LI Shenxia,FANG Zhou,LI Ping

DOI: https://doi.org/10.3778/j.issn.1002-8331.2011.07.068

2011-01-01

Abstract:Unmanned Aerial Vehicle(UAV) is designed without redundancy.It can be reconfigured control law only based on analytical redundancy when there are faults.However,the traditional identification methods often fail to meet real-time requirements of UAV reconfiguration control and are too complex.This paper analyzes the large-scale jump parameters of UAV caused by diversity of control surface failures.The controller reconstruction is designed off-line and selected adaptively online in actual flight.Dynamic compensation plan is proposed to ensure safety of aircraft when there is great disturbance for the reconstruction process.Simulation results show that the method can meet the real-time requirements of UAV with control surface failures and ensure a smooth transition.Moreover,the controller reconfiguration method is based on linear models,which can be well used in practical engineering.

Dajiang Suo,Jinxia An,Jihong Zhu

DOI: https://doi.org/10.1109/apsec.2011.27

2011-01-01

Abstract:This paper seeks to model the Integrated Modular Avionics (IMA) using Architectural Analysis and Design Language (AADL). In particular, the mechanism to describe the dynamic reconfiguration of multimodal system is presented. By translating the AADL model into Time Petri Net (TPN), some real-time and logical properties (deadlock, reach ability, missed deadline) of reconfiguration could be checked. The analysis results could then be used to adjust the design of software at the early stage of system development and ensure that the reconfiguration of IMA meets the real-time constraints.

Dajiang Suo,Jinxia An,Jianmin Wu,Jihong Zhu

DOI: https://doi.org/10.1109/dasc.2012.6382394

2012-01-01

Abstract:The Avionics system has been taking its transition from federated architecture to Integrated Modular Avionics (IMA) architecture. Meanwhile, consequent complexities and the isolation between IMA development and safety assessment made it difficult to perform a comprehensive certification for emergent system properties such as safety through traditional hazard analysis approaches. To address this issue, a framework for IMA safety assessment is proposed based on model-based engineering. It combines Intent Specification, a hierarchical requirement specification, and STAMP-based hazard analysis (STPA), a technique to identify safety constraints necessary for eliminating system hazards. A case study of an ARINC653-based platform is given to show how this method assists the development of IMA while fulfilling its safety requirements.

Ji Wu,Tao Yue,Shaukat Ali,Huihui Zhang

DOI: https://doi.org/10.1002/spe.2281

2014-01-01

Software Practice and Experience

Abstract:SummaryEnsuring that avionics software meets safety requirements at each development stage is very important to warrant the safe operation of an avionics system. Many safety requirements are imposed by various standards and industrial regulations that must be met by avionics software. One of such standards is DO‐178B/C, which provides guidelines (e.g., development process and objectives to satisfy in development activities) for meeting safety requirements. This paper presents a modeling methodology including a UML profile for specifying safety requirements on a component‐based architecture model and a set of design guidelines on avionics software. These safety requirements were identified from both standards (mainly DO‐178B/C) and current engineering practices in the domain of avionics systems. The methodology automatically enforces these safety requirements. We have applied the methodology on an industrial autopilot system, and several previously uncaught faults were revealed. Copyright © 2014 John Wiley & Sons, Ltd.

Chao Zhang,Xiaomu Shi,Dong Chen

DOI: https://doi.org/10.1109/dasc.2014.6979613

2014-01-01

Abstract:Traditional safety analysis of the avionics systems covers two aspects, i.e., the safety of the process and the safety of the current state. The mandatory analysis methodologies are the process safety analysis and Fault Tree Analysis (FTA), which meets the requirement of the Function Hazard Analysis (FHA). However, in the Integrated Modular Avionics (IMA) and Distributed Integrated Modular Avionics (DIMA), especially the networked IMA, the safety analysis method evolves into the Zachman framework analysis. Due to the increased complexity of the IMA and DIMA, the optimization algorithms should be developed. In this paper, based on the Cyber-Physical System (CPS), two optimization algorithms are revealed. One is the utility optimization algorithm subject to the safety requirement, another one is the direct optimization algorithm with the objective function of the safety. The proposed optimization schemes consolidate the methodology of the safety analysis and design of the avionics systems, especially in the IMA, DIMA, and the networked IMA.

