Integrating Existing Safety Analyses into SysML

Migrating systems and safety engineering (often with legacy processes and certified tools) towards a modelbased systems engineering (MBSE) environment is a socio-technical problem. Establishing a commonconceptual framework requires agreement on modelling artefacts and the integration of existing tool chainsto minimise disruption. We discuss our experience integrating a SysML Safety Profile to model fault treesbut which has the prerequisite requirement to continue the analysis of those models by existing tools. Wedemonstrate a lightweight profile that minimally captures the fault logic for a Rolls-Royce gas turbineengine controller and provides specific in-house extensions for both fault tree and engine dispatch analysisby exporting model entities and relationships from the SysML fault trees. During integration we realised amore fundamental need to reconcile the systems engineers’ functional view with the safety engineers’focus on failure modes and fault logic in order to maximimse the longer term benefits of MBSEdevelopment

Combined automotive safety and security pattern engineering approach

Automotive systems will exhibit increased levels of automation as well as ever tighter integration with other vehicles, traffic infrastructure, and cloud services. From safety perspective, this can be perceived as boon or bane - it greatly increases complexity and uncertainty, but at the same time opens up new opportunities for realizing innovative safety functions. Moreover, cybersecurity becomes important as additional concern because attacks are now much more likely and severe. However, there is a lack of experience with security concerns in context of safety engineering in general and in automotive safety departments in particular. To address this problem, we propose a systematic pattern-based approach that interlinks safety and security patterns and provides guidance with respect to selection and combination of both types of patterns in context of system engineering. A combined safety and security pattern engineering workflow is proposed to provide systematic guidance to support non-expert engineers based on best practices. The application of the approach is shown and demonstrated by an automotive case study and different use case scenarios.EC/H2020/692474/EU/Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems/AMASSEC/H2020/737422/EU/Secure COnnected Trustable Things/SCOTTEC/H2020/732242/EU/Dependability Engineering Innovation for CPS - DEIS/DEISBMBF, 01IS16043, Collaborative Embedded Systems (CrESt

Supporting ISO 26262 with SysML, Benefits and Limits

International audienceThis article deals with the issue of deploying efficiently the ISO 26262: the new standard in automotive systems development. The directives enclosed in this norm demands the establishment of a product lifecycle fully integrating the safety assessment activities. To tackle this subject, this paper explores the way of setting up Model-Based Design methodology to express and organize the concepts manipulated during the ISO 26262 process. This attempt is founded on the use of SysML and on the creation of a profile dedicated to ISO 26262 development context. We provide an introduction to Model-Based Design paradigm and its appli-cation in a safety relevant context. An overview of ISO 26262 is given, followed by the description of an on-going project on the subject. Modeling propositions are formulated and the use of diverse SysML diagrams are mapped on the automotive safety lifecycle process

Clafer: Lightweight Modeling of Structure, Behaviour, and Variability

Embedded software is growing fast in size and complexity, leading to intimate mixture of complex architectures and complex control. Consequently, software specification requires modeling both structures and behaviour of systems. Unfortunately, existing languages do not integrate these aspects well, usually prioritizing one of them. It is common to develop a separate language for each of these facets. In this paper, we contribute Clafer: a small language that attempts to tackle this challenge. It combines rich structural modeling with state of the art behavioural formalisms. We are not aware of any other modeling language that seamlessly combines these facets common to system and software modeling. We show how Clafer, in a single unified syntax and semantics, allows capturing feature models (variability), component models, discrete control models (automata) and variability encompassing all these aspects. The language is built on top of first order logic with quantifiers over basic entities (for modeling structures) combined with linear temporal logic (for modeling behaviour). On top of this semantic foundation we build a simple but expressive syntax, enriched with carefully selected syntactic expansions that cover hierarchical modeling, associations, automata, scenarios, and Dwyer's property patterns. We evaluate Clafer using a power window case study, and comparing it against other notations that substantially overlap with its scope (SysML, AADL, Temporal OCL and Live Sequence Charts), discussing benefits and perils of using a single notation for the purpose

Improving System Design Through the Integration of Human Systems and Systems Engineering Models

The human is a critical aspect of many systems, but frequently there is a failure to properly account for human capabilities and involvement during system design. This inattention results in systems with higher lifecycle costs, decreased user compatibility, and the potential to produce disastrous consequences. This research presents an approach to integrating the human into system models by using two methods: static and dynamic modeling. The static method uses a user-centered design framework to create system- and human-centered models that deconstruct the system and user into their respective components. These models are integrated to create system models that include relevant information about the human and highlight potentially conflicting tasks. The dynamic method uses a human performance modeling tool to create a discrete event simulation (DES) of the system. This DES model is used to perform an analysis between system trades, by which constraints and assumptions placed on the human are verified. Data gained from the analysis are integrated back into system models in order to reflect true system performance. By applying these two integration methods early in the system’s lifecycle, system models can more effectively account for the human as a critical component of the system, thus improving system design

