基于故障注入模型的电传飞控系统安全性分析

doi:10.7527/S1000-6893.2022.27329

Abstract

Abstract:

Safety analysis is the main method to improve safety in the process of aircraft development， and is also an important method to examine if the design meets the safety requirements of airworthiness standards. Traditional safety analysis methods lag behind the system design process and are significantly dependent on the skills and experience of analysts， and thus cannot meet the requirements of safety analysis for modern complex systems gradually. This paper presents a model-based safety analysis method for the fly-by-wire system. The nominal model and extended model of the fly-by-wire flight control system are established with Simulink. Failure mode and effect analysis can be conducted by injecting the single fault mode and evaluating the impact through the system response. An analysis method of obtaining the minimal cut sets is proposed based on the system response by traversing all failure combinations. Finally， the correctness and effectiveness of the proposed method are illustrated by an engineering case. Compared with the classical Markov method， our method can avoid dependence on designers’ experience， and has higher accuracy. In addition， with the change of design， our method can update the results of safety analysis automatically， which can avoid the tedious work of re-modeling and re-analysis.

Key words: system safety analysis, flight control system, fault injection, state traversal, recursive method, minimal cut set

CLC Number:

V240.2

Lu ZHUANG, Zhong LU, Haijing SONG, Li DONG, Yuting WU, Jia ZHOU. Safety analysis for fly⁃by⁃wire system based on fault injection model[J]. ACTA AERONAUTICAET ASTRONAUTICA SINICA, 2023, 44(9): 327329-327329.

Figures/Tables 18

Fig. 1

Fig. 2

Table 1

Typical fault modes and descriptions

序号	故障模式	描述	数学模型	使用的Simulink模块
1	无响应	无论输入为何种形式输出始终为0	$y (t) = 0$	Constant模块：生成0信号
2	随机输出	输出数值在一定范围内的随机信号	$y (t) = r a n d (m i n, m a x)$	Random模块：生成随机数
3	延迟	输出延迟一定的时间	$y (t) = y r (t - t 0)$	Delay模块：延迟时间量的输入
4	卡滞	输出卡滞在某一数值	$y (t) = y r (t')$	Memory模块：输出上一时间步的输入
5	舵面松浮	舵面随气动力处于松浮状态	$y (t) = y i i = 1,2, ⋯, n$	若干Constant模块：不同状态舵面松浮时的角度
6	增益改变	输出信号增益发生变化	$y (t) = a y r (t)$	Gain模块：信号放大/缩小
7	信号漂移	实际信号与测量信号之间的恒定偏移/误差	$y (t) = y r (t) ± y 0$	Constant模块：设置漂移量 Add模块：信号值的加减

Table 1

Fig. 3

Table 2

Fig. 4

Fig. 5

Fig. 6

Fig. 7

Fig. 8

Fig. 9

Table 3

Fig. 10

Table 4

Table 5

Fig. 11

Fig. 12

Table 6

Probability of top-level FC occurrence calculated by different methods

FC	MA方法	蒙特卡罗仿真	本文方法
导致不安全飞行路径的滚转功能丧失	$(3 002.66 × 10 - 10, 3 002.69 × 10 - 10)$	$3 002.662$ $× 10 - 10$	$3 002.661$ $× 10 - 10$
导致不安全飞行路径的滚转振荡	$(1.139 9 × 10 - 10, 1.166 2 × 10 - 10)$	$1.140 9$ $× 10 - 10$	$1.140 6$ $× 10 - 10$

