Rongyao Cai,Xiao Xv,Zhengming Lu,Kexin Zhang,Yong Liu

DOI: https://doi.org/10.1109/isas61044.2024.10552597

2024-01-01

Abstract:Fault tree analysis is the most commonly used methodology in industrial safety analysis to predict the probability or frequency of system failure. Although fault tree analysis has been proposed for more than six decades, the assumptions used in most commercial fault tree analysis codes have not changed significantly, which limits the ability of the method to represent design, operation, and maintenance characteristics in the context of the increasing complexity and specialization of modern industrial systems. The basic setup of traditional fault trees is unable to include dependencies between events, time-varying failures, and repair rate realities to explain complex maintenance strategies. To address the above shortcomings, we propose a fusion tree model combining fault tree and attack tree, and simplify the causal structure of the fusion tree by modularization, and utilize the dynamic Markov model to represent the complex coupling relationship between components or nodes. Finally, we demonstrate the calculation process of fusion tree in pressure vessel systems with temporal control.

Yuehai Wang,Menghan Xu,Hongling Zhao,Jiaojiao Li

DOI: https://doi.org/10.2991/meic-15.2015.136

2015-01-01

Abstract:In analog circuit automatic generating fault tree field, several problems are as below: currently the fault tree model had not strong structural to provide the detail realization method to automatic generating fault tree and only used Support Vector Machine algorithm to automatic generating fault tree the accuracy and stability are insufficient, the generating fault tree method is non-portable. Paper combines the SVM algorithm and the fault tree model based on IEEE 1232, analyzes the characteristics of the new fault tree model, designs and put forwards the automatic generating fault tree method, the stability and the accuracy of the generated fault tree are improved, and the portability of the automatic generating fault tree method is strengthened. Paper designs and implements the automatic generating fault tree model based on IEEE1232; the results show that the feasibility of the plan, the accuracy and the stability of the new fault tree model are improved.

Sebastian Reiter,Marc Zeller,Kai Hoefig,Alexander Viehl,Oliver Bringmann,Wolfgang Rosenstiel

DOI: https://doi.org/10.48550/arXiv.2106.03368

2021-06-07

Software Engineering

Abstract:The growing complexity of safety-relevant systems causes an increasing effort for safety assurance. The reduction of development costs and time-to-market, while guaranteeing safe operation, is therefore a major challenge. In order to enable efficient safety assessment of complex architectures, we present an approach, which combines deductive safety analyses, in form of Component Fault Trees (CFTs), with an Error Effect Simulation (EES) for sanity checks. The combination reduces the drawbacks of both analyses, such as the subjective failure propagation assumptions in the CFTs or the determination of relevant fault scenarios for the EES. Both CFTs and the EES provide a modular, reusable and compositional safety analysis and are applicable throughout the whole design process. They support continuous model refinement and the reuse of conducted safety analysis and simulation models. Hence, safety goal violations can be identified in early design stages and the reuse of conducted safety analyses reduces the overhead for safety assessment.

Marc Zeller,Kai Hoefig,Jean-Pascal Schwinn

DOI: https://doi.org/10.48550/arXiv.2105.15002

2021-05-31

Software Engineering

Abstract:The growing size and complexity of software in embedded systems poses new challenges to the safety assessment of embedded control systems. In industrial practice, the control software is mostly treated as a black box during the system's safety analysis. The appropriate representation of the failure propagation of the software is a pressing need in order to increase the accuracy of safety analyses. However, it also increase the effort for creating and maintaining the safety analysis models (such as fault trees) significantly. In this work, we present a method to automatically generate Component Fault Trees from Continuous Function Charts. This method aims at generating the failure propagation model of the detailed software specification. Hence, control software can be included into safety analyses without additional manual effort required to construct the safety analysis models of the software. Moreover, safety analyses created during early system specification phases can be verified by comparing it with the automatically generated one in the detailed specification phased.