Digital Twin: towards the integration between System Design and RAMS assessment through the Model–Based Systems Engineering

The design of a safety-critical system requires an effective prediction of its reliability, availability, maintainability and safety (RAMS). Anticipating the RAMS analysis at the concept design helps the designer in the trade-off of the system architecture and technologies, reduces cost of product development and the time to market. This action is rather difficult, because the RAMS analysis deals with the hazard assessment of system components, whose abstraction at concept level is never simple. Therefore, to integrate the system design and RAMS assessment, a clear path to follow is required. The paper investigates how the Model Based Systems Engineering (MBSE) supports this task and drives the system reliability allocation, through the functional and dysfunctional analyses. The implementation of the proposed approach needs to set up the tool chain. In the industrial context it must be compatible with practices, standards and tools currently used in product development. Defining a suitable process of integration of tools used for the System Design and the Safety Engineering is a need of industry. Therefore, this task is also discussed, in this paper, dealing with some examples of industrial test case

Model-based dependability analysis : state-of-the-art, challenges and future outlook

Abstract: Over the past two decades, the study of model-based dependability analysis has gathered significant research interest. Different approaches have been developed to automate and address various limitations of classical dependability techniques to contend with the increasing complexity and challenges of modern safety-critical system. Two leading paradigms have emerged, one which constructs predictive system failure models from component failure models compositionally using the topology of the system. The other utilizes design models - typically state automata - to explore system behaviour through fault injection. This paper reviews a number of prominent techniques under these two paradigms, and provides an insight into their working mechanism, applicability, strengths and challenges, as well as recent developments within these fields. We also discuss the emerging trends on integrated approaches and advanced analysis capabilities. Lastly, we outline the future outlook for model-based dependability analysis

Development of a human factors hazard model for use in system safety analysis

2021 Fall.Includes bibliographical references.Traditional methods for Human Reliability Analysis (HRA) have been developed with specific applications or industries in mind. Additionally, these methods are often complicated, time consuming, costly to apply, and are not suitable for direct comparison amongst themselves. The proposed Human Factors Hazard Model (HFHM) utilizes the established and time-tested probabilistic analysis tools of Fault Tree Analysis (FTA) and Event Tree Analysis (ETA), and integrates them with a newly developed Human Error Probability (HEP) predictive tool. This new approach is developed around Performance Shaping Factors (PSFs) relevant to human behavior, as well as specific characteristics unique to a system architecture and its corresponding operational behavior. This updated approach is intended to standardize, simplify, and automate the approach to modeling the likelihood of a mishap due to a human-system interaction during a hazard event. The HFHM is exemplified and automated within a commercial software tool such that trade and sensitivity studies can be conducted and validated easily. The analysis results generated by the HFHM can be used as a standardized guide to SE analysts as a well as design engineers with regards to risk assessment, safety requirements, design options, and needed safety controls within the system architecture. Verification and evaluation of the HFHM indicate that it is an effective tool for HRA and system safety with results that accurately predict HEP values that can guide design efforts with respect to human factors. In addition to the development and automation of the HFHM, application within commonly used system safety Hazard Analysis Techniques (HATs) is established. Specific utilization of the HFHM within system or subsystem level FTA and Failure Mode and Effects Analysis (FMEA) is established such that human related hazards can more accurately be accounted for in system design safety analysis and lifecycle management. Lastly, integration of the HFHM within Model-Based System Engineering (MBSE) emphasizing an implementation into the System Modeling Language (SysML) is established using a combination of existing hazard analysis libraries and custom designed libraries within the Unified Modeling Language (UML). The FTA / ETA components of the hazard model are developed within SysML partially utilizing the RAAML (Risk Analysis and Assessment Modeling Language) currently under development by the Object Management Group (OMG), as well as a unique recursive analysis library. The SysML model successfully replicates the probabilistic calculation results of the HFHM as generated by the native analytical model. The SysML profiles developed to implement HFHM have application in integration of conventional system safety analysis as well as requirements engineering within lifecycle management

Analysis of potential errors in technical products by combining knowledge graphs with MBSE approach

Technical products are developed to meet the demands of stakeholders. Therefore, the product's functions and associated properties are important. Various influencing factors e.g., external disturbances can have an impact on the input flows of the products or its characteristics and thus on the functions. If this leads to deviations between the required and as-is functions, these deviations are called errors. It is therefore important to analyze errors in product development and implement measures to increase the robustness of the product. Model-Based Systems Engineering (MBSE) supports the development of complex systems. However, MBSE alone has limited ability to identify in-depth errors. This requires knowledge of possible errors from previous products in specific contexts. For this purpose, the method proposed in this paper facilitates identifying errors in the concept phase by combining MBSE approaches with reusable knowledge (i.e., knowledge graph). The approach is presented using an application example for a mobile robot