The qSafe Project – Developing a Tool for Current Practice in Functional Safety Analysis

Functional safety analysis (FSA), that is checking whether a designed artifact will perform safely even under the presence of failing components, has gained significant importance in different areas, including aeronautic and automotive systems. The same applies to failure-modes-and-effects analysis (FMEA) and fault-tree analysis (FTA) as the major contributing processes. FSA is labor- and time-consuming as well as error- prone, and would benefit from computer-based tool-support. Work on qualitative model-based systems has developed principled solutions, particularly to FMEA, but did not achieve the step to industrial practice. Rather than novel technical contributions, this paper discusses reasons for this fact and describes the qSafe* project, which aims at overcoming the obstacles and at making a major step towards producing tools that can support current practice.

Download Full-text

Safety Analysis Model of DUCG Based on FMEA/FTA

Volume 4: Nuclear Safety, Security, and Cyber Security; Computer Code Verification and Validation ◽

10.1115/icone26-81484 ◽

2018 ◽

Author(s):

Zhenxu Zhou ◽

Hao Nie ◽

Chunling Dong ◽

Qin Zhang

Keyword(s):

Failure Modes ◽

Fault Tree Analysis ◽

Safety Analysis ◽

Nuclear Industry ◽

Analysis Model ◽

Industrial Systems ◽

The Past ◽

Research Cycle ◽

Dynamic Uncertain Causality Graph ◽

Analytical Power

Failure Modes and Effects Analysis (FMEA) is a useful tool to find possible flaws, to reduce cost and to shorten research cycle in complex industrial systems. Fault Tree Analysis (FTA) has gained credibility over the past years, not only in nuclear industry, but also in other industries like aerospace, petrochemical, and weapon. Both FMEA and FTA are effective techniques in safety analysis, but there are still many uncertain factors in them that are not well addressed until now. This paper combines FMEA and FTA based on Dynamic Uncertain Causality Graph (DUCG) to solve this issue. Firstly, the FMEA model is mapped into a corresponding DUCG graph. Secondly, FTA model is mapped into a corresponding DUCG graph. Thirdly, combine the above DUCG graphs. Finally, users can modify the combined DUCG graph and calculations are made. This paper bridges the gap between FMEA and FTA by combining the two methods using DUCG. And additional modeling power and analytical power can be achieved with the advantages of the combined DUCG safety analysis model and its inference algorithm. This method can also promote the application of DUCG in the system reliability and safety analysis. An example is used to illustrate this method.

Download Full-text

Synthetic Safety Analysis: A Systematic Approach in Combination of Fault Tree Analysis and Fuzzy Failure Modes and Effect Analysis

Proceedings of the 4th International Conference on Computer Engineering and Networks - Lecture Notes in Electrical Engineering ◽

10.1007/978-3-319-11104-9_46 ◽

2015 ◽

pp. 389-398

Author(s):

Guannan Su ◽

Linpeng Huang ◽

Xiaoyu Fu

Keyword(s):

Systematic Approach ◽

Failure Modes ◽

Fault Tree ◽

Fault Tree Analysis ◽

Safety Analysis ◽

Effect Analysis ◽

Tree Analysis

Download Full-text

A zonal safety analysis methodology for preliminary aircraft systems and structural design

The Aeronautical Journal ◽

10.1017/aer.2018.58 ◽

2018 ◽

Vol 122 (1255) ◽

pp. 1330-1351 ◽

Cited By ~ 1

Author(s):

Z. Chen ◽

J. P. Fielding

Keyword(s):

Failure Modes ◽

Hazard Analysis ◽

Fault Tree Analysis ◽

Cost Effective ◽

Safety Analysis ◽

Design Tool ◽

Assessment Process ◽

Design Stage ◽

Preliminary Design

ABSTRACTZonal Safety Analysis (ZSA) is a major part of the civil aircraft safety assessment process described in Aerospace Recommended Practice 4761 (ARP4761). It considers safety effects that systems/items installed in the same zone (i.e. a defined area within the aircraft body) may have on each other. Although the ZSA may be conducted at any design stage, it would be most cost-effective to do it during preliminary design, due to the greater opportunity for influence on system and structural designs and architecture. The existing ZSA methodology of ARP4761 was analysed, but it was found to be more suitable for detail design rather than preliminary design. The authors therefore developed a methodology that would be more suitable for preliminary design and named it the Preliminary Zonal Safety Analysis (PZSA). This new methodology was verified by means of the use of a case study, based on the NASA N3-X project. Several lessons were learnt from the case study, leading to refinement of the proposed method. These lessons included focusing on the positional layout of major components for the zonal safety inspection, and using the Functional Hazard Analysis (FHA)/Fault Tree Analysis (FTA) to identify system external failure modes. The resulting PZSA needs further refinement, but should prove to be a useful design tool for the preliminary design process.

