Critical Systems using Parametric Expressions Mira Supal 1 , Arthur - - PowerPoint PPT Presentation

critical systems using
SMART_READER_LITE
LIVE PREVIEW

Critical Systems using Parametric Expressions Mira Supal 1 , Arthur - - PowerPoint PPT Presentation

Jun 04, 2023 310 likes •575 views

Architecture Analysis of Safety Critical Systems using Parametric Expressions Mira Supal 1 , Arthur Bekaryan 2 , Joseph Wysocki 2 , and Rami Debouk 1 1 General Motors Corporation 2 HRL Laboratories, LLC April 4 th , 2006 Outline Motivation

slide-1
SLIDE 1

Architecture Analysis of Safety Critical Systems using Parametric Expressions

Mira Supal1, Arthur Bekaryan2, Joseph Wysocki2, and Rami Debouk1

1 General Motors Corporation 2 HRL Laboratories, LLC

April 4th, 2006

slide-2
SLIDE 2

2

2006-01-1057

Outline

 Motivation  Objective  Modeling and Analysis ▪ Classical RAMS Modeling ▪ Analysis Approach ▪ Assumptions ▪ Parametric Expression  Results  Discussion  Summary

slide-3
SLIDE 3

3

2006-01-1057

X-By-Wire Systems

 Systems where driver-operated controls are electronically linked to

the objects being controlled

 X-by-wire systems have advantages over the mechanical systems

they replace

▪ Augment normal capabilities of human drivers by incorporating

additional intelligence in the control algorithms

▪ Serve as enablers for emerging safety technologies such as

collision warning and lane keeping

▪ Packaging, improved reliability, reduction in the use of

hydraulic fluids, and manufacturing and test cost savings

slide-4
SLIDE 4

4

2006-01-1057

Fault Tolerant Architectures and Safety Critical Systems

By-wire systems must be tolerant to faults with safety critical impacts

 Fail Silent: may use redundancy or some other control technique  Fail Operational: requires redundancy 

Redundancy is necessary to ensure that these faults do not cause subsystems to fail in a catastrophic manner

Economical implementation of redundancy is required where one by-wire feature may provide backup capabilities to another by-wire feature

 The integration of by-wire systems requires an upfront “systems”

design related to the fault tolerant architecture

slide-5
SLIDE 5

5

2006-01-1057

Shared Redundancy Concept

(Wysocki, Debouk, and Nouri, Proceedings of 2004 RAMS)

 Sharing HW and distributing SW over shared HW  Main and backup processes for a given task run on different

processors

 A backup process may be a duplication of the primary process, or

may provide reduced functionality (compared to the main process)

 One subsystem may compensate for the failure of another

subsystem

slide-6
SLIDE 6

6

2006-01-1057

Objective

 Architecture design could benefit from an early system

safety assessment

 Improve design  Shorten design cycle  Investigate and analyze the concept of a parametric

expression for the design of architectures supporting safety/mission critical functions or subsystems

 Can be used to determine the acceptability of the

design and understand system tradeoffs (reliability vs. redundancy) at the highest design levels

slide-7
SLIDE 7

7

2006-01-1057

Modeling and Analysis

 Classical RAMS Modeling

 Reliability Block Diagrams for an I/O relationship  Network connectivity  Components that fail independently  Failure and repair characteristics of each component

 Fault tree analysis and simulations to account for dynamical behavior over

system lifetime

slide-8
SLIDE 8

8

2006-01-1057

X 11 X 12 X 11 X 11 X 1N X 22 X 21 X 2N X M -1,2 X M -1 ,1 X M -1,N

Level of Redundancy = M

N um ber of C om ponents = N

X M 2 X M 1 X M N

Reliability Block Diagram (RBD)

slide-9
SLIDE 9

9

2006-01-1057

Analysis Approach

ij ij ij ij

X X X X ij

Q X       Pr

ij ij

X X

MTTF 1  

ij ij

X X

MTTR 1  

Component Xij unavailability MTTF: Mean Time To Failure MTTR: Mean Time To Repair

slide-10
SLIDE 10

10

2006-01-1057

System Unavailability

 Reduce the MxN RBD into a series of N aggregated components  Compute the unavailability of the aggregated components  Compute the unavailability of the system

Parallel Network 1 Parallel Network 2 Parallel Network N

 

 

 

M i ij

X j Network

1

Pr Pr

 

 

 

                     

N j M i ij ij ij

System

1 1

1 1 Pr   

slide-11
SLIDE 11

11

2006-01-1057

Assumptions

 Components have independent failures  Equal failure rates of component  Equal repair rates of components 

t = system lifetime

 

