1 / 8

Problem and NASA Relevance

Download Presentation

Problem and NASA Relevance

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Automation for System Safety AnalysisExecutive BriefingJane T. Malin, Principal InvestigatorProject: Automated Tool and Method for System Safety Analysis Software Assurance SymposiumSeptember, 2008Complex systems typically fail because of the unintended consequences of their design, the things they do that were not intended to be done. - M. Griffin, System Engineering and the “Two Cultures” of Engineering, March 28, 2007

  2. Problem and NASA Relevance • NASA needs early evaluation of software (SW) requirements and design, to reduce software-system integration risks • Assess system failures and anomalous conditions that may challenge software in system integration testing • Identify robustness issues early (and often) • Identify requirements gaps early (and often) • Project test case: NASA Constellation (Cx) Launch Abort System (LAS) for Pad Abort PLANT and Environment ‘Activate’ Faults and Influence Failures SOFTWARE ‘Activate’ Faults and Influence Failures FAULTS/Reliability FAULTS/Reliability Operations and Stresses

  3. Technical Approach Systematic semi-automated extraction and analysis for early evaluation and rapid update • Capture model of the controlled system architecture • Abstract physical architecture models with subsystems, functions, interfaces, connections • Extract directly from requirements and design text and data • Capture risks and hazards in model • Constraints, hazards, risks from requirements and design • Risk and failure libraries • Analyze and simulate to identify risks and constraints • Analyze and simulate hazard/risk propagation in the system • Use operational and off-nominal scenarios and configurations • Identify possible test scenarios for virtual system integration testing

  4. Technology Overview Hazard Identification Tool (HIT) Aerospace Ontology CONFIG Hybrid Simulation Extract and Model Information Extractor Identify Test Cases Requirements Text • Analyze, Simulate and Test Early • Identify interaction-propagation paths • Investigate influence of timing • Perform Virtual Tests Virtual System Integration Laboratory (VSIL)

  5. 2008 Target Capability • Integration: Information extraction, architecture modeling and test generation • Model parts extracted from requirements and failure modes and effects analysis/critical items lists (FMEA/CIL) texts • XML output, including reference traces • Components, physical hierarchy, connections, interface components, flows/resources, time or phase context • Functions, vulnerabilities, limits, failures, causes • Ontology for model extraction and semi-automated modeling • Identify types of components, functions, problems, resources • Paths: A provides power to B; C receives command data from B • Functions and failures: B processes command data; B failure mode is No Output command to D; cause of no output is B does not receive power. • Semi-automated model development from extracted model parts • Component model library: Resource producer; Data processor… • Generic functions, failures and influences: Resource problem, Stressor, Data rate problem, Data Integrity problem… • Model visualization for overview and completeness checking • Simulation and path analysis to identify hazardous configurations, scenarios and test cases • Where failure or degradation of required functions results from unintended system interactions • Project Participants • CEV Flight Software Engineering, Abort Decision Logic, Abort Sequence • Orion Software Safety and Mission Assurance

  6. Technical Challenges • Limitations of early life-cycle requirements, design, hazard analysis and FMEA/CIL as sources for • Automatic extraction of model information from requirements and design text • Semi-automatic construction of models from extracted information, for simulation and visualization • Combining graph analysis and simulation to identify possible hazard paths and off-nominal test scenarios for complex system interaction models • Maturation Challenge: Develop mature software prototypes that can be used to develop products for broader use

  7. 2009 Planned Capability • Capabilities should be valuable from pre-PDR through operations • Continue tool enhancements focusing on • Off-nominal test scenario discovery and evaluation • Component model library and generic defaults • Use on a new CEV case – more complex interactions and more complete system information • Deliver • Tool prototype files – STAT information extraction, Aerospace ontology, Hazard Identification Tool graph modeling and analysis, CONFIG simulation modeling, model libraries • Documentation – methods, tools, user manuals

  8. Future Applications • Improve efficiency and repeatability of system and software risk analysis • Reduce time spent reanalyzing when specifications and designs change • Visualize integrated requirements • Combined success and failure spaces • Combined system and operation/event spaces • Validate requirements and perform integration tests early with low-fidelity and multi-fidelity simulation • Validate FMEAs and fault trees • Evaluate completeness and consistency of requirements and risk • Support requirements traceability evaluations • Enhance analysis with reliability and event probability information

More Related