Integrating Safety into MBSE Processes with Formal Methods

Ahlbrecht, Alexander; Durak, Umut

doi:10.1109/dasc52595.2021.9594315

Cited by 8 publications

(8 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To create a FG automatically, every analysis step has to be linked and the results formalized. This was not the case for the LS description in the previous analysis implementation [11], [12], where only textual rationals were used to document the LSs in the UCA elements. To formalize the LSs, the textual rationals were extracted from the UCA elements and a separate LS element type was created.…”

Section: Foundation and Creation Of Failure Graphsmentioning

confidence: 98%

“…This analysis focus is particular interesting for complex, software-intensive systems [7]. During previous work, a formalized STPA version, first introduced in [21], was integrated in a MBSE environment [11]. Formalization is achieved by using SysML stereotypes with precisely defined relationships that can be mapped to every part of the STPA.…”

Section: B Formalized Model-based Stpamentioning

confidence: 99%

“…Safety analysis formalization not only allows SACA support as presented in this paper, but enables a lot of helpful features. Other automatable examples include the creation of safety artifacts, the execution of verification activities [11] and the tracing of design changes towards safety artifacts [23]. It is therefore possible that the FG analysis summaries can enable a lot of functionality additional to the SACA-related support that was presented in this paper.…”

Section: B Failure Graph Interpretationmentioning

confidence: 99%

“…This is achieved by applying a formalized and model-based STPA version on a system architecture modeled with the Systems Modeling Language (SysML) [10]. Previous work already demonstrated how a formalized STPA can be integrated into SysML [11], [12]. By slightly extending this approach, we demonstrate automated extraction of Failure Graphs (FG), i.e., formalized analysis summaries, from the model-based safety analysis.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Model-Based STPA: Enabling Safety Analysis Coverage Assessment with Formalization

Ahlbrecht

Durak

2022

2022 IEEE/AIAA 41st Digital Avionics Systems Conference (DASC)

View full text Add to dashboard Cite

Urban Air Mobility introduces safety-related challenges for future avionics systems. The associated need for increased autonomy demands novel functions based on highperformance algorithms. To provide such functionality in future air vehicles of all sizes, the trend is towards centralized and powerful computing platforms. That turns avionics into a complex, integrated, and software-intensive aircraft system. Simultaneously, this increases the need for adapted safety analyses. The System-Theoretic Process Analysis is a promising approach to analyze the safety of software-intensive systems. It enables consideration of interaction and specification issues additional to component failures. However, even when using state-of-the-art analyses such as STPA, claiming the sufficiency of the safety analysis efforts is a challenging tasks for systems with everincreasing complexity. To address this issue, this paper extends the coverage analysis concepts known from the software development to safety analyses. This is achieved with the utilization of failure graphs, i.e., formalized analysis summaries that can be automatically created during the safety analysis. Failure graphs have two advantages: they provide the possibility for visual analysis state indication and can be used to calculate various statistical metrics. Thereby, they allow to improve the knowledge about the depth, breadth, and state of the safety analysis. Both visual and statistical consideration complement each other to enhance the safety analysis coverage assessment for future avionic systems. To show all capabilities, the analysis of a flight assistance system serves as demonstrator.

show abstract

Section: Foundation and Creation Of Failure Graphsmentioning

confidence: 98%

Section: B Formalized Model-based Stpamentioning

confidence: 99%

Section: B Failure Graph Interpretationmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Model-Based STPA: Enabling Safety Analysis Coverage Assessment with Formalization

Ahlbrecht

Durak

2022

2022 IEEE/AIAA 41st Digital Avionics Systems Conference (DASC)

View full text Add to dashboard Cite

show abstract

“…Pétin et al [3] present a methodology how to use formal methods on top of SysML models to formally prove safety properties of heterogeneous safety-critical systems involving software, mechanical, electrical, and pneumatic components. Ahlbrecht and Durak [4] present a holistic application of Model-Based Systems Engineering, System-Theoretic Process Analysis, and formal methods in the area of Urban Air Mobility. The overall goal is to guarantee safety-by-construction within an agile development process.…”

Section: Related Workmentioning

confidence: 99%

Ato Over Etcs: Model-Based System and Architecture Analysis With Arcadia and Event-B

ESCHBACH

2022

WIT Transactions on the Built Environment

View full text Add to dashboard Cite

The European Railway Traffic Management System (ERTMS) is intended to replace incompatible national rail traffic management systems in Europe and thus simplify cross-border rail traffic. A part of ERTMS is the European Train Control System (ETCS). ETCS is an automatic train protection system and can collaborate with an automatic train operation system (ATO). ATO can control and monitor the braking, traction and door system of a train. This collaboration is called ATO over ETCS. In this paper we describe the experiences gained in the integrated application of the model-based systems and architecture engineering method ARCADIA and the formal method Event-B to the system requirements of ATO over ETCS. A central part of the system requirements is related to the operational modes, mode transitions and mode properties of the ATO onboard unit (ATO-OB). Mode properties are system requirements that must be satisfied whenever the ATO-OB enters a mode or stays within a mode. Especially modes, in which the ATO-OB automatically drives the train, are of utter importance. The main goal of the analysis was to check consistency and completeness of the system requirements related to modes, mode transitions and mode properties. Within the ARCADIA phase "System Analysis" a socalled "Mode/State Model", a special ARCADIA model, was systematically derived from the system requirements. In order to guarantee consistency, especially to guarantee that mode properties will not be violated by mode transitions, a formal Event-B specification was derived and formally analyzed. This analysis approach identified several critical inconsistencies of the system requirements.

show abstract

Model Based Verification and Validation Planning for a Solar‐Powered High‐Altitude Platform

Rothe,

Rahm,

Hagen

et al. 2023

INCOSE International Symp

View full text Add to dashboard Cite

Developing a solar‐powered High‐Altitude Platform is a challenging endeavor. These aircraft are able to remain airborne for extremely long time periods, since they harvest all necessary energy from the sun. This is only possible if the design can handle all operating conditions with minimal margins. The systems therefore need to be well matched, which can be more efficiently facilitated by utilizing model‐based engineering. This paper shows how a SysML profile can be used to conduct verification and validation planning within such a large project. Key benefits are the development of a single source of truth, better overview from a management point of view, unified processes and document styles within the project, improved change management as well as reduced workloads when generating readable export documents.

show abstract

Integrating Safety into MBSE Processes with Formal Methods

Cited by 8 publications

References 6 publications

Model-Based STPA: Enabling Safety Analysis Coverage Assessment with Formalization

Model-Based STPA: Enabling Safety Analysis Coverage Assessment with Formalization

Ato Over Etcs: Model-Based System and Architecture Analysis With Arcadia and Event-B

Model Based Verification and Validation Planning for a Solar‐Powered High‐Altitude Platform

Contact Info

Product

Resources

About