Gaoxiang Chen,Dongqin Feng

DOI: https://doi.org/10.3969/j.issn.1000-0380.2006.10.001

2006-01-01

Abstract:The demands of safety related systems in practical applications are introduced.The standards to be complied with in design,development,application and maintenance of safety related systems are studied.The flowchart of functional safety certification of safety related system is described and the V-model development of safety related system is given.

Yang Li,Dongqin Feng

DOI: https://doi.org/10.1007/978-3-642-34528-9_86

2013-01-01

Abstract:Automatic train protection system (ATP) is the key safety-related system of train control system, so its safety reliability requirements are much higher. This article studies functional safety assessment (FSA) including function analysis, hazard identification, risk rank evaluation, risk reduction, and safety integrity verification during the development of carborne ATP. A risk rank evaluation method is proposed combining as low as reasonably practically (ALARP) criteria and risk matrix. Many safety defects of carborne ATP are found and then the design scheme is improved through FSA. The results of risk analysis software Isograph prove that carborne ATP meets the safety integrity level of its design goals at last.

Xiufang Zhou,Aidong Xu,Bingjun Yan,Yue Sun,Wenbo Chen,Jiao Yang

DOI: https://doi.org/10.1177/00202940231222811

2024-02-17

Measurement and Control

Abstract:Measurement and Control, Ahead of Print. Fieldbus transmitters are commonly used in modern industrial productions, particularly in Safety Instrumented Systems (SIS). Safety and security are critical considerations in the design and operation of these transmitters. Previous research has tended to address safety issues and security issues separately, but with the increasing complexity of network technology, it is important to analyze them simultaneously. In this paper, a systematic framework for comprehensively analyzing random failures and cyber-attack failures is proposed. The framework adopts the FMEA-IMEA method, which combines Failure Modes and Effects Analysis (FMEA) and Intrusion Modes and Effects Analysis (IMEA), to analyze failure modes and effects of fieldbus transmitters. In addition, by extending Reliability Block Diagrams (RBD), the impact of random failures and cyber-attack failures on fieldbus transmitters is quantitatively determined. At the same time, calculation approach of the residual error rate (RER), Component counting method, and Monte Carlo are used to determine random failure rate and cyber-attack failure rate. Using fieldbus pressure transmitter and fieldbus temperature transmitter as examples, the results demonstrate that security issues can significantly impact the safety integrity level. In fact, the safety integrity level is reduced from SIL3 to SIL1 when cyber-attacks are considered. Compared to existing FMEA, the proposed approach offers a more comprehensive analysis of random failures and cyber-attack failures in fieldbus transmitters.

automation & control systems,instruments & instrumentation

Guo Haitao,Yang Xianhui

DOI: https://doi.org/10.3969/j.issn.1001-4160.2007.04.019

2007-01-01

Abstract:For enhancing functional safety management on safety instrumented systems, a design of functional safety management software is presented based on the analysis of safety integrity level(SIL),safety requirement specification and safety integrity verification, which are included in safety life cycle. Hazard matrix and risk graph are two typical methods for SIL selection. Safety integrity verification uses Markov models and architecture constraints are also taken into account. The software is developed using C#. It can be used to assess not only safety but also availability for safety instrumented functions. Several types of report can be generated. The functional safety management software is a good tool and reference for correct functional safety management, helping users understanding the safety and availability of safety instrumented systems.

Xu Yujuan,Yang Xianhui

DOI: https://doi.org/10.3969/j.issn.1007-7324.2007.03.001

2007-01-01

Abstract:Safety Instrument System — SIS is widely used to decrease the risk of the process in petrochemical plants.The calculation of the failure probability for sensor subsystem in SIS is introduced.To take the pressure transmitter as an example,the fault tree analysis — FTA technique is applied to analysis the average probability of failure on demand — PFDavg and the probability of failing of safety — PFS for different architecture sensor subsystem,such as1 out of 1(1oo1);1 out of 2(1oo2);2 out of 2(2oo2) and 2 out of 3(2oo3).As a conclusion,it gives us a quantitative idea that different architecture will cause different transmitter's failure probability.

