首页论文研究 - 从SysML模型自动推导故障树模型以进行安全性分析
安全关键系统（SCS）是在超出规定规格的范围内操作可能会对用户和/或环境造成伤害的系统。 这样的系统用于广泛的领域，例如航空航天，汽车，铁路运输和医疗保健。 在本文中，我们提出了一种在模型驱动工程（MDE）系统开发过程中集成SCS的安全性分析的方法。 该方法基于模型转换，并使用标准的众所周知的技术和开源工具对SCS进行建模和分析。 更具体地说，使用OMG的标准系统建模语言SysML建模的系统会自动转换为故障树（FT）模型，可以使用现有的FT工具进行分析。 建议的模型转换分为两个步骤：a）在组件级别生成FT，以解决复杂性并实现重用； b）通过组合组件及其FT来生成系统级FT。 通过将其应用于简化的行业启发案例研究中对该方法进行了说明。
Journal of Software Engineering and Applications, 2018, 11, 204-222
ISSN Online: 1945-3124
ISSN Print: 1945-3116
Automatic Derivation of Fault Tree Models
from SysML Models for Safety Analysis
Bashar Alshboul, Dorina C. Petriu
Department of Systems and Computer Engineering, Carleton University, Ottawa, Canada
Safety Critical Systems (SCS) are those systems that
may cause harm to the
user(s) and/or the environment if operating outside of their prescribed spec
fications. Such systems are used in a wide variety of domains, such as aer
space, automotive, railway transportation and healthcare. In this paper, we
e an approach to integrate safety analysis of SCSs within the Model
Driven Engineering (MDE) system development process. The approach is
based on model transformation and uses standard well-
known techniques and
open source tools for the modeling and analys
is of SCSs. More specifically, the
system modeled with the OMG’s standard systems modeling language,
SysML, is automatically transformed in Fault Tree (FT) models, that can be
analyzed with existing FT tools.
The proposed model transformation takes
n two steps: a) generate FTs at the component level, in order to tackle
complexity and enable reuse; and b) generate system level FTs by composing
the components and their FTs. The approach is illustrated by applying it to a
simplified industry-inspired case study.
Safety Analysis, Model Transformation, Fault Trees, SysML, MDE
Computer systems are widely used today in a multitude of domains. Individuals,
communities, governments, industry, and organizations rely on computer tech-
nology to produce or innovate many aspects in a variety of areas, such as com-
munication, education, healthcare, transportation, food, services, entertainment.
The increase in the utilization of computer systems has significantly raised their
complexity levels. Furthermore, there is an increase in the demand to build sys-
tems that meet various Non-Functional Properties (NFP), such as performance,
How to cite this paper:
, D.C. (2018)
of Fault Tree Models from SysML Models
for Safety Analysis
Engineering and Applications
April 13, 2018
May 22, 2018
May 25, 2018
Copyright © 201
8 by authors and
Research Publishing Inc.
This work is
licensed under the Creative
Commons Attribution International
License (CC BY
DOI: 10.4236/jsea.2018.115013 May 25, 2018 204 Journal of Software Engineering and Applications
B. Alshboul, D. C. Petriu
dependability, security, safety. Regulatory authorities and concerned bodies have
put regulations and standards in different domains to control the development
of such systems. This has triggered many research efforts in the academia and
industry targeting the analysis of NFPs.
Dependability is the general NFP of interest in this paper. Dependability is de-
fined as the ability to deliver services that can justifiably be trusted . Depen-
dability comprises five main attributes: Availability, Reliability, Maintainability,
Integrity, and Safety. The last one, Safety, is the specific NFP of interest in this
Safety is defined as the absence of catastrophic consequences on the user(s)
and the environment . Safety-Critical Systems (SCS) are the type of systems
that can cause harm to the user(s) and/or the environment when operating out-
side of the prescribed specifications. These systems are used in various domains,
such as: aerospace, automotive, railway and healthcare. Safety Analysis (SA) is
performed on SCS to ensure that they are safe enough to be operational.
The survey in  performs a systematic literature review on SCS, concentrat-
ing on the evidence artifacts of systems for safety certification, including studies
between 1990 and 2012. It shows that the number of publications targeting SCS
and their safety evidence is increasing in all domains based on their respec-
tive standards. An interesting conclusion is that very few works are using
model-based methodologies to obtain compliance evidence with safety standard.
Many SA techniques have been around for a considerably long time and have
proven their effectiveness in performing SA; hence they are recommended and,
in some cases, mandated by industry standards and certification authorities.
However, applying such techniques imposes various challenges. Two well estab-
lished SA techniques are Fault Tree Analysis (FTA) and Fault Model and Effect
Analysis (FMEA). Traditionally, both techniques are performed manually in
preliminary stages of the development cycle, but their application is error prone
and time consuming, especially for systems with high complexity.
