Abstract. Component fault trees that contain safety basic events as well as security basic events cannot be analyzed like normal CFTs. Safety basic events are rated with probabilities in an interval [0,1], for security basic events simpler scales such as {low, medium, high} make more sense. In this paper an approach is described how to handle a quantitative safety analysis with different rating schemes for safety and security basic events. By doing so, it is possible to take security causes for safety failures into account and to rate their effect on system safety.
Highly automated driving (HAD) vehicles are complex systems operating in an open context. Complexity of these systems as well as limitations and insufficiencies in sensing and understanding the open context may result in unsafe and uncertain behavior. The safety critical nature of the HAD vehicles demands to model limitations, insufficiencies and triggering conditions to argue safe behavior.Standardization activities such as ISO/PAS 21448 provide guidelines on the safety of the intended functionality (SOTIF) and focus on the performance limitations and triggering conditions. Although, SOTIF provides a non-exhaustive list of scenario factors that may serve as a starting point to identify and analyze performance limitations and triggering conditions, yet no concrete methodology is provided to model these factors.We propose a novel methodology to model triggering conditions and performance limitations in a scene to assess SOTIF. We utilize Bayesian network (BN) in this regard. The experts provide the BN structure and conditional belief tables are learned using the maximum likelihood estimator. We provide performance limitation maps (PLMs) and conditional performance limitation maps (CPLMs), given a scene. As a case study, we provide PLMs and CPLMs of LIDAR in a defined scene using real world data.
This paper presents an approach for the automatic generation of shortest Distinguishing Sequences (DS) with the Uppaal model checker. The presented method is applicable to a large number of extended finite state machines and it will find an optimal result, if a DS sequence exists for the considered automaton. Our approach is situated in an integrated testing environment that is used to generate checking sequences. The generation method is based on a DS model, which is derived from the same test model that is used for generating test cover sets. The problem of generating DS is reduced to the definition of a DS model and for this reason the complexity of our approach depends mainly on the used model checking algorithm. This means, that the presented method is automatically improved, when the model checking algorithm is improved. This includes the generation of optimal DS depending on the ability of the model checker to produce optimal results
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.