dsn 2006 workshop on architecting dependable systems wads
play

DSN 2006 Workshop on Architecting Dependable Systems (WADS) - PowerPoint PPT Presentation

Mar 13, 2023 •186 likes •410 views

EADS Corporate Research Centre Germany DSN 2006 Workshop on Architecting Dependable Systems (WADS) Fault-tolerant Smart Sensor Architecture for Integrated Modular Avionics Stefan Schneele, Klaus Echtle, Josef Schalk June 27th, 2006 Page 1

  1. EADS Corporate Research Centre Germany DSN 2006 Workshop on Architecting Dependable Systems (WADS) Fault-tolerant Smart Sensor Architecture for Integrated Modular Avionics Stefan Schneele, Klaus Echtle, Josef Schalk June 27th, 2006 Page 1 Stefan Schneele June 2006

  2. EADS Corporate Research Centre Germany DECOS – Application Aerospace SP6-Approach: Electronically Synchronized Flaps � A (time-triggered) bus system will be used between the flap panels instead of the mechanical shaft � A System Control Unit (SCU) has to control and monitor the time-triggered communication, instead of the Central Motor Unit � For redundancy reason each flap panel will be powered by 2 Motors � Cross Shaft Brake to hold system � Development and usage of new, smart sensors, interfaces and gateways supporting TTA Cross Shaft Brake Cross Shaft Rotary Actuator Load Zylinder Motor Page 2 Stefan Schneele June 2006

  3. EADS Corporate Research Centre Germany Application Aerospace - Work Share Page 3 Stefan Schneele June 2006

  4. EADS Corporate Research Centre Germany The Challenge • Build a smart sensor that meets: • Functional Requirements – Reliable – Higher Resolution (90° � ±0,1° ( 6 ‘) ) – New Single-Turn coverage – Built-In Test capability • Project Requirements – Use DECOS Tools & Methods – Integrate DECOS design approach – Use DECOS Hardware • Industrial Requirements – Efficient (costs, weight, size, Integration, complexity) – Airworthy Page 4 Stefan Schneele June 2006

  5. EADS Corporate Research Centre Germany Proof of Airworthiness I • Reliability Modeling and Analysis of fault tolerant Flap Control System based on the to be developed DECOS technology – HW, SW and communication components – Fault tolerant structures: redundancies for fault diagnosis and reconfiguration purposes – Signal diversity for highly fault tolerant flap control system – Reliability analysis and evaluation of flap control system models based on different top events – Probabilities: top events satisfied / not satisfied – Degraded system states: • ‘fail ^n -operational’ capabilities • probabilities of degraded system states Page 5 Stefan Schneele June 2006

  6. EADS Corporate Research Centre Germany Proof of Airworthiness II • Redundancy Management of fault tolerant Flap Control System based on the to-be- developed DECOS technology – Redundancy Management: Assessment of different reconfiguration processes based on a hybrid system model (reliability block diagram and finite state machine). Identify benefits & risks of system evolution by using DECOS technology Page 6 Stefan Schneele June 2006

  7. EADS Corporate Research Centre Germany Safety Requirements • The US Federal Aviation Regulations and the European Joint Aviation Requirements provide detailed system safety regulations: • degraded positioning rate of a specific control surface as consequence of one failed channel. • The second failure case of our interest is loss of operation of a specific control surface as consequence of failures in both channels. • fault regions SFRx: Page 7 Stefan Schneele June 2006

