CN114816431A - Safe and reliable semantic extension and modeling method of SysML (SysML) - Google Patents
Safe and reliable semantic extension and modeling method of SysML (SysML) Download PDFInfo
- Publication number
- CN114816431A CN114816431A CN202210569302.5A CN202210569302A CN114816431A CN 114816431 A CN114816431 A CN 114816431A CN 202210569302 A CN202210569302 A CN 202210569302A CN 114816431 A CN114816431 A CN 114816431A
- Authority
- CN
- China
- Prior art keywords
- type
- model
- requirement
- safety
- sysml
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformation of program code
- G06F8/41—Compilation
- G06F8/43—Checking; Contextual analysis
- G06F8/436—Semantic checking
Landscapes
- Engineering & Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computational Linguistics (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Test And Diagnosis Of Digital Computers (AREA)
Abstract
本发明公开了一种SysML语言的安全可靠语义扩展和建模方法,所述方法通过扩展需求图的安全和可靠语义、增加冗余语义、失效模式和影响分析语义、故障树语义,并构建可视化模型,使得SysML语言既支持自动从系统模型中提取安全可靠分析的相关信息,也支持利用安全可靠分析进一步完善系统模型,从而将基于模型的系统工程和安全可靠分析过程有效地融合,有助于确保安全分析和系统设计之间的一致性,解决当前设计复杂安全关键系统的问题。
The invention discloses a safe and reliable semantics extension and modeling method of SysML language. The method extends the safety and reliability semantics of a requirement graph, adds redundant semantics, failure mode and impact analysis semantics, fault tree semantics, and constructs a visualization method. model, so that the SysML language not only supports the automatic extraction of relevant information for safety and reliability analysis from the system model, but also supports the use of safety and reliability analysis to further improve the system model. Ensure consistency between safety analysis and system design, addressing current issues in designing complex safety-critical systems.
Description
Technical Field
The invention belongs to the technical field of computer software, and relates to a safe and reliable semantic extension and modeling method of SysML.
Background
Security and reliability are key quality attributes of software systems. For safety-critical systems, different influences caused by dangerous failures and safety failures must be considered, and the systems need to be designed redundantly, so that the risk resistance of the systems is improved. The purpose of the safety analysis is to assess the safety and reliability of the system during the design phase, ensuring that the designed system has a satisfactory level of safety. In model-driven system engineering, a modeling system should have the capabilities of fault analysis and processing, error avoidance, fault tolerance and error detection, and support the integration of safe and reliable analysis into the system development process.
SysML is a graphical modeling language that is widely used in model-driven system engineering. The SysML comprises 9 types of diagrams including a module definition diagram, an internal module diagram, a use case diagram, an activity diagram, a sequence diagram, a state machine diagram, a parameter diagram, a package diagram and a demand diagram. The SysML can effectively describe system requirements, structures And behaviors, but lacks visual description of system Fault information, does not support Fault Mode, impact Analysis (FMEA) And Fault Tree Analysis (FTA) modeling, does not support redundant Fault-tolerant modeling, is difficult to discover implicit behaviors or behavior combinations which may cause system Failure based on an original SysML modeling system, And is difficult to track the corresponding relation between system safety requirements And design.
Disclosure of Invention
Aiming at the problems that the semantics of the graphic primitives of the SysML language are incomplete and the support for safety and reliability modeling and analysis is lacked, the invention provides a safe and reliable semantic extension and modeling method of the SysML language, which supports the integration of safety analysis in a system engineering method based on the SysML.
The purpose of the invention is realized by the following technical scheme:
a safe and reliable semantic extension and modeling method of SysML language comprises the following steps:
step S1: expanding the demand graph by defining safety level and redundancy attributes;
step S2: constructing a redundancy semantic model by defining an assembly construction type with redundancy attributes, an output voting assembly construction type and a degradation and failure state construction type;
step S3: establishing a failure mode and an influence analysis semantic model by defining a function construction type and a failure mode construction type;
step S4: establishing a fault tree semantic model by defining an event constructor and a logic gate constructor;
step S5: constructing an expanded demand graph, a redundant graph and a fault tree graph model, and establishing association between the graph model and the semantic model;
step S6: XML metadata exchange (XMI) files generated based on the extended SysML model are analyzed, an analysis tree for organizing data in a tree structure is constructed, and on the basis, the analysis and the update of each model are realized, and the integration of system engineering and safety analysis is supported.
