260 likes | 276 Views
Research Heaven, West Virginia. Severity Analysis at Architectural Level Based on UML Dynamic Specification. Research Heaven, West Virginia. Overview. Introduction Hazard analysis techniques UML and Hazard analysis Proposed Severity Analysis Method Conclusion and Future work References.
E N D
Research Heaven,West Virginia Severity Analysis at Architectural Level Based on UML Dynamic Specification
Research Heaven,West Virginia Overview • Introduction • Hazard analysis techniques • UML and Hazard analysis • Proposed Severity Analysis Method • Conclusion and Future work • References
Research Heaven,West Virginia Introduction We have developed a risk assessment methodology applied on systems architecture composed of components and connectors • We define risk as a combination of two factors • The probability of malfunctioning (failure) • The consequence of malfunctioning (severity) • Severity analysis is conducted for the purpose of quantifying • severity of failures of system components and connectors, and • severity of failures of scenarios • We propose severity analysis technique based on Unified ModelingLanguage (UML), this technique is based on classical hazard analysis techniques
Research Heaven,West Virginia Hazard analysis techniques Classical Hazard analysis techniques • Functional Failure Analysis (FFA), • Failure Mode and Effects Analysis (FMEA), • Fault Tree Analysis (FTA),
Research Heaven,West Virginia UML and Hazard analysis Why UML is a good candidate for severity analysis technique • The UML could capture dynamic behavior of the system (Scenario diagram, State diagram) • UML provides a clear relationship between the system and the environment (Use case diagram) • UML gives a good picture of possible functional aspects of the system ( Use cases)
Research Heaven,West Virginia Proposed Severity Analysis Process INPUT: UML DYNAMIC SPECIFICATIONS usecases, and annotated scenario diagrams, OUTPUT: COST OF FAILURE OF COMPONENTS AND CONNECTORS, SEVERITY
Schematic of the proposed severity analysis process 1 OUTPUT FFA 4 UseCase Diagrams, System Sequence Diagrams (List of scenario level Hazards) Scenario Level Cost Of Failure Table, Severity Cost of Failure Graph UML Specs FTA Components/ Connectors Cost of Failure Table, Severity Scenario Diagrams Component/ Connector interactions (List of Component/Connector Failure Modes) FMEA (Complete List of Failure modes of Components/Connectors) 3 2 Scenario Level Cost of Failure, Severity Component/Connector Cost of Failure, Severity
Research Heaven,West Virginia The steps for the proposed process • Identify system hazards: states of the system that can contribute to accidents and mishaps Perform FFA using UML Use Case diagrams as an input • Identify component/connector failure modes Perform FMEA using UML Scenario Diagrams as an input • Construct a detailed cause-and-effect model, to record how failures propagate from component/connector level through the system level FTA is used to combine the outputs from FFA and FMEA • Develop the Cost of Failure Graphto estimate severity of each component/connector in a given scenario, or severity level of the scenario The final result is a table of component/connector severity.
Research Heaven,West Virginia Step 1: Function Failure Analysis (FFA) The use case diagram for system S The sequence diagram of use case UC1 for system S
Research Heaven,West Virginia Step 1: FFA Table
Research Heaven,West Virginia Step 1: Example (Pacemaker AVI Scenario) Sequence Diagram of Pacemaker System in AVI mode (use case)
Research Heaven,West Virginia Step 1: FFA Table
Research Heaven,West Virginia The steps for the proposed process • Identify system hazards: states of the system that can contribute to accidents and mishaps Perform FFA using UML Use Case diagrams as an input • Identify component/connector failure modes Perform FMEA using UML Scenario Diagrams as an input • Construct a detailed cause-and-effect model, to record how failures propagate from component/connector level through the system level FTA is used to combine the outputs from FFA and FMEA • Develop the Cost of Failure Graphto estimate severity of each component/connector in a given scenario. The final result is a table of component/connector severity.
Research Heaven,West Virginia Step 2:Identify the component/connector failure modes (FMEA) Functionality as a sequence of interactions for System S
Research Heaven,West Virginia Step 2: Example (Pacemaker AVI Scenario) Detailed Sequence diagram of the AVI scenario
Research Heaven,West Virginia Step 2: Example(AR Component ) State Chart diagram of AR Component
Research Heaven,West Virginia Step 2: FMEA Table
Research Heaven,West Virginia The steps for the proposed process • Identify system hazards: states of the system that can contribute to accidents and mishaps Perform FFA using UML Use Case diagrams as an input • Identify component/connector failure modes Perform FMEA using UML Scenario Diagrams as an input • Construct a detailed cause-and-effect model, to record how failures propagate from component/connector level through the system level FTA is used to combine the outputs from FFA and FMEA • Develop the Cost of Failure Graphto estimate severity of each component/connector in a given scenario. The final result is a table of component/connector severity.