Lei Dong,Bo Peng,Xi Chen,Jiachen Liu

DOI: https://doi.org/10.3390/aerospace11080608

IF: 2.66

2024-07-25

Aerospace

Abstract:As the synthesis, modularization, and integration of avionics systems increase, the interconnections between systems and equipment within subsystems become increasingly complex, posing risks to the safety and reliability of the integrated avionics system. To address the risk of fault propagation due to functional cascade failures in integrated avionics systems, this paper proposes a discrete dynamic fault propagation analysis method, which was applied to an all-electric braking system to assess its feasibility. First, the architectural features of the Distributed Integrated Modular Avionics system are summarized. Subsequently, the constructed system layer model is described, establishing the function–resource hierarchical architecture. Subsequently, the behavior of cascading failure propagation in discrete dynamic systems is analyzed by integrating the cascading failure analysis method from SAE ARP 4761A and considering the coupling characteristics between system properties and functions comprehensively. This approach facilitates the development of a cascading failure propagation model for DIMA based on discrete dynamic systems. Finally, by using the all-electric braking system under DIMA architecture as a case study, key Core Processing Modules and failure-prone functions are identified. The findings reveal that within this system, CPM2 and CPM6 are particularly susceptible to failure propagation, and the automatic brake function is notably vulnerable. Data show that the system's failure rate escalates markedly after 2×104 h of operation. Performing maintenance before reaching this threshold can further mitigate risks. This practice aligns with current international aircraft maintenance time regulations. The method proposed in this paper can be applied early in the allocation of DIMA resources to enhance security and support DIMA design.

engineering, aerospace

André Leblond,Michel Batteux,Antoine Rauzy

DOI: https://doi.org/10.1177/1748006x231206444

2024-01-06

Proceedings of the Institution of Mechanical Engineers Part O Journal of Risk and Reliability

Abstract:Proceedings of the Institution of Mechanical Engineers, Part O: Journal of Risk and Reliability, Ahead of Print. In this article, we propose a new approach for safety assessment of safety-critical systems. This approach, so-called Synthesis, is dedicated to the Preliminary System Safety Assessment included within the process of Safety Certification of avionic systems. The central idea consists in decomposing the assessment into two parts aiming at studying respectively the functional and the physical characteristics of the system under study. The whole approach is supported by a fully operational tool chain, dedicated to probabilistic safety assessment, which includes the AltaRica 3.0 integrated modeling environment, and a tool dedicated to the synthesis of functional minimal cutsets into physical minimal cutsets, making possible their quantitative assessment. We illustrate the benefits of the approach by means of a concrete avionic case study.

engineering, industrial, multidisciplinary,operations research & management science

Michael Burke,Neil Audsley

DOI: https://doi.org/10.1109/AERO.1998.682155

2010-04-08

Abstract:This paper examines the problem of introducing advanced forms of fault-tolerance via reconfiguration into safety-critical avionic systems. This is required to enable increased availability after fault occurrence in distributed integrated avionic systems(compared to static federated systems). The approach taken is to identify a migration path from current architectures to those that incorporate re-configuration to a lesser or greater degree. Other challenges identified include change of the development process; incremental and flexible timing and safety analyses; configurable kernels applicable for safety-critical systems.

Distributed, Parallel, and Cluster Computing

AI Jian-liang,WANG Peng,GAO ming

DOI: https://doi.org/10.3969/j.issn.1002-0640.2006.01.001

2006-01-01

Abstract:The reconfigurable technique of flight control system can obviously enhance the survivability and mission effectiveness of the aircraft,and it has become one of the attractive research subjects in modern aircraft integration design area.Firstly,this paper reviews the history and current state about the development of the reconfigurable flight control technique,then presents and analyses several important methods for reconfigurable flight control,and summarizes several focus problems on the reconfigurable flight control technique.Finally it introlduces an outlook for the development tendency on the future reconfigurable flight control technique.

