Presentation is loading. Please wait.

Presentation is loading. Please wait.

An Integrated Model-Based Approach to System Safety and Aircraft System Architecture Development Eric Villhauer – Systems Engineer Brian Jenkins – System.

Published byEvangeline Bruce Modified over 7 years ago

Similar presentations

Presentation on theme: "An Integrated Model-Based Approach to System Safety and Aircraft System Architecture Development Eric Villhauer – Systems Engineer Brian Jenkins – System."— Presentation transcript:

1 An Integrated Model-Based Approach to System Safety and Aircraft System Architecture Development Eric Villhauer – Systems Engineer Brian Jenkins – System Safety Engineer General Atomics Aeronautical Systems

2 July Approved for Public Release. This presentation does not contain technical data per ITAR 22 CFR parts 120-130. Introduction Standards Dependencies Safety View Functional Hazard Assessment (FHA) Example –Logical behavior – “Control Aircraft Pitch” activity –“Control Aircraft Pitch” FHA –“Control Aircraft Pitch” Fault Tree Analysis (FTA) Questions References Outline

3 July Approved for Public Release. This presentation does not contain technical data per ITAR 22 CFR parts 120-130. History –Industry standards for aircraft development require consideration of System Safety objectives during all phases of System Architecture development and implementation –Tools available to Systems Engineers and Software Engineers to model architecture currently don’t address concerns of the System Safety Engineering discipline Objectives –Ensure that safety objectives are considered during system architecture model development –Maintain required organizational independence between System Safety and the domains with which they interface Approach –Use OMG SysML™ to integrate the system safety analysis methods defined in SAE ARP 4761 “Guidelines and Methods for Conducting the Safety Assessment Process on Civil Airborne Systems and Equipment” into a System Architecture model in accordance with SAE ARP4754 “Certification Considerations for Highly-Integrated or Complex Aircraft Systems” Introduction

4 July Approved for Public Release. This presentation does not contain technical data per ITAR 22 CFR parts 120-130. STANDARDS DEPENDENCIES

5 July Approved for Public Release. This presentation does not contain technical data per ITAR 22 CFR parts 120-130. Architecture Development, System Safety, and Design Assurance Dependencies SAE ARP 4754A FIGURE 1 GUIDELINE DOCUMENTS COVERING DEVELOPMENT AND IN-SERVICE/OPERATIONAL PHASES

6 July Approved for Public Release. This presentation does not contain technical data per ITAR 22 CFR parts 120-130. SAFETY VIEW

7 July Approved for Public Release. This presentation does not contain technical data per ITAR 22 CFR parts 120-130. Objectives –Identify, classify, and mitigate safety hazard risks during system life-cycle –Provide Safety Requirements to control hazard risk –Integrate into Model-Based Systems Engineering (MBSE) process Concerns –Safety hazard risk identification, classification, and reduction through mitigation –Validation and verification of safety hazard risk mitigations –Safety hazard risk acceptance Analysis Methods –Functional Hazard Assessment (FHA) –Fault Tree Analysis (FTA) –Failure Modes and Effects Analysis (FMEA) Model-Based Safety Analysis (MBSA)

8 July Approved for Public Release. This presentation does not contain technical data per ITAR 22 CFR parts 120-130. Provide safety requirements for system and subsystem specifications Monitor safety throughout product life cycle Use safety assessment to justify safety risk characterization Safety Viewpoint Purpose

9 July Approved for Public Release. This presentation does not contain technical data per ITAR 22 CFR parts 120-130. Safety View conforms to Safety Viewpoint Safety Viewpoint

10 July Approved for Public Release. This presentation does not contain technical data per ITAR 22 CFR parts 120-130. The Safety Profile must –Be suitable for use within a UML or SysML model –Conform to an SAE ARP 4761 approach with provision for MIL-STD-882 Safety Profile Requirements

11 July Approved for Public Release. This presentation does not contain technical data per ITAR 22 CFR parts 120-130. > Indicates the element has a hazard severity consequence due to one or more associated Functional Failure Modes determined by FHA Safety UML Profile > The inability of a function to perform as it is intended Has one or more failure effects on the system in which a hazard severity classification is determined > A relation to associate a > functional element to its > elements

