IMOFIS was an R&D project with Renault, Alstom Transport, Systerel, UTC, CEA-List and Obeo to develop an environment that assists safety engineers to analyse and verify their systems. This project ended on October 25 2011.
In this project, we have developed a metamodel and a tool, named Alea ToolKit, to capture both parts of the system designs and parts of the safety analyses needed to build a critical systems.
For example, one system studied in this project is the Communication Based Train Control (CBTC). To build such systems, typical process is dual : on one side the system engineering and in other side the safety engineering. The first one leads to build a safe system. The second leads to verify that the system is build in safety. Between this two engineerings, the exchanges are models, documents and mainly requirements. System have to manage requirements (refine, satisfy, derive it). Safety has to tag requirements as safety ones.
 |
| Typical system engineering process |
One key problematic in such process is to be able to synchronize system and safety world. One subset of needs is :
- the adaptability, i.e to provide a tool and methodology usable for several projects and even several domains such as railway and automotive ones.
- the interoperability, i.e. to be able to reference system modeling elements to describe the safety analyses,
- the consistency, i.e. to provide facilities in order to manage several safety modeling levels (Preliminary Hazard Analysis, Fault Tree, FMEA). We want to help user to manage the consistency among thus abstraction levels,
- the traceability, i.e. to be able to compute links among engineerings and to use those links for navigation.
 |
| A set of needs explored in IMOFIS |
Hence,to fulfill those needs, we have explored the use of a viewpoint based approach with Obeo Designer. The key idea is to capitalize concepts in a generic/general safety metamodel and to
provide different views to specialize the use of this generic metamodel for a
specific concerns : a specific abstraction level or a specific domain. This metamodel is build on the the Eclipse Modeling Framework in order to achieve the interoperability with other system metamodels (SysML in our case). The views are implemented in a viewpoint based-engine : Obeo Designer. The resulting modeling framework is the Applied metamodeL for safEty Analyses ToolKit.
To illustrate such a tool, let's illustrate on the CBTC example. Firstly, we check the correct viewpoints.
 |
| In a viewpoint based-approach, user choose the viewpoint to load. |
From SysML, user can navigate to the safety analyses. For example, the F2 function is used in two safety analyses : a cause analysis (Fault tree analysis) and an accident case analysis (Preliminary Hazard Analysis).
In fact, the safety engineer described the accident case from the SysML model : i.e. he references the SysML CTBC Block and the F2 function from the SysML model. Hence, the safety engineer interoperate with the system design in order to build his analysis.
From the Alea ToolKit point of view, this scenario is "just" a graphical view on a global enhanced fault tree. The viewpoint tool manage the consistency between this event sequence view and the cause analysis view represented as a fault tree. The following picture is the projection of the previous scenario from a fault tree point of view.
The viewpoint manage also the traceability links between the views. For example, the traceability companion allow to navigate among the safety views. From a second accident case for the excessive speed hazard, user can navigate to the previous scenario.
Hence, viewpoint based approach allow to provide an integrated modeling framework gathering Safety and System concerns. It improves information search, communication (before many documents were parsed) and coherency among safety/system analyses. This approach is not a new set of methods for safety analyses. It doesn't take into account all the safety activities but PHA, SHA and FMEA modeling at the system level.
Next steps are bridges : a safety viewpoint is not only graphical representations, but this is also a set
of filters and information synchronizations for specific concerns. Hence my next work is to enhance those graphical viewpoints in order to connect business tools such as my AltaRica editor. This is another R&D story !
If you want more information, a complete presentation of this work is available here
0 comments:
Post a Comment