Yiannis Papadopoulos | University of Hull (original) (raw)
Uploads
Papers by Yiannis Papadopoulos
HAL (Le Centre pour la Communication Scientifique Directe), Sep 24, 2013
Journal of Systems and Software, May 1, 2019
IFAC-PapersOnLine, 2016
Abstract: Safety standards guide the development of systems whose operation raises concerns about... more Abstract: Safety standards guide the development of systems whose operation raises concerns about safety. We focus our attention on the automotive and aerospace standards, ISO 26262 and ARP4754-A respectively. Both standards advocate a process for controlled allocation of safety integrity requirements that starts early in the design and continues as the system architecture is being refined. This procedure may generate a plethora of feasible design variants, all satisfying system safety requirement, but each having different allocations of integrity to components and different costs. In this paper, we describe a model-based safety analysis method for automating this allocation process in a way that cost-optimal design variants are selected. We show that the proposed method is generic and can satisfy both the automotive and aerospace safety standards with application to both industries. We apply the method using both standards on a common case study and discuss the differences in the results obtained, reflecting on the commonalities and differences between the two standards.
arXiv (Cornell University), Nov 23, 2022
Abstract There is increasing agreement that, to achieve high dependability in complex systems, de... more Abstract There is increasing agreement that, to achieve high dependability in complex systems, design processes should move in a direction where dependability and other quality attributes are controlled from the early stages rather than left to emerge (or not) at the end. This is clearly a very desirable goal that would greatly benefit several industries, and it is enshrined in contemporary standards like the aerospace ARP4754-A and the automotive ISO 26262 safety standards. These documents prescribe processes in which dependability requirements, captured early through system level hazard analysis and risk assessment, are rationally allocated to progressively more refined subsystem elements of the architecture—with respect to software—in the form of Development Assurance Levels (DALs), Safety Integrity Levels, or other similar concepts. A study of the problem shows that the manual processes described in the standards for software requirements allocation become complex when applied to large networked architectures which deliver multiple functions; such systems lead to huge numbers of potential allocation solutions and exploring these manually is often infeasible. Current standards do not advise on how this type of allocation can be done effectively, optimally, and efficiently, for example, with the support of automated algorithms and tools. This is an area where research opportunities arise to address important questions: for instance, which architectural proposals will fulfill dependability requirements better in the context of design refinement, and, given a proposed architecture, how can integrity requirements be optimally allocated to its elements? or how can design refinements be achieved with minimal design iterations whilst preserving the desired system properties throughout, from early stages to the end of a project? We address these questions by proposing a method for controlled refinement and allocation of system requirements that is applicable from the early stages of design. In this chapter we use the aerospace industry as an application domain, where dependability requirements for the system are typically translated to integrity requirements expressed in the form of DALs. DALs are a concept introduced in major standards for the aerospace industry, namely the RTCA DO-178C/EUROCAE ED-12C and the SAE ARP4754-A. Their purpose is to signify and summarize the effort required to develop a function or an element of the aircraft to a certain level of integrity that is consistent with the aircraft’s overall safety requirements. Allocating the DALs to an architectural design typically requires assigning a DAL to a high-level function, then decomposing it and allocating lower DALs to its supporting elements in such a way that DALs of supporting elements together satisfy the higher level function DAL. The refinement and decomposition of DALs is a top–down iterative process that proceeds alongside the refinement of the design. The process is based on rules defined in the standard and is applied with an aim to reduce the overall cost of the system, as DALs that signify high integrity typically involve disproportionally higher development and production costs in their associated elements. Applying this process manually to large and complex systems can be a challenging task. Furthermore, finding the optimal allocation, with regards to the overall cost and integrity of the architecture, is a hard combinatorial problem that cannot be solved efficiently with exhaustive methods. To solve this problem, we propose a method that uses state-of-the-art model-based dependability analysis and meta-heuristics to automatically find the optimal allocation of DALs on a given architectural design proposal. We demonstrate the effectiveness of this technique on an aircraft wheel braking system. The method has direct applicability to the aerospace industry but the concepts are easily transferable to complex software and system design in the automotive and other domains.
2022 International Conference on Computing, Electronics & Communications Engineering (iCCECE)
2021 Design, Automation & Test in Europe Conference & Exhibition (DATE)
Digital transformation fundamentally changes established practices in public and private sector. ... more Digital transformation fundamentally changes established practices in public and private sector. Hence, it represents an opportunity to improve the value creation processes (e.g., “industry 4.0”) and to rethink how to address customers' needs such as “data-driven business models” and “Mobility-as-a-Service”. Dependable, collaborative and autonomous systems are playing a central role in this transformation process. Furthermore, the emergence of data-driven approaches combined with autonomous systems will lead to new business models and market dynamics. Innovative approaches to reorganise the value creation ecosystem, to enable distributed engineering of dependable systems and to answer urgent questions such as liability will be required. Consequently, digital transformation requires a comprehensive multi-stakeholder approach which properly balances technology, ecosystem and business innovation. Targets of this paper are (a) to introduce digital transformation and the role of / opportunities provided by autonomous systems, (b) to introduce Digital Depednability Identities (DDI) - a technology for dependability engineering of collaborative, autonomous CPS, and (c) to propose an appropriate agile approach for innovation management based on business model innovation and co-entrepreneurship.
