Formalization and Validation of Safety-Critical Requirements

The validation of requirements is a fundamental step in the development process of safety-critical systems. In safety critical applications such as aerospace, avionics and railways, the use of formal methods is of paramount importance both for requirements and for design validation. Nevertheless, while for the verification of the design, many formal techniques have been conceived and applied, the research on formal methods for requirements validation is not yet mature. The main obstacles are that, on the one hand, the correctness of requirements is not formally defined; on the other hand that the formalization and the validation of the requirements usually demands a strong involvement of domain experts. We report on a methodology and a series of techniques that we developed for the formalization and validation of high-level requirements for safety-critical applications. The main ingredients are a very expressive formal language and automatic satisfiability procedures. The language combines first-order, temporal, and hybrid logic. The satisfiability procedures are based on model checking and satisfiability modulo theory. We applied this technology within an industrial project to the validation of railways requirements

Model-Based Systems Engineering Approach to Distributed and Hybrid Simulation Systems

INCOSE defines Model-Based Systems Engineering (MBSE) as the formalized application of modeling to support system requirements, design, analysis, verification, and validation activities beginning in the conceptual design phase and continuing throughout development and later life cycle phases. One very important development is the utilization of MBSE to develop distributed and hybrid (discrete-continuous) simulation modeling systems. MBSE can help to describe the systems to be modeled and help make the right decisions and partitions to tame complexity. The ability to embrace conceptual modeling and interoperability techniques during systems specification and design presents a great advantage in distributed and hybrid simulation systems development efforts. Our research is aimed at the definition of a methodological framework that uses MBSE languages, methods and tools for the development of these simulation systems. A model-based composition approach is defined at the initial steps to identify distributed systems interoperability requirements and hybrid simulation systems characteristics. Guidelines are developed to adopt simulation interoperability standards and conceptual modeling techniques using MBSE methods and tools. Domain specific system complexity and behavior can be captured with model-based approaches during the system architecture and functional design requirements definition. MBSE can allow simulation engineers to formally model different aspects of a problem ranging from architectures to corresponding behavioral analysis, to functional decompositions and user requirements (Jobe, 2008)

Modeling and Simulation of a Microturbine Generator to be Coupled With a Molten Carbonate Fuel Cell for Distributed Generation

Distributed generation is desired when the individual energy requirements ranging from 25-75 kW of office buildings, restaurants, hospitals and apartments can not be met by the current electric utility grid. Microturbine generators as stand alone power generation systems have been designed to meet these requirements. For power requirements up to 50 MW, hybrid fuel cell systems offer higher efficiency and lower levels of pollutant emissions with more advanced fuel energy savings than non-hybrid systems. The objective of this project is to develop a simulation of a microturbine generator as a stand alone power generation system to validate a microturbine generator as part of a hybrid power generation system designed to produce 250 kW of usable power in MATLAB/Simulink®. The stand alone power generation system will be modeled using a 1-Dimensional approach. The hybrid power generation system is modeled as three major sub-systems; a hybrid microturbine generator, a molten carbonate fuel cell with catalytic oxidizer, and a shell-and-tube heat exchanger. The hybrid power generation system will be analyzed by two different models; a 0-Dimensional hybrid model where all the components are 0-Dimensional and a 0-Dimensional model with 1-Dimensional zooming for the hybrid microturbine generator. The analysis of the stand alone system is used for validation of the hybrid system at the operating design point of the microturbine generator. A control system was placed on the hybrid microturbine generator power generation system and an analysis was completed on the temperature response of the 0-Dimensionl hybrid system as the microturbine generator power was ramped from 0-30 kW over six different time intervals. A second controller was placed on the fuel cell power generation system to further analyze the hybrid system\u27s controllability. The three MATLAB/Simulink® models developed provide an initial design methodology for modeling and simulation of a hybrid power generation system

The Hyper-X Flight Systems Validation Program

For the Hyper-X/X-43A program, the development of a comprehensive validation test plan played an integral part in the success of the mission. The goal was to demonstrate hypersonic propulsion technologies by flight testing an airframe-integrated scramjet engine. Preparation for flight involved both verification and validation testing. By definition, verification is the process of assuring that the product meets design requirements; whereas validation is the process of assuring that the design meets mission requirements for the intended environment. This report presents an overview of the program with emphasis on the validation efforts. It includes topics such as hardware-in-the-loop, failure modes and effects, aircraft-in-the-loop, plugs-out, power characterization, antenna pattern, integration, combined systems, captive carry, and flight testing. Where applicable, test results are also discussed. The report provides a brief description of the flight systems onboard the X-43A research vehicle and an introduction to the ground support equipment required to execute the validation plan. The intent is to provide validation concepts that are applicable to current, follow-on, and next generation vehicles that share the hybrid spacecraft and aircraft characteristics of the Hyper-X vehicle

