STPA safety analysis on IMA generic system management

doi:10.16265/j.cnki.issn1003-3033.2021.09.002

Abstract

Abstract: GSM is an indispensable part of IMA system services. In order to address the difficulties traditional safety analysis methods have in capturing risks caused by component interaction in complex systems, firstly, GSM work environment and function division of its components were studied, and workflow of hierarchical system management was determined. Secondly, an extended model based on accident process of systematic theory was established for GSM, unsafe control actions(UCA) of dynamic reconfiguration case were identified through STPA, and relevant causative scenarios and their corresponding safety requirements were generated. Finally, the case is simulated and verified by timed automata. The results show that the model's logic and timing integrity and reachability of UCA behavior provide a formal basis for GSM safety analysis.

Key words: integrated modular avionics (IMA), generic system management (GSM), systematic theory process analysis (STPA), dynamic reconfiguration, safety analysis

CLC Number:

X949

XIAO Guosong, LIU Jiachen, DONG Lei, SUN Zijing, ZHAO Changxiao. STPA safety analysis on IMA generic system management[J]. China Safety Science Journal, 2021, 31(9): 8-14.

References

[1] 徐文华. 民用飞机航电系统架构安全性分析技术研究[D].南京:南京航空航天大学, 2017.
XU Wenhua. Research on safety analysis technology of civil avionics architecture[D]. Nanjing: Nanjing University of Aeronautics and Astronautics, 2017.
[2] 杨威,常磊,李姗.机载分布式系统管理中故障管理机制探究[J].信息通信, 2020(2):141-142.
YANG Wei, CHANG Lei, LI Shan. Research on fault management mechanism in airborne distributed system management [J].Information & Communications, 2020(2):141-142.
[3] 王鹏,李浩,赵长啸,等. 基于STPA的机载平视显示系统安全性分析[J].电讯技术, 2019, 59(12):1 469-1 476.
WANG Peng, LI Hao, ZHAO Changxiao, et al. Safety analysis of head-up display system based on STPA[J].Telecommunication Engineering, 2019, 59(12):1 469-1 476.
[4] 李京生,赵林,王阳,等. CRES的危害因素识别方法:以EETD为例[J].中国安全科学学报,2019, 29(1):106-111.
LI Jingsheng, ZHAO Lin, WANG Yang, et al. Study on method for identifying hazardous factors in CRES:EETD taken as an example[J]. China Safety Science Journal, 2019,29(1):106-111.
[5] 王洁宁,李保燊,冀姗姗.基于STPA和模糊BN的AIDC移交人误研究[J].中国安全科学学报, 2019,29(9):27-35.
WANG Jiening, LI Baoshen, JI Shanshan. Study on human error in AIDC transfer based on STPA and fuzzy BN[J]. China Safety Science Journal, 2019,29(9):27-35.
[6] 刘炳琪,胡剑波,刘畅,等.飞机差动刹车纠偏过程的STAMP/STPA安全性分析[J].哈尔滨工业大学学报, 2020, 52(4):66-73.
LIU Bingqi, HU Jianbo, LIU Chang, et al. STAMP /STPA safety analysis of aircraft differential braking correction process [J]. Journal of Harbin Institute of Technology, 2020, 52(4):66-73.
[7] 刘金涛,唐涛,赵林,等.基于STPA的CTCS-3级列控系统功能安全分析方法[J].中国铁道科学, 2014, 35(5):86-95.
LIU Jintao, TANG Tao, ZHAO Lin, et al. Function safety analysis method of CTCS-3 level system based on STPA[J]. China Railway Science, 2014, 35(5):86-95.
[8] 孟祥坤,陈国明,张肖锦,等. 深水井控STAMP/STPA安全性分析[J].中国石油大学学报:自然科学版, 2019, 43(2):131-139.
MENG Xiangkun, CHEN Guoming, ZHANG Xiaojin, et al. Safety analysis of deepwater well control based on STAMP /STPA [J]. Journal of China University of Petroleum:Edition of Natural Science, 2019,43(2):131-139.
[9] 丁全心.综合模块化航空电子系统标准述评[J].电光与控制,2013,20(6):1-3.
DING Quanxin, Remarks on standards of integrated module avionic system[J]. Electronics Optics & Control, 2013, 20(6):1-3.
[10] 崔西宁,沈玉龙,李亚晖. 综合化航空电子系统安全技术研究进展[J].计算机应用与软件, 2012, 29(11):130-136.
CUI Xining, SHEN Yulong LI Yahui. Progress in research of security technologies in integrated avionics system[J]. Computer Applications and Software, 2012, 29(11):130-136.
[11] 杨威,张晓红.机载分布式系统管理中消息交互机制探究[J].计算机测量与控制, 2015, 23(10):3 430-3 433.
YANG Wei, ZHANG Xiaohong. Study of message interaction mechanism of the airborne distributed management system[J]. Computer Measurement & Control, 2015, 23(10):3 430-3 433.
[12] 肖寅,吴捷,屈国栋. IMA系统管理功能的逻辑建模及性能分析[J].航空电子技术, 2015, 46(4):29-32,54.
XIAO Yin, WU Jie, QU Guodong. Logic modeling and performance analysis of IMA system manager[J].Avionics Technology, 2015, 46(4):29-32,54.
[13] LEVESON N G. A new accident model for engineering safer systems[J]. Safety Science, 2004, 42(4): 237-270.
[14] 李浩. 基于STAMP理论的机载显示系统安全性分析方法研究[D].天津:中国民航大学, 2020.
LI Hao. Research on safety analysis method of airborne display system based on the STAMP theory[D]. Tianjin:Civil Aviation University of China, 2020.
[15] 崔利杰,田宇,丛继平,等. STPA与ARP4761中的安全性分析方法对比研究[J].航空工程进展, 2020, 11(4):508-516.
CUI Lijie, TIAN Yu, CONG Jiping, et al. A comparative study on the safety analysis methods of STPA and ARP4761[J].Advances in Aeronautical Science and Engineering, 2020, 11(4):508-516.
[16] 赵长啸,何锋,李浩,等. 基于效能的先进战斗机航电系统动态重构方法[J].航空学报, 2020, 41(6):355-365.
ZHAO Changxiao, HE Feng, LI Hao, et al. Dynamic reconfiguration method based on effectiveness for advanced fighter avionics system[J]. Acta Aeronautica et Astronautica Sinica, 2020, 41(6):355-365.
[17] 赵长啸,李浩,董磊,等. 基于STPA-Bayes模型的机载平视显示系统安全性分析与评价[J].系统工程与电子技术, 2020, 42(5):1 083-1 092.
ZHAO Changxiao, LI Hao, DONG Lei, et al. Safety analysis and evaluation of airborne HUD system based on STPA-Bayes model[J].Systems Engineering and Electronics, 2020, 42(5):1 083-1 092.
[18] DAKWAT A L, VILLANI E. System safety assessment based on STPA and model checking[J]. Safety Science, 2018, 109: 130-143.
[19] NIGRO L, SCIAMMARELLA P F. Statistical model checking of distributed real-time actor systems[C]. IEEE/21^st ACM International Symposium on Distributed Simulation & Real Time Applications, 2017: 1-8.