一种基于失效传播模型的危害分析方法  被引量：1

作　　者：葛晓瑜 沈国华[1,2] 黄志球 邓刘梦[1] 宛伟健 GE Xiao-yu;SHEN Guo-hua;HUANG Zhi-qiu;DENG Liu-meng;WAN Wei-jian(College of Computer Science and Technology,Nanjing University of Aeronautics and Astronautics,Nanjing 211106;Collaborative Innovation Center of Novel Software Technology and Industrialization,Nanjing 211106,China)

机构地区：[1]南京航空航天大学计算机科学与技术学院,江苏南京211106 [2]软件新技术与产业化协同创新中心,江苏南京210016

出　　处：《计算机工程与科学》2019年第6期1026-1033,共8页Computer Engineering & Science

基　　金：国家自然科学基金(61502231,61272083);国家重点研发计划(2016YFB1000802);南京航空航天大学研究生创新基地(实验室)开放基金(kfjj20171606)

摘　　要：嵌入式实时系统越来越多地应用于交通、航空、核能等安全关键环境。尽管系统设计可能没有任何缺陷,但由于物理组件的磨损或环境的突变而导致的随机故障在运行时仍可能导致系统发生危险。目前基于失效传播模型的危害分析方法要么仅考虑失效传播时间,要么仅考虑失效概率,缺少综合分析失效传播时间及失效概率对危害分析的影响。时间失效传播图TFPGs模型用于建模安全关键系统设计阶段中失效传播过程,该模型包含失效传播时延建模。考虑到失效传播路径的不确定对危害发生的概率影响,提出了一种危害分析方法,用概率-时间失效传播图P-TFPGs模型建模失效传播过程,并基于该模型设计了一种分析危害发生时间与发生概率之间关系的方法;最后,给出了一个案例来说明方法的可行性。Embedded real-time systems are extensively used in safety-critical environments, such as transportation, aerospace and nuclear power systems. Although system design may not have any defects, random failures due to wear of physical components or sudden changes in the environment can cause system hazards during operation. Currently, the hazard analysis methods based on failure propagation model either only consider failure propagation time or just failure probability, and do not comprehensively analyze the impact of the failure propagation time and the failure probability on the hazard analysis. Timed failure propagation graphs (TFPGs) are usually used to model the failure propagation process in the design phase of a safety-critical system, which includes failure propagation delay modeling. Considering the effect of the uncertainty of failure propagation path on the probability of the hazard occurrence, we propose a hazard analysis method, which uses the probabilistic-TFPGs to model the failure propagation process. We also design an analysis algorithm to obtain the correlation between occurrence time and occurrence probability. Finally, a case is given to demonstrate the feasibility of the proposed approach.

关 键 词：实时系统 危害分析 失效传播 传播时延 

分 类 号：TP311.5[自动化与计算机技术—计算机软件与理论]