留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

一种针对嵌入式系统的安全性分析方法

杨波 刘振 卫新洁 吴际

杨波,刘振,卫新洁,等. 一种针对嵌入式系统的安全性分析方法[J]. 北京航空航天大学学报,2023,49(8):1930-1939 doi: 10.13700/j.bh.1001-5965.2022.0185
引用本文: 杨波,刘振,卫新洁,等. 一种针对嵌入式系统的安全性分析方法[J]. 北京航空航天大学学报,2023,49(8):1930-1939 doi: 10.13700/j.bh.1001-5965.2022.0185
YANG B,LIU Z,WEI X J,et al. A safety analysis approach for embedded system[J]. Journal of Beijing University of Aeronautics and Astronautics,2023,49(8):1930-1939 (in Chinese) doi: 10.13700/j.bh.1001-5965.2022.0185
Citation: YANG B,LIU Z,WEI X J,et al. A safety analysis approach for embedded system[J]. Journal of Beijing University of Aeronautics and Astronautics,2023,49(8):1930-1939 (in Chinese) doi: 10.13700/j.bh.1001-5965.2022.0185

一种针对嵌入式系统的安全性分析方法

doi: 10.13700/j.bh.1001-5965.2022.0185
基金项目: 中央高校基本科研业务费专项资金(BLX202003);国家自然科学基金(61502011);北京林业大学热点追踪项目(BLRD202124)
详细信息
    通讯作者:

    E-mail:yangbo@bjfu.edu.cn

  • 中图分类号: V221+.3;TB553

A safety analysis approach for embedded system

Funds: The Fundamental Research Funds for the Central Universities (BLX202003);National Natural Science Foundation of China (61502011);The Focus Tracking Project of Beijing Forestry University (BLRD202124)
More Information
  • 摘要:

    嵌入式系统广泛应用于安全关键的工业领域,但目前嵌入式系统的安全性缺乏整体性的分析。为此,提出了一种较为全面且融合了失效概率及失效路径的嵌入式系统的故障演化链分析方法。对系统采用层次分析法,借鉴失效模式和影响分析的方法,构建出故障的演化关系链条,即故障演化链。利用故障演化链可以对系统中可能包含的故障、故障产生的原因、故障带来的危害等级及故障的传播路径进行分析。在2个嵌入式软件系统上进行实验,结果显示:基于故障演化链方法比故障影响分析、功能危害性分析和故障树分析更全面,故障演化链的方法能较好地对嵌入式系统进行安全性分析。

     

  • 图 1  研究框架

    Figure 1.  Research framework

    图 2  故障演化链分析流程

    Figure 2.  Fault evolution chain analysis process

    图 3  飞行控制系统功能危害性分析报告

    Figure 3.  Functional hazard assessment report for flight control system

    图 4  ID为1的故障演化链

    Figure 4.  Fault evolution chain with ID 1

    表  1  飞行控制系统与车速控制系统

    Table  1.   Flight control system and speed regulation system

    系统子系统描述


    飞行控制系统
    自动飞行导航子系统对飞行控制命令进行自动调节
    GPS子系统进行定位
    飞行控制子系统对飞行状态进行控制
    动力供应子系统为系统提供动力
    系统间的接口提供信息的交互

    车速控制系统
    传感层子系统负责采集外界的数据
    自主避障子系统对障碍物、应急情况等做出控制
    GPS子系统进行定位
    执行器子系统根据数据做出相应的控制行为
    下载: 导出CSV

    表  2  GPS子系统的outgoing propagation on location{Service_Omission}故障产生根源

    Table  2.   Root causes of outgoing propagation on location{Service_Omission} fault of GPS subsystem

    故障产生的根源故障类型概率值
    SatelliteSignalReceiver1组件(输出接口sensedData)服务缺失2.5×10−4
    SatelliteSignalReceiver2组件(输出接口sensedData)服务缺失3.5×10−7
    network组件(输出接口access)服务缺失2.5×10−5
    powersupply1组件服务缺失3.5×10−7
    下载: 导出CSV

