A Formal Transformation Method for Automated Fault Tree Generation from a UML Activity Model

Fault analysis and resolution of faults should be part of any end-to-end system development process. This paper is concerned with developing a formal transformation method that maps control flows modeled in UML Activities to semantically equivalent Fault Trees. The transformation method developed features the use of propositional calculus and probability theory. Fault Propagation Chains are introduced to facilitate the transformation method. An overarching metamodel comprised of transformations between models is developed and is applied to an understood Traffic Management System of Systems problem to demonstrate the approach. In this way, the relational structure of the system behavior model is reflected in the structure of the Fault Tree. The paper concludes with a discussion of limitations of the transformation method and proposes approaches to extend it to object flows, State Machines and functional allocations.Comment: 1st submission made to IEEE Transactions on Reliability on 27-Nov-2017; 2nd submission (revision) made on 27-Apr-2018. This version is the 2nd submission. 20 pages, 11 figure

A formal transformation method for automated fault tree generation from a UML activity model

IEEE Fault analysis and resolution of faults should be part of any end-to-end system development process. This paper is concerned with developing a formal transformation method that maps control flows modeled in unified modeling language activities to semantically equivalent fault trees. The transformation method developed features the use of propositional calculus and probability theory. Fault propagation chains are introduced to facilitate the method. An overarching metamodel comprised of transformations between models is developed and is applied to an understood traffic management system of systems problem to demonstrate the approach. In this way, the relational structure of the system behavior model is reflected in the structure of the fault tree. The paper concludes with a discussion of limitations of the transformation method and proposes approaches to extend it to object flows, state machines, and functional allocations

On Provably Correct Decision-Making for Automated Driving

The introduction of driving automation in road vehicles can potentially reduce road traffic crashes and significantly improve road safety. Automation in road vehicles also brings several other benefits such as the possibility to provide independent mobility for people who cannot and/or should not drive. Many different hardware and software components (e.g. sensing, decision-making, actuation, and control) interact to solve the autonomous driving task. Correctness of such automated driving systems is crucial as incorrect behaviour may have catastrophic consequences. Autonomous vehicles operate in complex and dynamic environments, which requires decision-making and planning at different levels. The aim of such decision-making components in these systems is to make safe decisions at all times. The challenge of safety verification of these systems is crucial for the commercial deployment of full autonomy in vehicles. Testing for safety is expensive, impractical, and can never guarantee the absence of errors. In contrast, formal methods, which are techniques that use rigorous mathematical models to build hardware and software systems can provide a mathematical proof of the correctness of the system. The focus of this thesis is to address some of the challenges in the safety verification of decision-making in automated driving systems. A central question here is how to establish formal verification as an efficient tool for automated driving software development.A key finding is the need for an integrated formal approach to prove correctness and to provide a complete safety argument. This thesis provides insights into how three different formal verification approaches, namely supervisory control theory, model checking, and deductive verification differ in their application to automated driving and identifies the challenges associated with each method. It identifies the need for the introduction of more rigour in the requirement refinement process and presents one possible solution by using a formal model-based safety analysis approach. To address challenges in the manual modelling process, a possible solution by automatically learning formal models directly from code is proposed

Formal transformation methods for automated fault tree generation from UML diagrams

With a growing complexity in safety critical systems, engaging Systems Engineering with System Safety Engineering as early as possible in the system life cycle becomes ever more important to ensure system safety during system development. Assessing the safety and reliability of system architectural design at the early stage of the system life cycle can bring value to system design by identifying safety issues earlier and maintaining safety traceability throughout the design phase. However, this is not a trivial task and can require upfront investment. Automated transformation from system architecture models to system safety and reliability models offers a potential solution. However, existing methods lack of formal basis. This can potentially lead to unreliable results. Without a formal basis, Fault Tree Analysis of a system, for example, even if performed concurrently with system design may not ensure all safety critical aspects of the design. [Continues.]</div

Análise dos acidentes de trabalho do tipo quedas em altura na indústria da construção

Dissertação de mestrado em Engenharia HumanaOs acidentes de trabalho constituem um problema que preocupa todos os técnicos de Segurança e Higiene do Trabalho. Um acidente de trabalho, quando occorre, pode provocar graves lesões no(s) trabalhador(es) sinistrado(s), bem como enormes prejuízos materiais para as entidades empregadoras. Apenas a análise dos acidentes permite a criação de mecanismos para minimizar, e se possível evitar, a futura ocorrência dos mesmos. O projecto em questão pretende avaliar a sinistralidade laboral em Portugal, designadamente qual o sector de actividade mais atingido e qual o tipo de acidente mais frequente. Identificam-se as causas que contribuem para a ocorrência de acidentes do tipo queda em altura e comparam-se os métodos EEAT e WAIT com o método proposto pela OIT, em 1962. Finalmente, identificaram-se os vários tipos de equipamentos utilizados na protecção deste tipo de acidentes, bem como a legislação existente. Tendo em consideração estes objectivos, utilizaram-se quatro técnicas de investigação: Pirâmide de Acidentes, Árvore de Falhas (ou Causas), Causas e Circunstâncias de Acidentes de Trabalho / Estatísticas Europeias de Acidentes de Trabalho (EEAT) e Método WAIT. A aplicação destes métodos permitiu constatar que o sector de actividade que apresenta um maior índice de gravidade é o da Pesca, contrariando a ideia geral de que os sectores das Indústrias Transformadoras e da Construção seriam os mais gravosos. Relativamente à causa do acidente, no sector da Construção, área de estudo deste trabalho de investigação, identificou-se, principalmente, a perda, total ou não, do controlo da máquina. As causas que mais contribuem para a ocorrência de acidentes do tipo queda em altura são, principalmente, a ausência / não utilização de equipamento de protecção (colectiva e individual) e, também, frequentemente, a deficiente formação ou ausência de verificação do estado do material. Finalmente, através da comparação do método proposto pela OIT com os métodos EEAT e WAIT, assumiu-se que, embora seja menos elaborado e disponibilize menos informação, é suficiente para caracterizar o acidente e fornece indicações de maior interesse para a respectiva análise.The work accidents are a problem that concerns all Occupational Safety at Hygiene Practitioners. A work accident, when takes place, can cause serious injuries(s) to the employee(s), as well as huge material losses for employers. The accidents’ analysis allows the creation of mechanisms to minimise, and if possible to avoid, the future occurrence of them. The main goal of this project is to evaluate the occupational accidents in Portugal, in terms of the most affected activity sector, as well as the most common type of accident. The causes that contribute to the occurrence of fall from height were identified, and a comparison between the ESAW and WAIT methods and the ILO method (published in 1962), was established. Finally, legislation and available equipment used to prevent this kind of accidents were identified. To fulfil these purposes, four investigation techniques were used, respectively: Accident Pyramid, Fault Tree Analysis, Causes and Circumstances of Accidents on Work / European Statistics on Accidents at Work (ESAW), and WAIT method. Using these methods, it was observed that the activity sector with higher severity rate was the Fishing Sector, contradicting the general idea that Manufacturing Industry and Construction Sector would be the worse sectors. Regarding the type of accident in the field of the Construction Sector, the object of this research work, it was found that it is essentially due to the loss of control (total or partial) of machinery. The causes that most contribute to accidents like falling from height are, mainly, the absence / nonuse of protection equipment (collective and individual), and also, often, the poor training or lack of equipment check-up. Finally, by means of the comparison between the ILO method and ESAW and WAIT methods, it was found that, although less elaborated and providing less information, it is adequate to characterise the accident and can deliver useful tips for its analysis