessment of complex architectures, we present an approach, which combines deductive safety analyses, in form of Component Fault Trees (CFTs), with an Error Effect Simulation (EES) for sanity checks. The combination reduces the drawbacks of both analyses, such as the subjective failure propagation assumptions in the CFTs or the determination of relevant fault scenarios for the EES. Both CFTs and the EES provide a modular, reusable and compositional safety analysis and are applicable throughout the whole design process. They support continuous model refinement and the reuse of conducted safety analysis and simulation models. Hence, safety goal violations can be identified in early design stages and the reuse of conducted safety analyses reduces the overhead for safety assessment.

Qianchuan Zhao,Bruce H. Krogh

DOI: https://doi.org/10.1109/TCST.2006.876921

2006-01-01

Abstract:This paper presents a new approach to the formal verification of properties of discrete control specifications given by Statecharts. Specifications for the Statechart behavior are given by temporal logic expressions for the Statechart computation tree, that is, the tree of possible sequences of Statechart configurations. To take advantage of existing model checking technology, the Statechart is converted into a finite-state representation and the Statechart specification is converted into an equivalent specification for the finite-state system. The definitions and general procedure applies for arbitrary Statechart semantics (a specific semantics results in a particular realization of the procedure). The results are illustrated with examples using the Math-Works Stateflow Toolbox (for Statecharts) and the SMV model checking program. The procedure is realized in an extension of the MATLAB sf2smv command presented in previous papers