Yunsheng Wang,Hang Lei,Richard Hackett,Martin Beeby

DOI: https://doi.org/10.1109/maes.2019.2934543

IF: 2.902

2019-01-01

IEEE Aerospace and Electronic Systems Magazine

Abstract:In order to evaluate the safety impacts introduced by the additional interactions between the software partition and the integrated modular avionics platform, an optimized safety assessment process is proposed to address the software partition specific failure mode, quantitative failure rate budget allocation, software reliability verification, and feedback to higher level safety assessment. With a case study based on an airborne datalink system, the optimized safety assessment process is discussed in detail, including the specific failure condition and corresponding preventive/corrective actions, the allocation and verification of software partition failure rate, as well as the feedback channel of these partition software failure rate to item/function failure mode and effect assessment. A reliability framework of partition software is also presented to support the reliability verification of partition software. The methodology is applicable to other IMA-based avionics system.

Chao Zhang,Jialuo Xiao

DOI: https://doi.org/10.1109/dasc.2013.6712549

2013-01-01

Abstract:Distributed Integrated Modular Avionics (DIMA) is a promising architecture of the avionic in large aircraft. Compared with IMA, DIMA not only has the valuable metrics in weight, volume, power consumption and system complexity, but also in the system reliability. In order to explain the advantage of DIMA mathematically, the DIMA system is modeled as a Cyber-Physical System (CPS) integration scheme with physical layer and function layer in this paper. With the combination of physical and cyber parameters, improvement is given to the conventional lexicographic optimization for the multi-objective optimization problem. A new measure to evaluate the reliability of the system, i.e. CPM burden, is proposed. With the consideration of reliability measure in the optimization, the reliability of the DIMA is highly improved. The improved lexicographic optimization gives a good tradeoff between the measures, while the higher priority of reliability is guaranteed. Moreover, a comparison between DIMA and IMA based the modeling shows that, the DIMA enjoys higher performance in reliability, while DIMA and IMA have their own merits and defects on the effectiveness measures.

Chao Zhang,Xiaomu Shi

DOI: https://doi.org/10.1587/transfun.e99.a.849

2016-01-01

IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences

Abstract:Safety is the foremost requirement of avionics systems on aircraft. So far, avionics systems have evolved into an integrated system, i.e., integrated avionics system, and the derivative functions occur when the avionics systems are upgraded. However, the traditional safety analysis method is insufficient to be utilized in upgraded avionics systems due to these derivative functions. In this letter, a safety evaluation scheme is proposed to quantitatively evaluate the safety of the upgraded avionics systems. All the functions including the derivative functions can be traced and covered. Meanwhile, a set of safety issues based on different views is established to evaluate the safety capability from three layers, i.e., the mission layer, function layer and resource layer. The proposed scheme can be considered as an efficient scheme in the safety validation and verification in the upgraded avionics systems.

Rongyao Cai,Xiao Xv,Zhengming Lu,Kexin Zhang,Yong Liu

DOI: https://doi.org/10.1109/isas61044.2024.10552597

2024-01-01

Abstract:Fault tree analysis is the most commonly used methodology in industrial safety analysis to predict the probability or frequency of system failure. Although fault tree analysis has been proposed for more than six decades, the assumptions used in most commercial fault tree analysis codes have not changed significantly, which limits the ability of the method to represent design, operation, and maintenance characteristics in the context of the increasing complexity and specialization of modern industrial systems. The basic setup of traditional fault trees is unable to include dependencies between events, time-varying failures, and repair rate realities to explain complex maintenance strategies. To address the above shortcomings, we propose a fusion tree model combining fault tree and attack tree, and simplify the causal structure of the fusion tree by modularization, and utilize the dynamic Markov model to represent the complex coupling relationship between components or nodes. Finally, we demonstrate the calculation process of fusion tree in pressure vessel systems with temporal control.