  8. EADS Corporate Research Centre Germany Evolution of System – Federated Architecture Page 8 Stefan Schneele June 2006

  9. EADS Corporate Research Centre Germany The Tool - Syrelan • Developed by Dominick Rehage, University Hamburg-Harbug • Supports: – Reliability Block Diagram (RBD) – Concurrent Finite State Machine (CFSM) Querruder • For: Spoiler Höhenruder THS Seitenruder – Reliability Analysis CPIOM 1 CPIOM 2 CPIOM 3 CPIOM 4 CPIOM 5 CPIOM 6 – Degradation Analysis CPIOM 1 P2 aktiv aktiv aktiv 1.00E-06 1.00E-06 1.00E-04 1.00E-04 h h a a a a h h h h h h aktiv aktiv isoliert isoliert isoliert aktiv isoliert aktiv aktiv aktiv 1.00E-04 1.00E-04 2.10E-05 aktiv- eiss h aktiv- eiss h 1.00E-05 1.00E-05 1.00E-04 1.00E-04 1.00E-04 2.10E-05 isoliert aktiv isoliert aktiv isoliert aktiv 1.00E-04 1.00E-04 1.00E-04 1.00E-06 1.00E-06 1.00E-04 i i i i i i i i i a a a a a a i i i i a a a a i a a a isoliert isoliert isoliert isoliert passiv-kalt isoliert aktiv aktiv isoliert isoliert aktiv 1.00E-05 1.00E-07 isoliert isoliert 1.00E-05 1.00E-05 1.00E-07 1.00E-07 1.00E-07 CPIOM 2 P1 CPIOM 3 P3 isoliert aktiv passiv- alt aktiv- eiss isoliert passiv- alt aktiv aktiv h k k isoliert aktiv 1.00E-06 1.00E-06 a a a i i i i a a a h a a i a i a a a h a k a h a 1.00E-04 1.00E-04 1.00E-04 a a k k k passiv-kalt isoliert aktiv isoliert isoliert aktiv aktiv aktiv aktiv 1.00E-04 1.00E-05 1.00E-05 1.00E-05 1.00E-04 1.00E-04 1.00E-04 2.10E-05 2.10E-05 aktiv- eiss h isoliert aktiv passiv-kalt isoliert aktiv aktiv-heiss isoliert aktiv aktiv isoliert aktiv aktiv 1.00E-06 1.00E-06 1.00E-04 1.00E-04 1.00E-04 isoliert isoliert isoliert isoliert aktiv-heiss isoliert aktiv isoliert CPIOM 4 P4 Page 9 Stefan Schneele June 2006

  10. EADS Corporate Research Centre Germany Failure Modes of Conventional Sensor • Failure Rates of components: Page 10 Stefan Schneele June 2006

  11. EADS Corporate Research Centre Germany Evolution of System – Integrated Architecture Page 11 Stefan Schneele June 2006

  12. EADS Corporate Research Centre Germany Design Rules for Smart Sensors – Common Cause Failures Although the structural reliability numbers of smart sensors can meet the ones conventional systems � additional failure modes are introduced to the system (COMPLEXITY). � Risk of common modes. � For worst-case consideration, the β -Factor - representing the chance of common cause failures in different channels – is set to 0.4. � Do not receive any data, � very few numbers of operational modes � suitable simple composition of components � Everything should be made as simple as possible, but not simpler. Page 12 Stefan Schneele June 2006

  13. EADS Corporate Research Centre Germany Smart Sensor - Components Page 13 Stefan Schneele June 2006

  14. EADS Corporate Research Centre Germany Position Pick-Off Unit – Software Design • To achieve fail-safe behavior, usually failure masking with n-out-of-m failure masking is used � efficiency constraints • The presented architecture can only provide two different values. Therefore an approach is selected, which is based on an online selftest for failure detection. Page 14 Stefan Schneele June 2006

  15. EADS Corporate Research Centre Germany DECOS - Integrated Distributed Execution Platform • Specification of Requirements and Design of: Application Code Job Job Job Job Job Job Job Job App. MW (e.g., CAN) � Encapsulated Execution Safety-Critical Subsystem Non Safety-Critical Subsys PI Environment High-Level Services (DAS-Specific) ... Virtual Network Service Gateway Service Communication Communication � Virtual Communication Links infrastructure infrastructure Core Services (DAS-Indep.) taylored to a DAS taylored to a DAS C1 Predictable Message (TT or ET) (TT or ET) and Gateways Transport C2 Fault-Tolerant Clock Synchronization C3 Strong Fault Isolation � Platform Interface Layer C4 Consistent Diagnosis of Failing Nodes Core Services for Interfacing the Time-Triggered (TT) Physical Netw ork Time-Triggered of the Base Architecture Base Architecture Hiding of implementation details from the application, thereby extending DECOS = Dependable Embedded � the range of implementation choices Systems and Components Page 15 Stefan Schneele June 2006