Kai Hoefig,Andreas Joanni,Marc Zeller,Francesco Montrone,Martin Rothfelder,Rakshith Amarnath,Peter Munk,Arne Nordmann

DOI: https://doi.org/10.48550/arXiv.2105.15015

2021-05-31

Software Engineering

Abstract:The importance of mission or safety critical software systems in many application domains of embedded systems is continuously growing, and so is the effort and complexity for reliability and safety analysis. Model driven development is currently one of the key approaches to cope with increasing development complexity, in general. Applying similar concepts to reliability, availability, maintainability and safety (RAMS) analysis activities is a promising approach to extend the advantages of model driven development to safety engineering activities aiming at a reduction of development costs, a higher product quality and a shorter time-to-market. Nevertheless, many model-based safety or reliability engineering approaches aim at reducing the analysis complexity but applications or case studies are rare. Therefore we present here a large scale industrial case study which shows the benefits of the application of component fault trees when it comes to complex safety mechanisms. We compare the methodology of component fault trees against classic fault trees and summarize benefits and drawbacks of both modeling methodologies.

Arne Nordmann,Peter Munk

DOI: https://doi.org/10.1145/3239372.3239373

2018-10-14

Abstract:Mastering the complexity of safety assurance for modern, software-intensive systems is challenging in several domains, such as automotive, robotics, and avionics. Model-based safety analysis techniques show promising results to handle this challenge by automating the generation of required artifacts for an assurance case. In this work, we adapt prominent approaches and propose facilitation of SysML models with component fault trees (CFTs) to support the fault tree analysis (FTA). While most existing approaches based on CFTs are only targeting the system topology, e. g., UML Class Diagrams, we propose an integration of CFTs with SysML Internal Block Diagrams as well as SysML Activity Diagrams. We conclude with best practices and lessons learned that emerged from applying our approach to automotive use-cases.

Peter Munk,Arne Nordmann

DOI: https://doi.org/10.1007/s10270-020-00782-w

2020-02-26

Abstract:Mastering the complexity of safety assurance for modern, software-intensive systems is challenging in several domains, such as automotive, robotics, and avionics. Model-based safety analysis techniques show promising results to handle this challenge by automating the generation of required artifacts for an assurance case. In this work, we adapt prominent approaches and propose to augment of SysML models with component fault trees (CFTs) to support the fault tree analysis and the failure mode and effects analysis. While most existing approaches based on CFTs are only targeting the system topology, e. g., UML class diagrams, we propose an integration of CFTs with SysML internal block diagrams as well as SysML activity diagrams. We realized our approach in a prototypical tool. We conclude with best practices and lessons learned that emerged from our case studies with an electronic power steering system and a boost recuperation system.

computer science, software engineering

Zhen Li,Zhengqi Jiang,Dongsheng Wang,Zhaobin Wang

DOI: https://doi.org/10.1109/access.2020.3022016

IF: 3.9

2020-01-01

IEEE Access

Abstract:With the increasing scale and complexity of system, it is very necessary to analyze the safety of complex system. Fault tree is an effective method to safety analysis. However, traditional fault tree relies on manual construction and analysis. When fault nodes and systems are complex, the efficiency and correctness of manual analysis can hardly be guaranteed. To the varied understanding of analysts, it is difficult to ensure the consistency of failure mode and system architecture due to the different understanding from safety analysts and system designers. The same node needs fault analysis again in different systems, which has poor reusability and low efficiency. AltaRica is a fault-oriented Safety Modeling Language. It takes the guard transformation system(GTS) as its core, describes nodes and faults with a style of reusable object-oriented language, and describes information of interaction between nodes and systems through interface connections between nodes and nested systems. Therefore, this paper proposed an automatic system modeling and fault analysis method and its detailed computer algorithm on single class node, multiple nodes and nodes with subsystems based on AltaRica. Finally we developed a software prototype and carry out the automatic modeling and fault analysis in a detailed example. The results showed that the proposed method, algorithm and software prototype can realize automatic graphical modeling of the system on AltaRica, the automatic fault analysis is correct and efficient, has reusability of modeling and fault analysis, and greatly improve the accuracy, objectivity and efficiency of fault modeling and analysis.

