The FMEDA approach to improve the safety assessment according to the IEC61508

According to the Standard IEC61508, the paper presents a case study concerning the evaluation of both the safe failure fraction (SFF) and the probability of failure on demand (PFD) for a complex system. After a preliminary presentation of the criteria for the safety integrity level (SIL) verification, the work focuses the attention on the method to achieve the PFD. In particular, an approach based on failure modes, effects and diagnostic analysis (FMEDA) is proposed and then a comparison with the approach described in the Standard. The paper aims to clarify both the knowledge and the application of the IEC61508 and proposes a technique to satisfy the hardware safety integrity requirements.     

激光产品的安全分级与防护

本文介绍了我国和国际（IEC、ILA）激光产品安全分级方法,国际标准追踪激光技术的发展,其对激光产品的安全分级更为细致明确。另外对工程防护和日常生活中常常被忽视的激光产品辐射的危害与防护措施进行了介绍。最后强调了激光辐射安全与防护的意识与责任。     

Application of IEC61131-3 standard in the Brazilian Navy mine-sweeper modernization

The IEC61131-3 standardized five PLC programming languages and presents a software model that stimulates practices such as code reuse. The adoption of this standard in the modernization of the Brazilian Navy mine-sweepers allowed the development of a reliable software, easy to test and maintain, with high productivity. Although the PLC used in this project did not provide natively all the languages proposed by IEC, this paper describes tools and methodologies developed to overcome this deficiency.     

基于安全性评估的民用客机VHF通信电台架构

进行设备级的安全性评估是民用客机VHF通信电台适航审定的要求。简述了机载系统和设备的安全性评估指南、方法及过程,描述了VHF通信电台各组成模块的失效模式及失效率,并运用SAEARP4761所推荐的故障树方法估算出了单通道架构VHF通信电台的失效概率,估算结果说明单通道架构VHF通信电台不能满足飞机级PSSA(Preliminary System Safety Assessment)分配的失效概率要求。最后,为了降低VHF通信电台的失效概率,提出了VHF通信电台的非相似多通道实现架构。分析表明,与单通道架构相比,非相似多通道实现架构的VHF通信电台具有更低的失效概率。     

Preventive Maintenance Policy Optimization of a Nuclear Reactor High Pressure Injection System Using a Reliability-Cost Model

Previous works have demonstrated that Genetic Algorithms (GA) and Probabilistic Safety Analysis (PSA) can be applied to maintenance policy optimization problems. Here, the flexible scheduling approach proposed in former works has been enhanced. Now, operational costs are considered in the objective function, resulting in a Reliability-Cost model for evaluating industrial systems performance. The GA searches for optimum preventive maintenance policies, which considers factors, such as: probability of needing a repair, costs of related to the repair, outage times, etc. A typical Pressurized Water Reactor High Pressure Injection System has been chosen as a case study. Results ratify the good performance of the method, allowing specific analysis on the weighting factors related to costs and reliability.     

Towards improving detection performance for malware with a correntropy-based deep learning method

With the rapid development of Internet of Things (IoT) technologies, the detection and analysis of malware have become a matter of concern in the industrial application of Cyber-Physical System (CPS) that provides various services using the IoT paradigm. Currently, many advanced machine learning methods such as deep learning are popular in the research of malware detection and analysis, and some achievements have been made so far. However, there are also some problems. For example, considering the noise and outliers in the existing datasets of malware, some methods are not robust enough. Therefore, the accuracy of malware classification still needs to be improved. Aiming at this issue, we propose a novel method that combines the correntropy and the deep learning model. In our proposed method for malware detection and analysis, given the success of the mixture correntropy as an effective similarity measure in addressing complex datasets with noise, it is therefore incorporated into a popular deep learning model, i.e., Convolutional Neural Network (CNN), to reconstruct its loss function, with the purpose of further detecting the features of outliers. We present the detailed design process of our method. Furthermore, the proposed method is tested both on a real-world malware dataset and a popular benchmark dataset to verify its learning performance.     

新功能安全标准IEC61508-2的研究

通过分析E/E/PES的安全生命周期和对IEC61508新旧版本的比较,从而确定新版本在安全相关系统硬件评估上与旧版本的区别.通过更好地学习与使用IEC61508-2010来对安全相关系统的硬件进行评估和研究.主要对新增的V-模型、部件的系统能力、硬件安全完整性结构约束、保证数据通信的失效率的方法等方面进行介绍.     