2   t  

slide-12
SLIDE 12

12

2006-01-1057

Parametric Expression

Figure of Merit (FOM) = w1 * D + w2 * F F = expected number of system failures D = total system downtime w1 and w2 are weighting factors

slide-13
SLIDE 13

13

2006-01-1057

Total System Downtime

Total System Downtime = QSystem * t QSystem = system unavailability t = system lifetime

slide-14
SLIDE 14

14

2006-01-1057

Expected Number of System Failures

 Component Unavailability  Failure Frequency

(Reference 3 in paper)

 The component unavailability and failure frequency need to be

evaluated for all the cutsets within the system

 Mathematically we have the n-component cutset unavailability as

     Q      

n i i cutset

Q Q

1

slide-15
SLIDE 15

15

2006-01-1057

Expected Number of System Failures

 Mathematically we have the n-component cutset frequency as  With all the assumptions we have

and

 

  

n j n j i i i j cutset

Q

1 1

 

n cutset

Q             

1 

                  

n cutset

n       

slide-16
SLIDE 16

16

2006-01-1057

Expected Number of System Failures

In order then to calculate the number of expected failures for the

  • verall system, it is necessary to first determine the failure frequency
  • f the system

From Reference 3 in paper, the expected number of failures is

  • r

                                                 1 1 1 m n n n m system          

  

2 1

) ( , 2

1 t t

dt t t t W 

t n m t W

m n n

                                              

  1 1

1 ) , (         

slide-17
SLIDE 17

17

2006-01-1057

Results

Parametric expression approach applied to the following 3 component architectures

 Dual parallel  Dual networked  Triple parallel  Triple networked

Results compared to classical Monte Carlo simulations of fault tree analysis techniques of the same architectures

Results compared to the output generated by the ITEM Toolkit (a RAMS software tool) with the above architectures as RBD input

slide-18
SLIDE 18

18

2006-01-1057

Results

System Downtime Comparison

0.000 20.000 40.000 60.000 80.000 100.000 2 . 8 3 3 1 . 2 5 5 2 . 8 6 2 . 5 7 8 . 1 3 8 3 . 3 3 1 2 5 . 1 5 6 . 2 5 2 5 . MTTF/MTTR Downtime (Hrs) DP Item DP Expression DP Simulation TP Item TP Expression TP Simulation DN Item DN Expression DN Simulation TN Item TN Expression TN Simulation

slide-19
SLIDE 19

19

2006-01-1057

Results

System Expected Failures Comparison

0.000 2.000 4.000 6.000 8.000 10.000 20.83 31.25 52.08 62.50 78.13 83.33 125.00 156.25 250.00 MTTF/MTTR Number of Failures DP Item DP Expression DP Simulation TP Item TP Expression TP Simulation DN Item DN Expression DN Simulation TN Item TN Expression TN Simulation

slide-20
SLIDE 20

20

2006-01-1057

Results

Figure of Merit Comparison

0.000 0.500 1.000 1.500 2.000 2.500 20.83 31.25 52.08 62.50 78.13 83.33 125.00 156.25 250.00 Normalized Availability Normalized Downtime + Normalized # of Failures DP Item DP Expression DP Simulation TP Item TP Expression TP Simulation DN Item DN Expression DN Simulation TN Item TN Expression TN Simulation

slide-21
SLIDE 21

21

2006-01-1057

Discussion

The experiments conducted suggest that the parametric expression method provides results that approximate closely the results from the classical techniques.

Furthermore, the results match for most of the architecture representations that are of interest for safety critical systems

Therefore, it follows that since the parametric expression method is an efficient assessment it can effectively be used at the early stages

  • f design for architecture exploration without compromising

accuracy.

slide-22
SLIDE 22

22

2006-01-1057

Discussion

 To enable the parametric expression method concept for

architecture exploration, we developed an interactive engineering tool.

 The objective of the tool is to involve the designer in the

exploration of design tradeoffs in reliability and redundancy.

slide-23
SLIDE 23

23

2006-01-1057

Discussion

 Through a graphical user interface, the designer selects a

number of architecture structures and defines the reliability metrics of the system components.

 All the equations are automatically evaluated within the tool.  Finally, results are automatically presented for viewing and

evaluation.

 Since the analysis is very simple and quick, it can

accommodate an iterative process of exploration in which the designer can easily modify the architecture or even the component metrics to direct the exploration to design requirements.

slide-24
SLIDE 24

24

2006-01-1057

Summary

A parametric approach for safety evaluation of architecture for safety critical systems has been developed.

The approach has been implemented in an engineering tool

The approach is easy to use and can be repeated during the design cycle time to evaluate and improve the architecture design and make sure it meets the safety requirements

The parametric expression approach results are inline with those of the detailed and quite complex simulation based techniques (Monte Carlo simulations of Fault Tree Analyses)

The parametric expression approach does not account for detectability

  • f failures