Changyong Chu,Weikang Yang,Yajun Chen

DOI: https://doi.org/10.3390/s24186021

IF: 3.9

2024-09-19

Sensors

Abstract:As embedded systems become increasingly complex, traditional reliability analysis methods based on text alone are no longer adequate for meeting the requirements of rapid and accurate quantitative analysis of system reliability. This article proposes a method for automatically generating and quantitatively analyzing dynamic fault trees based on an improved system model with consideration for temporal characteristics and redundancy. Firstly, an "anti-semantic" approach is employed to automatically explore the generation of fault modes and effects analysis (FMEA) from SysML models. The evaluation results are used to promptly modify the system design to meet requirements. Secondly, the Profile extension mechanism is used to expand the SysML block definition diagram, enabling it to describe fault semantics. This is combined with SysML activity diagrams to generate dynamic fault trees using traversal algorithms. Subsequently, parametric diagrams are employed to represent the operational rules of logic gates in the fault tree. The quantitative analysis of dynamic fault trees based on probabilistic models is conducted within the internal block diagram of SysML. Finally, through the design and simulation of the power battery management system, the failure probability of the top event was obtained to be 0.11981. This verifies that the design of the battery management system meets safety requirements and demonstrates the feasibility of the method.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Raffaela Groner,Thomas Witte,Alexander Raschke,Sophie Hirn,Irdin Pekaric,Markus Frick,Matthias Tichy,Michael Felderer

DOI: https://doi.org/10.1007/978-3-031-40923-3_9

2023-09-19

Abstract:Joint safety and security analysis of cyber-physical systems is a necessary step to correctly capture inter-dependencies between these properties. Attack-Fault Trees represent a combination of dynamic Fault Trees and Attack Trees and can be used to model and model-check a holistic view on both safety and security. Manually creating a complete AFT for the whole system is, however, a daunting task. It needs to span multiple abstraction layers, e.g., abstract application architecture and data flow as well as system and library dependencies that are affected by various vulnerabilities. We present an AFT generation tool-chain that facilitates this task using partial Fault and Attack Trees that are either manually created or mined from vulnerability databases. We semi-automatically create two system models that provide the necessary information to automatically combine these partial Fault and Attack Trees into complete AFTs using graph transformation rules.

Cryptography and Security,Formal Languages and Automata Theory,Software Engineering

Danhua Wang,Jingui Pan,George S. Avrunin,Lori A. Clarke,Bin Chen

2010-01-01

Abstract:Many processes are safety critical and therefore could benefit from proactive safety analysis techniques that attempt to identify weaknesses of such processes before they are put into use. In this paper, we propose an approach that automatically derives Failure Mode and Effect Analysis (FMEA) information from processes modeled in the Little-JIL process definition language. Typically FMEA information is created manually by skilled experts, an approach that is usually considered to be time-consuming, error-prone, and tedious when applied to complex processes. Although great care must be taken in creating an accurate process definition, with our approach this definition can then be used to create FMEA representations for a wide range of potential failures. In addition, our approach provides a complementary Fault Tree Analysis (FTA), thereby supporting two of the most widely used safety analysis techniques.

Kai Hoefig,Marc Zeller,Reiner Heilmann

DOI: https://doi.org/10.48550/arXiv.2106.00965

2021-06-02

Software Engineering

Abstract:Identifying drawbacks or insufficiencies in terms of safety is important also in early development stages of safety critical systems. In industry, development artefacts such as components or units, are often reused from existing artefacts to save time and costs. When development artefacts are reused, their existing safety analysis models are an important input for an early safety assessment for the new system, since they already provide a valid model. Component fault trees support such reuse strategies by a compositional horizontal approach. But current development strategies do not only divide systems horizontally, e.g., By encapsulating different functionality into separate components and hierarchies of components, but also vertically, e.g. Into software and hardware architecture layers. Current safety analysis methodologies, such as component fault trees, do not support such vertical layers. Therefore, we present here a methodology that is able to divide safety analysis models into different layers of a systems architecture. We use so called Architecture Layer Failure Dependencies to enable component fault trees on different layers of an architecture. These dependencies are then used to generate safety evidence for the entire system and over all different architecture layers. A case study applies the approach to hardware and software layers.