    表  3  FlightControl子系统的ObservableFailure{Service_Omission}故障产生根源

    Table  3.   Root causes of ObservableFailure{Service_Omission} fault of FlightControl subsystem

    故障产生的根源故障类型概率值
    GPS组件(输出接口location)服务缺失8.0×10−8
    GPS组件(输入接口satelliteSignal)信号缺失2.0×10−8
    AutoFlightGuidance组件
    (输入接口powersupply)
    服务缺失3.5×10−7
    AutoFlightGuidance组件
    (输入接口operatorCommand)
    没有提供飞行的输入2.0×10−7
    AutoFlightGuidance组件
    (输出接口AFGOutput)
    服务缺失1.0×10−9
    FlightControl组件
    (输入接口flightSurfaceControl)
    服务缺失7.0×10−10
    FSpowersupply组件服务缺失3.5×10−7
    下载: 导出CSV

    表  4  AutoFlightGuidance子系统的outgoing propagation on AFGOutput{Service_Omission}故障产生根源

    Table  4.   Root causes of outgoing propagation on AFGOutput{Service_Omission} fault of AutoFlightGuidance subsystem

    故障产生的根源故障类型概率
    AutoPilot组件服务缺失6.5×10−5
    FlightGuidance组件服务缺失4.5×10−5
    AutoFlightGuidance组件
    (输出接口AFGOutput)
    服务缺失1.0×10−9
    AutoFlightGuidance组件
    (输入接口powersupply)
    服务缺失2.4×10−9
    AutoFlightGuidance组件
    (输入接口operatorCommand)
    没有提供飞行的输入
    AutoFlightGuidance组件
    (输入接口position)
    服务缺失
    AutoFlightGuidance组件
    (输入接口position)
    服务缺失
    下载: 导出CSV

    表  5  飞行控制系统的FECA与故障影响分析对比

    Table  5.   Comparison of FECA and fault impact analysis on flight control system

    子系统 方法 故障传播路径条数 是否有产生故障
    路径原因和影响
    是否有失效概率
    AutoFlightGuidanceFECA 5
    故障影响分析 5
    GPS FECA 18
    故障影响分析 18
    FlightControlFECA 31
    故障影响分析 31
    下载: 导出CSV

    表  6  车速控制系统的FECA与故障影响分析对比

    Table  6.   Comparison of FECA and fault impact analysis on speed regulation system

