Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos...
-
Upload
katherine-mcnamara -
Category
Documents
-
view
232 -
download
0
Transcript of Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos...
![Page 1: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/1.jpg)
Dependability analysis and evolutionary design optimisation with HiP-HOPS
Dr Yiannis Papadopoulos
Department of Computer Science
University of Hull, U.K.
Fraunhofer IESE May 4th 2011
![Page 2: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/2.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
Motivation of work on System Dependability Analysis
• Increasing safety concerns:
Computer controlled safety critical systems emerge in areas such as automotive, shipping, medical applications, industrial processes, etc.
• Reliability & availability concern a broader class of systems
• Increasing complexity of systems & reduced product development times & budgets cause difficulties in classical manual analyses
p 2
![Page 3: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/3.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
Why is automation needed?
System Design ModelSystem Design Model
If a component fault develops here
On the outputs?
What effect does the fault have?What effect does the fault have?
3
p 3
![Page 4: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/4.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
In the University of Hull we develop:
• A method and tool that simplify dependability analysis and architecture optimisation by partly automating the process
• Known as Hierachically Performed - Hazard Origin and Propagation Studies (HiP-HOPS)
p 4
![Page 5: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/5.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
HiP-HOPS
p 5
Global view of failure:Failure annotations =of components
System Model +
Fault TreeSynthesisAlgorithm
System failures
Component failures
![Page 6: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/6.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
Valve Malfunctions Failure mode Description Failure rate Blocked e.g. by debris 1e - 6 partiallyBlocked e.g. by debris 5e - 5 stuckClosed Mechanically stuck 1.5e - 6 stuckOpen Mechanically stuck 1.5e - 5 Deviations of Flow at Valve Output Output Deviation
Description Causes
Omission - b Omission of flow Blocked or stuckClosed or Omission - a or Low - control
Commission - b Commission of flow stuckOpen or Commission - a or High-control
Low - b L ow flow partiallyBlocked or Low - a High-b High flow High-a Early - b Early flow Early - a or Early - control Late - b Late flow Late - a or Late - control
a b
control
b
Component Failure Annotations
p 6
![Page 7: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/7.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
Hierarchical analysis
Assessment of conditions that affect whole architectures, e.g. of common cause failures / combined HW-SW analysis
p 7
System / Hardware
Components / Allocated Software
Analysis of conditions that affect whole system / effects of Hardware failure
Local Safety Analyses of Components/Propagation of failure through software
![Page 8: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/8.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
• Notions of Failure Classes (user defined), Input/Output Ports & Parameters
• Failure Logic: Boolean logic, recently enhanced with new temporal operators and a temporal logic. Concept for state-sensitive analysis
• Includes generalisation operators and iterators:
e.g. any input failure propagates to all outputs
• Can be used for specification of reusable, inheritable, composable, failure patterns
Language for Error Modelling
p 8
![Page 9: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/9.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
Tool Interface
p 9
![Page 10: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/10.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
Tool support (Example Steer-by-Wire)
Simulink model: steer-by-wire system
Synthesised Fault TreesSynthesised FMEA
p 10
![Page 11: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/11.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
Tool Maturity
• Tool has public interfaces (XML, DLL) which enable linking
to modelling or drawing tools
• Has advanced capabilities for qualitative/probabilistic
analysis (common causes, zonal analysis, supports a
variety of probabilistic models)
• ITI GmbH has used the public interface to link its
“Simulation X” modelling tool to the HiP-HOPS tool. Others
(ALL4TEC, VECTOR) also interface
• Commercial launch of HiP-HOPS extension to Simulation X
in 2011
p 11
![Page 12: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/12.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
Further difficulties in dependability engineering and tool extension to support architecture optimisation
• How can system dependability be improved?
Substitute components & sub-systems, increase frequency of maintenance, replicate
• Which solution achieves minimal cost?
• People evaluate a few options.
This leads to unnecessary design iterations and sub-optimal solutions.
p 12
![Page 13: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/13.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
Work on Multi-objective Design Optimisation
• Hard optimisation problem that can only be addressed effectively with automation
• Objectives
Dependability, Cost, Weight, …
• Objectives are conflicting
(e.g. dependability and cost)
p 13
![Page 14: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/14.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
Multi-objective optimisation problem
• Find a solution x (element of solution space X),
which satisfies a set of constrains and optimizes a vector of objective functions
f(x)= [f1(x),f2(x),f3(x),…,fn(x)].