12 July Approved for Public Release. This presentation does not contain technical data per ITAR 22 CFR parts 120-130. FHA EXAMPLE

13 July Approved for Public Release. This presentation does not contain technical data per ITAR 22 CFR parts 120-130. Aircraft level Use Case is first assessed for top-level Failure Conditions Use Case View

14 July Approved for Public Release. This presentation does not contain technical data per ITAR 22 CFR parts 120-130. Top level safety requirements tend to be difficult to measure Use cases can provide context to system conformance to top level safety requirements Top Level Safety Requirements >

15 July Approved for Public Release. This presentation does not contain technical data per ITAR 22 CFR parts 120-130. Aircraft Use Case is decomposed into Logical Views for each system function (MBSE process) Example shown is a conceptual aircraft pitch controller that does not reflect actual design Safety criticality of each activity will determine overall Level of Rigor / Functional Development Assurance Level (FDAL) for the “Control Aircraft Pitch” function Control Aircraft Pitch – Logical Behavior

16 July Approved for Public Release. This presentation does not contain technical data per ITAR 22 CFR parts 120-130. Functional Failure Modes –Safety analysis is performed to determine effects, severity and likelihood of each failure mode Manifests Failure –Directed association that provides safety attributes –Drives development assurance activities to be executed IAW ARP4754 (System Level) and DO-178 / DO-254 (SW / HW Item Level) Control Aircraft Pitch – Aircraft Functional Hazard Assessment

17 July Approved for Public Release. This presentation does not contain technical data per ITAR 22 CFR parts 120-130. Safety requirements derived from severity classification of functional failure modes Safety Requirement Derivation

18 July Approved for Public Release. This presentation does not contain technical data per ITAR 22 CFR parts 120-130. Fault Tree Analysis –Functional Failure modes become events (top level causal factors) in Fault Tree Analysis –Shows context and causal chain to top-level system hazards –Fully traceable to architecture model (“safety view”) –Mitigations identified from FMEA once full causal tree built Control Aircraft Pitch – Aircraft Fault Tree Analysis

19 July Approved for Public Release. This presentation does not contain technical data per ITAR 22 CFR parts 120-130. Questions

20 July Approved for Public Release. This presentation does not contain technical data per ITAR 22 CFR parts 120-130. REFERENCES

21 July Approved for Public Release. This presentation does not contain technical data per ITAR 22 CFR parts 120-130. Non-Government Standards Documents References Document Number Reference Document TitleDateSource SAE ARP 4761Guidelines and Methods for Conducting the Safety Assessment Process on Civil Airborne Systems and Equipment 12/01/1996SAE SAE ARP 4754ACertification Considerations for Highly-Integrated or Complex Aircraft Systems 12/21/2010SAE OMG SysML™OMG Systems Modeling Language, Version 1.26/01/2010OMG RTCA DO-178CSoftware Considerations in Airborne Systems and Equipment Certification 12/13/2011RTCA RTCA DO-254ADesign Assurance Guidance for Airborne Electronic Hardware4/19/2000RTCA OMG UML™OMG Unified Modeling Language Superstructure8/06/2011OMG

Download ppt "An Integrated Model-Based Approach to System Safety and Aircraft System Architecture Development Eric Villhauer – Systems Engineer Brian Jenkins – System."

Similar presentations

Building a Cradle-to-Grave Approach with Your Design Documentation and Data Denise D. Dion, EduQuest, Inc. and Gina To, Breathe Technologies, Inc.

Building a Cradle-to-Grave Approach with Your Design Documentation and Data Denise D. Dion, EduQuest, Inc. and Gina To, Breathe Technologies, Inc.
Integra Consult A/S Safety Assessment. Integra Consult A/S SAFETY ASSESSMENT Objective Objective –Demonstrate that an acceptable level of safety will.