Lingyu Chen,Dapeng Fan,Jieji Zheng,Xin Xie

DOI: https://doi.org/10.3390/machines10050360

IF: 2.899

2022-05-11

Machines

Abstract:The reliable operation of the sensors of robot joint drive systems (RJDs) is a key factor in ensuring the safety of equipment and personnel. Over the years, additional safety-related systems have been designed to prevent safety incidents caused by robot failures, ignoring the functional safety issues of the robot sensors themselves. In view of this, based on IEC61508, a functional safety analysis and design method for sensors of RJDs is proposed in this paper. Firstly, the hazard analysis and risk assessment clarified the goals that the safety protection function of the RJD's sensor should achieve. Then, by establishing the motor drive model and transmission model, a model-based sensor fault diagnosis and isolation strategy is proposed. Considering the fault-tolerant operation of system, a fail-operational hardware architecture of the safety-related system is designed. Markov analysis shows that the safety integrity level (SIL) of safety-related systems can reach SIL3. Finally, experiments are designed to validate the proposed fault diagnosis and fault tolerance strategy. The results show that the safety-related system can effectively locate sensor failures, realize fault-tolerant control when a single sensor fails and perform safe torque off (STO) protection when multiple sensors fail.

engineering, mechanical, electrical & electronic

Jia Lin,Ping Tan,Weiting He,Jian Chu,Zhihua Chen

DOI: https://doi.org/10.1109/SOLI.2011.5986613

2011-01-01

Abstract:As a large-capacity public transport tool, the railway system needs high stability and reliability. In order to reduce cost and satisfy the safety requirements of train control system, a novel safety-related digital input system is designed and implemented based on architectural constraints of safety-related systems and the analysis of the working principle of the specific digital input system. This system is designed as 2-out-of-3 architecture on the basis of vital computer. The method of fault diagnosis has been improved after the analysis of the practical situation. That is, the detection signal sent by the external pulse transmitter module contains the circuit fault information after the signal pass through the input circuit, and the real-time self-diagnosis will be done after using the supporting software to deal with timing diagram. The system uses less CPU resources to achieve the high diagnostic efficiency, which improves safety failure rate. And its failure analysis is discussed. The Markov Model is used to verify the Safety Integrity Level (SIL) of the safety-related system. The analysis shows that this design, with easy implementation and low cost, meets the requirements of SIL4 in railway and is more reliable.

SONG Yan,WANG Tianran,Zhijia Yang,Aidong Xu,WANG Kai

DOI: https://doi.org/10.3724/SP.J.1219.2013.00521

2013-01-01

Information and Control

Abstract:For traditional safety instruments' weakness in safety and reliability caused by 1oo1D architecture,a 1oo2D architecture based safety instrument with high availability and high safety is designed.Two-channel structure with comparison is studied,and a two-channel mutual diagnosis method is proposed.The hardware design and block diagram are given,and the design scheme of the embedded safety software architecture of the instrument is introduced.A data difference based N-version programming(NVP) method is proposed and applied in SafeAgent.Furthermore,a fault tree analysis(FTA) and Markov model are applied to analyzing the safety of the instrument.Important indexes such as MTTF(mean time to failure) and PFD(probability of failure on demand),PFDavg(average PFD) are discussed.According to the simulation results,the safety integration level(SIL) of the proposed safety instrument can achieve SIL3 as the upper limit.

Zhigang Feng,Qi Wang,Katsunori Shida

DOI: https://doi.org/10.1109/JSEN.2008.2011949

IF: 4.3

2009-01-01

IEEE Sensors Journal

Abstract:A new prototype of self-validating pressure sensor is described, including structure design of the transducer, fault detection and diagnosis method and signal transmitter based on double digital signal processors (DSPs) system. The elastic body of the transducer is based on circular-flat diaphragm structure. Eight groups of strain gauges are distributed on the diaphragm. One group of metal strain ...

Guoqi Xie,Yanwen Li,Yunbo Han,Yong Xie,Gang Zeng,Renfa Li

DOI: https://doi.org/10.1109/tii.2020.2978889

IF: 12.3

2020-01-01

IEEE Transactions on Industrial Informatics

Abstract:Guaranteeing safety is always a prerequisite in the process of realizing various automotive applications. However, the automotive functional safety design has been challenged by multiple factors, such as the complexity of the new generation automotive electrical and electronic (E/E) architecture, the continuous release and update of automotive functional safety standard International Standardization Organization (ISO) 26262, the release of new AUTOSAR adaptive platform standard, and the increase in different types of costs. In this article, we summarize the recent advances of automotive functional safety design methodologies through analysis, design, optimization, and runtime phases, respectively: 1) functional safety analysis; 2) functional safety guarantee; 3) safety-aware cost optimization; and 4) safety-critical multifunctional scheduling. Then, we provide the future trends in functional safety design methodologies that will be directly oriented to autonomous vehicles and adapt to the next generation functional safety standard ISO 21448.

Zheng Zhu,Liang Li

DOI: https://doi.org/10.1109/tiv.2024.3478792

IF: 8.2

2024-01-01

IEEE Transactions on Intelligent Vehicles

Abstract:With the development of automotive intelligence, drive-by-wire system has attracted extensive attention from academia and industry. However, the architectural design of electro-mechanical-brake (EMB) systems has not been emphasized enough, especially in the context of functional safety concept. In view of this, based on ISO 26262, this paper extends the system boundary of functional safety for the first time, and combines EMB system with other systems of the vehicle to build a 4-way redundant EMB system architecture. Furthermore, detailed qualitative and quantitative analysis results are given by using state transition location diagram and quantitative fault tree analysis (FTA) respectively, and the braking failure rate is Q 0 ≈ 2.0003×10 -10 < 10 -8 meets the failure rate requirements of ASIL-D, which prove the security and reliability of the proposed architecture. This paper provides guidance and reference for the design and analysis of EMB system for subsequent researchers, and guarantees the safe development of autonomous vehicles from the safety and reliability of the system.

