Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.

Slides:



Advertisements
Similar presentations
TWO STEP EQUATIONS 1. SOLVE FOR X 2. DO THE ADDITION STEP FIRST
Advertisements

1 Verification by Model Checking. 2 Part 1 : Motivation.
Requirements Engineering Processes – 2
EE384y: Packet Switch Architectures
The 4 T’s of Test Automation:
Generative Design in Civil Engineering Using Cellular Automata Rafal Kicinger June 16, 2006.
Dynamic Power Redistribution in Failure-Prone CMPs Paula Petrica, Jonathan A. Winter * and David H. Albonesi Cornell University *Google, Inc.
Cognitive Radio Communications and Networks: Principles and Practice By A. M. Wyglinski, M. Nekovee, Y. T. Hou (Elsevier, December 2009) 1 Chapter 12 Cross-Layer.
Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 5 Author: Julia Richards and R. Scott Hawley.
1 Copyright © 2010, Elsevier Inc. All rights Reserved Fig 2.1 Chapter 2.
By D. Fisher Geometric Transformations. Reflection, Rotation, or Translation 1.
1 Evaluation of Commercial Off The Shelf (COTS) Operating System (OS) Malfunction Mitigation Methods C. Forni, ATK B. Blake, ATK R. Hall, Textron D. Magidson,
Railways Systems: Applications HSI beyond DoD Dr. Jen Narkevicius Jenius LLC Dr. Jen Narkevicius Jenius LLC Human Systems Integration.
Introduction to Product Family Engineering. 11 Oct 2002 Ver 2.0 ©Copyright 2002 Vortex System Concepts 2 Product Family Engineering Overview Project Engineering.
Business Transaction Management Software for Application Coordination 1 Business Processes and Coordination.
and 6.855J Cycle Canceling Algorithm. 2 A minimum cost flow problem , $4 20, $1 20, $2 25, $2 25, $5 20, $6 30, $
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
0 - 0.
DIVIDING INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.
SUBTRACTING INTEGERS 1. CHANGE THE SUBTRACTION SIGN TO ADDITION
MULT. INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.
Addition Facts
1 9 Moving to Design Lecture Analysis Objectives to Design Objectives Figure 9-2.
Making the System Operational
Rolls-Royce supported University Technology Centre in Control and Systems Engineering UK e-Science DAME Project Alex Shenfield
© University of Reading School of Systems Engineering Matlab Assessment for Final Year Units Victor M. Becerra School of Systems.
ZMQS ZMQS
4-th IEEE International Conference on Advanced Learning Technologies, Joensuu, Finland, August 30 – September 1, th IEEE International Conference.
Communicating over the Network
Micro Focus Research 1 As far as youre aware, how does your organization plan to drive business growth over the next three years? (Respondents' first choices)
Jennifer Rexford Princeton University MW 11:00am-12:20pm Logically-Centralized Control COS 597E: Software Defined Networking.
Karl-Heinz Kühnlein Conquest 2009: Experiences with model centric Testing in Standard-based Medical IT Environments Test Management Aspects.
Software Engineering - Specifications 1 Specifications Specification document must be clear, complete and correct.
Chapter 1 Introduction to the Programmable Logic Controllers.
© 2010 Invensys. All Rights Reserved. The names, logos, and taglines identifying the products and services of Invensys are proprietary marks of Invensys.
Testing Workflow Purpose
ABC Technology Project
1 1 Mechanical Design and Production Dept, Faculty of Engineering, Zagazig University, Egypt. Mechanical Design and Production Dept, Faculty of Engineering,
1 Computer Programming Boolean Logic Copyright © Texas Education Agency, 2013.
TU e technische universiteit eindhoven / department of mathematics and computer science 1 Empirical Evaluation of Learning Styles Adaptation Language Natalia.
Component-Based Software Engineering Main issues: assemble systems out of (reusable) components compatibility of components.
1 Evaluations in information retrieval. 2 Evaluations in information retrieval: summary The following gives an overview of approaches that are applied.
Traditional IR models Jian-Yun Nie.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 5 Slide 1 Project management.
Chapter 10 Software Testing
Formal models of design 1/28 Radford, A D and Gero J S (1988). Design by Optimization in Architecture, Building, and Construction, Van Nostrand Reinhold,
Processes Management.
Chapter 5 Test Review Sections 5-1 through 5-4.
SIMOCODE-DP Software.
Addition 1’s to 20.
25 seconds left…...
Test B, 100 Subtraction Facts
Dynamic Location Discovery in Ad-Hoc Networks
©Ian Sommerville 1995/2000 (Modified by Spiros Mancoridis 1999) Software Engineering, 6th edition. Chapters 1,3 Slide 1 Software Engineering Software Engineering.
1 Minimally Supervised Morphological Analysis by Multimodal Alignment David Yarowsky and Richard Wicentowski.
Week 1.
Chapter 10: The Traditional Approach to Design
Systems Analysis and Design in a Changing World, Fifth Edition
We will resume in: 25 Minutes.
1 Unit 1 Kinematics Chapter 1 Day
Choosing an Order for Joins
From Model-based to Model-driven Design of User Interfaces.
13-Optimization Assoc.Prof.Dr. Ahmet Zafer Şenalp Mechanical Engineering Department Gebze Technical.
*time Optimization Heiko, Diego, Thomas, Kevin, Andreas, Jens.
CSC 402, Fall Requirements Analysis for Special Properties Systems Engineering (def?) –why? increasing complexity –ICBM’s (then TMI, Therac, Challenger...)
FAULT TREE ANALYSIS (FTA). QUANTITATIVE RISK ANALYSIS Some of the commonly used quantitative risk assessment methods are; 1.Fault tree analysis (FTA)
Safety-Critical Systems 7 Summary T V - Lifecycle model System Acceptance System Integration & Test Module Integration & Test Requirements Analysis.
Improving Dependability in Service Oriented Architectures using Ontologies and Fault Injection Binka Gwynne Jie Xu School of Computing University of Leeds.
Synthesis of Model-Based Dependability Analysis and Bio-inspired Metaheuristics in the Design of Complex Systems Professor Yiannis Papadopoulos School.
Presentation transcript:

Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K. Fraunhofer IESE May 4 th 2011

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Motivation of work on System Dependability Analysis Increasing safety concerns: Computer controlled safety critical systems emerge in areas such as automotive, shipping, medical applications, industrial processes, etc. Reliability & availability concern a broader class of systems Increasing complexity of systems & reduced product development times & budgets cause difficulties in classical manual analyses p 2

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Why is automation needed? System Design Model If a component fault develops here On the outputs? What effect does the fault have? 3 p 3

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos In the University of Hull we develop: A method and tool that simplify dependability analysis and architecture optimisation by partly automating the process Known as Hierachically Performed - Hazard Origin and Propagation Studies (HiP-HOPS) p 4

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos HiP-HOPS p 5 Global view of failure: Failure annotations = of components System Model + Fault Tree Synthesis Algorithm System failures Component failures

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Valve Malfunctions Failure mode Description Failure rate Blocked e.g. by debris 1e - 6 partiallyBlocked e.g. by debris 5e - 5 stuckClosed Mechanically stuck 1.5e - 6 stuckOpen Mechanically stuck 1.5e - 5 Deviations of Flow at Valve Output Output Deviation Description Causes Omission - b Omission of flow Blocked or stuckClosed or Omission - a or Low - control Commission - b Commission of flow stuckOpen or Commission - a or High-control Low - b L ow flow partiallyBlocked or Low - a High-b High flow High-a Early - b Early flow Early - a or Early - control Late - b Late flow Late - a or Late - control a b b Component Failure Annotations p 6

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Hierarchical analysis Assessment of conditions that affect whole architectures, e.g. of common cause failures / combined HW-SW analysis p 7 System / Hardware Components / Allocated Software Analysis of conditions that affect whole system / effects of Hardware failure Local Safety Analyses of Components/ Propagation of failure through software

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Notions of Failure Classes (user defined), Input/Output Ports & Parameters Failure Logic: Boolean logic, recently enhanced with new temporal operators and a temporal logic. Concept for state-sensitive analysis Includes generalisation operators and iterators: e.g. any input failure propagates to all outputs Can be used for specification of reusable, inheritable, composable, failure patterns Language for Error Modelling p 8

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Tool Interface p 9

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Tool support (Example Steer-by-Wire) Simulink model: steer-by-wire system Synthesised Fault Trees Synthesised FMEA p 10

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Tool Maturity Tool has public interfaces (XML, DLL) which enable linking to modelling or drawing tools Has advanced capabilities for qualitative/probabilistic analysis (common causes, zonal analysis, supports a variety of probabilistic models) ITI GmbH has used the public interface to link its Simulation X modelling tool to the HiP-HOPS tool. Others (ALL4TEC, VECTOR) also interface Commercial launch of HiP-HOPS extension to Simulation X in 2011 p 11

