A Model-Based Method for System Reliability Analysis

1,518 views

Published on

Presentation at the 2nd International Workshop on Model-driven Approaches for Simulation Engineering

(held within the SCS/IEEE Symposium on Theory of Modeling and Simulation part of SpringSim 2012)

Please see: http://www.sel.uniroma2.it/mod4sim12/ for further details

Published in: Technology, Business
  • Be the first to comment

A Model-Based Method for System Reliability Analysis

  1. 1. 2nd International Workshop on Model-driven Approaches for Simulation Engineering held within the SCS/IEEE Symposium on Theory of Modeling and Simulationpart of SpringSim 2012, March 26-29, 2012, Orlando, FL (USA) A Model-Based Method for System Reliability Analysis Alfredo Garro, Andrea Tundis {garro, atundis}@deis.unical.itDepartment of Electronics, Computer and System Sciences (D.E.I.S.) University of Calabria – ITALY
  2. 2. OutlineIntroduction and ProposalA Model-Based method for System ReliabilityAnalysisExploiting the proposed approach: Reliability Analysisof a Flight Management System (FMS)Conclusions and future works Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 2
  3. 3. Aim of the proposalDefine a model-based approach for the ReliabilityAnalysis of systems which combines in a unified framework the benefits of popular OMG modeling languages (UML, SysML) with wide adopted simulation and analysis environments (Mathworks Matlab, Simulink) can be easily integrated into modern System Engineering methodologiesWhy another approach for reliability analysis?What is the relationship between the proposed approachand the already available reliability analysis techniques? Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 3
  4. 4. System Dependability and RAMS AnalysisDependability: “the collective term used to describe theavailability performance and its influencing factors:reliability performance, maintainability performance andmaintenance support performance” (IEC - InternationalElectrotechnical Commission)RAMS (Reliability, Availability, Maintainability and Safety):the engineering discipline which aims at providing anintegrated and methodological approach to deal withsystem dependability Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 4
  5. 5. System Dependability and RAMS AnalysisThe main objective od RAMS analyses is to identify causesand consequences of system failuresRAMS analyses are typically carried out using a layeredapproach and through both quantitative and qualitativeanalysis techniques as: series-parallel system reliability analysis Markov Chain models FMECA (Failure Modes Effects and Critical Analysis) FTA (Fault Tree Analysis) …. Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 5
  6. 6. System Dependability and RAMS Analysis Quantitative Qualitative Suitable for Software Analysis Analysis Intensive SystemsSeries-Parallel x - - (RBD)Markov Chains x - -FMEA/FMECA - x x (S-FMEA/S-FMECA) FTA - x x (S-FTA) HAZOP - x x HSIA - x x SCCFA - x x PSH - x x Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 6
  7. 7. Limitations of the traditional approach and new perspectivesThe increase in both system complexity and accuracyrequired in the reliability analysis often makesinadequate the above mentioned techniques which aremainly based on: statistical and probabilistic tools; a hierarchical decomposition of the system in terms of its components Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 7
  8. 8. Limitations of the traditional approach and new perspectivesthere is a strong demand for new, more powerful and flexibleanalysis tools and techniques …centered on model-based approachesso to benefit from the available modeling practices and …which should incorporate the use of simulationto flexibly evaluate the system reliability indicesand compare different design choices Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 8
  9. 9. Reliability and other non-functional requirements… a brief reflection great attention has been devoted to functional requirements analysis and traceability BUT there is still a lack of methods which specificallyaddress these issues for non-functional requirements the analysis concerning if and how non-functional requirements are met by the system under development is not typically executed contextually to the design of the system but still postponed to the last stages of the development process (e.g. system verification) a high risk of having to revise even basic designchoices and with a consequent increase in both completiontime and development cost Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 9
  10. 10. Limitations of the traditional approach and new perspectives Despite a general consensus on the advantages that could derive from the exploitation of model-based approaches for system reliability analysis … the use of these techniques has been traditionally unusual and has not been recommended by international standards until recently (see IEC 61508, 2010) This delay in the adoption is mainly due to the lack of methods able to integrate available modeling languages,tools and techniques in a consistent modeling framework. Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 10
  11. 11. Our ProposalA Model-Based approach for System Reliability Analysis: centered on a popular UML-based language for system modeling (SysML) exploiting a de facto standard platform for the simulation of multi-domain dynamic and embedded systems (Mathworks Simulink) fully specified as a method (in terms of phases, input and output workproducts, etc.) and thus “pluggable” in a complete System Development Process (e.g. based on a V-Model) Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 11
  12. 12. Our Proposal RAMSAS: A Model-Based method for System Reliability AnalysisThe RAMSAS method iscentered on a classicaliterative process whichconsists of four mainphases: ReliabilityRequirements Analysis System Modeling System Simulation Results Assessment Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 12
  13. 13. When and where to exploit our method ina typical System Development Process According to Method Engineering, the proposed method can be integrated in various phases of a typical System Development Process, e.g. in a V-Cycle process: In the verification phase to support the evaluation of system reliability In the design phases to support the valuation and evaluation of configuration scenarios and settings of system parameters so to guide and suggest design choicesThe proposed method is not intended to be an alternative toother RAMS techniques (FMECA, FTA, RDB, etc.) but rather a complement able to provide additional analysis capabilities Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 13