Jm Chen,W Zhi,Yx Sun

2002-01-01

Abstract:With the development of society economy, the scale of control system is becoming larger, and the process control system is also becoming more and more complex. Process industries in general, but especially those handle explosive, flammable, or toxic substances, require the utmost safety in control system. Especially in complex system, it is a significant research that how to use existing system resource to optimize system and improve system safety.The process control field today is such that what were considered advanced control techniques even ten to twenty years ago are becoming commonplace. One of the strongest process control trends is the implementation of digital communication with field control devices. More and more traditional distributed control systems are being augmented with smart field instruments. Foundation Fieldbus is a digital control network that interlinks those "smart" field instruments like sensors and actuators in process control environment. In the Foundation Fieldbus all the control algorithms and the data acquiring are executed exclusively by structures called function blocks. Those smart instruments are equipped with Function Block.This paper will try to give the approaches to improve the performance based on the Function Blocks, beginning with introduction of Function Blocks of Foundation Fieldbus and their structure and execution process in section 2. In section 3, an example of fermentation process is given. How to structure the control system and how to implement distributed control highly based on function blocks are discussed here. The problem to realize system safety with Function Blocks and their programming language is presented in the section 4. Conclusion is given at last in this paper.

Chao Zhang,Shumei Cui,Shiming Xu,Huafeng Liu

DOI: https://doi.org/10.4028/www.scientific.net/amm.494-495.256

2014-01-01

Applied Mechanics and Materials

Abstract:High voltage system as power source is applied to electric school buses. In this paper, failures and potential risks of high voltage system are analyzed according to the electric school bus high voltage system configuration, and the high voltage safety management system is designed with ISO26262 as a functional safety standard. The strategies of system diagnostics and safety management are proposed to achieve the safety requirements to electric vehicles, which improve the reliability of electric vehicles and reduce the cost of maintenance.

Junting Lin,Qian Li,Yang Wang

DOI: https://doi.org/10.1177/1748006x241234700

2024-02-28

Proceedings of the Institution of Mechanical Engineers Part O Journal of Risk and Reliability

Abstract:Proceedings of the Institution of Mechanical Engineers, Part O: Journal of Risk and Reliability, Ahead of Print. In order to achieve the goal of transforming China into a modernized railway powerhouse, a comprehensive evaluation model of intrinsic safety is constructed in this paper by focussing on the intrinsic safety of railway facilities and equipment. Firstly, the index system for evaluating the intrinsic safety of railway facilities and equipment is divided. Secondly, the fuzzy Petri net (FPN) model for intrinsic safety evaluation is constructed according to the fuzzy generative rules, and the similarity calculation method of the cloud model based on shape and distance is applied to derive the initial state value of the FPN model and carry out the calculation of fuzzy reasoning of the intrinsic safety. Finally, the comprehensive evaluation of intrinsic safety is carried out using the example of railroad facilities and equipment at one China Railway Group bureau's station section. The results indicate that the intrinsic safety level of the station section falls into Class IV intrinsic safety, exhibiting a few vulnerabilities. However, the risk level is low, aligning with the findings of the actual research. Moreover, the evaluation results based on the FPN, the cloud model's similarity calculation method and the suggested method are compared and analysed with the findings of the actual research. The comparative results demonstrate the accuracy and scientificity of the proposed method, providing a reference for enhancing the intrinsic safety of railway facilities and equipment.

engineering, industrial, multidisciplinary,operations research & management science

Lei He,Junyi Chen,Xiucai Zhang,Jun Li,Jingquan Tian

DOI: https://doi.org/10.1109/access.2024.3349964

IF: 3.9

2024-01-01

IEEE Access

Abstract:In recent years, autonomous driving technology has been developing rapidly, but there is still a certain gap from commercial production, in which the safety issue is one of the important factors. In the working of most companies and colleges, the Traffic Jam Pilot (TJP), serving as a prototypical Level 3 autonomous driving function, has predominantly focused on functional implementation and enhancement, prioritizing functional completeness and user comfort. However, the aspect of functional safety in the system has received comparatively less attention. To guarantee the safety of the driver’s life and property, it is essential to consider the functional safety aspect regarding automobile operation after system function failure. In this paper, according to the functional safety development process and related regulations in ISO 26262, the functions and operation environment of the TJP system are defined in detail, and the longitudinal function is taken as an example to be developed following the functional safety process and verified by simulation. Simulation verification results show that the control algorithm is safe and reliable, and can ensure the safety and stability of the vehicle during operation. The research in this paper further explores the combination of functional safety and high-level automated driving function, providing some ideas for their practical application in industry.