Zhiming Jian,Dongcheng Hu,Shibai Tong

DOI: https://doi.org/10.1007/978-0-387-34879-7_71

1995-01-01

Abstract:AGFT(Automatic Generation of Fault Trees) is a problem with which system reliability analysts are concerned very much. This paper introduces a development environment of AGFT expert systems--TEE. As a tool for developing AGFT expert systems, Expert systems developed by TEE can automatically construct fault trees not only for ordinary complex systems, but also for those including control loops. The paper discusses TEE’s structure, the knowledge base, the knowledge representation, and the inference algorithm.

Danhua Wang,Jingui Pan

2010-01-01

Abstract:In practice, engineers find that software quality depends heavily on the maturity and reliability of the software process. Therefore, organizations are placing increased attentions on finding an efficient way of integrating elements of software process in order to produce high quality software with lower cost and risk. Various kinds of techniques are used to manage, monitor and analyze software process. We proposed an idea of modeling software process in Little-JIL language, and then introduce automatic Fault Tree Analysis (FTA) technique and Failure Mode and Effect Analysis (FMEA) technique, two fully-fledged and widely used safety analysis techniques, to analyze software process. Results of these two techniques can be combined to improve software process, which may lead to software products with higher quality and reliability, also lower cost and risk.

G. Li,Juan Zhang

DOI: https://doi.org/10.4028/www.scientific.net/AMM.347-350.2605

2013-02-22

Abstract:FMEA is a popular safety analysis method for embedded software and its automatic generation is a hot topic recently. In this paper, a novel model-based method for automatic generation of FMEA is presented, which is hopeful to overcome the shortages of exit automatic generation methods. The methodology and procedures of the method are described in detail.

Computer Science,Engineering

Danhua Wang,Jingui Pan

DOI: https://doi.org/10.1109/iccda.2010.5541008

2010-01-01

Abstract:There are two issues to be addressed in the automatic Fault Tree Analysis (FTA) and Failure Mode and Effect Analysis (FMEA) approaches: resource fault and channel fault are not considered when generating the artifact flow graph (AFG) from Little-JIL processes. The AFG is incomplete, thus the fault trees and FMEA reports automatically generated partially based on AFG is incomplete. In this paper, we put forward to an approach of introducing resource instances and channel instances into fault propagation in Little-JIL processes. Thus, it makes the FTA and FMEA for Little-JIL processes to be much more effective. That is to say, how resource instances and channel instances might affect the fault propagation in Little-JIL processes is taken into account while performing these two automatic safety analysis techniques.

Wenyan Song,Jianing Zheng

DOI: https://doi.org/10.1080/08982112.2024.2304815

2024-01-21

Quality Engineering

Abstract:Failure Mode and Effect Analysis (FMEA) is a valuable tool for improving the quality of products and service systems. However, traditional FMEA methods require examining various engineering textual materials and attending multiple meetings, which can be time-intensive. Additionally, accurately evaluating the severity (S), occurrence (O), and detection (D) of failure modes is essential to ensure the accuracy of FMEA results. Despite efforts by researchers to improve the efficiency of FMEA, the evaluation of these risk factors (S, O, and D) still relies too heavily on a manual and inefficient process. To address these issues, this paper proposes a machine learning-enabled FMEA approach. This new approach combines the strengths of the BERT (Bidirectional Encoder Representations from Transformers) model in transforming textual failure descriptions into word vectors, the advantages of the VSM (Vector Space Model) in determining semantic similarity between different failure modes, and the merits of TOPSIS based on objective weights in handling multicriteria risk assessment. The proposed approach was applied to an actual case study for failure mode and effect analysis in auto parts processing. Comparisons between the proposed method and conventional FMEA were conducted to demonstrate the effectiveness of the new approach.