Model-Based Safety and Assessment, 2019
Reliability evaluation for ensuring the uninterrupted system operation is an integral part of dep... more Reliability evaluation for ensuring the uninterrupted system operation is an integral part of dependable system development. Model-based safety analysis (MBSA) techniques such as Hierarchically Performed Hazard Origin and Propagation Studies (HiP-HOPS) have made the reliability analysis process less expensive in terms of effort and time required. HiP-HOPS uses an analytical modelling approach for Fault tree analysis to automate the reliability analysis process, where each system component is associated with its failure rate or failure probability. However, such non-state-space analysis models are not capable of modelling more complex failure behaviour of component like failure/repair dependencies, e.g., spares, shared repair, imperfect coverage, etc. State-space based paradigms like Markov chain can model complex failure behaviour, but their use can lead to state-space explosion, thus undermining the overall analysis capacity. Therefore, to maintain the benefits of MBSA while not compromising on modelling capability, in this paper, we propose a conceptual framework to incorporate complex basic events in HiP-HOPS. The idea is demonstrated via an illustrative example.
Abstract: Classical Fault Tree Analysis (FTA) can determine the effects of combinations of failur... more Abstract: Classical Fault Tree Analysis (FTA) can determine the effects of combinations of failure events on a system but cannot capture the potentially critical significance of the temporal ordering of events. In this paper, we propose a temporal extension based on the use of Priority-AND gates to allow relative temporal ordering and temporal analysis in FTA. The classical notion of minimal cut-sets is replaced with the notion of minimal cutsequences and a methodology is proposed for qualitative analysis. The approach is demonstrated on a generic two stage standby recovery system. The paper tentatively concludes that this type of temporal FTA can provide a more precise and ultimately more correct insight into the failure behaviour of a system. Copyright © 2006 IFAC
Reliability Management and Engineering, 2020
Lecture Notes in Computer Science, 2018
Model-Based Safety and Assessment, 2019
HAL (Le Centre pour la Communication Scientifique Directe), Sep 24, 2013
Journal of Systems and Software, May 1, 2019
IFAC-PapersOnLine, 2016
Abstract: Safety standards guide the development of systems whose operation raises concerns about... more Abstract: Safety standards guide the development of systems whose operation raises concerns about safety. We focus our attention on the automotive and aerospace standards, ISO 26262 and ARP4754-A respectively. Both standards advocate a process for controlled allocation of safety integrity requirements that starts early in the design and continues as the system architecture is being refined. This procedure may generate a plethora of feasible design variants, all satisfying system safety requirement, but each having different allocations of integrity to components and different costs. In this paper, we describe a model-based safety analysis method for automating this allocation process in a way that cost-optimal design variants are selected. We show that the proposed method is generic and can satisfy both the automotive and aerospace safety standards with application to both industries. We apply the method using both standards on a common case study and discuss the differences in the results obtained, reflecting on the commonalities and differences between the two standards.