    子系统 方法 故障传播路径条数 是否有产生故障
    路径原因和影响
    是否有失效概率
    ObstacleFECA 56
    故障影响分析 56
    Sensor FECA 69
    故障影响分析 69
    GPS FECA 58
    故障影响分析 58
    ActuatorsFECA 33
    故障影响分析 33
    下载: 导出CSV
  • [1] GAUTIER T, GUY C, HONORAT A, et al. Polychronous automata and their use for formal validation of AADL models[J]. Frontiers of Computer Science, 2019, 13(4): 677-697. doi: 10.1007/s11704-017-6134-5
    [2] WEI X M. AADL-based safety analysis approaches for safety-critical systems[C]//2019 12th IEEE Conference on Software Testing, Validation and Verification. Piscataway: IEEE Press, 2019: 481-482.
    [3] AHMAD E M, SARJOUGHIAN H. A behavior annex for AADL using the DEVS formalism[C]//2019 Spring Simulation Conference (SpringSim). Berlin: Springer, 2019.
    [4] MANGALATHU S, HWANG S H, JEON J S. Failure mode and effects analysis of RC members based on machine-learning-based Shapley additive explanations (SHAP) approach[J]. Engineering Structures, 2020, 219: 110927. doi: 10.1016/j.engstruct.2020.110927
    [5] LIU H C, HU Y P, WANG J J, et al. Failure mode and effects analysis using two-dimensional uncertain linguistic variables and alternative queuing method[J]. IEEE Transactions on Reliability, 2019, 68(2): 554-565. doi: 10.1109/TR.2018.2866029
    [6] APRILIA S P, SUHARDI B, ASTUTI R D. Analisis risiko keselamatan dan kesehatan kerja menggunakan metode hazard and operability study (HAZOP): Studi kasus PT. nusa palapa gemilang[J]. Performa:Media Ilmiah Teknik Industri, 2020, 19(1): 1-8.
    [7] YAZDI M, ZAREI E. Uncertainty handling in the safety risk analysis: An integrated approach based on fuzzy fault tree analysis[J]. Journal of Failure Analysis and Prevention, 2018, 18(2): 392-404. doi: 10.1007/s11668-018-0421-9
    [8] VOLK M, JUNGES S, KATOEN J P. Fast dynamic fault tree analysis by model checking techniques[J]. IEEE Transactions on Industrial Informatics, 2018, 14(1): 370-379. doi: 10.1109/TII.2017.2710316
    [9] KABIR S. An overview of fault tree analysis and its application in model based dependability analysis[J]. Expert Systems with Applications, 2017, 77: 114-135. doi: 10.1016/j.eswa.2017.01.058
    [10] YAZDI M, NIKFAR F, NASRABADI M. Failure probability analysis by employing fuzzy fault tree analysis[J]. International Journal of System Assurance Engineering and Management, 2017, 8(2): 1177-1193.
    [11] RAMAIAH B S M P S, GOKHALE A. FMEA and fault tree based software safety analysis of a railroad crossing critical system[J]. Global Journal of Computer Science and Technology, 2011, 11(8): 56-62.
    [12] BERNARDI S, MERSEGUER J, PETRIU D C. Dependability modeling and analysis of software systems specified with UML[J]. ACM Computing Surveys, 2012, 45(1): 1-48.
    [13] BUZZATTO J L. Failure mode, effects and criticality analysis (FMECA) use in the Federal Aviation Administration (FAA) reusable launch vehicle (RLV) licensing process[C]//Gateway to the New Millennium, 18th Digital Avionics Systems Conference. Piscataway: IEEE Press, 1999: 6582279.
    [14] PAPADOPOULOS Y, PARKER D, GRANTE C. A method and tool support for model-based semi-automated failure modes and effects analysis of engineering designs[C]//Proceedings of the 9th Australian Workshop on Safety Critical Systems and Software. New York: ACM, 2004: 89-95.
    [15] CARPITELLA S, CERTA A, IZQUIERDO J, et al. A combined multi-criteria approach to support FMECA analyses: A real-world case[J]. Reliability Engineering & System Safety, 2018, 169: 394-402.
    [16] GARGAMA H, CHATURVEDI S K. Criticality assessment models for failure mode effects and criticality analysis using fuzzy logic[J]. IEEE Transactions on Reliability, 2011, 60(1): 102-110. doi: 10.1109/TR.2010.2103672
    [17] XU K, TANG L C, XIE M, et al. Fuzzy assessment of FMEA for engine systems[J]. Reliability Engineering & System Safety, 2002, 75(1): 17-29.
    [18] PICKARD K, MULLER P, BERTSCHE B. Multiple failure mode and effects analysis-an approach to risk assessment of multiple failures with FMEA[C]//Annual Reliability and Maintainability Symposium. Piscataway: IEEE Press, 2005: 457-462.
    [19] JOSHI A, HEIMDAHL M P E. Model-based safety analysis of Simulink models using SCADE design verifier[C]//Computer Safety, Reliability, and Security. Berlin: Springer, 2005: 122-135.
    [20] JOSHI A, HEIMDAHL M P E. Behavioral fault modeling for model-based safety analysis[C]//10th IEEE High Assurance Systems Engineering Symposium. Piscataway: IEEE Press, 2007: 199.
    [21] JOSHI A, MILLER S P, WHALEN M, et al. A proposal for model-based safety analysis[C]//24th Digital Avionics Systems Conference. Piscataway: IEEE Press, 2005: 8802738.
  • 加载中
图(4) / 表(6)
计量
  • 文章访问数:  285
  • HTML全文浏览量:  50
  • PDF下载量:  24
  • 被引次数: 0
出版历程
  • 收稿日期:  2022-03-24
  • 录用日期:  2022-06-06
  • 网络出版日期:  2022-06-20
  • 整期出版日期:  2023-08-31

目录

    /

    返回文章
    返回
    常见问答