Compared with the prior art, the invention has the following advantages:
the invention is characterized in that the safe and reliable semantics of SysML language are expanded: (1) by expanding the requirement graph, defining safety level and redundant fault-tolerant attributes to effectively support safety consistency check of requirements and design; (2) the design of a redundant fault-tolerant system architecture is supported by constructing a redundant semantic model; (3) the integration of failure modes and influence analysis with a system design process is supported by constructing an FMEA semantic model; (4) by constructing a fault tree semantic model, the generation of a fault tree by a SysML model is supported, and the causal relationship of a failure mode is qualitatively or quantitatively inferred; (5) by constructing the extended demand graph, the redundant graph and the fault tree graph model and establishing the association between the graph model and the semantic model, the visual modeling, analysis and verification of safe and reliable semantics are supported. Therefore, the safety and reliability analysis is organically integrated into the system engineering process, the consistency between the safety analysis and the system design is ensured, the error is avoided as soon as possible, and the system development time is shortened.
Drawings
FIG. 1 is a flow chart of the secure and reliable semantic extension and modeling method of SysML of the present invention;
FIG. 2 is a SysML graph model of the present invention with extended secure and reliable semantics;
FIG. 3 is an extended demand semantic model with security levels;
FIG. 4 is a redundant semantic model;
FIG. 5 is a failure mode and impact analysis semantic model;
FIG. 6 is a fault tree semantic model.
Detailed Description
The technical solution of the present invention is further described below with reference to the accompanying drawings, but not limited thereto, and any modification or equivalent replacement of the technical solution of the present invention without departing from the spirit and scope of the technical solution of the present invention shall be covered by the protection scope of the present invention.
The invention provides a safe and reliable semantic expansion and modeling method of SysML, which expands the safe and reliable semantics of a demand graph, increases redundant semantics, failure modes, influences analysis semantics and fault tree semantics, and constructs a visual model, so that the SysML supports the automatic extraction of safe and reliable analysis related information from a system model and the further improvement of the system model by utilizing safe and reliable analysis, thereby effectively fusing the model-based system engineering and safe and reliable analysis processes, being beneficial to ensuring the consistency between safe analysis and system design, and solving the problem of designing a complex safety key system at present. As shown in fig. 1, the method comprises the following steps:
step S1: the demand graph is extended by defining security levels and redundancy attributes. As shown in fig. 3, the specific steps are as follows:
step S101: a Non-Functional Requirement (Non-Functional Requirement) constructor inherits from a Requirement (Requirement) constructor;
step S102: the security Requirement (Safety Requirement) construction type is inherited from a Non-Functional Requirement (Non-Functional Requirement) construction type, and Level, Risk and Description fields are added to an attribute domain of the security Requirement (Safety Requirement) construction type and are respectively used for representing the Level (system Level or block Level), Risk Level (high, medium and low) and Risk Description to which the security Requirement belongs;
step S103: expanding a Functional Requirement (Functional Requirement) construction type from the Requirement construction type, adding a Level field in the Functional Requirement construction type for describing a Requirement Level to which the Functional Requirement construction type belongs, and adding a reduce field to indicate whether Redundant design is required or not;
step S104: finally, the Safety-related Requirement (functional Requirement) constructor inherits from the functional Requirement constructor.
Step S2: and constructing a redundancy semantic model by defining a component construction type with redundancy attributes, an output voting component construction type and a degradation and failure state construction type. As shown in fig. 4, the specific steps are as follows:
step S201: the method comprises the steps of extending a Class meta-Class definition Component (Component) constructor, wherein the attributes of the Component comprise input and output ports, configuration and the like of the Component, and defining a redundancy attribute label in the Component constructor to support modeling redundancy fault-tolerant components;
step S202: the method comprises the steps of expanding a Class meta Class to define a Port structure type (Port), deriving a component Port migration relationship Pipe structure type from an Association meta Class, wherein an attribute source of the Port structure type represents an output source, a value of the Port structure type is a component name and an output Port name, a target of the Port structure type represents an input target, and a value of the target is a component name and an input Port name;
step S203: by expanding the Class meta Class, defining an output voting component (VoteComponent), wherein the attribute vote of the output voting component represents a voting mechanism;
step S204: by extending the State meta-class, a Degraded State constructor (Degraded) and a fault State constructor (Failed) are defined, and the redundant mechanism and the behavior information of the functional disorder, such as the Degraded State and the fault State, are simulated.
