Model-based diagnosis and fault tolerant control for ensuring torque functional safety of pedal-by-wire systems

This paper presents a model based approach for defining automotive functional safety requirements and provides a solution to ensure functional safety through model-based diagnosis and fault tolerant control. This model-based approach is consistent with ISO 26262 – functional safety standard. In particular, this paper presents the necessary steps for defining and implementing functional safety requirements, including item and function definition, Hazard Analysis and Risk Assessment, as well as the design of a model-based diagnostic and fault tolerant control (FTC) system that can lead to a systematic solution to automotive functional safety problems. The methodology proposed in this paper is applied to the problem of torque functional safety of pedal-by-wire systems.     

一种安全的继电器关断路径设计方案

为了提高车辆继电器使用的安全性和可靠性,基于功能安全ISO26262开发流程和E-GAS三层软件架构,设计了一个安全的继电器关断路径方案。在传统继电器控制的基础之上,增加了继电器的反馈信号,冗余关断电路和监控单元;并在此条件下搭建实验环境进行测试。测试结果显示,该方案提高了继电器关断路径诊断的覆盖度,能够诊断出继电器的潜在故障,验证了方案的可行性。     

汽车控制器开发中定点接口与浮点模型的结合

在遵循ISO26262三层安全架构下,汽车控制器位于第二层的扭矩监控功能软件开发中,对参与计算的输入／输出变量提出更高的安全要求。底层接口是基于安全内存开发的定点接口,上层基于Simulink开发的浮点数扭矩监控模型生成的C代码,在二者进行软件集成时会发生冲突。通过几种解决方案的对比,优选出一种通过修改TLC脚本控制TRW代码生成的解决方案,从而实现了对Simulink建模开发工程师无任何额外工作的负担,满足ISO26262对安全功能的要求,同时成功解决底层软件与控制策略层开发的矛盾,在项目中获得了良好的应用效果。     

典型系统基于架构的层级化建模技术研究

随着工业化与信息化的深度融合,计算机建模与仿真技术已广泛应用于系统或产品的研发过程中,但其存在模型混乱、碎片化、层次不清晰、复用性差的问题。基于对系统架构的理解,提出了一种基于系统架构开展系统层级化建模的方法。在建立模型时将整个系统分解为系统层、子系统层和部件层的多层次模型;各层级模型的接口均与系统架构定义的接口关系保持一致,实现设计的连续性,为基于模型的设计提供有效的支撑。该方法能清晰表述模型的目的、层级和颗粒度。文中以典型伺服作动系统为例进行了验证,结果证明了方法的有效性。     

A tool environment for quality assurance based on the Eclipse Modeling Framework

The paradigm of model-based software development has become more and more popular since it promises an increase in the efficiency and quality of software development. Following this paradigm, models become primary artifacts in the software development process. Therefore, software quality and quality assurance frequently leads back to the quality and quality assurance of the involved models. In our approach, we propose a model quality assurance process that can be adapted to project-specific and domain-specific needs. This process is based on static model analysis using model metrics and model smells. Based on the outcome of the model analysis, appropriate model refactoring steps can be performed. In this paper, we present a tool environment conveniently supporting the proposed model quality assurance process. In particular, the presented tools support metrics reporting, smell detection, and refactoring for models being based on the Eclipse Modeling Framework, a widely used open source technology in model-based software development.     

A modelling and simulation based process for dependable systems design

Complex real-time system design needs to address dependability requirements, such as safety, reliability, and security. We introduce a modelling and simulation based approach which allows for the analysis and prediction of dependability constraints. Dependability can be improved by making use of fault tolerance techniques. The de-facto example, in the real-time system literature, of a pump control system in a mining environment is used to demonstrate our model-based approach. In particular, the system is modelled using the Discrete EVent system Specification (DEVS) formalism, and then extended to incorporate fault tolerance mechanisms. The modularity of the DEVS formalism facilitates this extension. The simulation demonstrates that the employed fault tolerance techniques are effective. That is, the system performs satisfactorily despite the presence of faults. This approach also makes it possible to make an informed choice between different fault tolerance techniques. Performance metrics are used to measure the reliability and safety of the system, and to evaluate the dependability achieved by the design. In our model-based development process, modelling, simulation and eventual deployment of the system are seamlessly integrated.     

基于MBSE的PHM开发平台设计

故障预测与健康管理(PHM)开发平台具有结构功能复杂的特点,传统的设计方法难以保证其结构合理性与功能可靠性.针对传统的基于文本的系统设计中存在的需求追溯性弱、问题描述模糊的问题,提出了应用基广模型的系统工程(MBSE)方法论指导平台设计过程,使用模型驱动的OOSEM建模方法对PHM开发平台进行模型搭建.通过利益相关者需...     

Runtime observation of functional safety properties in an automotive control network

This paper exploits the observability of control messages in a control network to formally monitor safety properties to verify a control application's correct behaviour. A monitor scheme is proposed based on a runtime verification method, which can verify selected properties of an application's behaviour, including the verification of formally specified functional safety properties. A prototype hardware based circuit is developed to provide a monitor function. A case study example for an automotive gearbox control system is presented. The control application is evaluated in the target application environment, which is a controller area network (CAN) based network. The behaviour of the monitor is assessed and the results show that it is feasible to monitor and verify functional safety properties, as defined by the ISO 26262 standard for functional safety in road vehicles, using the proposed method.     