Miaosen Wang,Yuan Xue,Kang Wang

DOI: https://doi.org/10.1155/2022/6424057

2022-05-27

Abstract:Throughout the world, the reliability-based approach to safety design of aircraft systems is quite mature and widely used. However, there are still shortcomings in the reliability-based aircraft system safety analysis method. It cannot dynamically analyze the accident evolution process and lack consideration of the complex situation of multifactor coupling. On the basis of the original aircraft system safety analysis method, this paper innovatively proposes a functional hazard analysis (FHA) method based on the analytic hierarchy process (AHP) and multifactor fuzzy comprehensive assessment (FCA). The purpose is to improve the objectivity and quantification of the FHA method in the safety design of aircraft systems. At the same time, in the terminal airworthiness verification, this paper proposes a repeatable and controllable virtual test flight verification method, which aims to reduce the cost and cycle of the terminal airworthiness verification and expand the coverage of the envelope verification. Finally, combined with the clauses in MIL-HDBK-516B, a case calculation is carried out to verify the feasibility of the proposed method.

Ji Wu,Tao Yue,Shaukat Ali,Huihui Zhang

DOI: https://doi.org/10.1109/QSIC.2013.41

2013-01-01

Abstract:Ensuring that avionics software meets safety requirements at each development stage is very important to warrant the safe operation of an avionics system. Many safety requirements are imposed by various standards and industrial regulations that must be met by avionics software. One of such standards is DO-178B/C, which provides guidelines (e.g. development process and the objectives to satisfy in development activities) for meeting the safety requirements. This paper presents a modeling methodology including a UML profile for specifying safety requirements on a component-based architecture model and a set of design guidelines on avionics software. These safety requirements were identified from both standards (mainly DO-178B/C) and current engineering practices in the domain of avionics system. The methodology enforces safety requirements automatically. We have applied the methodology on an industrial autopilot system and several previously uncaught faults were revealed.

Chao Zhang,Xiaomu Shi

DOI: https://doi.org/10.1587/transfun.e99.a.849

2016-01-01

IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences

Abstract:Safety is the foremost requirement of avionics systems on aircraft. So far, avionics systems have evolved into an integrated system, i.e., integrated avionics system, and the derivative functions occur when the avionics systems are upgraded. However, the traditional safety analysis method is insufficient to be utilized in upgraded avionics systems due to these derivative functions. In this letter, a safety evaluation scheme is proposed to quantitatively evaluate the safety of the upgraded avionics systems. All the functions including the derivative functions can be traced and covered. Meanwhile, a set of safety issues based on different views is established to evaluate the safety capability from three layers, i.e., the mission layer, function layer and resource layer. The proposed scheme can be considered as an efficient scheme in the safety validation and verification in the upgraded avionics systems.

KM Zhou,PK Rachinayani,N Liu,Z Ren,J Aravena

DOI: https://doi.org/10.1109/cdc.2004.1429644

2004-01-01

Abstract:In this paper we develop some fault diagnosis and reconfigurable control design techniques with possibly actuator failures for a special class of dynamic systems in which the full system states are reliably measurable and available for feedback and diagnosis. This class of dynamical systems is quite common in modern flight control systems. We have developed an analytic method for the detection and isolation of the actuator faults. We then further develop a robust reconfigurable state feedback controller design technique that guarantees stability and closed-loop performance under the actuator faults. A Boeing 747 model is used to demonstrate the design techniques.