Guoqing Wang,Qingfan Gu,Miao Wang,Ming Zhai

DOI: https://doi.org/10.2514/6.2014-2224

2014-01-01

Abstract:With the trend of integration, avionics system becomes more and more complexity which has a huge increase in task synthsis, functional fusion and resources integration. The traditional engineering methods for systems safety assessment faces the challenges of analyzing dynamic behavior of system safety for involving multiple system goals, multiple processes, multiple elements, multiple relations and multiple conditions. In this paper, three scientific issure are presented by refining the fault characters of application integration, function integration and resource integration at first. Secondly, the hazard and mishap modes of avionics system are studied and the methods of hazard analysis, hazard evaluation, risk controlling, risk elimination and risk mitigation are presented based on the system hazard controlling theory. Furthermore, In order to proactively design safety into a product, the task synthesis safety process, function fusion safety process and resources integration processs are put forward, threse processes that integrate with model-based system engineering process start at the concept definition phase and continue throughout the life cycle. Finally, the organizing and engineering technologies methodology of system safety which based on Zachman model are also discussed to provide foundation for designing integrated avionics system.

Dajiang Suo,Jinxia An,Jihong Zhu

DOI: https://doi.org/10.1109/dasc.2011.6095970

2011-01-01

Abstract:Reconfiguration, a new technique to realize fault-tolerance and respond to changes in external environment, has been adopted in the design of Integrated Modular Avionics (IMA). The benefits brought to the system include: reducing the cost of hardware redundancy and improving system's ability to perform various tasks under different situations. The complexity of such reconfigurable system has made it difficult to ensure the safety of it. Traditional analysis approaches mainly focus on single component failure, suffering the potential to underestimate the influence of design flaw during system development and the interaction between components (e. g. human and automation). Furthermore, dynamic changes brought out by reconfiguration might affect not only the human operator, but also the organization in which the system developed.In this paper, an approach has been proposed to address the problem of safety of Avionics reconfiguration. System-Theoretic Process Analysis (STPA) has been used to perform hazard analysis. Focusing on the coordination between human operator and automation, we define two criteria which could be applied to decide autonomy level: 1) Failure Degree; 2) Time budget for mode change scenario. Furthermore, to identify the impact of dynamic changes to the safety of Avionics reconfiguration, System dynamics modeling has been taken to analyze and model the human factors (mental workload, situation awareness and complacency) behind the dynamic process. The analysis results could be used during system development, system operation and project revision process to ensure safety of reconfigurable Avionics system.

Miaosen Wang,Yuan Xue,Kang Wang

DOI: https://doi.org/10.1155/2022/6424057

2022-05-27

Abstract:Throughout the world, the reliability-based approach to safety design of aircraft systems is quite mature and widely used. However, there are still shortcomings in the reliability-based aircraft system safety analysis method. It cannot dynamically analyze the accident evolution process and lack consideration of the complex situation of multifactor coupling. On the basis of the original aircraft system safety analysis method, this paper innovatively proposes a functional hazard analysis (FHA) method based on the analytic hierarchy process (AHP) and multifactor fuzzy comprehensive assessment (FCA). The purpose is to improve the objectivity and quantification of the FHA method in the safety design of aircraft systems. At the same time, in the terminal airworthiness verification, this paper proposes a repeatable and controllable virtual test flight verification method, which aims to reduce the cost and cycle of the terminal airworthiness verification and expand the coverage of the envelope verification. Finally, combined with the clauses in MIL-HDBK-516B, a case calculation is carried out to verify the feasibility of the proposed method.

Ji Wu,Tao Yue,Shaukat Ali,Huihui Zhang

DOI: https://doi.org/10.1002/spe.2281

2014-01-01

Software Practice and Experience

Abstract:SummaryEnsuring that avionics software meets safety requirements at each development stage is very important to warrant the safe operation of an avionics system. Many safety requirements are imposed by various standards and industrial regulations that must be met by avionics software. One of such standards is DO‐178B/C, which provides guidelines (e.g., development process and objectives to satisfy in development activities) for meeting safety requirements. This paper presents a modeling methodology including a UML profile for specifying safety requirements on a component‐based architecture model and a set of design guidelines on avionics software. These safety requirements were identified from both standards (mainly DO‐178B/C) and current engineering practices in the domain of avionics systems. The methodology automatically enforces these safety requirements. We have applied the methodology on an industrial autopilot system, and several previously uncaught faults were revealed. Copyright © 2014 John Wiley & Sons, Ltd.