SHPbench – a smart hybrid prototyping based environment for early testing, verification and (user based) validation of advanced driver assistant systems of cars

Statistical analysis show that more than 90 percent of all car accidents result from human mistakes. Advanced Driver Assistant Systems (ADAS) are intended to support and assist the car driver, and therefore contribute significantly to the reduction of accidents. ADAS become more and more complex and demanding regarding hard- and software fulfilling the requirements applied onto assistant systems nowadays and in the future. They have to be considered as multi-functional multi-domain mechatronic systems. Smart Hybrid Prototyping (SHP) is a by now proven approach for handling ADAS’ demands during and to the development process, specifically for early integrated component and system testing, its verification and validation with the focus on the interaction with the driver can only be reasonably and economically met by utilizing the SHP technology. For those mentioned purposes the SHPbench, an integrated development and validation environment, has been recently developed. The SHPbench's architecture and specification is presented and evaluated by applying a representative use case of an ADAS development process. This paper documents the use case setup, process steps and test results

Synthesis from Design Requirements of a Hybrid System for Transport Aircraft Longitudinal Control

Volume I of this report presents a new method for synthesizing hybrid systems directly from desi gn requirements, and applies the method to design of a hybrid system for longitudinal control of transport aircraft. The resulting system satisfies general requirement for safety and effectiveness specified a priori, enabling formal validation to be achieved. Volume II contains seven appendices intended to make the report accessible to readers with backgrounds in human factors, flight dynamics and control, and formal logic. Major design goals are (1) system design integrity based on proof of correctness at the design level, (2) significant simplification and cost reduction in system development and certification, and (3) improved operational efficiency, with significant alleviation of human-factors problems encountered by pilots in current transport aircraft. This report provides for the first time a firm technical basis for criteria governing design and certification of avionic systems for transport aircraft. It should be of primary interest to designers of next-generation avionic systems

Hybrid Simulators for Product Service-Systems : Innovation potential demonstrated on urban bike mobility

One major goal of the Rethinking Prototyping project is to bring scientists from different domains like engineering and arts to explore collaboratively new approaches of development and testing of Product Service Systems (PSS). PSS combine products, services, and infrastructure to fulfil individual customer needs. Therefore, the development of PSS is an extension of traditional engineering design process, which mainly refers to purely tangible products or intangible services into an integrated development process of products and services. The basis is a new technology called Smart Hybrid Prototyping (SHP), a joint development by Fraunhofer IPK and the TU Berlin. SHP is an innovative technology for a multimodal interdisciplinary evaluation of virtual prototypes in early development stages. It is based upon methods of Mixed Reality extended by modern industrial technologies to allow natural interaction with virtual prototypes of mechanical or mechatronic systems. It serves as a bridge between physical reality and digital virtuality. The use cases in this paper are based on urban bike mobility. Therefore, three concepts have been worked out to specify main requirements for an urban hybrid bike simulator. The first use case is from the perspective of a bicycle rental, where rental services for the users can be developed, validated, and optimized. The second use case provides the integration of mobile devices like smartphones and tablets for the development and validation of mobile services for bicyclists. The third use case is oriented on development and validation of new bicycles and urban mobility concepts like e-bikes, pedelecs, tripelecs and sharing services. Based on these generic use cases the requirements on a hybrid bicycle simulator were derived. Why a bicycle simulator? Well, we are firmly convinced that the future of urban mobility is determined from trends such as ecological rethinking and the desire for sports and healthy life. Furthermore, it is one of the most competitive and agile markets using most innovative materials and manufacturing technologies

Architectures and Evaluation for Adjustable Control Autonomy for Space-Based Life Support Systems

In the past five years, a number of automation applications for control of crew life support systems have been developed and evaluated in the Adjustable Autonomy Testbed at NASA's Johnson Space Center. This paper surveys progress on an adjustable autonomous control architecture for situations where software and human operators work together to manage anomalies and other system problems. When problems occur, the level of control autonomy can be adjusted, so that operators and software agents can work together on diagnosis and recovery. In 1997 adjustable autonomy software was developed to manage gas transfer and storage in a closed life support test. Four crewmembers lived and worked in a chamber for 91 days, with both air and water recycling. CO2 was converted to O2 by gas processing systems and wheat crops. With the automation software, significantly fewer hours were spent monitoring operations. System-level validation testing of the software by interactive hybrid simulation revealed problems both in software requirements and implementation. Since that time, we have been developing multi-agent approaches for automation software and human operators, to cooperatively control systems and manage problems. Each new capability has been tested and demonstrated in realistic dynamic anomaly scenarios, using the hybrid simulation tool