AeroSense, April 20021 System Health Tracking and Safe Testing André Bos, Arjan van Gemund Jonne Zutt Delft University of Technology.

Slides:



Advertisements
Similar presentations
The Quest for Correctness Joseph Sifakis VERIMAG Laboratory 2nd Sogeti Testing Academy April 29th 2009.
Advertisements

Digital Integrated Circuits© Prentice Hall 1995 Design Methodologies Design for Test.
CMSC 611: Advanced Computer Architecture
Based on text by S. Mourad "Priciples of Electronic Systems" Digital Testing: Design Representation and Fault Detection
Fundamental Concepts 大同大學 資訊工程系 副教授
D u k e S y s t e m s Time, clocks, and consistency and the JMM Jeff Chase Duke University.
QUALITATIVE MODELLING AND REASONING Ivan Bratko Faculty of Computer and Information Science Ljubljana University Slovenia.
Hybrid System Verification Synchronous Workshop 2003 A New Verification Algorithm for Planar Differential Inclusions Gordon Pace University of Malta December.
MBD in real-world system… Self-Configuring Systems Meir Kalech Partially based on slides of Brian Williams.
ECE 720T5 Fall 2012 Cyber-Physical Systems Rodolfo Pellizzoni.
Introduction to Fault Diagnosis and Isolation(FDI) By Hariharan Kannan.
© C. Kemke1Expert Systems Tasks COMP 4200: Expert Systems Dr. Christel Kemke Department of Computer Science University of Manitoba.
Automated Model-Based Testing of Hybrid Systems Michiel van Osch PROSE January 25,
Behavioral Design Outline –Design Specification –Behavioral Design –Behavioral Specification –Hardware Description Languages –Behavioral Simulation –Behavioral.
1 Formal Engineering of Reliable Software LASER 2004 school Tutorial, Lecture1 Natasha Sharygina Carnegie Mellon University.
Sheila McIlraith, Knowledge Systems Lab, Stanford University DX’00, 06/2000 Diagnosing Hybrid Systems: A Bayesian Model Selection Approach Sheila McIlraith.
ESA PetriNet: Petri Net Tool for Reliability Analysis Romaric Guillerm, Nabil Sadou, Hamid Demmou 14 Oct LAAS-CNRS.
October 17-19, 2001ESA Workshop “On-Board Autonomy” Efficiency Issues in Model-Based Approaches to On-Board Diagnosis P.Torasso, C.Picardi and L. Console.
1 Software Testing Techniques CIS 375 Bruce R. Maxim UM-Dearborn.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 10 Slide 1 Critical Systems Specification 3 Formal Specification.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 10 Slide 1 Formal Specification.
SEC PI Meeting 06/00 Fault-Adaptive Control Technology Gabor Karsai Gautam Biswas Sriram Narasimhan Tal Pasternak Gabor Peceli Gyula Simon Tamas Kovacshazy.
Verification technique on SA applications using Incremental Model Checking 컴퓨터학과 신영주.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 24 Slide 1 Critical Systems Validation 1.
Technical University Tallinn, ESTONIA Overview: Fault Simulation Overview about methods Low (gate) level methods Parallel fault simulation Deductive fault.
Structural Abstraction for Strong Fault Models Diagnosis (DX 2014 BISFAI 2015) Roni SternMeir KalechOrel Elimelech Ben Gurion University of the Negev,
INFM 603: Information Technology and Organizational Context Jimmy Lin The iSchool University of Maryland Thursday, October 18, 2012 Session 7: PHP.
1 DISTRIBUTION A. Approved for public release; Distribution unlimited. (Approval AFRL PA # 88ABW , 09 April 2014) Reducing the Wrapping Effect.
ECE 720T5 Winter 2014 Cyber-Physical Systems Rodolfo Pellizzoni.
1 Performance Evaluation of Computer Networks: Part II Objectives r Simulation Modeling r Classification of Simulation Modeling r Discrete-Event Simulation.