Gang Xiao,Yanran Wang,Fang He

DOI: https://doi.org/10.1007/s42401-018-0011-2

2018-01-01

Aerospace Systems

Abstract:Avionics system integration is a prominent trend in research and development of civil airplane. It can improve task effectiveness, function efficiency, and resource utilization of system. Information fusion, which includes function information fusion, processing information fusion, and sensor input fusion, is a core process of avionics system integration. Some researches about the impact of information fusion on system safety are done in avionics system which is shown as follows: (1) the concept of Mishap Dilution, Mishap Implication and Mishap Confusion (MD–MI–MC) is first defined in function information fusion of avionics system. (2) The model of multi-source MD–MI–MC is established based on hazard theory. (3) The function fusion of Automatic-Dependent Surveillance–Broadcast (ADS–B) and Traffic Collision Avoidance System (TCAS) is used as a typical example to analyze fusion system during the aircraft climbing or landing state. In this paper, the concept and model of multi-source MD–MI–MC are proposed for safety analysis of integrated avionics system. A fusion model with a variable sampling Variational Bayesian–Interacting Multiple Model (VSVB–IMM) algorithm is used to analyze. At last, a set of theory system and evaluation standards including the positive and negative earning analyses are built based on the presented MD–MI–MC theory and mechanism of integrated avionics.

Xian Ye,Jie Hu,Jin Qi,Yi Fang,Pan Tian,Quanquan Shao

DOI: https://doi.org/10.1145/3206185.3206209

2018-01-01

Abstract:Vehicle passive safety optimization design (APSOD) is a nonlinear, multi-dimensional and multi-constraint optimization problem. Simulation model based optimization (SMO) and approximation model based optimization (AMO) are two classical optimization methods for APSOD. However, the randomness of SMO limits its use in APSOD, which will generate a lot of near-duplicate or imperfect design points. On the other hand, AMO has relatively low accuracy due to the influence of the disturbed data in the training dataset. In order to obtain a better solution for complex design optimization problem within limited computing source, this study presents a new multidisciplinary optimization search strategy based on clustering analysis and approximation model for APSOD. Firstly, the heuristic optimization strategy in SMO with clustering analysis is employed, in which the near-duplicate or imperfect design points generated in the heuristic optimization process are identified and deleted. Then in last iteration, an approximation model is constructed using the remaining design points to perform AMO. One mathematical example and one real-world engineering problem are used to verify the proposed.

Yuqian Wu,Gang Xiao,Miao Wang

DOI: https://doi.org/10.1109/access.2020.3016026

IF: 3.9

2020-01-01

IEEE Access

Abstract:In the context of functional integration of avionics, the complex operational process interaction has increased the complexity of the cascading failure analysis, which is significant to evaluate the overall safety status and design rationality. In order to achieve a dynamic and dimensional evaluation of cascading failures, this paper proposes a safety analysis method based on operational process state, with an operational process-orientated hierarchical system functional framework established by means of the state machine. Then the cascading failure causation dynamic search algorithms and the cascading failure causation tree structure are designed respectively to describe the failure propagation in combination. Consequently, cascading failure propagation paths and minimum cut sets are generated automatically based on the search result. By using the aircraft integrated surveillance system as a research object, the effect and cause of cascading failure assessed in various failure scenarios have validated the effectiveness of the proposed method, and the comparison against the existing model based safety analysis methods demonstrates the higher flexibility and efficiency of the proposed method. The proposed method enables the dynamic and overall assessment of system safety status concentrating on the cascading failure utilizing the operational process state, and further enhances the systemization and automation level of the safety evaluation process in the early development phase.

Dajiang Suo,Jinxia An,Jianmin Wu,Jihong Zhu

DOI: https://doi.org/10.1109/dasc.2012.6382394

2012-01-01

Abstract:The Avionics system has been taking its transition from federated architecture to Integrated Modular Avionics (IMA) architecture. Meanwhile, consequent complexities and the isolation between IMA development and safety assessment made it difficult to perform a comprehensive certification for emergent system properties such as safety through traditional hazard analysis approaches. To address this issue, a framework for IMA safety assessment is proposed based on model-based engineering. It combines Intent Specification, a hierarchical requirement specification, and STAMP-based hazard analysis (STPA), a technique to identify safety constraints necessary for eliminating system hazards. A case study of an ARINC653-based platform is given to show how this method assists the development of IMA while fulfilling its safety requirements.