Table 6

References 27

1	中国民用航空局. 运输类飞机适航标准： CCAR-25-R4 ［S］. 北京：中国民用航空局， 2011： 129-130.
	Civil Aviation Administration of China. Airworthiness standards for transport aircraft： CCAR-25-R4 ［S］. Beijing：Civil Aviation Administration of China， 2011： 129-130 （in Chinese）.
2	Society of Automotive Engineers International. Certification considerations for highly-integrated or complex aircraft systems： ARP4754A ［S］. Warrendale： Society of Automotive Engineers， 2010： 1-12.
3	Society of Automotive Engineers International. Guidelines and methods for conducting the safety assessment process on civil airborne systems and equipment： ARP4761 ［S］. Warrendale： Society of Automotive Engineers， 1996： 4-6.
4	胡晓义，王如平，王鑫，等. 基于模型的复杂系统安全性和可靠性分析技术发展综述［J］. 航空学报， 2020， 41（6）： 523436.
	HU X Y， WANG R P， WANG X， et al. Recent development of safety and reliability analysis technology for model-based complex system［J］. Acta Aeronautica et Astronautica Sinica， 2020， 41（6）： 523436 （in Chinese）.
5	陈磊，焦健，赵廷弟. 基于模型的复杂系统安全分析综述［J］. 系统工程与电子技术， 2017， 39（6）： 1287-1291.
	CHEN L， JIAO J， ZHAO T D. Review for model-based safety analysis of complex safety-critical system［J］. Systems Engineering and Electronics， 2017， 39（6）： 1287-1291 （in Chinese）.
6	LIU J T， WANG H W， ZHENG W. A safety modelling method for high-speed train control systems based on UML extension［C］∥2020 Chinese Automation Congress. Piscataway： IEEE Press， 2020： 317-321.
7	WANG H L， ZHONG D M， ZHAO T D， et al. Integrating model checking with SysML in complex system safety analysis［J］. IEEE Access， 2019， 7： 16561-16571.
8	STEWART D. AADL-Based safety analysis using formal methods applied to aircraft digital systems［J］. Reliability Engineering & System Safety， 2021， 213： 107649.
9	WEI X M. AADL-based safety analysis approaches for safety-critical systems［C］∥2019 12th IEEE Conference on Software Testing， Validation and Verification. Piscataway： IEEE Press， 2019： 481-482.
10	ZHANG F K， DONG H Y. Research on formal modeling and safety analysis method of head-up display system for civil aircraft based on AltaRica［C］∥2019 3rd International Conference on Circuits， System and Simulation. Piscataway： IEEE Press， 2019： 116-120.
11	LI Z， JIANG Z Q， WANG D S， et al. System modeling and fault tree analysis based on AltaRica［J］. IEEE Access， 8： 168879-168897.
12	LU Z， ZHANG Z W， ZHUANG L， et al. Reliability model of the fly-by-wire system based on stochastic Petri net［J］. International Journal of Aerospace Engineering， 2019， 2019： 2124836.
13	WU D H. Formal model-based quantitative safety analysis using timed coloured Petri nets［J］. Reliability Engineering & System Safety， 2018， 176： 62-79.
14	SINGH L K， RAJPUT H. Dependability analysis of safety critical real-time systems by using Petri nets［J］. IEEE Transactions on Control Systems Technology， 2018， 26（2）： 415-426.
15	SAVELEV A S， EROSHCHENKOV E V， NERETIN E S， et al. Finite-state machine method in the safety assessment process using Stateflow diagrams［J］. Journal of Physics： Conference Series， 2021， 1958（1）： 012034.
16	CARRILLO M， ESTIVILL-CASTRO V， ROSENBLUETH D. Model-to-model transformations for efficient time-domain verification of concurrent models by NuSMV modules［C］∥ Proceedings of the 8th International Conference on Model-Driven Engineering and Software Development. Science and Technology Publications， 2020： 287-298.
17	ZHONG D M， SUN R， GONG H Y， et al. System-theoretic process analysis based on SysML/MARTE and NuSMV［J］. Applied Sciences， 2022， 12（3）： 1671.
18	DOMÍNGUEZ-GARCÍA A D. An integrated methodology for the dynamic performance and reliability evaluation of fault-tolerant systems［J］. Reliability Engineering & System Safety， 2008， 93（11）： 1628-1649.
19	SHAO N， ZHANG S G， LIANG H. Model-based safety analysis of a control system using Simulink and Simscape extended models［C］∥ 2017 3rd International Conference on Mechanical， Electronic and Information Technology Engineering. Les Ulis： EDP Sciences， 2017， 139： 00219.
20	KIRAN R， JEPPU Y. Autopilot mode transitions and voter logic validation using model checking： A design study of formal methods［M］∥Lecture Notes in Electrical Engineering. Berlin： Springer， 2021： 263-281.
21	PING M L， ZHANG X B， GAO Z H， et al. Simulation model development of three-stage synchronous generator for aircraft power systems based on modelica［C］∥2016 19th International Conference on Electrical Machines and Systems. Piscataway： IEEE Press， 2016： 1-6.
22	MCRUER D T， MYERS T T， THOMPSON P M. Literal singular-value-based flight control system design techniques［J］. Journal of Guidance， Control， and Dynamics， 1989， 12（6）： 913-919.
23	DOMINGUEZ-GARCIA A D. An integrated methodology for the performance and reliability evaluation of fault-tolerant systems［D］. Cambridge： Massachusetts Institute of Technology， 2007： 103-122.
24	DOMINGUEZ-GARCIA A D， KASSAKIAN J G， SCHINDALL J E， et al. On the use of behavioral models for the integrated performance and reliability evaluation of fault-tolerant avionics systems［C］∥2006 IEEE/AIAA 25th Digital Avionics Systems Conference. Piscataway： IEEE Press， 2006： 1-14.
25	LU Z， ZHUANG L， DONG L， et al. Model-based safety analysis for the fly-by-wire system by using Monte Carlo simulation［J］. Processes， 2020， 8（1）： 90.
26	BABCOCK P S， ROSCH G， ZINCHUK J J. An automated environment for optimizing fault-tolerant systems designs［C］∥Annual Reliability and Maintainability Symposium. Piscataway： IEEE Press， 1991： 360-367.
27	董力. 基于模型的飞行控制系统安全性分析方法研究［D］. 南京：南京航空航天大学， 2020： 51-53.
	DONG L. Research on model-based safety analysis of flight control system［D］. Nanjing： Nanjing University of Aeronautics and Astronautics， 2020： 51-53 （in Chinese）.