Yao Wang,Fengtao Wang,Yue Feng,Shancheng Cao

DOI: https://doi.org/10.3390/machines12010013

IF: 2.899

2023-12-26

Machines

Abstract:Reliability is an inherent attribute of a system through optimal system design. However, during the aircraft system development process, the reliability evaluation and system function design efforts are often disconnected, leading to a divide between reliability experts and system designers in their work schedule. This disconnect results in an inefficient aircraft system reliability optimization process, known as the "two-skin" phenomenon. To address this issue, a three-state space model is proposed. Firstly, an analysis was conducted on the relationship between the system function architecture developed by the system designers and the reliability evaluation performed by the reliability experts. Secondly, based on the principle of function flow, the state of failure was categorized into "physical failure" and "non-physical failure". Additionally, a new state of "function loss" was introduced as the third state for the system, in addition to the traditional states of "normal" and "faulty". Thirdly, through the state of "Function loss", an effective integration of system fault modes and function modes was achieved, leading to an optimized system reliability model. A three-state space modeling method was then developed by transforming the system function architecture into a system reliability model. Finally, this new model was applied to an aircraft's rudder and fly-by-wire control system. The results demonstrate that the function architecture at the design stage of the system can be accurately transformed into the new three-state space model. The structure aligns closely with the function architecture and can be effectively utilized in quantitative system reliability calculations. In this way, the process of ensuring system reliability can be seamlessly integrated into the system optimization design process. This integration alleviates the issue of disjointed work between reliability experts and system designers, leading to a more streamlined and efficient aircraft system optimization process.

engineering, mechanical, electrical & electronic

Shu-Lian Xie,Feng Xue,Wei-Min Zhang,Jia-Wei Zhu

DOI: https://doi.org/10.1007/s40436-023-00465-x

IF: 3.837

2023-12-08

Advances in Manufacturing

Abstract:The exploration of component states for optimizing maintenance schedules in complex systems has garnered significant interest from researchers. However, current literature usually overlooks the critical aspects of system flexibility and reconfigurability. Judicious implementation of system reconfiguration can effectively mitigate system downtime and enhance production continuity. This study proposes a dynamic condition-based maintenance policy considering reconfiguration for reconfigurable systems. A double-layer decision rule was constructed for the devices and systems. To achieve the best overall maintenance effect of the system, the remaining useful life probability distribution and recommended maintenance time of each device were used to optimize the concurrent maintenance time window of the devices and determine whether to reconfigure them. A comprehensive maintenance efficiency index was introduced that simultaneously considered the maintenance cost rate, reliability, and availability of the system to characterize the overall maintenance effect. The reconfiguration cost was included in the maintenance cost. The proposed policy was tested through numerical experiments and compared with different-level policies. The results show that the proposed policy can significantly reduce the downtime and maintenance costs and improve the overall system reliability and availability.

engineering, manufacturing,materials science, multidisciplinary

M. T. Hamayun,Muhammad Moin

DOI: https://doi.org/10.1109/IBCAST51254.2021.9393021

2021-01-12

Abstract:Control allocation is one of the prominent approaches to manage actuator redundancy in over-actuated systems in an effective way, so that the fault tolerance can be achieved. In this paper a new control allocation scheme, so called Singular Value Decomposition based control allocation is proposed. The proposed scheme possesses the ability to deal with both rank deficient and full rank input distribution matrices for designing fault tolerant control systems. The new control reconfiguration scheme is implemented considering both direct and online control allocation fault tolerant control frameworks. The proposed new control reconfiguration scheme is tested in simulation environment considering model of a large passenger aircraft. The efficiency of the proposed scheme is compared with the existing fault tolerant control schemes in direct and online control allocation frameworks in the presence of sensor noise.

Engineering

Tate Shorthill,Han Bao,Hongbin Zhang,Heng Ban

DOI: https://doi.org/10.1080/00295450.2021.1957659

IF: 1.667

2021-11-05

Nuclear Technology

Abstract:Digital instrumentation and control (I&C) upgrades are a vital research area for the nuclear industry. Despite their performance benefits, deployment of digital I&C in nuclear power plants (NPPs) has been limited. Digital I&C systems exhibit complex failure modes including common cause failures (CCFs), which can be difficult to identify. This paper describes the development of a redundancy-guided application of the Systems-Theoretic Process Analysis and fault tree analysis for the hazard analysis of digital I&C in advanced NPPs. The resulting Redundancy-Guided Systems-Theoretic Hazard Analysis (RESHA) is applied for the case study of a representative state-of-the-art digital reactor trip system. The analysis qualitatively and systematically identifies the most critical CCFs and other hazards of digital I&C systems. Ultimately, the RESHA can help researchers make informed decisions for how, and to what degree, defensive measures such as redundancy, diversity, and defense in depth can be used to mitigate or eliminate the potential hazards of digital I&C systems.