  16. EADS Corporate Research Centre Germany DECOS - Methods and Tools • Modeling Distributed Application Subsystems • Specification of the Platform Distributed Application Subsystem (DAS) Independent Model (PIM) Platform Independent Model (PIM) – PIM Metamodel, – Design methodology Integrated HW/SW System (PSM) SYS • Specification of the Platform Interface (PI) Resource Layer – Hardware specification model Platform • Software-Hardware DAS : D istributed A pplication S ubsystem Integration PIM : P latform I ndependent M odel PSM : P latform S pecific M odel PI(L) : P latform I nterface – Specification of PSM development tool Page 16 Stefan Schneele June 2006

  17. EADS Corporate Research Centre Germany µ-Controller – single point of failure • Modern µ-Controllers provide suitable operation life-time of up • to 20 years in controlled temperature racks. • Concerning the use in extremely harsh environment with high amplitude of temperature and pressure chances, we expect: • Self-checks on power-on can be interpreted as frequent maintenance intervals, making this failure rate plausible. • This maintenance interval should be equal to the mission time. • � Redundancy cause of efficiency constraints not a suitable approach for smart sensing devices Page 17 Stefan Schneele June 2006

  18. EADS Corporate Research Centre Germany Failure Modes of Smart Sensor - Hardware • Failure Rates of components: More states because of Initialization Page 18 Stefan Schneele June 2006

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

RAIC: Architecting Dependable Systems Through Redundancy and Just-In-Time Testing For The ICSE

RAIC: Architecting Dependable Systems Through Redundancy and Just-In-Time Testing For The ICSE

RAIC: Architecting Dependable Systems Through Redundancy and Just-In-Time Testing For The ICSE 2002 Workshop on Architecting Dependable Systems Orlando, Florida, USA Chang Liu, Debra J. Richardson Information And Computer Science University

840 views • 24 slides
The SAE Architecture Analysis and Description Language (AADL) Standard: A Basis for Architecture-

The SAE Architecture Analysis and Description Language (AADL) Standard: A Basis for Architecture-

Pyrrhus Software Enduring Solutions The SAE Architecture Analysis and Description Language (AADL) Standard: A Basis for Architecture- Driven Embedded Systems Engineering DSN 2006 Workshop on Architecting Dependable Systems (WADS) 27 June

561 views • 40 slides
The Role of Event Description in Architecting Dependable Systems Marcio S. Dias Debra J.

The Role of Event Description in Architecting Dependable Systems Marcio S. Dias Debra J.

The Role of Event Description in Architecting Dependable Systems Marcio S. Dias Debra J. Richardson djr@ics.uci.edu mdias@ics.uci.edu Information and Computer Science University of California, Irvine I CSE 2002 Workshop on Architecting

1.02k views • 25 slides
WADS 2009 On the Design of Adaptive-and-dependable Systems Lessons learned and experiences at

WADS 2009 On the Design of Adaptive-and-dependable Systems Lessons learned and experiences at

WADS 2009 On the Design of Adaptive-and-dependable Systems Lessons learned and experiences at the University of Antwerp Vincenzo De Florio http://www.pats.ua.ac.be/vincenzo.deflorio Agenda Adaptive-and-Dependable Software Systems

674 views • 51 slides
Architecting Self-Adaptive Critical System s: Contradiction or Panacea? Invited Talk at WADS

Architecting Self-Adaptive Critical System s: Contradiction or Panacea? Invited Talk at WADS

Architecting Self-Adaptive Critical System s: Contradiction or Panacea? Invited Talk at WADS 2009, 29.06.2009 Holger Giese System Analysis & Modeling Group, Hasso Plattner Institute for Software Systems Engineering at the University of

727 views • 15 slides
Evaluation of Dependable Layered Systems with a Fault Management Architecture Olivia Das, C.

Evaluation of Dependable Layered Systems with a Fault Management Architecture Olivia Das, C.