智能视频监控技术研究及应用

传统的工业电视监控存在报警精确度差等缺点,智能视频监控的提出从很大程度上弥补这些缺陷。本文对智能视频监控技术的工作原理进行了分析。针对煤矿安全生产环境,提出了采用智能视频监控技术的煤矿安全生产智能视频联动监控系统。该系统能够在很大程度上提高报警准确度,为煤矿安全生产提供更可靠的保障。     

北斗三号基本系统空间信号质量评估

全球卫星导航系统(GNSS)空间信号(SIS)质量直接影响了用户使用性能。北斗三号卫星不同于北斗二号卫星,将继续播发北斗二号老信号,同时新增播发B1C, B2a等新信号,多频多信号多分量的信号体制较北斗二号更为复杂,对导航卫星信号质量控制提出了较大挑战。2018年底北斗系统完成了18颗卫星组网,完成北斗三号基本系统建设并开始提供全球服务,有必要对北斗三号在轨卫星空间信号质量进行量化评估。传统空间信号质量评估方法侧重于单项的定性评估,而针对北斗三号复杂的信号体制,缺乏系统的、定量的分析结果。该文对标北斗系统接口控制文件(ICD),从功率特性、频域特性、时域特性、相关域特性和信号一致性等方面研究了不同参数配置对评估结果的影响,形成了一套面向新型调制方式和多频多分量复用信号的量化评估方法。基于40 m大口径天线的空间信号质量评估系统,对18颗MEO卫星进行了长时间监测跟踪和数据采集,首次对北斗三号卫星空间信号质量进行了全面量化评估。结果表明：北斗三号卫星空间信号质量良好,18颗MEO卫星一致性较好,符合ICD指标要求,可满足服务区内用户需求;评估方法可用于对后续导航卫星空间信号质量的量化评估。     

器具开关操作引发的安全问题

对于符合 IEC 61058的器具开关,IEC 60335等大部分整机产品安全标准中只对开关的电气参数、IP 等级、动作循环周期、断开类型等提出要求,对器具开关的操作性能,例如力度、形状、位置等没有提出具体要求。实际中,如果操作器具开关需要的力度过大,会引发安全问题,例如稳定性问题以及由此引发的其它问题。提出应当制定器具开关操作力度的要求,同时还应当对器具开关的安装位置与电热元件等功能性危险源之间的距离做出规定,从而避免对器具开关的操作成为安全隐患,同时建议对此作进一步的研究。     

ISO/IEC 17025:2005《检测和校准实验室能力的通用要求》中存在的错误

本文就ISO/IEC17025《检测和校准实验室能力的通用要求》中存在的错误,提出看法。ISO/IEC17025:2005《检测和校准实验室能力的通用要求》对ISO/IEC17025:1999进行了修改和补充,使ISO/IEC17025进一步完善和提高,但笔者在学习过程中仍发现ISO/IEC17025标准中存在的一些错误,提出供实验室建立管理体系和实验室评审时参考。     

An information-theoretical framework for modeling component-based systems

Software systems tend to be large scale and complex with the inevitable increase in their functionalities. The increasing costs related to system development and maintenance in correlation to the software size requires new assessment tools for the newly evolving development methodologies. Taking advantage of existing tools and methodologies in a mature field is beneficial to relatively young, related disciplines. Therefore, this paper brings modeling techniques from a well-developed and mature discipline, information theory, into component-based software (CBS) engineering. Information-theoretic representation and analysis techniques in general, noiseless information channel concepts in particular, are good candidates to be adopted to model the dynamic behavior of software components and quantify the interaction between them. This modeling approach is realized by first modeling the component integration units of CBS with cubic control flowgraphs. The arcs in these models can be labeled as functions of parameters of their "hidden" components in the originating nodes or arcs, or both. Each of these labeled graphs defines a Shannon language. Then, a set of metrics, labeled as pervasive Shannon metrics is defined. Four case studies are demonstrated to show the applicability of the proposed metrics for assessment of CBS.     

Early integration of safety to the mechatronic system design process by the functional failure identification and propagation framework

The research goal of this paper is to introduce a risk analysis methodology that can be applied at the early concept design phase, whose purpose is to identify fault propagation paths that cross disciplinary boundaries, and determine the combined impact of several faults in software-based automation subsystems, electric subsystems and mechanical subsystems. Specifically, the Functional Failure Identification and Propagation (FFIP) analysis framework is proposed to perform a simulation-based analysis of functional failure propagation. The focus is on risk assessment, the earliest activities of the safety process, in which hazards are identified and safety requirements are derived. It is argued that current risk assessment methods are not sufficient for concurrent integration of the safety process to the design process of a complex mechatronic system. In order to facilitate the integration of risk assessment to such systems at the earliest design stages, the design is expressed with syntax and semantics that is able to describe the propagation of failures throughout the system and especially across the boundaries of the mechatronic domains. A boiling water nuclear reactor (limited to the reactor core and steam outlets) is used as a case study. The results demonstrate the capability to handle several fault propagation paths in one scenario for hazard identification at the early, functional, design stage. Specifically, it is shown that FFIP is able to identify fault propagation paths that cross disciplinary boundaries, and which in turn is able to determine the combined impact of several faults in software-based automation subsystems, electric subsystems and mechanical subsystems. The impact is expressed in degradation or loss of safety related functions.     