Menglong Ding,Anhuan Xie,Shiqiang Zhu,Wei Song,Jiandong Cai,Xufei Yan,Pengyu Zhao,Jason Gu,Yanyan Zhang

DOI: https://doi.org/10.1109/robio55434.2022.10011735

2022-01-01

Abstract:The emergence of electric Vertical Takeoff and Landing (eVTOL) aircraft makes cheap, quiet and reliable short-range flights possible. As a manned aircraft, eVTOL's occupant protection capability is critical and its crashworthiness must be improved via optimization of energy absorption design for structures. This study aims to evaluate the crashworthiness of composite components and the entire eVTOL structure within the design space via the building-block approach. A variety of designs for the skid landing gear, energy absorber, structures in the cockpit and the combination of them were estimated by using the numerical method. The results show a tremendous reduction in occupant injury risk with the optimization of the skid landing gear, energy absorber and the entire eVTOL structure. This work provides a preliminary optimization design and evaluation methodology of crashworthiness for an eVTOL.

Feng Xia,Zhi Wang,Youxian Sun

DOI: https://doi.org/10.1109/IECON.2004.1432279

2004-01-01

Abstract:Performance analysis is an integral part in the development of a networked control system (NCS) since it answers the key question of whether the resulting quality of control (QoC) fulfills its requirements. It is also difficult to analytically quantify the impacts of CPU and network constraints on QoC of NCS. In present work, a simulation-based approach to performance analysis of NCSs subject to CPU and network constraints is proposed, in a manner of integrating scheduling, communication and control. The characteristics of control loop timing are presented as a combination of computational delay and communication delay. A numerical example involving DC servo problems is employed to illustrate our simulation-based approach. How CPU and network constraints, based on different scheduling schemes and network protocols, affect the control performance is shown. Simulation results and analysis give valuable suggests for NCS design.

Pu-Woei Chen,Yung-Yun Chen

DOI: https://doi.org/10.4018/IJMMME.2015070101

2015-07-01

International Journal of Manufacturing, Materials, and Mechanical Engineering

Abstract:To protect passengers, large aircraft are equipped with multiple mechanisms to absorb impact energy during a crash. However, light aircraft rely only on the cabin structure to withstand the compression and energy generated during a crash. This study performed a topology optimization analysis on the model structure by using Abaqus/optimization and used strain energy as the objective function and cabin volume as a constraint to develop the optimal model. Subsequently, this work performed dynamic crash simulations based on the optimal and original models by using Abaqus/explicit. Compared with the original model, the optimal model yielded a 12% increase in the safety zone of the diagonal beams, a 13% increase in the X-direction safety zone, and a 10% increase in the overall safety zone. The results confirm that topology optimization can be used to effectively improve the crashworthiness of light aircraft.

Engineering,Materials Science,Computer Science

Zhong Han,Jianmin Gao

2011-01-01

Eksploatacja i Niezawodnosc - Maintenance and Reliability

Abstract:Safety is a critical factor to be considered throughout the entire lifetime of process systems in process engineering. This paper presents a novel optimal resource allocation method based on network flows for assuring the safety of process systems. Existing optimal resource allocations for safety mainly depend on physical ways (for example, updating core equipments, and incorporating redundancies), which are not suitable for process systems experiencing frequent malfunctions. As a result, frequent physical allocations are needed, which severely interrupt the normal operation of the entire system. In addition, the physical methods are applied only when system faults accumulate to some extent. The state of a process system in chemical engineering often dithers due to many factors such as uncontrollable energy release and inconsistent production of materials. The frequent dithering can lead to the system failure. It is necessary to be able to avoid the accumulation of errors by controlling the dithering and stabilizing the system state, thus assuring the safety of the process system. In this paper, we propose a network flow-based optimal allocation method to achieve the above goal. Feasible flows will be constructed based on the system's network flow, system equipment status, and process requirements. The solution formulas to the state variables of the constructed feasible flows give the adjustment values, which are used to control the dithering of the system, thus stabilize the system stale. A case study is given to show the application and effectiveness of the proposed method.