Research Heaven,West Virginia Step 3: Fault Tree Analysis (FTA) Step 3:Combining the results of steps 1 and 2 to build a cause-effect model by applying FTA Step 1:Top event hazard identified by applying FFA Step 2: Component/Connector failure modes identified through FMEA Omission “Pace” Fault Tree
Research Heaven,West Virginia The steps for the proposed process • Identify system hazards: states of the system that can contribute to accidents and mishaps Perform FFA using UML Use Case diagrams as an input • Identify component/connector failure modes Perform FMEA using UML Scenario Diagrams as an input • Construct a detailed cause-and-effect model, to record how failures propagate from component/connector level through the system level FTA is used to combine the outputs from FFA and FMEA • Develop the Cost of Failure Graph for each component/connector • Estimate the cost of failure of each component/connector • Estimate the severity of each component/connector The final result is a table of component/connector severity.
Research Heaven,West Virginia Step 4: Cost of Failure Graphfor the AR Component Failure Modes Consequence (Cost) List of hazards (Fault Tree Top Event) “ToOn” Value Error $ 1000 (regular care) AR failed to handle ToOn P(Fm) =.99 P(“ToOn” Value Error) = 0.02 $ 1000 (regular care) AR “ stuck in Refractory” State P(Fm) = 0.05 Failure Commission “Pace” P(Commission Pace) = 0.50 Sence TimeOut Error P(Fm) = 0.3 $ 100000 (intensive care) AR “ stuck in Waiting” State P(Fm) = 0.05 $ 100000 (intensive care) Sence TimeOut Error P(Fm) = 0.3 P(Omission VSence) = 0.48 $ 100000 (intensive care) AR stuck in “Pace” State P(Fm) = 0.3 $ 100000 (intensive care) PaceTimeOut Error P(Fm) = 0.3
Research Heaven,West Virginia Step 4: Severity of components/connectors Cost-Severity Graph Cost of failure table For components/Connectors Severity of Components/Connectors
Research Heaven,West Virginia Step 4: Output Severity of components/connectors in the AVI scenario
Research Heaven,West Virginia Conclusion • Proposed a methodology for scenario-based severity analysis of components/connectors of complex systems. • Based on the UML dynamic specifications of system scenarios (use case diagrams, sequence diagrams and state charts) • FFA is used as a top down approach based on abstract functional view of the system (use case) and its main functional failures • FMEA is used as a bottom up appraoch based on the detailed view of the system to identify the possible causes component/connector failures • FTA is used to correlate the results of FMEA and FFA • Considered the concept of cost of failures, and cost-severity graph
Research Heaven,West Virginia References • A. Hassan, W. Abdelmoez , A. Guedem, K. Apputkutty, K. Goseva-Popstojanova, H. Ammar, “Severity Analysis at Architectural Level Based on UML Diagrams’, 21st Intl. conference System Safety conference, Ottawa, Canada, August 4th– 8th , 2003. • A. Hassan, K. Goseva-Popstojanova, H. Ammar , “Methodology for Architecture Level Hazard Analysis, A Survey”, ACS/IEEE Intl. Conference on Computer Systems and Applications (AICCSA'03), Tunis, Tunisia, July 14-18, 2003. • Sherif M. Yacoub, Hany H. Ammar, “A Methodology for Architectural-Level Reliability Risk Analysis”, IEEE Transactions on Software Engineering, June 2002 V28, N 6, pp 529-547. • K. Goseva-Popstojanova, A. Hassan, A. Guedem, W. Abdelmoez, D. Nassar, H. Ammar, A. Mili, “Architectural-Level Risk Analysis using UML”, IEEE Transaction of Software Engineering, Oct., 2003. • Naylor, W. William Everett, Michael LeBeau, Peggy Rogers, and Ronald Stroup, “The Challenges Facing System Safety in the New Millennium “, 20th International System safety Conference, Aug. 5-9, 2002, Denver, Colorado. • Susan A. Sherer, “Methodology For The Assessment Of Software Risk”, Ph.D. Dissertation, Wharton School, University of Pennsylvania, 1988. • Yiannis Papadopoulos, John A. McDermid, “Hierarchically Performed Hazard Origin and Propagation Studies”, Proceedings of SAFECOMP ’99, 18th International Conference on Computer Safety, Reliability and Security, Toulouse France, Lecture Notes in Computer Science, 1698:139-152, Springer Verlag, 1999. • Steven Kmenta, Kosuke Iskii, “Scenario-Based FMEA: A Life Cycle Cost Perspective”, Proceeding of DETC 2000, 2000 ASME Design Engineering Technical Conferences, Sept. 10-14, 2000,Baltimore, Maryland. • M.S. Feather, S.L. Cornford, J. Dunphy & K. Hicks, “A Quantitative Risk Model for Early Lifecycle Decision Making”, in Proceedings of the Conference on Integrated Design and Process Technology, Pasadena, California, June 2002. Society for Design and Process Science
Research Heaven,West Virginia Future work • Integrate and validate the risk assessment methodology with the Defect Detection and Prevention (DDP) process (developed at JPL by Martin Feather) • The development of Maintainability-based Risk assessment technique