Download Full-text

Model-Based Functional Safety Analysis and Architecture Optimisation

Embedded Computing Systems ◽

10.4018/978-1-4666-3922-5.ch004 ◽

2013 ◽

pp. 79-92 ◽

Cited By ~ 2

Author(s):

David Parker ◽

Martin Walker ◽

Yiannis Papadopoulos

Keyword(s):

Failure Modes ◽

State Of The Art ◽

Safety Analysis ◽

The State ◽

Model Transformations ◽

Critical Systems ◽

Safety Requirements ◽

Failure Patterns ◽

Reusable Component ◽

Computer Based

The scale and complexity of computer-based safety critical systems pose significant challenges in the safety analysis of such systems. In this chapter, the authors discuss two approaches that define the state of the art in this area: failure logic modelling and behavioural modelling safety analyses. They also focus on Hierarchically Performed Hazard Origin and Propagation Studies (HiP-HOPS)—one of the advanced failure logic modelling approaches—and discuss its scientific and practical contributions. These include a language for specification of inheritable and reusable component failure patterns, a temporal logic that enables assessment of sequences of faults in safety analysis as well as algorithms for top-down allocation of safety requirements to components during design, bottom-up verification via automatic synthesis of Fault Trees and Failure Modes and Effects Analyses, and dependability versus cost optimisation of systems via automatic model transformations. The authors summarise these contributions and discuss strengths and limitations in relation to the state of the art.

Download Full-text

Application of Fault Tree Analysis for Signaling Systems

2015 Joint Rail Conference ◽

10.1115/jrc2015-5708 ◽

2015 ◽

Cited By ~ 1

Author(s):

Sofia K. Georgiadis

Keyword(s):

Failure Analysis ◽

Failure Modes ◽

Fault Tree ◽

Fault Tree Analysis ◽

Safety Analysis ◽

Valuable Insight ◽

Analysis Tool ◽

Tree Analysis ◽

Signaling Systems ◽

Analysis Techniques

Fault Tree Analysis (FTA) is one of the key safety evaluation techniques used by New York City Transit (NYCT). First developed over 50 years ago, this technique continues to provide valuable insight for failure analysis of systems. Its use is widespread in safety-critical systems analysis across industry boundaries, including defense, nuclear, aerospace, chemical [1], and transportation industries. FTAs provide a systematic, top-down methodology to safety analysis. As such, it complements other safety analysis techniques, such as Failure Modes Effect Analysis (FMEA), which is a bottom-up failure analysis [2]. Formal Methods analyses, including Theorem Proving and Model Checking, are powerful development and analysis methodologies, both used by NYCT, that provide assurance of product’s correctness and safety. With these other safety analysis techniques, the FTA continues to play a key role in the NYCT Safety Program. This paper will examine how NYCT uses FTAs for the safety analysis of microprocessor-based signaling systems. FTAs are used by NYCT throughout the system lifecycle. Initially, during the system development phase, NYCT requires system suppliers to develop Fault Tree Analyses of their systems, as a requirement for NYCT safety certification and deployment. For the system maintenance phase, NYCT uses the outputs of suppliers’ analyses to develop and enforce maintenance and operational procedures. In this manner, NYCT’s use of FTA provides full lifecycle value by providing design, maintenance, and operational insight into the causes of hazardous events. Through the examination of example fault trees and an overview of the FTA process, this paper will present the NYCT’s implementation of this powerful analysis tool, and will describe the benefits gained from using this methodology.

