Intégration de la sûreté de fonctionnement dans les processus d'ingénierie système

L'intégration de diverses technologies, notamment celles de l'informatique et l'électronique, fait que les systèmes conçus de nos jours sont de plus en plus complexes. Ils ont des comportements plus élaborés et plus difficiles à prévoir, ont un nombre de constituants en interaction plus important et/ou réalisent des fonctions de plus haut niveau. Parallèlement à cette complexification des systèmes, la compétitivité du marché mondial impose aux développeurs de systèmes des contraintes de coût et de délais de plus en plus strictes. La même course s'opère concernant la qualité des systèmes, notamment lorsque ceux-ci mettent en jeu un risque en vies humaines ou un risque financier important. Ainsi, les développeurs sont contraints d'adopter une approche de conception rigoureuse pour répondre aux exigences du système souhaité et satisfaire les diverses contraintes (coût, délais, qualité, sûreté de fonctionnement,...). Plusieurs démarches méthodologiques visant à guider la conception de système sont définies par l'intermédiaire de normes d'Ingénierie Système. Notre travail s'appuie sur la norme EIA-632, qui est largement employée, en particulier dans les domaines aéronautique et militaire. Il consiste à améliorer les processus d'ingénierie système décrits par l'EIA-632, afin d'intégrer une prise en compte globale et explicite de la sûreté de fonctionnement. En effet, jusqu'à présent la sûreté de fonctionnement était obtenue par la réutilisation de modèles génériques après avoir étudié et développé chaque fonction indépendamment. Il n'y avait donc pas de prise en compte spécifique des risques liés à l'intégration de plusieurs technologies. Pour cette raison, nous proposons de nous intéresser aux exigences de Sûreté de Fonctionnement au niveau global et le plus tôt possible dans la phase de développement, pour ensuite les décliner aux niveaux inférieurs, ceci en s'appuyant sur les processus de la norme EIA-632 que nous étoffons. Nous proposons également une méthode originale de déclinaison d'exigences de sûreté de fonctionnement à base d'arbres de défaillances et d'AMDEC, ainsi qu'un modèle d'information basé sur SysML pour appuyer notre approche. Un exemple issu du monde aéronautique permet d'illustrer nos propositions.The integration of various technologies, including computer and electronics, makes the nowadays designed systems increasingly complex. They have behaviors which are more elaborate and difficult to predict, they have a greater number of components in interaction and/or perform highest level functions. Parallel to this increasing complexity of these systems, the competitive of the global market imposes strong constraints of cost and time to the system developers. Other strong constraints deal with the quality of these systems, especially when they involve human risks or significant financial risks. Thus, developers are forced to adopt a rigorous design approach to meet the desired system requirements and satisfy the various constraints (cost, time, quality, dependability...). Several methodological approaches to guide the system design are defined through system engineering standards. Our work is based on the EIA-632 standard, which is widely used, especially in the aeronautical and military fields. It is to improve the systems engineering process described by the EIA-632, in order to incorporate a global and explicit consideration of dependability. Indeed, till now the dependability was achieved by reusing generic models after having studied and developed independently each function. So there was no specific consideration of the risks associated with the integration of several technologies. For this reason, we propose to concern ourselves with the dependability requirements at the global level and as early as possible in the development phase. Then, these requirements will be decline to lower levels. We based our approach on the processes of the EIA-632 standard that we expand. We also propose an original method for the declination of the dependability requirements based on fault trees and FMEAC, and an information model based on SysML in order to support our approach. An example from the aeronautical field illustrates our proposals

ESA PetriNet: Petri net Based Tool for Reliability Analysis

International audienceThis paper describes the critical (feared) scenarios derivation tool ESA PetriNet (Extraction Scenarios Algorithm from Petri Net) available from : http://www.laas.fr/ESA. ESA PetriNet allows to derive scenarios leading to critical (feared) situation in embedded systems. The system model is given by a Petri net. To derive critical scenarios and to avoid the state space explosion, the solution is to use directly the Petri net model. Linear logic (which does not appears in this paper)offers a theoretical framework to interpret the Petri net model and to extract the scenarios. ESA PetriNet provides all minimal scenarios which contain strictly necessary and sufficient events to reach a specified state. ESA PetriNet can be used with classical Petri net modelling or in its objects oriented version