• Search for Pareto Optimal (i.e. Non-dominated) Solutions
A solution x1 dominates another solution x2 if x1
matches or exceeds x2 in all objectives.
p 14
![Page 15: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/15.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
Pareto Optimality
Cost
Reliability
3
1
3
1
11
1
1
3
2
4
59
5
Paret
o Fro
nt
p 15
![Page 16: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/16.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
Optimisation concept
Genetic Algorithm
HiP-HOPSModelling Tool Model,
VariantsFailure
data
parser
analysis
pareto front
Set of Models
representing optimal
tradeoffs
p 16
![Page 17: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/17.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
1
2
Primary
Standby
Genetic Algorithm: Making design variations
p 17
1
1 Cost: 2Reliability: 5Cost: 3Reliability: 7Cost: 4Reliability: 9Cost: 3Reliability: 8
![Page 18: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/18.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
Fuel System Example
p 18
• Provide model, variants, failure data
Cost: 511Unavailability: 0.108366
![Page 19: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/19.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
Fuel System Example
p 19
• Let tool find optimal solutions
![Page 20: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/20.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
Fuel System Example
p 20
• Choose and get optimised design
Cost: 834Unavailability: 0.044986
![Page 21: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/21.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
Optimisation in Action
p 21
![Page 22: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/22.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
Work on Temporal Safety Analysis
Cutsets of a Classical fault tree
I + A.B.C + A.S1 + A.B.S2 + D
1. No input at I
2. Failure of all of A, B, and C
3. Failure of A and S1
4. Failure of A, B, and S2
5. Failure of D
I
p 22
![Page 23: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/23.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
• PAND-ORA: Hour or “time” (ORA [ώρα] in Greek) of PAND gates
• Uses Priority-AND (<, or “before”), Priority-OR (|) and Simultaneous-AND (&, or “at the same time”) operators to express temporal ordering of events
• Relative temporal relations between events can be expressed: X<Y, X&Y, and Y<X
• New Temporal Laws can be used to simplify fault trees and calculate Minimal Cut-sequencesMinimal Cut-sequences
The PANDORA Logic
p 23
![Page 24: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/24.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
• Sequence Values
• A number indicating the order in which an event becomes true
• Events with the same sequence value are simultaneous
• Temporal Truth Tables (TTT)
– Like Boolean truth tables but
extended to use Sequence
Values
– Can be used to prove
temporal laws
– e.g. X.Y = X<Y + X&Y + Y<X
Temporal Truth Tables
p 24
![Page 25: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/25.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
Minimal Cut-sequences
• I
• D
• [S1<A]
• [S1&A]
• [B<A]
• [B&A]
• [A<B].C
• A.[S2&B]
• A.[S2<B]
• Show that the “triply redundant” system is not triply redundant.
• Give a more refined and correct view of failure
I
D
A.S1
A.B.C
A.B.S2
I
p 25
![Page 26: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/26.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
Current Work• ADLs: ADLs: Input to EAST-ADL automotive ADL in MAENAD FP7
project. Work towards harmonisation with AADL
• Dynamic Analysis: Dynamic Analysis: Synthesis of Temporal Fault Trees from State
Machines
• Separation of Concerns: Separation of Concerns: Multi-perspective HiP-HOPS. Analysis of
diagrams (SW-HW) linked with allocations
• Automatic allocation of safety requirements:Automatic allocation of safety requirements: E.g. in the form of
SILs (Safety Integrity levels)
• OptimisationOptimisation: More objectives, More model transformations
• Link to Model-CheckersLink to Model-Checkers
p 26
![Page 27: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/27.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
Relation to the state-of-the-art
• One of more advanced compositional safety analysescompositional safety analyses • Less automated than formal safety analyses & formal safety analyses & does not do
formal verification. • However, uses simple algorithmssimple algorithms and scales upscales up well.
Deductive analysis & good performance have enabled : • Multiple failure mode FMEAs• Architecture optimisation with greedy meta-heuristics• Top-down allocation of safety requirements (SILs)
• Can complement other formal techniques• Synthesis of State-Machines –> Input for Model Checker• Additional functionalities (optimisation, SIL allocation,
advanced probabilistic analyses)
p 27
![Page 28: Dependability analysis and evolutionary design optimisation with HiP-HOPS Dr Yiannis Papadopoulos Department of Computer Science University of Hull, U.K.](https://reader035.fdocuments.us/reader035/viewer/2022081419/5515fbed550346cf6f8b5913/html5/thumbnails/28.jpg)
Fraunhofer IESE May 4th 2011 Yiannis Papadopoulos
Summary
• Shorter life-cycles, economic pressures, increasing complexity demand cost effective dependability engineering.
• HiP-HOPS simplifies aspects of this process.
• Can complement formal techniques. Can be used in conjunction with emerging ADLs.
• Supported by mature commercially available tool.
• Strong interest in automotive & shipping. Growing interest in aerospace. Applications by Germanischer Lloyd, Volvo, VW, Delphi, Fiat, Continental, Toyota/Denso, et al
p 28