Ítalo Romani de Oliveira,José Alexandre T. Guerreiro Fregnani,Gláucia Costa Balvedi,Michael L. Ulrey,Jeffery D. Musiak

2024-07-23

Abstract:Each new concept of operation and equipment generation in aviation becomes more automated, integrated and interconnected. In the case of Unmanned Aircraft Systems (UAS), this evolution allows drastically decreasing aircraft weight and operational cost, but these benefits are also realized in highly automated manned aircraft and ground Air Traffic Control (ATC) systems. The downside of these advances is overwhelmingly more complex software and hardware, making it harder to identify potential failure paths. Although there are mandatory certification processes based on broadly accepted standards, such as ARP4754 and its family, ESARR 4 and others, these standards do not allow proof or disproof of safety of disruptive technology changes, such as GBAS Precision Approaches, Autonomous UAS, aircraft self-separation and others. In order to leverage the introduction of such concepts, it is necessary to develop solid knowledge on the foundations of safety in complex systems and use this knowledge to elaborate sound demonstrations of either safety or unsafety of new system designs. These demonstrations at early design stages will help reducing costs both on development of new technology as well as reducing the risk of such technology causing accidents when in use. This paper presents some safety analysis methods which are not in the industry standards but which we identify as having benefits for analyzing safety of advanced technological concepts in aviation.

Systems and Control

Ji Wu,Tao Yue,Shaukat Ali,Huihui Zhang

DOI: https://doi.org/10.1109/QSIC.2013.41

2013-01-01

Abstract:Ensuring that avionics software meets safety requirements at each development stage is very important to warrant the safe operation of an avionics system. Many safety requirements are imposed by various standards and industrial regulations that must be met by avionics software. One of such standards is DO-178B/C, which provides guidelines (e.g. development process and the objectives to satisfy in development activities) for meeting the safety requirements. This paper presents a modeling methodology including a UML profile for specifying safety requirements on a component-based architecture model and a set of design guidelines on avionics software. These safety requirements were identified from both standards (mainly DO-178B/C) and current engineering practices in the domain of avionics system. The methodology enforces safety requirements automatically. We have applied the methodology on an industrial autopilot system and several previously uncaught faults were revealed.

Lei Dong,Bo Peng,Xi Chen,Jiachen Liu

DOI: https://doi.org/10.3390/aerospace11080608

IF: 2.66

2024-07-25

Aerospace

Abstract:As the synthesis, modularization, and integration of avionics systems increase, the interconnections between systems and equipment within subsystems become increasingly complex, posing risks to the safety and reliability of the integrated avionics system. To address the risk of fault propagation due to functional cascade failures in integrated avionics systems, this paper proposes a discrete dynamic fault propagation analysis method, which was applied to an all-electric braking system to assess its feasibility. First, the architectural features of the Distributed Integrated Modular Avionics system are summarized. Subsequently, the constructed system layer model is described, establishing the function–resource hierarchical architecture. Subsequently, the behavior of cascading failure propagation in discrete dynamic systems is analyzed by integrating the cascading failure analysis method from SAE ARP 4761A and considering the coupling characteristics between system properties and functions comprehensively. This approach facilitates the development of a cascading failure propagation model for DIMA based on discrete dynamic systems. Finally, by using the all-electric braking system under DIMA architecture as a case study, key Core Processing Modules and failure-prone functions are identified. The findings reveal that within this system, CPM2 and CPM6 are particularly susceptible to failure propagation, and the automatic brake function is notably vulnerable. Data show that the system's failure rate escalates markedly after 2×104 h of operation. Performing maintenance before reaching this threshold can further mitigate risks. This practice aligns with current international aircraft maintenance time regulations. The method proposed in this paper can be applied early in the allocation of DIMA resources to enhance security and support DIMA design.

engineering, aerospace

guannan su,linpeng huang,xiaoyu fu

DOI: https://doi.org/10.1007/978-3-319-11104-9_46

2015-01-01

Abstract:Two classical methods in safety analysis, FTA and FMEA, are generally used separately in operating analysis orientations. But this one-direction systematic technique becomes more difficult in facing today’s software architecture with increasingly higher complexity; moreover, the simple risk priority number (RPN) in original FMEA can no longer meet the urgent request of higher accuracy in the development of efficient safety analysis. Thus, a new synthetic approach is put forward with the combination of FTA and FMEA. In addition, a system-level fuzzy-RPN and top-fRPN are provided to show the effect of events on their systems to help people make decisions based on a three-dimensional risk ranking instead of failure probability. The case study has demonstrated the methodology thus developed. Our method tends to improve the range of technical adaptability of safety analysis.