Safety Management Method in Complex System Engineering

International audienceThe main objective of System Engineering is the successful development of complex system. It is based on the application of iterative and recursive processes on each phase or step of the system development. One critical process is the requirement management, particularly when it deals with the safety requirements. These one are non-functional requirements and are related to emergent properties, which come from the integration of the different system components. They must be identified as soon as possible, because they are guards to validate or not the system, which can require changes in system architecture. Moreover, they are formulated at system level and need to be derived at subsystem level. The objective of this paper is to propose a safety management method based on well-known safety methods, in order to organize the different tasks to make the system safe. The method focuses mainly on the definition of the system safety requirements following risk and hazard analysis, and also on their derivation according to a top-down approach. It is based on the well-known Failure Mode, Effects, and Criticality Analysis (FMECA) and the use of Fault Trees and Event Trees

Engineering dependability requirements for complex systems - A new information model definition

International audienceRequirements engineering is an important phase in a system's life cycle. It is important to perform it correctly. The increasing complexity of systems makes requirements engineering activities more difficult. In design of complex system, the system engineering is widely used. Model-driven engineering, in which models are the main artifact during system development, is an emergent approach that tries to address system complexity by the intense use of models. In this context, this paper proposes a new information model based on SysML to properly manage requirements with a special attention to dependability requirements

BASE DE CONNAISSANCES SYSML POUR LA CONCEPTION DE SYSTEMES COMPLEXES SURS DE FONCTIONNEMENT

National audienceThe work presented in this paper is part of a proposed framework as complete and rigorous as possible for the design of complex systems. The methodological framework used is System Engineering, which is a methodological approach to control the design of complex systems. The practices of this approach are transcribed in standards, realized by methods and supported by tools. In our case, the standard EIA-632 was adopted. Specifically, to deal with the dependability of these complex systems and to improve the processes dealing with dependability, we have defined a global approach. This approach incorporates the consideration of dependability in system engineering processes. The work presented in this paper supports and complements the overall approach: it is the proposal of an information model based on the SysML language, allowing the requirements management, including safety requirement

Intégration de la sûreté de fonctionnement dans les processus d'ingénierie système

TOULOUSE3-BU Sciences (315552104) / SudocSudocFranceF

Discrete and Hybrid Systems Dependability Analysis with ESA PetriNet

International audienceBased on Petri net modelling and linear logic as formal framework, ESA PetriNet allows to carry out dependability analysis of discrete (based on temporal Petri nets modelling) or hybrid systems (differential predicate-transition Petri nets modelling). ESA PetriNet implements the approach for critical scenarios deriving. The approach is based on a qualitative analysis of Petri net model. It consists in determining a sequence of events represented by transition firings in the Petri net model that leads the system from normal working to critical situation. ESA PetriNet allows deriving only pertinent scenarios. Minimality of these scenarios (composed by the necessary events) is introduced to facilite the analysis step

ESA PetriNet version Hybride : Outil d'Analyse de Fiabilité des Systèmes Hybrides

Ce papier pr'esente une nouvelle version d'ESA PetriNet (http ://www.laas.fr/ESA), un outil de g'en'eration de scénarii redout'es. L'outil permet toujours de dériver les scénarii qui conduisent le système dans un état redouté ou critique, en considérant, cette fois, directement le modèle hybride du système (Réseaux de Petri Prédicat-Transitions Différentiels (RdP PTD)). Ainsi, l'abstraction temporelle faite pour les versions précédentes d'ESA PetriNet n'est plus nécessaire, puisque l'algorithme implémenté traite directement le modèle hybride (association des réseaux de Petri avec des équations différentielles). De plus, l'outil délivre les scénarii minimaux, c'est-à-dire qu'il fournit l'information strictement nécessaire pour le concepteur.

ESA Petri net: Dynamic reliability analysis Tool

International audienceThis paper presents a new version of critical (feared) scenarios derivation tool ESA PetriNet (extraction scenarios algorithm from Petri net) available from: http://www.laas.fr/ESA. ESA PetriNet allows to derive scenarios leading to critical (feared) situation. In the past version of the tool hybrid aspect (both discrete and continuous dynamic) of system is tacked into account by temporal abstraction. In the version presented in this paper, the system model is given by a hybrid Petri net (differential predicate-transition Petri net) and the hybrid model is directly considered (without temporal abstraction). The algorithm implemented deals with both continuous and discrete dynamics. Furthermore, generated scenarios are minimal (only necessary events). Only necessary information is provided to designer