部件序号	部件名称	故障模式序号
A	PFC1指令单元	1， 2， 3， 4
B	PFC2指令单元	1， 2， 3， 4
C	PFC1监控单元	1， 2， 3， 4
D	PFC2监控单元	1， 2， 3， 4
E	LAA1	1， 4
F	LAA2	1， 4
G	RAA1	1， 4
H	RAA2	1， 4
I	RA1	1， 4
J	RA2	1， 4
K	左副翼	4， 5
L	右副翼	4， 5
M	方向舵	4， 5
N	左副翼位置传感器1	1， 6， 7
O	左副翼位置传感器2	1， 6， 7
P	左副翼位置传感器3	1， 6， 7
Q	右副翼位置传感器1	1， 6， 7
R	右副翼位置传感器2	1， 6， 7
S	右副翼位置传感器3	1， 6， 7
T	方向舵位置传感器1	1， 6， 7
U	方向舵位置传感器2	1， 6， 7
V	方向舵位置传感器3	1， 6， 7
W	IMU1	1， 6， 7
X	IMU2	1， 6， 7
Y	IMU3	1， 6， 7

部件序号	部件名称	故障模式	故障率/10^-7	飞行阶段	局部影响	对高一层次的影响	最终影响	检测方法
A	PFC1指令单元	无响应	2	爬升，巡航，下降	PFC1指令单元输出为零	PFC1监控单元抑制PFC1指令单元的输出，并向PFC2发送重配置信号	系统响应正常	机内测试仿真
A	PFC1指令单元	随机输出	1	爬升，巡航，下降	PFC1指令单元随机输出	PFC1监控单元抑制PFC1指令单元的输出，并向PFC2发送重配置信号	系统响应正常	机内测试仿真
A	PFC1指令单元	延迟	1	爬升，巡航，下降	PFC1指令单元输出延迟一段时间	PFC1监控单元抑制PFC1指令单元的输出，并向PFC2发送重配置信号	系统响应正常	机内测试仿真
A	PFC1指令单元	卡滞	1	爬升，巡航，下降	PFC1指令单元输出卡滞在之前的数值	PFC1监控单元抑制PFC1指令单元的输出，并向PFC2发送重配置信号	系统响应正常	机内测试仿真