Reliability analysis in wind turbine engineering

Wind turbines are being designed in accordance with deterministic design rules. As wind turbines increase in size and power, these rules may not be adequate to ascertain a safe and well balanced design. Wind turbine industry can take advantage of the safety and reliability practices in e.g. aerospace, nuclear and offshore industry. These practices include System Reliability (such as FMECA, Event Sequence Analysis and Fault Tree Analysis) and Structural Reliability methods. The approach to introduce Probabilistic Safety Assessment (PSA) which incorporates these reliability methods into wind turbine engineering will be described. By means of two recent case studies, the applicability, benefits, and limitations of these methods will be illustrated.     

SafeAnon: a safe location privacy scheme for vehicular networks

In most safety applications within vehicle ad-hoc networks (VANETs), vehicles need to periodically broadcast messages with information of their precise positions to others. These broadcast messages, however, make it easy to track vehicles and will likely lead to violations of personal privacy. Unfortunately, most of the current location privacy enhancement methodologies in VANETs suffer some shortcomings and do not take driving safety into consideration. In this paper, we propose a safe distance based location privacy scheme called SafeAnon, which can significantly enhance location privacy as well as traffic safety. By simulating vehicular mobility in a cropped Manhattan map, we evaluate the performance of the proposed scheme under various conditions. The mean entropy, warning broadcast ratio, and mean silent period of SafeAnon scheme are increasing 58%, 281%, and 50% respectively than the random silent period (RSP) scheme. The total broadcast ratio is also 33% less than that in the RSP scheme.     

JEITA/BAJ《笔记本电脑用锂离子电池安全使用指南》介绍

介绍了JEITA／BAJ《笔记本电脑用锂离子电池安全使用指南》的电芯安全设计、电池组安全设计及安全试验和判定标准三个部分;最后讨论了以该《指南》为基础提出的日本国家标准JISC8714、日本《电器用品安全法》规定的PSE认证,以及日本提交的IEC62133修订草案等。     

Hybrid S-Parameters for Transmission Line Networks With Linear/Nonlinear Load Terminations Subject to Arbitrary Excitations

We propose a generalized S-parameter analysis for transmission lines (TLs) with linear/nonlinear load terminations subject to arbitrary plane-wave and port excitations. S-parameters are prevalently used to model TLs such as cable bundles and interconnects on printed circuit boards (PCBs) subject to port excitations. The conventional S-parameter approach is well suited to characterize interactions among ports. However, nontraditional port excitations associated with plane-wave coupling to physical ports at TL terminals lead to forced, as well as propagating, modal waves, necessitating a modification of the standard S-parameter characterization. In this paper, we consider external plane-wave excitations, as well as port (internal) sources, and propose a hybrid S-parameter matrix for characterization of the associated microwave network and systems. A key aspect of the approach is to treat the forced waves at the ports as constant voltage sources and induced propagating modal waves as additional entries (hybrid S-parameters) in the S-parameter matrix. The resulting hybrid S-matrix and voltage sources can be subsequently exported to any circuit solver such as HSPICE and Agilent's Advanced Design System for the analysis of combined linear and nonlinear circuit terminations at ports. The proposed method is particularly suited for susceptibility analysis of cable bundles and PCBs for electromagnetic interference evaluations. It also exploits numerical techniques for structural and circuit domain characterization and allows for circuit design optimization without a need to perform any further computational electromagnetic analysis     

CSD-RNS-based Single Constant Multipliers

Architectures for designing single constant multipliers in Residue Number System (RNS) for moduli of the 2 ⁿ −1, 2 ⁿ and 2 ⁿ  + 1 forms are introduced with the constant operand being recoded in Signed-Digit representation. Two methodologies are proposed. In the first one a straightforward implementation of the shift-and-add algorithm is adopted, while in the second one a graph-based approach is used. Both methodologies result in circuits that are shown to be efficient in terms of area and delay.     

A nonsmoothing approach to the estimation of vessel contours in angiograms

Accurate and fully automatic assessment of vessel (stenoses) dimensions in angiographic images has been sought as a diagnostic tool, in particular for coronary heart disease. Here, the authors propose a new technique to estimate vessel borders in angiographic images, a necessary first step of any automatic analysis system. Unlike in previous approaches, the obtained edge estimates are not artificially smoothed; this is extremely important since quantitative analysis is the goal. Another important feature of the proposed technique is that no constant background is assumed, this making it well suited for nonsubtracted angiograms. The key aspect of the authors' approach is that continuity/smoothness constraints are not used to modify the estimates directly derived from the image (which would introduce distortion) but rather to elect (without modifying) candidate estimates. Robustness against unknown background is provided by the use a morphological edge operator, instead of some linear operator (such as a matched filter) which has to assume known background and known vessel shape.