Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.
Unrestricted © Siemens AG 2019
Siemens Corporate TechnologyUnrestricted © Siemens AG 2019
Model-based Safety Analysis
on C...
Unrestricted © Siemens AG 2019
• Modifications in safety documents is a very
time consuming task
• Increased risk of incon...
Unrestricted © Siemens AG 2019
• Modifications in safety documents is a very
time consuming task
• Mostly done at the end ...
Unrestricted © Siemens AG 2019
Component Fault Trees (CFTs)*
Extend classic fault trees with a component concept
Extension...
Unrestricted © Siemens AG 2019
Component Fault Tree based Safety/Reliability Analysis
Modeling & Analysis Workflow
CFTs @ ...
Unrestricted © Siemens AG 2019
Aircraft Wheel Brake System Example
Overview
Example from AIR6110
• Installed on the two ma...
Unrestricted © Siemens AG 2019
Aircraft Wheel Brake System Example
Hazard Analysis
• Function: “Decelerate the wheels on t...
Unrestricted © Siemens AG 2019
Aircraft Wheel Brake System Example
CFT Example
Top Event = Loss of all wheel braking
Steps...
Unrestricted © Siemens AG 2019
Aircraft Wheel Brake System Example
Definition of the System Architecture (in Capella/SMW)
1
Unrestricted © Siemens AG 2019
Aircraft Wheel Brake System Example
Specification of the CFT elements
2
Unrestricted © Siemens AG 2019
Aircraft Wheel Brake System Example
Creation of the system-wide Component Fault Tree
3
Unrestricted © Siemens AG 2019
Aircraft Wheel Brake System Example
Fault Tree Analysis
4
Unrestricted © Siemens AG 2019
Component Fault Trees (CFTs)
Take Away Messages
• Divide-and-conquer strategy for complex s...
Unrestricted © Siemens AG 2019
Thank you for your attention !
Questions ?
Dr. Marc Zeller
Research Scientist
Model-based R...
Prochain SlideShare
Chargement dans…5
×

[ Capella Day 2019 ] Model-based safety analysis on Capella using Component Fault Trees (CFTs)

150 vues

Publié le

The importance of mission or safety-critical software systems in many application domains of embedded systems is continuously growing, and so is the effort and complexity for reliability and safety analysis. Model-based system engineering (MBSE) is currently one of the key approaches to cope with increasing system complexity.

With Component Fault Trees (CFTs) there is a model- and component-based methodology for safety analysis, which extends the advantages of model-based development to safety & reliability engineering. In this talk, we demonstrate how to ease the development of safety-critical systems in industrial practice by extending MBSE in Capella with model-based safety analysis using Component Fault Tree methodology.


Marc Zeller, Siemens Corporate Engineering
Marc Zeller works as a research scientist at Siemens AG, Corporate Technology, in Munich since 2014. His research interests are focused on the model-based safety and reliability engineering of complex software-intensive embedded systems. Marc Zeller studied Computer Science at the Karlsruhe Institute of Technology (KIT) and graduated in 2007. He obtained a PhD from the University of Augsburg in 2013 for his work on self-adaptation in networked embedded systems at the Fraunhofer Institute for Embedded Systems and Communication Technologies ESK in Munich.

Publié dans : Technologie
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

[ Capella Day 2019 ] Model-based safety analysis on Capella using Component Fault Trees (CFTs)