nuclear science & technology

X. Yang,T. Zhou,X.Y. Zhou,W.J. Zhang,C.R. Mu,S. Xu

DOI: https://doi.org/10.1016/j.ocecoaman.2023.107003

IF: 4.295

2024-01-13

Ocean & Coastal Management

Abstract:The dynamic autonomy resulting from control mode transitions in the Maritime Autonomous Surface Ships (MASS) poses a significant risk to its navigation safety. While Systems-Theoretic Process Analysis (STPA) has proven effective in the hazard identification of autonomous ships, the safety challenges inherent in the dynamic autonomy of MASS with seafarers onboard controlled by three possible controllers have not been addressed much. This study proposes a three-phase framework that combines STPA, state machines and Sequentially Timed Events Plotting (STEP) diagram aiming at identifying failure scenarios in the transition process. Findings from a case study highlight the need for such a framework to understand the triggering events for mode transition, the transition process, how transition failure may occur, and refine safety constraints to ensure smooth and safe transitions. The results lay the groundwork for future research into test case generation methods that focus on these identified transition failure scenarios, intending to ensure safe and secure navigation for the progressive introduction of MASS.

water resources,oceanography

Ítalo Romani de Oliveira,José Alexandre T. Guerreiro Fregnani,Gláucia Costa Balvedi,Michael L. Ulrey,Jeffery D. Musiak

2024-07-23

Abstract:Each new concept of operation and equipment generation in aviation becomes more automated, integrated and interconnected. In the case of Unmanned Aircraft Systems (UAS), this evolution allows drastically decreasing aircraft weight and operational cost, but these benefits are also realized in highly automated manned aircraft and ground Air Traffic Control (ATC) systems. The downside of these advances is overwhelmingly more complex software and hardware, making it harder to identify potential failure paths. Although there are mandatory certification processes based on broadly accepted standards, such as ARP4754 and its family, ESARR 4 and others, these standards do not allow proof or disproof of safety of disruptive technology changes, such as GBAS Precision Approaches, Autonomous UAS, aircraft self-separation and others. In order to leverage the introduction of such concepts, it is necessary to develop solid knowledge on the foundations of safety in complex systems and use this knowledge to elaborate sound demonstrations of either safety or unsafety of new system designs. These demonstrations at early design stages will help reducing costs both on development of new technology as well as reducing the risk of such technology causing accidents when in use. This paper presents some safety analysis methods which are not in the industry standards but which we identify as having benefits for analyzing safety of advanced technological concepts in aviation.

Systems and Control

Xi Chen,Quan Zou,Jie Bai,Lei Dong

DOI: https://doi.org/10.3390/aerospace11060459

IF: 2.66

2024-06-06

Aerospace

Abstract:With the significant expansion of civil aviation, particularly in the low-altitude economy, there is a significant gap between the escalating demand for airworthiness certification of novel aircraft designs, such as electric vertical take-off and landing (eVTOL) vehicles, and the inefficiency of the current safety assessment process. This gap is partially attributed to safety assessors' limited exposure to these innovative aircraft models in the safety assessment process, necessitating extensive efforts in identifying precedents and their handling strategies. Complicating matters further, pertinent case studies are scattered across diverse, unstandardized digital formats, obliging assessors to navigate voluminous electronic records while concurrently establishing links among fragmented information scattered across multiple files. This study introduces an advanced information integration methodology, comprising a multi-level path-based architecture and a self-updating algorithm. The proposed method not only furnishes safety assessors with pertinent knowledge featuring explicative interconnectedness automatically, but also dynamically enriches this knowledge corpus through operational usage. Additionally, we devise a suite of evaluative criteria to validate the capacity of our method in processing and consolidating relevant safety datasets. Experimental analyses affirm the efficacy of our proposed approach in streamlining and refreshing safety assessment data. The automation of the retrieval of analogous cases, which relieves the reliance on expert knowledge, enhances the efficiency of the overall safety appraisal procedure. Consequently, this research contributes a solution to enhancing the velocity and accuracy of aircraft certification processes.

engineering, aerospace