Download Full-text

Safety analysis of programmable automotive systems

1st IET International Conference on System Safety ◽

10.1049/cp:20060211 ◽

2006 ◽

Cited By ~ 1

Author(s):

P.H. Jesty ◽

D.D. Ward ◽

R.S. Rivett ◽

R.J. Evan

Keyword(s):

Safety Analysis ◽

Automotive Systems

Download Full-text

Reliability Analysis of Great Lakes Marine Diesels: State of the Art and Current Modeling

Marine Technology and SNAME News ◽

10.5957/mt1.1990.27.4.237 ◽

1990 ◽

Vol 27 (04) ◽

pp. 237-249

Author(s):

Anastassios N. Perakis ◽

Bahadir Inozu

Keyword(s):

Great Lakes ◽

Diesel Engines ◽

Failure Modes ◽

State Of The Art ◽

Relevant Literature ◽

Fault Tree Analysis ◽

Reliability Engineering ◽

Marine Industry ◽

Marine Diesel ◽

Basic Concepts

Some essential steps for the application of reliability, availability, and maintainability (RAM) techniques to marine diesel engines are presented. The paper begins with a summary of the basic concepts of reliability engineering, followed by a survey of the relevant literature on RAM applications to the marine industry and to marine diesel engines in particular. Next, the results of an informal survey of the reliability, maintenance, and replacement practices of Great Lakes operators are presented. Finally, the first two steps for a RAM application, failure modes and effects analysis and fault tree analysis, are introduced and applied for a prototype Colt-Pielstick marine diesel engine.

Download Full-text

ADS-B: Probabilistic Safety Assessment

Journal of Navigation ◽

10.1017/s0373463317000054 ◽

2017 ◽

Vol 70 (4) ◽

pp. 887-906 ◽

Cited By ~ 3

Author(s):

Busyairah Syd Ali ◽

Washington Yotto Ochieng ◽

Arnab Majumdar

Keyword(s):

Safety Assessment ◽

Failure Modes ◽

Fault Tree Analysis ◽

Performance Standards ◽

System Safety ◽

Probabilistic Safety Assessment ◽

Assessment Approach ◽

Primary Means ◽

Importance Analysis ◽

Probabilistic Safety

In the effort to quantify Automatic Dependent Surveillance Broadcast (ADS-B) system safety, the authors have identified potential ADS-B failure modes in Syd Ali et al. (2014). Based on the findings, six potential hazards of ADS-B are identified in this paper. The authors then applied the Probabilistic Safety Assessment approach which includes Fault Tree Analysis (FTA) and Importance Analysis methods to quantify the system safety. FTA is applied to measure ADS-B system availability for each identified hazard while Importance Analysis is conducted to identify the most significant failure modes that may lead to the occurrence of the hazards. In addition, risk significance and safety significance of each failure mode are also identified. The result shows that the availability for the ADS-B system as a sole surveillance means is low at 0·898 in comparison to the availability of ADS-B system as supplemental or as primary means of surveillance at 0·95 and 0·999 respectively. The latter availability values are obtained from Minimum Aviation System Performance Standards (MASPS) for Automatic Dependent Surveillance-Broadcast (DO-242A).

Download Full-text

Incorporating Uncertainty in Diagnostic Analysis of Mechanical Systems

Volume 4: 14th International Conference on Design Theory and Methodology, Integrated Systems Design, and Engineering Design and Culture ◽

10.1115/detc2002/dtm-34017 ◽

2002 ◽

Cited By ~ 1

Author(s):

Gregory Mocko ◽

Robert Paasch

Keyword(s):

Life Cycle ◽

Failure Modes ◽

Mechanical Systems ◽

Fault Tree Analysis ◽

Joint Probability ◽

Fault Isolation ◽

Diagnostic Model ◽

Component Reliability ◽

Bayes Formula ◽

Alternative Designs

The increase in complexity of modern mechanical systems can often lead to systems that are difficult to diagnose, and therefore require a great deal of time and money to return to a normal operating condition. Analyzing mechanical systems during the product development stages can lead to systems optimized in the area of diagnosability, and therefore to a reduction of life cycle costs for both consumers and manufacturers and an increase in the useable life of the system. A methodology for diagnostic evaluation of mechanical systems incorporating indication uncertainty is presented. First, Bayes formula is used in conjunction with information extracted from the Failure Modes and Effects Analysis (FMEA), Fault Tree Analysis (FTA), component reliability, and prior system knowledge to construct the Component-Indication Joint Probability Matrix (CIJPM). The CIJPM, which consists of joint probabilities of all mutually exclusive diagnostic events, provides a diagnostic model of the system. The Replacement Matrix is constructed by applying a predetermined replacement criterion to the CIJPM. Diagnosability metrics are extracted from a Replacement Probability Matrix, computed by multiplying the transpose of the Replacement Matrix by the CIJPM. These metrics are useful for comparing alternative designs and addressing diagnostic problems of the system, to the component and indication level. Additionally, the metrics can be used to predict cost associated with fault isolation over the life cycle of the system.

Download Full-text