WADS Workshop at ICSE 2002 Woodside 1 Evaluation of Dependable Layered Systems with a Fault Management Architecture Olivia Das, C. Murray Woodside Dept. of Systems and Computer Engineering, Carleton University, Ottawa, Canada email:

444 views • 10 slides
ARCHI TECTURAL CHOI CES FOR DEPENDABLE SYSTEMS Nicole Levy Laboratoire PRISM Universit de

ARCHI TECTURAL CHOI CES FOR DEPENDABLE SYSTEMS Nicole Levy Laboratoire PRISM Universit de

3 rd Workshop on Architectures for Dependable Systems (WADS) 26 th ICSE May 2004 - Edinburgh ARCHI TECTURAL CHOI CES FOR DEPENDABLE SYSTEMS Nicole Levy Laboratoire PRISM Universit de Versailles St.-Quentin Nicole.Levy@prism.uvsq.fr

448 views • 28 slides
Toward Architecture-based Reliability Estimation Roshanak Roshandel, Nenad Medvidovic Computer

Toward Architecture-based Reliability Estimation Roshanak Roshandel, Nenad Medvidovic Computer

Toward Architecture-based Reliability Estimation Roshanak Roshandel, Nenad Medvidovic Computer Science Department University of Southern California roshande@usc.edu ICSE Workshop on Architecting Dependable System (WADS'04), May 25, 2004

408 views • 19 slides
Assured Reconfiguration: An Architectural Core For System Dependability ICSE 2005 Workshop on

Assured Reconfiguration: An Architectural Core For System Dependability ICSE 2005 Workshop on

UVA Dependability Research Group Assured Reconfiguration: An Architectural Core For System Dependability ICSE 2005 Workshop on Architecting Dependable Systems John Knight University of Virginia Joint work with Elisabeth Strunk UVA

566 views • 40 slides
Fourth Workshop on Dependable and Secure Nanocomputing Organizers: Jean Arlat, LAAS- CNRS

Fourth Workshop on Dependable and Secure Nanocomputing Organizers: Jean Arlat, LAAS- CNRS

The 40th Annual IEEE/IFIP International Conference on Dependable Systems and Networks June 28-July 1, 2010 Chicago, IL, USA Fourth Workshop on Dependable and Secure Nanocomputing Organizers: Jean Arlat, LAAS- CNRS Cristian

198 views • 9 slides
Using Architectural Properties to Model System-Wide Graceful Degradation Charles Shelton Philip

Using Architectural Properties to Model System-Wide Graceful Degradation Charles Shelton Philip

Robust Self-Configuring Embedded Systems http://www.ece.cmu.edu/roses Using Architectural Properties to Model System-Wide Graceful Degradation Charles Shelton Philip Koopman Workshop on Architecting Dependable Systems International

206 views • 10 slides
An I dealized Fault-Tolerant Architectural Component Paulo Asterio de C. Guerra Ceclia Mary F.

An I dealized Fault-Tolerant Architectural Component Paulo Asterio de C. Guerra Ceclia Mary F.

Workshop on Architecting Dependable Systems Orlando, FL May, 25th 2002 An I dealized Fault-Tolerant Architectural Component Paulo Asterio de C. Guerra Ceclia Mary F. Rubira Insituto de Computao Universidade Estadual de Campinas,

357 views • 32 slides
Towards a high performance parallel platform for dependable embedded systems Mitsuhisa Sato

Towards a high performance parallel platform for dependable embedded systems Mitsuhisa Sato

Towards a high performance parallel platform for dependable embedded systems Mitsuhisa Sato University of Tsukuba JST-CREST Dependable Operating Systems for Embedded Systems Project Outline Background

482 views • 8 slides
Anti-Honeypot Technology Thorsten Holz Laboratory for Dependable Distributed Systems

Anti-Honeypot Technology Thorsten Holz Laboratory for Dependable Distributed Systems

Dependable Distributed Systems Anti-Honeypot Technology Thorsten Holz Laboratory for Dependable Distributed Systems holz@i4.informatik.rwth-aachen.de Thorsten Holz Laboratory for Dependable Distributed Systems 21st Chaos Communication

576 views • 57 slides
Software Architectures of Dependable Systems: From Closed to Open Systems V. Issarny et al.

Software Architectures of Dependable Systems: From Closed to Open Systems V. Issarny et al.