[1]	LIU Chang, JIANG Yongping, MA Chunyan, ZHANG Tao. Formal verification technology for AADL models based on NuSMV [J]. ACTA AERONAUTICAET ASTRONAUTICA SINICA, 2022, 43(3): 325196-325196.
[2]	LIU Haigang, LIU Liang, WANG Peng, ZHOU Wei. Model based simulation and analysis of energy optimization characteristics of more-electric aircraft [J]. ACTA AERONAUTICAET ASTRONAUTICA SINICA, 2021, 42(8): 525801-525801.
[3]	YANG Xuan, WEI Xiaoyong, CUI Delong. Bus interface strategy in flight control system for carrier-based aircraft [J]. ACTA AERONAUTICAET ASTRONAUTICA SINICA, 2019, 40(4): 622283-622283.
[4]	SHI Zhongke. Challenge of control theory in the presence of high performance aircraft development [J]. ACTA AERONAUTICAET ASTRONAUTICA SINICA, 2015, 36(8): 2717-2734.
[5]	LU Yuping, YANG Chaoxing, LIU Yangyang. A Survey of Modeling and Control Technologies for Aerial Refueling System [J]. ACTA AERONAUTICAET ASTRONAUTICA SINICA, 2014, 35(9): 2375-2389.
[6]	GUO Jianguo, ZHOU Jun. Review of the Control of Low Dynamic Vehicles in Near Space [J]. ACTA AERONAUTICAET ASTRONAUTICA SINICA, 2014, 35(2): 320-331.
[7]	YE Hui, CHEN Mou, WU Qingxian. Envelope Protection Control for Maneuver Flight Based on Multi-regulator Sliding Mode Control Switch Approach [J]. ACTA AERONAUTICAET ASTRONAUTICA SINICA, 2014, 35(12): 3358-3370.
[8]	ZHOU Kun, WANG Lixin, TAN Xiangsheng. Handling Qualities Assessment of Short Period Mode for Fly-by-Wire Passenger Airliner with Relaxed Static Stability Design [J]. ACTA AERONAUTICAET ASTRONAUTICA SINICA, 2012, 33(9): 1606-1615.
[9]	ZHOU Qing, LIU Bin, YU Zhengwei, FENG Shiyu. A Framework of Simulation Testing Environment for Integrated Modular Avionics Software [J]. ACTA AERONAUTICAET ASTRONAUTICA SINICA, 2012, (4): 722-733.
[10]	CAI Lin, ZHANG Ling, YANG Shanshui, WANG Li. Reliability Assessment and Analysis of Large Aircraft Power Distribution Systems [J]. ACTA AERONAUTICAET ASTRONAUTICA SINICA, 2011, 32(8): 1488-1496.
[11]	GONG Lei, ZHANG Shuguang, LIU Xiaofeng, QIU Tian. Research on Hazard Identification of Turbo-fan Engine Digital Control Systems Based on Functional Hazard Analysis [J]. ACTA AERONAUTICAET ASTRONAUTICA SINICA, 2011, 32(12): 2194-2203.
[12]	LI Tianmei, HU Changhua, ZHOU Xin. Fault Injection Method Resulting from Inaccessible Location Fault Based on Fault Propagation Characteristics [J]. ACTA AERONAUTICAET ASTRONAUTICA SINICA, 2011, 32(12): 2277-2286.
[13]	Meng Jie;Xu Haojun;Zhang Jiankang. A Comparison of Feedback and Foreback Schemes to Prevent Category Ⅱ PIO [J]. ACTA AERONAUTICAET ASTRONAUTICA SINICA, 2010, 31(9): 1701-1707.
[14]	Lu Yuping;He Zhen. A Survey of Morphing Aircraft Control Systems [J]. ACTA AERONAUTICAET ASTRONAUTICA SINICA, 2009, 30(10): 1906-1911.
[15]	Zhang Dengfeng;Gao Jinyuan. Multi-objective Optimization Design of Integral Aircraft Control Effector Parameters and Flight Control Law Based on MDO Technique [J]. ACTA AERONAUTICAET ASTRONAUTICA SINICA, 2008, 30(6): 1626-1633.

Safety analysis for fly⁃by⁃wire system based on fault injection model

RichHTML

PDF (PC)

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 18

References 27

Related Articles 15

Recommended Articles

Metrics

Comments