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Further difficulties in dependability engineering and tool extension to support architecture optimisation How can system dependability be improved? Substitute components & sub-systems, increase frequency of maintenance, replicate Which solution achieves minimal cost? People evaluate a few options. This leads to unnecessary design iterations and sub- optimal solutions. p 12

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Work on Multi-objective Design Optimisation Hard optimisation problem that can only be addressed effectively with automation Objectives Dependability, Cost, Weight, … Objectives are conflicting (e.g. dependability and cost) p 13

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Multi-objective optimisation problem Find a solution x (element of solution space X), which satisfies a set of constrains and optimizes a vector of objective functions f(x)= [f 1 (x),f 2 (x),f 3 (x),…,f n (x)]. Search for Pareto Optimal (i.e. Non-dominated) Solutions A solution x 1 dominates another solution x 2 if x 1 matches or exceeds x 2 in all objectives. p 14

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Pareto Optimality Cost Reliability Pareto Front p 15

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Optimisation concept Genetic Algorithm HiP-HOPS Modelling Tool Model, Variants Failure data parser analysis pareto front Set of Models representing optimal tradeoffs p 16

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos 12Primary Standby Genetic Algorithm: Making design variations p Cost: 2 Reliability: 5 Cost: 3 Reliability: 7 Cost: 4 Reliability: 9 Cost: 3 Reliability: 8

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Fuel System Example p 18 Provide model, variants, failure data Cost: 511 Unavailability:

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Fuel System Example p 19 Let tool find optimal solutions

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Fuel System Example p 20 Choose and get optimised design Cost: 834 Unavailability:

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Optimisation in Action p 21

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Work on Temporal Safety Analysis Cutsets of a Classical fault tree I + A.B.C + A.S1 + A.B.S2 + D 1. No input at I 2. Failure of all of A, B, and C 3. Failure of A and S1 4. Failure of A, B, and S2 5. Failure of D I p 22

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos PAND-ORA: Hour or time (ORA [ώρα] in Greek) of PAND gates Uses Priority-AND (<, or before), Priority-OR (|) and Simultaneous-AND (&, or at the same time) operators to express temporal ordering of events Relative temporal relations between events can be expressed: X<Y, X&Y, and Y<X Minimal Cut-sequences New Temporal Laws can be used to simplify fault trees and calculate Minimal Cut-sequences The PANDORA Logic p 23

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Sequence Values A number indicating the order in which an event becomes true Events with the same sequence value are simultaneous Temporal Truth Tables (TTT) –Like Boolean truth tables but extended to use Sequence Values –Can be used to prove temporal laws –e.g. X.Y = X<Y + X&Y + Y<X Temporal Truth Tables p 24

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Minimal Cut-sequences I D [S1<A] [S1&A] [B<A] [B&A] [A<B].C A.[S2&B] A.[S2<B] Show that the triply redundant system is not triply redundant. Give a more refined and correct view of failure I D A.S1 A.B.C A.B.S2 I p 25

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Current Work ADLs:ADLs: Input to EAST-ADL automotive ADL in MAENAD FP7 project. Work towards harmonisation with AADL Dynamic Analysis:Dynamic Analysis: Synthesis of Temporal Fault Trees from State Machines Separation of Concerns:Separation of Concerns: Multi-perspective HiP-HOPS. Analysis of diagrams (SW-HW) linked with allocations Automatic allocation of safety requirements:Automatic allocation of safety requirements: E.g. in the form of SILs (Safety Integrity levels) OptimisationOptimisation: More objectives, More model transformations Link to Model-CheckersLink to Model-Checkers p 26

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Relation to the state-of-the-art compositional safety analysesOne of more advanced compositional safety analyses formal safety analyses &Less automated than formal safety analyses & does not do formal verification. simple algorithmsscales upHowever, uses simple algorithms and scales up well. Deductive analysis & good performance have enabled : Multiple failure mode FMEAs Architecture optimisation with greedy meta-heuristics Top-down allocation of safety requirements (SILs) Can complement other formal techniques Synthesis of State-Machines –> Input for Model Checker Additional functionalities (optimisation, SIL allocation, advanced probabilistic analyses) p 27

Fraunhofer IESE May 4 th 2011 Yiannis Papadopoulos Summary Shorter life-cycles, economic pressures, increasing complexity demand cost effective dependability engineering. HiP-HOPS simplifies aspects of this process. Can complement formal techniques. Can be used in conjunction with emerging ADLs. Supported by mature commercially available tool. Strong interest in automotive & shipping. Growing interest in aerospace. Applications by Germanischer Lloyd, Volvo, VW, Delphi, Fiat, Continental, Toyota/Denso, et al p 28

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.