  14. 14. RAMSAS: The Reliability Requirements Analysis phaseIn the Reliability Requirements Analysis phase, theobjectives of the system reliability analysis are specified.INPUT work-products: System Design, SystemRequirements (functional and non-functional)OUTPUT work-products: Reliability Analysis Objectives The functions that the system has to perform, the related operative conditions, and the reference time horizons must be clearly individuate along with the main system failures and their local and global effects The reliability functions and indicators, to be derived from the analysis of the simulation results, must be identified along with the main analysis techniques to be applied to the data gathered from simulation Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 14
  15. 15. RAMSAS: The System Modeling phaseIn the System Modeling phase the structure andbehavior of the System are modeled by using a SysMLbased notation.In this phase the System is decomposed in componententities by applying in-out zooming mechanisms. Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 15
  16. 16. RAMSAS: The System Modeling phaseEach component entity is modeled as aSysML Block: Block structure is defined by both a SysML Block Definition Diagram (BDD) and an Internal Block Diagram (IBD) Block behavior is defined by SysML Activity, Sequence, State Machine, and Parametric Diagrams Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 16
  17. 17. RAMSAS: The System Modeling phaseBlock Structure: the BDD describes the Block with its port interfaces, internal attributes, operations, constraints, parts and relationships with other blocks the IBD provides a description of the Block internal structure, the organization of its component blocks, the type of composition and the topology of internal communication Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 17
  18. 18. RAMSAS: The System Modeling phaseBlock Behavior: specified trough a set of Tasks whose execution is characterized by pre and post conditions and can be periodically scheduled or triggered by events Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 18
  19. 19. RAMSAS: The System Modeling phaseBlock Behavior:Each Task is modeled using different types of SysMLDiagrams:(i) an Activity Diagram which allows modeling the Task asa flow of actions;(ii) a set of Sequence Diagrams which allows modelingspecific scenarios, each of which corresponds to a givensequence of actions in the Activity Diagram of the Task special Tasks, which model the onset, propagation and management of Block failures, are also introduced Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 19
  20. 20. RAMSAS: The System Modeling phaseBlock Behavior:For each Block a State Machine Diagram can bederived by combining the Activity and SequenceDiagrams associated with the Tasks in which theBlock is involved so to obtain a state-basedrepresentation of the Behavior of the Block Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 20
  21. 21. RAMSAS: The System Modeling phaseSysML Parametric Diagrams are alsointroduced for supporting specific analysis……by defining constraint blocks which expressmathematical equations and their parametersthat may correspond to block properties Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 21
  22. 22. RAMSAS: The System Simulation phaseIn the System Simulation phase, thepreviously obtained Models of the System arerepresented in terms of the constructs offeredby Mathworks SimulinkThe model transformation is enabled by IBMRational Rhapsody Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 22
  23. 23. RAMSAS: The System Simulation phaseTransformation between models is based on amapping between the basic SysML and Simulinkconstructs: Entity SysML Simulink System/Subsystem/ Block, Part Block, Subsystem Equipment/Component Block Behavior/Constraint Activity diagram, S-Function, State Sequence diagram, Flow diagram Parametric diagram Input/Output Interface Flow Port Input/Output Simulink Block Association/Binding Connection LineMoreover, the Mealy Machines which model the behaviorof a Simulink Block is obtained by the correspondingSysML Behavioral Diagrams Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 23
  24. 24. RAMSAS: The System Simulation phaseThe resulting Simulink System is a network ofblocks which is executed according to asynchronous reactive model of computation: at each step, Simulink computes, for each block, the set of outputs as a function of the current inputs and the block state, then it updates the block state Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 24
  25. 25. RAMSAS: The Results Assessment phaseIn the Results Assessment phase, the data gatheredfrom the simulations are analyzed with reference to theobjectives of the reliability analysis identified in theinitial phase of the process: directly in Simulink by using useful add-on like SIMLOG by external analysis toolsAs for any iterative process, new (partial or complete)iterations can be executed for achieving new or missedanalysis objectives Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 25
  26. 26. Exploiting the RAMSAS method for System Reliability Analysis Reliability analysis of a Flight Management System (FMS) Integrated Modular Avionics (IMA):the high level of integration of an IMA makes its reliabilityanalysis a challenging task due to the difficulty in identifyingthe occurrences and propagation of faults and then theconsequent system failures Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 26
  27. 27. The Reliability Requirements Analysis phasea qualitative analysis of the System reliability requiresaccurately identifying the weaknesses of the system, itscritical components, how they can break down, the way inwhich faults propagate and the impacts of each failure onthe entire systemmoving from qualitative to quantitative reliabilityevaluations, the Reliability Function of the System shouldbe evaluated along with main reliability indices (e.g. MissionCapable Rate (MCR) = (MTTCF+MTTR)/(MTTCF+2MTTR))By combining qualitative and quantitative results, a clearpicture of the reliability performances of the system canbe obtained and alternative design solutions to effectivelyaddress the design and maintenance of the system can becompared Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 27