Model-based platform-specific co-design methodology for dynamically partially reconfigurable systems with hardware virtualization and preemption

To facilitate the development of the dynamically partially reconfigurable system (DPRS), we propose a model-based platform-specific co-design (MPC) methodology for DPRS with hardware virtualization and preemption. For DPRS analysis and validation, a model-based verification and estimation framework is proposed to make model-driven architecture (MDA) more realistic and applicable to the DPRS design. Considering inherent characteristics of DPRS and real-time system requirements, a semi-automatic model translator converts the UML models of DPRS into timed automata models with transition urgency semantics for model checking. Furthermore, a UML-based hardware/software co-design platform (UCoP) can support the direct interaction between the UML models and the real hardware architecture. Compared to the existing estimation methods, UCoP can provide accurate and efficient platform-specific verification and estimation. We also propose a hierarchical design that consists of a hardware virtualization mechanism for dynamically linking the device nodes, kernel modules, and on-demand reconfigurable hardware functions and a hardware preemption mechanism for further increasing the utilization of hardware resources per unit time. Further, we realize a dynamically partially reconfigurable network security system (DPRNSS) to show the applicability and practicability of the MPC methodology. The DPRNSS cannot only dynamically adapt some of its hardware functions at run-time to meet different system requirements, but also determine which mechanism will be used. Our experiments also demonstrate that the hardware virtualization mechanism can save the overall system execution time up to 12.8% and the hardware preemption mechanism can reduce up to 41.3% of the time required by reconfiguration-based methods.     

Industrial Design and Development Software System Architecture Based on Model-Based Systems Engineering and Cloud Computing

Oriented to the new generation of cyber-physical manufacturing, this paper introduces two breakthroughs of industrial design and development software system: model-based systems engineering (MBSE) and cloud computing. Based on the classic V model for product development, an MBSE double-Vs model is refined which takes both model life-cycle and product life-cycle into consideration for design process re-engineering. Then cloud computing and its re-structuring on traditional industrial software system are discussed. Shift from classic single approach, this research proposes an industrial design and development software system architecture based on model-based systems engineering (MBSE) and cloud computing. The new architecture is shown in a stereoscopic way which amply utilizes the respective advantages of MBSE and cloud computing. At the end of the paper, as an example of actual cases, a flight management system (FMS) design and development platform is detailed to verify the effectiveness of this new architecture. The implement of new system architecture creates an efficient collaborative mechanism for FMS developing.     

An analytical approach for the modeling of real-time services over IP network

The modeling and analysis of system and network performance issues are useful tools in the development and engineering processes. The analytical models have a high value in the early stages to uncover major performance problems which affect the design of the architecture before the cost of rectification is too high. The development of new modeling methods for rapid analysis is also very important for the further fast deployment of new applications and services. In this paper, we develop a modeling method, based on queuing theory, for the solution of network performance problems faced when trying to support real-time services over Internet Protocol (IP) network. Namely, we are modeling signaling network architecture for the real-time services using M/GX/1 queuing system. We evaluate and compute expected waiting time and time in system. Furthermore, we present numerical results of our calculations and provide corresponding curves for them.     

Collaboration Among Designers: Analysing an Activity for System Development

Workplace studies provide an important input to system development, yet there is no straightforward way of translating empirical results into requirements. This study contributes to the development of methods by reporting an activity theory based approach consisting of (i) field observations, (ii) modelling and (iii) a specific task analysis for system requirements. The research informed the further development of the Build-it system, a multi-user system designed to support co-located interaction between designers in engineering and architecture, and other stakeholders such as clients, operators, or inhabitants. The background research was conducted in four engineering companies and comprised of meeting observations, a questionnaire on design collaboration (n=94) and the analysis of 20 artefacts. The findings indicate that collaboration is of critical importance to the design process, and at least some of the tasks in engineering design could be supported by a system like Build-it. The task analysis for system requirements involved potential users from engineering but extended the scope to other domains, namely architecture and chemical process engineering (n=22). In all three domains a multi-user system like Build-it would be advantageous; however, the specific requirements varied more than expected. The study critically reflects on the use of generic concepts and the process of conducting research for the purpose of understanding work for design.     

An empirical study of evaluating software development environmentquality

A study that evaluates new-paradigm-oriented software development environments which have been developed in the five-year formal approach to software environment technology (FASET) project is reviewed. For this study, a software environment evaluation technology based on a software quality evaluation process model defined in ISO/IEC 9126 has been developed. The evaluation technology has been applied to the R&D project at the middle and final phase of development. The evaluation results provide useful information to develop a widely acceptable evaluation technology and to improve the new-paradigm-oriented software development environments that are based on various specification methods: the algebraic specification method, function-oriented specification method, declarative specification method, natural-language-oriented specification method, diagrammatic specification method, state-transition-oriented specification method, and model-based specification method     

Monitoring and fault diagnosis of hybrid systems.