arXiv (Cornell University), Nov 23, 2022
Abstract There is increasing agreement that, to achieve high dependability in complex systems, de... more Abstract There is increasing agreement that, to achieve high dependability in complex systems, design processes should move in a direction where dependability and other quality attributes are controlled from the early stages rather than left to emerge (or not) at the end. This is clearly a very desirable goal that would greatly benefit several industries, and it is enshrined in contemporary standards like the aerospace ARP4754-A and the automotive ISO 26262 safety standards. These documents prescribe processes in which dependability requirements, captured early through system level hazard analysis and risk assessment, are rationally allocated to progressively more refined subsystem elements of the architecture—with respect to software—in the form of Development Assurance Levels (DALs), Safety Integrity Levels, or other similar concepts. A study of the problem shows that the manual processes described in the standards for software requirements allocation become complex when applied to large networked architectures which deliver multiple functions; such systems lead to huge numbers of potential allocation solutions and exploring these manually is often infeasible. Current standards do not advise on how this type of allocation can be done effectively, optimally, and efficiently, for example, with the support of automated algorithms and tools. This is an area where research opportunities arise to address important questions: for instance, which architectural proposals will fulfill dependability requirements better in the context of design refinement, and, given a proposed architecture, how can integrity requirements be optimally allocated to its elements? or how can design refinements be achieved with minimal design iterations whilst preserving the desired system properties throughout, from early stages to the end of a project? We address these questions by proposing a method for controlled refinement and allocation of system requirements that is applicable from the early stages of design. In this chapter we use the aerospace industry as an application domain, where dependability requirements for the system are typically translated to integrity requirements expressed in the form of DALs. DALs are a concept introduced in major standards for the aerospace industry, namely the RTCA DO-178C/EUROCAE ED-12C and the SAE ARP4754-A. Their purpose is to signify and summarize the effort required to develop a function or an element of the aircraft to a certain level of integrity that is consistent with the aircraft’s overall safety requirements. Allocating the DALs to an architectural design typically requires assigning a DAL to a high-level function, then decomposing it and allocating lower DALs to its supporting elements in such a way that DALs of supporting elements together satisfy the higher level function DAL. The refinement and decomposition of DALs is a top–down iterative process that proceeds alongside the refinement of the design. The process is based on rules defined in the standard and is applied with an aim to reduce the overall cost of the system, as DALs that signify high integrity typically involve disproportionally higher development and production costs in their associated elements. Applying this process manually to large and complex systems can be a challenging task. Furthermore, finding the optimal allocation, with regards to the overall cost and integrity of the architecture, is a hard combinatorial problem that cannot be solved efficiently with exhaustive methods. To solve this problem, we propose a method that uses state-of-the-art model-based dependability analysis and meta-heuristics to automatically find the optimal allocation of DALs on a given architectural design proposal. We demonstrate the effectiveness of this technique on an aircraft wheel braking system. The method has direct applicability to the aerospace industry but the concepts are easily transferable to complex software and system design in the automotive and other domains.
2022 International Conference on Computing, Electronics & Communications Engineering (iCCECE)
2021 Design, Automation & Test in Europe Conference & Exhibition (DATE)
Digital transformation fundamentally changes established practices in public and private sector. ... more Digital transformation fundamentally changes established practices in public and private sector. Hence, it represents an opportunity to improve the value creation processes (e.g., “industry 4.0”) and to rethink how to address customers' needs such as “data-driven business models” and “Mobility-as-a-Service”. Dependable, collaborative and autonomous systems are playing a central role in this transformation process. Furthermore, the emergence of data-driven approaches combined with autonomous systems will lead to new business models and market dynamics. Innovative approaches to reorganise the value creation ecosystem, to enable distributed engineering of dependable systems and to answer urgent questions such as liability will be required. Consequently, digital transformation requires a comprehensive multi-stakeholder approach which properly balances technology, ecosystem and business innovation. Targets of this paper are (a) to introduce digital transformation and the role of / opportunities provided by autonomous systems, (b) to introduce Digital Depednability Identities (DDI) - a technology for dependability engineering of collaborative, autonomous CPS, and (c) to propose an appropriate agile approach for innovation management based on business model innovation and co-entrepreneurship.
Model-Based Safety and Assessment, 2019
Reliability evaluation for ensuring the uninterrupted system operation is an integral part of dep... more Reliability evaluation for ensuring the uninterrupted system operation is an integral part of dependable system development. Model-based safety analysis (MBSA) techniques such as Hierarchically Performed Hazard Origin and Propagation Studies (HiP-HOPS) have made the reliability analysis process less expensive in terms of effort and time required. HiP-HOPS uses an analytical modelling approach for Fault tree analysis to automate the reliability analysis process, where each system component is associated with its failure rate or failure probability. However, such non-state-space analysis models are not capable of modelling more complex failure behaviour of component like failure/repair dependencies, e.g., spares, shared repair, imperfect coverage, etc. State-space based paradigms like Markov chain can model complex failure behaviour, but their use can lead to state-space explosion, thus undermining the overall analysis capacity. Therefore, to maintain the benefits of MBSA while not compromising on modelling capability, in this paper, we propose a conceptual framework to incorporate complex basic events in HiP-HOPS. The idea is demonstrated via an illustrative example.
Abstract: Classical Fault Tree Analysis (FTA) can determine the effects of combinations of failur... more Abstract: Classical Fault Tree Analysis (FTA) can determine the effects of combinations of failure events on a system but cannot capture the potentially critical significance of the temporal ordering of events. In this paper, we propose a temporal extension based on the use of Priority-AND gates to allow relative temporal ordering and temporal analysis in FTA. The classical notion of minimal cut-sets is replaced with the notion of minimal cutsequences and a methodology is proposed for qualitative analysis. The approach is demonstrated on a generic two stage standby recovery system. The paper tentatively concludes that this type of temporal FTA can provide a more precise and ultimately more correct insight into the failure behaviour of a system. Copyright © 2006 IFAC
Reliability Management and Engineering, 2020
Lecture Notes in Computer Science, 2018
Model-Based Safety and Assessment, 2019