This paper contributes to an aspect of safety analysis that was found to be less
supported by tools: the automatic derivation by model transformation of safety
analysis models (namely fault trees) from SysML design models of the system
under construction annotated with relevant safety information. The goal is to
avoid error-prone manual work and to maintain the traceability between the
software models used for development and the analysis models used to verify
This paper’s objective is to develop a MDE-based approach with safety concerns
in mind, utilizing standard and well-known techniques and open source tools.
The aim is to integrate safety verification in the model-driven development of
SCSs, allowing its artifacts to be maintained throughout the system life-cycle.
The paper proposes an approach for modeling SCS, with emphasis on
DOI: 10.4236/jsea.2018.115013 205 Journal of Software Engineering and Applications
B. Alshboul, D. C. Petriu
representing the safety behavior by using the OMG standard SysML language.
One of the advantages of SysML is the ability to model component-based sys-
tems, which are used to tackle the system’s complexity and to enhance the ex-
pressiveness and abstraction of the model. Related safety information will be
added to the SysML model using another standard from OMG, the UML Profile
for Modeling and Analysis of Real-Time Embedded Systems (MARTE)  along
with its extension, the Dependability Analysis and Modeling (DAM) profile .
One of the objectives of this work is to support the construction, reuse, and
composition of FTs at the component level. Therefore, we propose a two-step
transformation of SysML models with safety annotations into safety analysis
models. The first step incorporates the component-based development approach
to synthesize component level fault tree safety models, which allow for reuse and
simplification. In a consecutive step, system-level FT safety models are obtained
by composing the component-level FTs built in the previous step. The generated
FTs are used for system safety verification. A visualization of the FTs is also pro-
Another aim of the paper is to support the proposed method with tools easy to
learn and use. For this reason, we are using existing modeling languages and
notations to represent the system and the safety models, as well as open-source
tools (e.g., Papyrus, Eclipse Epsilon, Eclipse EMFTA).
SysML has been chosen as the modeling language in this approach consider-
ing the following facts as described in . First, it supports the specification, de-
sign, analysis, and verification of systems as a general-purpose modeling lan-
guage. Second, it provides graphical models representing requirements, struc-
ture, behavior, and properties of systems and their components. Third, it is a
standardized and robust language. Finally, it is an extension of a subset of the
standard UML language, which adds the benefit of extending SysML with the
standardized profiles defined for extending UML, such as MARTE .
1.2. Overview of the Approach
This section provides an overview of the proposed approach for performing SA
on SysML based models. The main activities are as follows (see
(including safety requirements), must be elicited and
specified, whether the approach is applied to a new project or an existing one.
A formal approach covering this activity is still under development. Hence, it
will not be further detailed in this paper.
utilizing SysML’s modeling power based on compo-
nent-based modeling. The system is decomposed into a set of cooperating
components, composite and simple. Composite components contain in-
stances of other composite and/or simple components, while simple compo-
nents are the most fine-grained level of decomposition and do not include
Internal structure modeling
: specifies the composition and the interaction
DOI: 10.4236/jsea.2018.115013 206 Journal of Software Engineering and Applications
B. Alshboul, D. C. Petriu
Figure 1. Overview of the proposed approach.
between component instances. A set of interfaces and possible item flows are
realized modeling the component internal structure.
: the representation of the system regular behavior and its
reaction to certain events.
Annotate elements with failure information
: adding safety behavior annota-
tion to the previously specified component behavior.
component level failures
, the generation of analysis FT
models at the component level.
system level failures
, the generation of analysis FT model
representing system level safety behavior. This is achieved by the composi-
tion of component-level FT models, according to the interconnection of their
corresponding component instances.
: perform analysis of the generated analysis models with existing
Safety requirements satisfied or not
; if yes, accept the safety solution, other-
wise apply design modifications to the proposed system to improve system
safety. Examples of modifications use redundancy of existing components or
DOI: 10.4236/jsea.2018.115013 207 Journal of Software Engineering and Applications
- 我的内容管理 收起
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- Xilinx SRIO详解.pptx
- Informatica PowerCenter 10.2 for Centos7.6安装配置说明.pdf
- 现代无线系统射频电路实用设计卷II 英文版.pdf
- 电子产品可靠性设计 自己讲课用的PPT，包括设计方案的可靠性选择，元器件的选择与使用，降额设计，热设计，余度设计，参数优化设计 和 失效分析等
- 通信原理课程设计报告（ASK FSK PSK Matlab仿真--数字调制技术的仿真实现及性能研究）
- 在VMware Player 3.1.3下安装Redhat Linux详尽步骤
- 西门子MES手册 13 OpcenterEXCR_PortalStudio1_81RB1.pdf