Many networked embedded sensing and control systems can be modeled as hybrid systems with interacting continuous and discrete dynamics. These systems present significant challenges for monitoring and diagnosis. Many existing model-based approaches focus on diagnostic reasoning assuming appropriate fault signatures have been generated. However, an important missing piece is the integration of model-based techniques with the acquisition and processing of sensor signals and the modeling of faults to support diagnostic reasoning. This paper addresses key modeling and computational problems at the interface between model-based diagnosis techniques and signature analysis to enable the efficient detection and isolation of incipient and abrupt faults in hybrid systems. A hybrid automata model that parameterizes abrupt and incipient faults is introduced. Based on this model, an approach for diagnoser design is presented. The paper also develops a novel mode estimation algorithm that uses model-based prediction to focus distributed processing signal algorithms. Finally, the paper describes a diagnostic system architecture that integrates the modeling, prediction, and diagnosis components. The implemented architecture is applied to fault diagnosis of a complex electro-mechanical machine, the Xerox DC265 printer, and the experimental results presented validate the approach. A number of design trade-offs that were made to support implementation of the algorithms for online applications are also described.     

Model-based engineering for change-tolerant systems

Developing and evolving today’s systems are often stymied by the sheer size and complexity of the capabilities being developed and integrated. At one end of the spectrum, we have sophisticated agent-based software with hundreds of thousands of collaborating nodes. These require modeling abstractions relevant to their complex workflow tasks as well as predictable transforms and mappings for the requisite elaborations and refinements that must be accomplished in composing these systems. At the other end of the spectrum, we have ever-increasing capabilities of reconfigurable hardware devices such as field-programmable gate arrays to support the emerging adaptability and flexibility needs of these systems. From a model-based engineering perspective, these challenges are very similar; both must move their abstraction and reuse levels up to meet growing productivity and quality objectives. Model-based engineering and software system variants such as the model-driven architecture (MDA) are increasingly being applied to systems development as the engineering community recognizes the benefits of managing complexity, separating key concerns, and automating transformations from high-level abstract requirements down through the implementation. However, there are challenges when it comes to establishing the correct boundaries for change-tolerant parts of the system. Capabilities engineering (CE) is a promising approach for defining long-lived components of a system to ensure some sense of change tolerance. For innovative initiatives such as the National Aeronautics and Space Administration (NASA)’s autonomous nanotechology swarms (ANTS), the development and subsequent evolution of such systems are of considerable importance as their missions involve complex, collaborative behaviors across distributed, reconfigurable satellites. In this paper, we investigate the intersection of these two technologies as they support the development of complex, change-tolerant systems. We present an effective approach for bounding computationally independent models so that, as they transition to the architecture, capabilities-based groupings of components are relevant to the change-tolerant properties that must convey in the design solution space. The model-based engineering approach is validated via a fully functional prototype and verified by generating nontrivial multiagent systems and reusing components in subsequent systems. We build off of this research completed on the collaborative agent architecture, discuss the CE approach for the transition to architecture, and then examine how this will be applied in the reconfigurable computing community with the new National Science Foundation Center for High-Performance Reconfigurable Computing. Based on this work and extrapolating from similar efforts, the model-based approach shows promise to reduce the complexities of software evolution and increase productivity—particularly as the model libraries are populated with canonical components.     

Toward a discipline of software engineering

Despite rapid changes in computing and software development, some fundamental ideas have remained constant. This article describes eight such concepts that together constitute a viable foundation for a software engineering discipline: abstraction, analysis and design methods and notations, user interface prototyping, modularity and architecture, software life cycle and process, reuse, metrics, and automated support     

基于模型的飞机电滑行系统设计与研究

详细介绍了基于模型的飞机电滑行系统的开发流程与方法,并对其进行了集成仿真分析。利用Matlab/Simulink建立了电滑行系统需求的行为模型,利用Simscape建立了电机物理模型,根据电滑行系统架构进行多专业的联合仿真,验证系统的功能、性能和接口信息等。通过模型的方式实现了对系统设计的分析和确认,实现系统的图形化设计与传递,以及系统需求、系统架构、仿真模型的可追踪与追溯性,在系统开发早期验证设计,能发现潜在问题,从而避免设计的迭代。应用集成仿真验证了模型在电滑行系统设计中的指导作用。     

Model-based testing for software safety: a systematic mapping study

Testing safety-critical systems is crucial since a failure or malfunction may result in death or serious injuries to people, equipment, or environment. An important challenge in testing is the derivation of test cases that can identify the potential faults. Model-based testing adopts models of a system under test and/or its environment to derive test artifacts. This paper aims to provide a systematic mapping study to identify, analyze, and describe the state-of-the-art advances in model-based testing for software safety. The systematic mapping study is conducted as a multi-phase study selection process using the published literature in major software engineering journals and conference proceedings. We reviewed 751 papers and 36 of them have been selected as primary studies to answer our research questions. Based on the analysis of the data extraction process, we discuss the primary trends and approaches and present the identified obstacles. This study shows that model-based testing can provide important benefits for software safety testing. Several solution directions have been identified, but further research is critical for reliable model-based testing approach for safety.