System safety assessment based on STPA and model checking

Dakwat, Alheri; Villani, Emília

doi:10.1016/j.ssci.2018.05.009

Cited by 52 publications

(14 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Dakwat and Villani [17] propose a method that combines STPA and model checking. They used a robot flight simulator to demonstrate the effectiveness of their work.…”

Section: Related Workmentioning

confidence: 99%

Synthesis of a Controller Algorithm for Safety-Critical Systems

2022

View full text Add to dashboard Cite

Systems of today are becoming more complex; they have many levels of the control hierarchy, are software-intensive, use different networks, have increasing processing power, use a diversity of devices, and require more integration. Systems-Theoretic Process Analysis (STPA) is a technique that is being used to analyze the safety of those systems at the concept stage. For the design phase, STPA can be combined with SysML modeling activities, including simulation and formal verification of systems models to produce the control software more efficiently. However, for the design phase, when starting from the STPA analysis there is no support to elaborate the control algorithm. Building the control algorithm is one of the most difficult tasks in the design phase. We propose a method to synthesize the control algorithm for safetycritical systems from the STPA analyses and the functional requirements. Our method maps the control structure (STPA) into a block diagram (SysML), and it uses the STPA results to generate an initial state machine diagram (SysML) for automated controllers, actuators, and sensors. We use our method to generate the control algorithms for an Adaptive Cruise Control system. We evaluate the synthesized algorithms by performing model simulation and formal verification. This illustrates that our method is a systematic way to synthesize control algorithms that satisfy both safety and functional requirements.INDEX TERMS Safety, Systems Modeling Language, Model checking, Control system synthesis, System analysis and design.

show abstract

“…Dakwat and Villani [17] propose a method that combines STPA and model checking. They used a robot flight simulator to demonstrate the effectiveness of their work.…”

Section: Related Workmentioning

confidence: 99%

Synthesis of a Controller Algorithm for Safety-Critical Systems

2022

View full text Add to dashboard Cite

show abstract

“…There have been works on safety analysis of autonomous systems using STAMP/STPA [3,8,13]. While we use conventional testing in this paper, formal methods are promising for verifying the safety constraints [3,8]. In [3], the authors embed the safety constraints to the target model, and formally verify them.…”

Section: Related Workmentioning

confidence: 99%

Evaluation Framework for Performance Limitation of Autonomous Systems under Sensor Attack

Shimizu

Suzuki

Muramatsu

et al. 2021

Preprint

View full text Add to dashboard Cite

Autonomous systems such as self-driving cars rely on sensors to perceive the surrounding world. Measures must be taken against attacks on sensors, which have been a hot topic in the last few years. For that goal one must first evaluate how sensor attacks affect the system, i.e. which part or whole of the system will fail if some of the built-in sensors are compromised, or will keep safe, etc. Among the relevant safety standards, ISO/PAS 21448 addresses the safety of road vehicles taking into account the performance limitations of sensors, but leaves security aspects out of scope. On the other hand, ISO/SAE 21434 addresses the security perspective during the development process of vehicular systems, but not specific threats such as sensor attacks. As a result the safety of autonomous systems under sensor attack is yet to be addressed. In this paper we propose a framework that combines safety analysis for scenario identification, and scenario-based simulation with sensor attack models embedded. Given an autonomous system model, we identify hazard scenarios caused by sensor attacks, and evaluate the performance limitations in the scenarios. We report on a prototype simulator for autonomous vehicles with radar, cameras and LiDAR along with attack models against the sensors. Our experiments show that our framework can evaluate how the system safety changes as parameters of the attacks and the sensors vary.

show abstract

“…Dakwat and Villani [16] propose a method combining STPA and the UPPAAL Model Checker in order to provide a formal representation of the system under analysis and the threats identified by STPA. They argue that their combination improves the knowledge about the system under design and the consistence of the design changes proposed to tackle the safety constraints identified in STPA.…”

Section: Related Workmentioning

confidence: 99%

Combining STPA with SysML Modeling

Souza

Bezerra

Hirata

et al. 2020

2020 IEEE International Systems Conference (SysCon)

View full text Add to dashboard Cite

System-Theoretic Process Analysis (STPA) is a technique, based on System-Theoretic Accident Model and Process (STAMP), to identify hazardous control actions, loss scenarios, and safety requirements. STPA is considered a rather complex technique and lacks formalism, but there exists a growing interest in using STPA in certifications of safety-critical systems development. SysML is a modeling language for systems engineering. It enables representing models for analysis, design, verification, and validation of systems. In particular, the free software TTool and the model-checker UPPAAL enable formal verification of SysML models. This paper proposes a method that combines STPA and SysML modeling activities in order to allow simulation and formal verification of systems' models. An automatic door system serves as example to illustrate the effectiveness of the proposed approach.

show abstract

System safety assessment based on STPA and model checking

Cited by 52 publications

References 7 publications

Synthesis of a Controller Algorithm for Safety-Critical Systems

Synthesis of a Controller Algorithm for Safety-Critical Systems

Evaluation Framework for Performance Limitation of Autonomous Systems under Sensor Attack

Combining STPA with SysML Modeling

Contact Info

Product

Resources

About