computer science, information systems,telecommunications,engineering, electrical & electronic

Peng Li,Li Wang

DOI: https://doi.org/10.1109/itoec53115.2022.9734452

2022-03-04

Abstract:Laboratory safety is related to life safety and property safety, prevention and monitoring are the key factors to improve the safety level. Therefore, it is of great significance to study a fire safety monitoring system to monitor the influencing factors in real time and improve the laboratory safety factor. This paper takes the laboratory as the research object, designs a laboratory fire safety monitoring system based on QTouch and STM32, which is used in the daily safety monitoring of the laboratory, using sensors and active equipment as technical means, upload and release with microcontroller as the center, adopt Modbus data communication protocol, the configuration QTouch is used as the host computer to realize the monitoring and control of on-site parameters. The experimental results show that the system data test is stable and meets the design requirements.

Shu Yidan,Zhao Jinsong

DOI: https://doi.org/10.3969/j.issn.1001-4160.2011.12.023

2011-01-01

Abstract:Safety instrumented system(SIS) is important for safety of industrial production.IEC 61508 require the establishment of safety integrity levels(SIL) for all the SIS for confirmation that they meet the requirement for functional safety.SIS in process industry are commonly in low demand rate.Research andvances of SIL verification for SIS in this mode is reviewed in this article,with summary of research on common cause failure modeling and caculation of average probability of failure on demand(PFD_(avg)).In the aspect of caculation of PFD_(avg),three common methods are introduced,including reliability block diagram,fault tree analsis and Markov model.Finally,several commercial softwares with SIL verificition function are introduced.

WEI Zhen-qiang,CUI Lin,SUN Wen-yong,ZHAO Jin-song

DOI: https://doi.org/10.11731/j.issn.1673-193x.2013.04.026

2013-01-01

Abstract:In this paper,a risk analysis software system named as HASILT was presente,which was developed based on the functional safety international standards IEC61511,IEC61508.The system integrated the tools for performing Hazard and Operability(HAZOP) study,Layer of Protection Analysis(LOPA),Safety Integrity Level(SIL) analysis and some other accessorial activities.The system was a quite practical and high efficient system as displayed in its industrial applications.The system provides enterprises with a useful analysis and management platform,aiding them to perform process safety management.

Shiguang Li,Xiaojie Wu

DOI: https://doi.org/10.3390/en14237872

IF: 3.2

2021-11-24

Energies

Abstract:Modern explosion protection equipment, protected by traditional explosion protection technology (as defined by the international electrotechnical commission (IEC) publication IEC60079-ff series standards) and electrical/electronic/programmable electronic (E/E/PE) safety-related systems, is becoming ever more complex in coal mine development and petrochemical industry; thus, the possibility of failures in their operation is also growing. It is well-known that E/E/PE safety-related systems can be used to actively control dangerous sources, with real and expected levels of reliability, if they have been qualified according to the IEC61508-ff series standards. To uniformly evaluate the safety integrity level (SIL) of the explosion protection function of traditional explosion protection technology and E/E/PE safety-related system technology, this study analyzed the ability of these types of protection to remove the ignition risk residual, evaluating the failure rates of safety devices. The key objective of this paper is the presentation of a new equipment protection level (EPL) assessment method for explosion protection equipment based on a functional safety assessment. The method is applied to a variable frequency drive (VFD) system, and the results show that the EPL of the explosion protection equipment evaluated by this method is consistent with the EPL corresponding to the traditional explosion protection type of the IEC60079-ff series standard. Meanwhile, the flexible configuration of explosion protection safety devices and E/E/PE safety-related systems enables explosion protection equipment of different EPL levels to be designed.

energy & fuels

Zhi-Feng Lv,Dan-Dan Liu,Xiang-Xian Chen,Hai Huang

DOI: https://doi.org/10.12783/dtcse/csma2017/17360

2017-01-01

DEStech Transactions on Computer Science and Engineering

Abstract:Power supply system is an important part of safety-critical computer platform for the railway signal control equipment. According to the basic architecture of dual-duplex platform, to meet the reliability requirements of safety-critical computer platform in EN50126, the power supply system is improved and better architectures is proposed. In addition, according to the EMC requirements of EN50121 railway standard, to solve some important EMC problems, the power system adopts the following design methods: transient voltage suppression, current-limiting and voltage dips suppression. Finally, this paper uses Reliability analysis Software to verify the effect of this power supply system design on system reliability, and uses experimental method to verify the function realization of EMC solutions.