Hazard-driven realization views for Component Fault Trees

  • PDF / 5,080,310 Bytes
  • 17 Pages / 595.276 x 790.866 pts Page_size
  • 100 Downloads / 137 Views

DOWNLOAD

REPORT


THEME SECTION PAPER

Hazard-driven realization views for Component Fault Trees David Santiago Velasco Moncada1 Received: 14 June 2019 / Revised: 11 March 2020 / Accepted: 13 March 2020 © The Author(s) 2020

Abstract Traditionally, the preferred means of documentation used by safety engineers have been sheets- and text-based solutions. However, in the last decades, the introduction of model-driven engineering in conjunction with Component-Based Design has been influencing the way safety engineers perform their tasks; especially in the area of fault analysis, model-driven approaches have been developed aimed at coupling fault trees with architecture models. Doing this fosters communication between engineers, may reduce design effort, and makes artifacts easier to maintain and reuse. In this paper, we want to move forward in this direction and take another step in the modeling of Component Fault Trees in combination with the modeling of the architecture design. We propose a hazard-centric approach for the definition of multiple realization views for fault analysis using Component Fault Trees. The approach is composed of a modeling method and a tool solution. We illustrate our approach with a real-life example from the automotive industry. Keywords Model-driven engineering · Component-based · Hazard-centric · Component Fault Trees · Realization view

1 Introduction The development of safety-relevant functions in the automotive domain is faced with increasing complexity as the result of more intelligent features, more automation, and more functions realized by software. Component-based development has proven to be effective in handling the complexity of such systems by fostering modularity and thereby reuse. Because of the increasing interaction between the architecture and the safety life cycles, safety engineers have had a hard time maintaining design and analysis artifacts. Traditionally, this has been the case for fault trees [1], as they are not strongly related to architecture design models. In order to tackle this issue, several approaches have been proposed in recent years. With the aim of modularizing fault trees, Component Fault Trees (CFTs) [2] were introduced. In [3], [4], and [5], Component Integrated Fault Trees (C2 FT) extended this modularization concept and presented the means to Communicated by Federico Ciccozzi, Antonio Cicchetti and Andreas Wortmann.

B 1

David Santiago Velasco Moncada [email protected] https://blog.iese.fraunhofer.de/author/santiago-velasco/ Embedded systems Quality, Fraunhofer IESE, Kaiserslautern, Germany

associate modular UML constructs like SysML blocks with Component Fault Trees. In 2018, the paper “Advances in Component Fault Trees” [6] summarized the most important contributions with respect to CFTs since their definition. Moreover, the authors (including the original contributors of CFT and C2 FT) agreed, for the sake of simplicity, on keeping the original name of the technique (namely CFT), which we will use throughout this article. The previous studies