  28. 28. The System Modeling phaseThe system is decomposed according to the following four-stage hierarchy: system, subsystems, equipment, andcomponentsBy applying the well-known zooming-in mechanisms, theinternal structure of each subsystem is represented indetails by an IBD which shows its constituting equipment;in turn, each equipment is further specified in terms of itscomponents by a related IDB diagram Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 28
  29. 29. The System Modeling phase Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 29
  30. 30. The System Modeling phase Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 30
  31. 31. The System Modeling phaseBeside the System structure, the behavior of theSystem is also specified following the same layeredapproach but in a bottom-up fashion: from thecomponent level to the equipment, subsystem, andsystem level… Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 31
  32. 32. The System Modeling phase An example of behavioral modeling: the specification of the behavior of the Inertial Reference Unit , a key component of the IRS equipment Tasks of the of the Inertial Reference Unit component Task Pre conditions Post conditions Execution Schedule Alignment Operation Mode and Component state Triggered Initial Position values changed available Attitude flight status and Attitude parameters TriggeredCalculation parameters calculated … … … … Failure Component failure Safety state reached TriggeredManagement Fault Component is (Possible) fault PeriodicalGeneration working generation Fault Fault generated (Possible) component Triggered Evaluation failure Failure Component failure (Possible) failure TriggeredPropagation propagation Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 32
  33. 33. The System Simulation phaseThe System Simulation is a semi-automatic process thatstarts by transforming the SysML diagrams intoSimulink modelsAfter obtaining the Simulation Model, the setting of thesimulation parameters are performed according to theanalysis objectives, then simulation are executed and datagathered for the analysis phase Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 33
  34. 34. The System Simulation phase Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 34
  35. 35. The Results Assessment phaseSeveral simulations have been executed for analyzing thebehavior of the System in different scenarios and evaluatingits reliability functions and indicatorsUsually, an analytic definition of these reliabilitycharacteristics is very difficult due to the complexity ofthe System in terms both of its structure and behavior.The scalability and flexibility of the proposed modeling andsimulation approach allowed the evaluation of the mainreliability functions and indices in an inductive fashion aswell as the observation of macro-level phenomena whichare hardly captured by classical analytical/deductivemodels Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 35
  36. 36. The Results Assessment phaseThe analysis of the simulation data provided usefulindications which allowed obtaining a more descriptiveand predictive reliability system model and suggestedsome design choices which could improve the systemreliability indicators Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 36
  37. 37. The Results Assessment phaseAs an example, the analysis of the simulation data ofdifferent and extreme operative scenarios have shown thatthe MCR of the considered System significantly varies (from63,9% to 75,6% in the carried out experiments) on thebasis not only of the system organization and behavior butalso of its configuration and parameter settings Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 37
  38. 38. Conclusions and Future WorkThe proposed a model-based method for the ReliabilityAnalysis of systems combines in a unified framework thestrengths of: powerful visual languages (as OMG SysML), suitable to flexibly model the architectural and behavioral aspects of complex, dynamics, and heterogeneous systems mature and popular tools (as Mathworks Simulink), suitable for the simulation and analysis of multi- domain systems Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 38
  39. 39. Conclusions and Future WorkThe proposed method is not intended to be an alternative to otherRAMS techniques (FMECA, FTA, RDB, etc.) but rather a complementable to provide additional analysis capabilitiesThe method can be integrated in various phases of a typical SystemDevelopment Process (e.g. in the Verification and/or Design phases ofa V-Cycle)This allows supporting the satisfaction and traceability of animportant non-functional requirement, such as reliability, in theearly stages of a development process with considerable time andcost reductions respect to more traditional reliability analysestechniques which are often carried on in the last stages of thedevelopment with the risk of having to revise even basic designchoices. Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 39
  40. 40. Conclusions and Future WorkThe concrete exploitation of the proposed hasallowed appreciating: its flexibility and scalability in complex system modeling its effectiveness in valuating and evaluating through simulation the system reliability performances Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 40
  41. 41. Conclusions and Future WorkOngoing research efforts are devoted to: enrich and improve RAMSAS extensively experiment RAMSAS in the analysis of mission-critical systems in different application domains integrate RAMSAS in the IBM Rational Harmony for Systems Engineering process support other environments for carrying out the Simulation Phase (e.g. OpenModelica) Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 41
  42. 42. AcknowledgmentsIBM Haifa Research Center (Henry Broodney, MichaelMasin)ESA-ESTEC (Daniele Gianni)Z-Lab Engineering (Gabriele Luceri, Nicola Chirillo) Mod4Sim12 - Alfredo Garro - DEIS - University of Calabria 42
  43. 43. Thank you garro@deis.unical.itMod4Sim12 - Alfredo Garro - DEIS - University of Calabria 43

×