  1. 1. Unrestricted © Siemens AG 2019 Siemens Corporate TechnologyUnrestricted © Siemens AG 2019 Model-based Safety Analysis on Capella using Component Fault Trees (CFTs) Dr. Marc Zeller | Capella Day 2019
  2. 2. Unrestricted © Siemens AG 2019 • Modifications in safety documents is a very time consuming task • Increased risk of inconsistency due to media breaks Developing Safety-critical Systems: State-of-practice Classic Safety Documentation Media Break State-of-practice in safety analysis System engineering • Often model-based • Iterative, incremental or agile
  3. 3. Unrestricted © Siemens AG 2019 • Modifications in safety documents is a very time consuming task • Mostly done at the end of projects, high risk to fail certification • Inconsistency due to media breaks • Modifications impact only a small part of the safety models • Automated safety/reliability analysis at early development stages • Consistency by seamlessly integrated models Developing Safety-critical Systems: Model-based safety analysis using Component Fault Trees (CFTs) Classic Safety Documentation Media Break Integrated model-based safety/reliability analysis State-of-practice in safety analysis System engineering Seamless integration • Often model-based • Iterative, incremental or agile
  4. 4. Unrestricted © Siemens AG 2019 Component Fault Trees (CFTs)* Extend classic fault trees with a component concept Extension of classic fault trees with a component concept „ Focus on failure modes of an encapsulated system component „ Failures visible at the inport / outport of a component are modeled using Input / Output Failure Modes Divide-and-conquer strategy for systems „ Modular, hierarchical composition of system fault trees „ Systematic reuse of component CFTs Legend: *) Höfig, K., Joanni, A., Zeller, M., Montrone, F., Rothfelder, M., Amarnath, R., Munk, P., Nordmann, A. (2018). Model-based Reliability and Safety: Reducing the complexity of safety analyses using component fault trees, Proceedings of the 2018 Annual Reliability and Maintainability Symposium (RAMS) Kaiser, B., Schneider, D., Adler, R., Domis, D., Möhrle, F., Berres, A., Zeller, M., Höfig, K., Rothfelder, M. (2018). Advances in Component Fault Trees, Proceedings of the 28th European Safety and Reliability Conference (ESREL)
  5. 5. Unrestricted © Siemens AG 2019 Component Fault Tree based Safety/Reliability Analysis Modeling & Analysis Workflow CFTs @ work CFT Elements System description Component Fault Tree Fault Tree Analysis 1 2 3 4
  6. 6. Unrestricted © Siemens AG 2019 Aircraft Wheel Brake System Example Overview Example from AIR6110 • Installed on the two main landing gears • Braking on the main gear wheels is used to provide safe retardation • During taxiing and landing phases • Also prevents unintended aircraft motion when parked • May provide differential braking for aircraft directional control • Secondary function: Stop main gear wheel rotation upon gear retraction • Braking is commanded either • Manually • Via brake pedals • Automatically (autobrake) without the need for pedal application
  7. 7. Unrestricted © Siemens AG 2019 Aircraft Wheel Brake System Example Hazard Analysis • Function: “Decelerate the wheels on the ground” • Average flight length: 5 hours • FHA results: • Loss of all wheel braking during landing or rejected take off (RTO) shall be less than 5E-7 per flight • Asymmetrical loss of wheel braking coupled with loss of rudder or nose wheel steering during landing or RTO shall be less than 5E-7 per flight • Inadvertent wheel braking with all wheels locked during takeoff roll before V1 shall be less than 5E-7 per flight • Inadvertent wheel braking of all wheels during takeoff roll after V1 shall be less than 5E-9 per flight • Undetected inadvertent wheel braking on one wheel w/o locking during takeoff shall be less than 5E-9 per flight à Top Events of the Fault Tree in the PSSA of the Wheel Braking System V1 = Speed from which the aircraft cannot be safely stopped on remaining runway
  8. 8. Unrestricted © Siemens AG 2019 Aircraft Wheel Brake System Example CFT Example Top Event = Loss of all wheel braking Steps to perform a safety/reliability analysis using CFTs: 1. Identification of the system components and description of the system architecture 2. Specification of the CFT elements for each system component 3. Creation of the system-wide CFT and definition and of the CFT’s top event 4. Fault Tree Analysis (qualitative or quantitative) 1 2 3 4
  9. 9. Unrestricted © Siemens AG 2019 Aircraft Wheel Brake System Example Definition of the System Architecture (in Capella/SMW) 1
  10. 10. Unrestricted © Siemens AG 2019 Aircraft Wheel Brake System Example Specification of the CFT elements 2
  11. 11. Unrestricted © Siemens AG 2019 Aircraft Wheel Brake System Example Creation of the system-wide Component Fault Tree 3
  12. 12. Unrestricted © Siemens AG 2019 Aircraft Wheel Brake System Example Fault Tree Analysis 4
  13. 13. Unrestricted © Siemens AG 2019 Component Fault Trees (CFTs) Take Away Messages • Divide-and-conquer strategy for complex systems • Systematic reuse of safety artifacts along with design artifacts • Automated composition of pre-existing safety artifacts • Support top-down / bottom-up / middle-out approaches • Quantitative & qualitative FTA using proven-in-use methods & tools • Integration/Synchronization with any system modeling approach (e.g. SysML) CFT Elements System description Component Fault Tree Fault Tree Analysis
  14. 14. Unrestricted © Siemens AG 2019 Thank you for your attention ! Questions ? Dr. Marc Zeller Research Scientist Model-based Reliability & Safety Engineering marc.zeller@siemens.com Phone: +49 89 636-633980

×