Mathematical Modeling and Formal Specification Languages CIS 376 Bruce R. Maxim UM-Dearborn.
Benjamin Gamble. What is Time?  Can mean many different things to a computer Dynamic Equation Variable System State 2.
Christian Heinzemann 11. Oktober 2015 Modeling Behavior of Self-Adaptive Systems Seminar Software Quality and Safety.
Copyright © Vanderbilt University, Technical University of Budapest, Xerox PARC Fault-Adaptive Control Technology Gabor Karsai Gautam Biswas Tivadar Szemethy.
Modern VLSI Design 3e: Chapter 5,6 Copyright  2002 Prentice Hall PTR Adapted by Yunsi Fei Topics n Sequential machine (§5.2, §5.3) n FSM construction.
Model-Based Diagnosis of Hybrid Systems Papers by: Sriram Narasimhan and Gautam Biswas Presented by: John Ramirez.
WXGE6103 Software Engineering Process and Practice Formal Specification.
Date: File:PRO1_12E.1 SIMATIC S7 Siemens AG All rights reserved. Information and Training Center Knowledge for Automation Troubleshooting.
SEC PI Meeting 10/00 Fault-Adaptive Control Technology Gabor Karsai Gautam Biswas Sriram Narasimhan Tal Pasternak Gabor Peceli Gyula Simon Tamas Kovacshazy.
Procedures for managing workflow components Workflow components: A workflow can usually be described using formal or informal flow diagramming techniques,
Model Checking and Model-Based Design Bruce H. Krogh Carnegie Mellon University.
March 1999Dip HI KBS1 Knowledge-based Systems Alternatives to Rules.
Nordic Process Control Workshop, Porsgrunn, Norway Application of the Enhanced Dynamic Causal Digraph Method on a Three-layer Board Machine Cheng.
April 28, 2003 Early Fault Detection and Failure Prediction in Large Software Systems Felix Salfner and Miroslaw Malek Department of Computer Science Humboldt.
1 Computer Group Engineering Department University of Science and Culture S. H. Davarpanah
Intelligent Systems Software Assurance Symposium 2004 Bojan Cukic & Yan Liu, Robyn Lutz & Stacy Nelson, Chris Rouff, Johann Schumann, Margaret Smith July.
Control Synthesis and Reconfiguration for Hybrid Systems October 2001 Sherif Abdelwahed ISIS Vanderbilt University.
Toulouse, September 2003 Page 1 JOURNEE ALTARICA Airbus ESACS  ISAAC.
1 Consistent-based Diagnosis Yuhong YAN NRC-IIT. 2 Main concepts in this paper  (Minimal) Diagnosis  Conflict Set  Proposition 3.3  Corollary 4.5.
CS 351/ IT 351 Modeling and Simulation Technologies Review ( ) Dr. Jim Holten.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 4 Slide 1 Software Processes.
21/1/ Analysis - Model of real-world situation - What ? System Design - Overall architecture (sub-systems) Object Design - Refinement of Design.
Sequencers SQO,SQC,SQL.
Winter 2007SEG2101 Chapter 121 Chapter 12 Verification and Validation.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 23 Slide 1 Software testing.
I&C Lab Seminar Procedure for the Software Requirements Specification for Safety Critical Systems Seo Ryong Koo Korea Advanced Institute Science.
Logic Simulation 1 Outline –Logic Simulation –Logic Design Description –Logic Models Goal –Understand logic simulation problem –Understand logic models.
Adapted from Krste Asanovic
8. Introduction to Turing Machines
Faults and fault-tolerance
Model-based Diagnosis: The Single Fault Case
Intelligent Systems Software Assurance Symposium 2004
COUPING WITH THE INTERCONNECT
Design for Quality Design for Quality and Safety Design Improvement
Automatic Test Generation for Combinational Circuits
8. Introduction to Turing Machines
Submitted by the experts of OICA
An algebraic expression that defines a function is a function rule.
Discrete Controller Synthesis
Presentation transcript:

AeroSense, April System Health Tracking and Safe Testing André Bos, Arjan van Gemund Jonne Zutt Delft University of Technology

AeroSense, April Contents The role of diagnosis in autonomous systems Health tracking Diagnosis as health tracking Modeling Safe testing Future work

AeroSense, April The role of diagnosis in autonomous systems Accomplish mission goals without human intervention even in a harsh environment Harsh environment: system failures Without human intervention: identify, isolate, and cope with system failures automatically Graceful degradation

AeroSense, April Accomplishing mission goals Mission goals State(t j ) State(t 0 ) Action...Action plan Resources (fuel, system components,…) Health state

AeroSense, April Architecture S/C FDI Health mode TC TM Planning/recovery and safety validation Mission goals Safe plan

AeroSense, April Diagnostic system requirements Dynamic and hybrid systems Accumulating faults Test vector generate to further isolate faulty components Easy to model Single model (if possible) to support diagnostic reasoning, test vector generation, planning, and simulation

AeroSense, April Health tracking Dynamic and hybrid systems Variables: U - Inputs: close shutter, switch-on lamp,… X - State: shutter position, lamp current Y - Observables dx/dtH

AeroSense, April Health tracking (cont.) Extend behavioural description: X to include fault states F, H to accommodate for fault state behavior. Note: non- deterministic system

AeroSense, April Example system S/R latch Set Reset Set Out time Set Out time Error can be detected only here

AeroSense, April UpTime model-based approach (1) UpTime design system to construct model-based diagnosis systems. Based on our experience of constructing a model-based diagnosis system for the GOME instrument (ERS-2 satellite).

AeroSense, April UpTime model-based approach (2) Component-based. Coarse formalism Finite Domain constraints. Finite state machine to capture dynamics. Simplified behavioral description. dU  dI E.g.: If I goes up, pressure difference goes up. Each component: dx/dth

AeroSense, April UpTime: Component description Behavioral description Finite State Machine. Inter and intra state equations. Both nominal and fault state changes. cl st-cl op st-op switch in = cl, st = op : next st := cl in = cl, st = st-op: next st := st-op … state = op: dI = 0 state = cl: dI  dU state = stuck-open: dI = 0 …

AeroSense, April UpTime: algorithm (3) Likelihood trajectory determined using: A priori likelihood state transition per component. The number of output variables explained. Time State

AeroSense, April sone Example system S/R latch Set Reset Set Out time Set Out time Likelihood All Components okay Likelihood #S1_AB Likelihood #S1_AB Likelihood #S2_AB

AeroSense, April Safe-testing Test vectors: As system is only partially observable, use test vectors to discriminate between possible (health) states. Be careful, test vectors may induce errors. load Possible Shortage fault

AeroSense, April Hazard conditions (1) Hazard conditions describe conditions that should not happen. Same language and model as used for diagnostic system. Conditions on the state of the S/C.

AeroSense, April Hazard conditions (2) Battery: Not directly connected to ground. Need extra variables to describe “connectedness” behavior. Not always possible to give hazard conditions per component. load Possible Shortage fault

AeroSense, April Test action Test action must: Discriminate between possible trajectories. Must not violate any hazard condition.

AeroSense, April Checking a test action … S i-1 SiSi SiSi S i+1 … … S i+k Effect of test action

AeroSense, April Future work Model-based approach: Domain dependent: model of the S/C Domain independent: Reasoning methods:  diagnosis  testing Target system System model Safety conditions, mission goals,... S/W generator Diagnostic reasoner Simulator Planning system

AeroSense, April Example Time State Set switch closed Both S2 ok and S2 stuck open predict output high Set Reset S2 stuck open S2 ok Set switch released S2 ok: predicts output remains high S2 stuck open: predicts output low

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.