Integra Consult A/S Safety Assessment. Integra Consult A/S SAFETY ASSESSMENT Objective Objective –Demonstrate that an acceptable level of safety will.
Module N° 3 – ICAO SARPs related to safety management

Module N° 3 – ICAO SARPs related to safety management
Medical Device Software Development

Medical Device Software Development
RTCA DO-178C “Software Considerations in Airborne Systems and Equipment Certification” Brock Greenhow March 21, 2013 The main idea of DO-178 is to design.

RTCA DO-178C “Software Considerations in Airborne Systems and Equipment Certification” Brock Greenhow March 21, 2013 The main idea of DO-178 is to design.
Define & Compare Flowcharts of Each Method Tom Delong.

Define & Compare Flowcharts of Each Method Tom Delong.
Software Quality Assurance (SQA). Recap SQA goal, attributes and metrics SQA plan Formal Technical Review (FTR) Statistical SQA – Six Sigma – Identifying.

Software Quality Assurance (SQA). Recap SQA goal, attributes and metrics SQA plan Formal Technical Review (FTR) Statistical SQA – Six Sigma – Identifying.
Integrated Messaging and Process Analysis Control Techniques  SEA Inc. Proprietary Data – Please Protect Accordingly 6100 Uptown Blvd., NE, Suite 700,

Integrated Messaging and Process Analysis Control Techniques  SEA Inc. Proprietary Data – Please Protect Accordingly 6100 Uptown Blvd., NE, Suite 700,
® IBM Software Group © 2014 IBM Corporation Innovation for a smarter planet Agile Model-Based Systems Engineering (aMBSE) Bruce Powel Douglass, Ph.D. Chief.

® IBM Software Group © 2014 IBM Corporation Innovation for a smarter planet Agile Model-Based Systems Engineering (aMBSE) Bruce Powel Douglass, Ph.D. Chief.
® IBM Software Group © 2014 IBM Corporation Innovation for a smarter planet MBSE for Complex Systems Development Dr. Bruce Powel Douglass, Ph.D. Chief.

® IBM Software Group © 2014 IBM Corporation Innovation for a smarter planet MBSE for Complex Systems Development Dr. Bruce Powel Douglass, Ph.D. Chief.
Stepan Potiyenko ISS Sr.SW Developer.

Stepan Potiyenko ISS Sr.SW Developer.
1 Certification Chapter 14, Storey. 2 Topics  What is certification?  Various forms of certification  The process of system certification (the planning.

1 Certification Chapter 14, Storey. 2 Topics  What is certification?  Various forms of certification  The process of system certification (the planning.
Pratt & Whitney National Workshop on Aviation Software Systems for the Second Century of Flight: Design for Certifiably Dependable Systems October 5-6,

Pratt & Whitney National Workshop on Aviation Software Systems for the Second Century of Flight: Design for Certifiably Dependable Systems October 5-6,
DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.
The Software Product Life Cycle. Views of the Software Product Life Cycle  Management  Software engineering  Engineering design  Architectural design.

The Software Product Life Cycle. Views of the Software Product Life Cycle  Management  Software engineering  Engineering design  Architectural design.
Quality Risk Management ICH Q9 Annex I: Methods & Tools

Quality Risk Management ICH Q9 Annex I: Methods & Tools
Systems Engineering Approach to MPS Risk Management Kelly Mahoney Presented at the Workshop for Machine Protection in Linear Accelerators.

Systems Engineering Approach to MPS Risk Management Kelly Mahoney Presented at the Workshop for Machine Protection in Linear Accelerators.
Engineering Systems of.

Engineering Systems of.
Chapter 3 Software Processes.

Chapter 3 Software Processes.
Romaric GUILLERM Hamid DEMMOU LAAS-CNRS Nabil SADOU SUPELEC/IETR ESM'2009, October 26-28, 2009, Holiday Inn Leicester, Leicester, United Kingdom.

Romaric GUILLERM Hamid DEMMOU LAAS-CNRS Nabil SADOU SUPELEC/IETR ESM'2009, October 26-28, 2009, Holiday Inn Leicester, Leicester, United Kingdom.

Similar presentations

Ads by Google