engineering, industrial,statistics & probability

Xingyu Xiao,Songlin Liu,Zhiyong Zuo,Peng Chen,Ben Qi,Jingang Liang,Jiejuan Tong

DOI: https://doi.org/10.1115/icone31-134226

2024-01-01

Abstract:Fault Tree Analysis (FTA) is an indispensable tool in highstakes industries like nuclear power for conducting thorough risk assessments. However, the development of fault trees for Nuclear Power Plants (NPPs) is often marred by the necessity of interdisciplinary and intricate knowledge, posing a significant hurdle for non-experts. This necessity for specialized knowledge limits the wider adoption of FTA across various sectors. In response to these challenges, this study introduces the Nuclear Large Language Model Fault Tree Generator (NuLLM-FTG), an innovative solution aims at streamlining and augmenting the FTA process. Central to our approach is the implementation of large language models (LLMs) supervised fine-tuning (SFT) techniques. Specifically, we have developed a uniquely textual data structure, meticulously crafted to encapsulate the distinct characteristics of fault trees. To enhance the precision of our methodology, a comprehensive dataset containing several thousand examples is constructed for SFT. NuLLM-FTG's performance is subject to a thorough evaluation. This process involved unraveling the "black box" nature of the model, allowing for an in-depth examination of performance enhancements, particularly in terms of horizontal conversational pattern alignment and vertical fault tree knowledge evolution. The practicality and effectiveness of NuLLM-FTG are corroborated through online experiments involving real operators, coupled with evaluations conducted by domain experts. Additionally, the applicability of our method in realworld scenarios is demonstrated through its integration with the Risk Spectrum (Version 14.0), thereby confirming its effectiveness and robustness. Crucially, our findings indicate that the finely-tuned NuLLM-FTG attains a level of performance comparable to experienced fault tree professionals across various metrics, including professionalism, completeness, and satisfaction. Notably, under specific conditions, our model outperformed GPT-4, and the utilization of an English-language corpus within our model proved to be more effective. Ultimately, our proposed method facilitates novices' involvement in FTA.

Zhi-Chao Wang,Yan Ran,Xin Yang,Xinlong Li,Yifan Chen,Genbao Zhang

DOI: https://doi.org/10.1016/j.engfailanal.2021.105775

IF: 4

2021-12-01

Engineering Failure Analysis

Abstract:Failure mode and effects analysis (FMEA) is a systematic bottom-up structured method used originally in aerospace systems then electronic systems to implement failure analysis, criticality analysis, and failure clearance. With its effective application, FMEA has been extended rapidly into mechatronic systems and others to improve system reliability. However, there exist different compositions, loading forms, operation modes, and failure mechanisms for diverse kinds of systems, so the formulaic extension of FMEA usually is not suitable for the actual situation of followers. In this paper, we propose a function-motion-action (FMA) hierarchy structure especially suitable for mechatronic systems, which focuses on describing and analyzing failure behaviors such as identifying failure modes, analyzing failure causes, and mapping failure effects at each system structure layer without vague and overlapping interpretations. Three risk factors namely occurrence, detection or non-detection, and severity are both defined for each of failure behaviors at each system structure layer, in which the occurrence describes all failure behaviors and the severity is reliant on the condition of the detection and non-detection about all failure behaviors. A primary risk calculation model using quantitative risk data is established to garner the risk level of each failure, based on which multiple and specific risk levels of each failure are explained when considering different levels of failure effects and different combinations of control methods.

engineering, mechanical,materials science, characterization & testing

Matthias Volk,Sebastian Junges,Joost-Pieter Katoen

DOI: https://doi.org/10.1007/978-3-319-45477-1_20

2016-04-26

Abstract:This paper presents a new state space generation approach for dynamic fault trees (DFTs) together with a technique to synthesise failures rates in DFTs. Our state space generation technique aggressively exploits the DFT structure --- detecting symmetries, spurious non-determinism, and don't cares. Benchmarks show a gain of more than two orders of magnitude in terms of state space generation and analysis time. Our approach supports DFTs with symbolic failure rates and is complemented by parameter synthesis. This enables determining the maximal tolerable failure rate of a system component while ensuring that the mean time of failure stays below a threshold.

Software Engineering