Software Architectures of Dependable Systems: From Closed to Open Systems V. Issarny et al. INRIA Rocquencourt, France Architecture-based Development of Complex Software Systems Benefits wrt systems robustness Methods and tools

562 views • 27 slides
Extracting Functional and Nonfunctional Contracts from Java Classes and Enterprise Java Beans

Extracting Functional and Nonfunctional Contracts from Java Classes and Enterprise Java Beans

Extracting Functional and Nonfunctional Contracts from Java Classes and Enterprise Java Beans Nikola Milanovic and Miroslaw Malek {milanovi,malek}@informatik.hu-berlin.de Humboldt University Berlin Workshop on Architecting Dependable Systems

389 views • 28 slides
Electric Linear Slides Electric Cylinders AZ EAC AZ DRS2 Hollow Rotary Actuators AZ DG

Electric Linear Slides Electric Cylinders AZ EAC AZ DRS2 Hollow Rotary Actuators AZ DG

Linear & Rotary Actuators F-11 Overview Electric Linear Slides Linear & Rotary Actuators EZS Series AZ EZS AZ Equipped Electric Linear Slides Electric Cylinders AZ EAC AZ DRS2 Hollow Rotary Actuators AZ DG Page AZ

382 views • 10 slides
Fields, Units, Magnetostatics European School on Magnetism Laurent Ranno

Fields, Units, Magnetostatics European School on Magnetism Laurent Ranno

Fields, Units, Magnetostatics European School on Magnetism Laurent Ranno (laurent.ranno@neel.cnrs.fr) Institut N eel CNRS-Universit e Grenoble Alpes 10 octobre 2017 European School on Magnetism Laurent Ranno (laurent.ranno@neel.cnrs.fr)

1.03k views • 76 slides
Electric Linear Slides EAS AR Equipped Electric Cylinders AR EAC DRL Hollow Rotary

Electric Linear Slides EAS AR Equipped Electric Cylinders AR EAC DRL Hollow Rotary

Linear & Rotary Actuators E-15 Overview, Product Series Electric Linear Slides Linear & Rotary Actuators EAS Series AR Electric Linear Slides EAS AR Equipped Electric Cylinders AR EAC DRL Hollow Rotary Actuators AR DG

533 views • 38 slides
The Muscular System II PSK 4U NGDHS S. Kelly The Neuromuscular System Simply put: the

The Muscular System II PSK 4U NGDHS S. Kelly The Neuromuscular System Simply put: the

The Muscular System II PSK 4U NGDHS S. Kelly The Neuromuscular System Simply put: the system in which our brain tells our muscles what to do Incorporates brain, spinal cord, nerves, muscles Both the nervous system and the

426 views • 13 slides
What is state? You see a DPS officer approaching you. Are you happy? It's late at night and

What is state? You see a DPS officer approaching you. Are you happy? It's late at night and

5.1 5.2 What is state? You see a DPS officer approaching you. Are you happy? It's late at night and ______________________. It's late at night and you've been ___________________________. Unit 5 Your interpretation is based on

239 views • 8 slides
Supply NCO (Unit Environmental Compliance Officer [UECO] Oversight) Training JAN 2016

Supply NCO (Unit Environmental Compliance Officer [UECO] Oversight) Training JAN 2016

New Jersey Army National Guard Supply NCO (Unit Environmental Compliance Officer [UECO] Oversight) Training JAN 2016 Learning Objectives Understand UECO Duties Review Environmental Compliance Desktop Guide Review EMS Goals

996 views • 99 slides
1 2 The Mobility Program is part of the Motor Carrier Transportation Division, and our unit

1 2 The Mobility Program is part of the Motor Carrier Transportation Division, and our unit

1 2 The Mobility Program is part of the Motor Carrier Transportation Division, and our unit consists of 7 full-time staff: Christy Jordan is our program manager. Our operations coordinator is Katie Scott, who oversees our day-to-day

436 views • 25 slides
Competitive Learning Neural Networks Neural Networks - Competitive 1 Bibliography Rumelhart, D.

Competitive Learning Neural Networks Neural Networks - Competitive 1 Bibliography Rumelhart, D.

Competitive Learning Neural Networks Neural Networks - Competitive 1 Bibliography Rumelhart, D. E. and McClelland, J. L., Parallel Distributed Processing , MIT Press, 1986. - Chapter 5, pp. 151-193. Kohonen, T., Self-Organization and

436 views • 18 slides

More recommend