Step S3: and establishing a failure mode and an influence analysis semantic model by defining a function construction type and a failure mode construction type. As shown in fig. 5, the specific steps are as follows:
step S301: deriving a functional construct (Function) from the Activity element class;
step S302: a failure mode constructor (FailureMode) is derived from the Parameter and attribute meta-class, the failure mode having attributes of severity, frequency, risk priority RPN, cause of failure, direct impact, system impact, suggested measures, and the like. Each function can have a plurality of different failure modes, and a failure mode and influence analysis data table can be constructed through the failure modes and the influence analysis semantic model.
Step S4: and constructing a fault tree semantic model by defining an event constructor and a logic gate constructor. As shown in fig. 6, the specific steps are as follows:
step S401: deriving an Event (Event) constructor from a Class meta-Class, the attribute field Type of which represents the Type of the Event, such as top Event, base Event, middle Event, unexpanded Event, switch Event, conditional Event, etc.;
step S402: and deriving a logic gate structure Type from the Class meta-Class, wherein the attribute field Type of the logic gate structure Type represents the Type, input events, output events and the like of the logic gate, and the Type of the logic gate comprises one or more of an AND gate, an OR gate, a NOT gate, an XOR gate, a sequential AND gate, a disable gate, a voting gate and the like. The input event of a logic gate is the "cause" of the output event and the output event of the logic gate is the "effect" of the input event.
Step S5: and constructing an expanded demand graph, a redundant graph and a fault tree graph model, and establishing association between the graph model and the semantic model. The method comprises the following specific steps:
step S501: establishing an extended requirement graph model by constructing primitive identifications such as safety requirements, safety related requirements and the like;
step S502: establishing a redundant graph model by constructing primitive identifications such as components, ports, pipeline connecting lines, voting components, degradation states, fault states and the like, and associating the graph model with a semantic model;
step S503: constructing event symbols (basic events, unexpanded events, top events, intermediate events, switch events, conditional events) of a fault tree, logic gate symbols (AND gate, OR gate, NOT gate, XOR gate, sequential AND gate, forbidden gate, voting gate), transfer symbols, connecting lines and other graphic element identifications, creating a fault tree graphic model, and associating the graphic model with a semantic model.
Step S6: XML metadata exchange (XMI) files generated based on the extended SysML model are analyzed, an analysis tree for organizing data in a tree structure is constructed, and on the basis, the analysis and the update of each model are realized, and the integration of system engineering and safety analysis is supported.
For example, an expanded demand graph is utilized to enable two-way traceability between the safety requirements of a safety critical system and the design artifact. And analyzing the activity diagram information to generate a functional FMEA data table, executing functional FMEA analysis on the basis, and further updating and perfecting the SysML model. And analyzing the module definition diagram and the internal module diagram information to generate a module FMEA data table, and performing module FMEA analysis on the basis. Analyzing the internal module diagram information, automatically generating a fault tree, and carrying out qualitative analysis on the fault tree to obtain information such as a minimum cut set, a minimum diameter set, structural importance and the like of the fault tree; or carrying out quantitative analysis, calculating information such as the occurrence probability of the top event and the like, and visually displaying safe and reliable analysis and system engineering results in a chart form.
The invention expands the safe and reliable semantics of SysML, supports the automatic extraction of safe and reliable analysis related information from the system model, and also supports the further improvement of the system model by utilizing safe and reliable analysis, thereby effectively fusing the system engineering based on the model and the safe and reliable analysis process, being beneficial to ensuring the consistency between the safe analysis and the system design and solving the problem of designing a complex safe key system at present.
Claims (8)
1. A secure and reliable semantic extension and modeling method of SysML language, characterized in that the method comprises the following steps:
step S1: expanding the demand graph by defining safety level and redundancy attributes;
step S2: constructing a redundancy semantic model by defining an assembly construction type with redundancy attributes, an output voting assembly construction type and a degradation and failure state construction type;
step S3: establishing a failure mode and an influence analysis semantic model by defining a function construction type and a failure mode construction type;
step S4: establishing a fault tree semantic model by defining an event constructor and a logic gate constructor;
step S5: constructing an expanded demand graph, a redundant graph and a fault tree graph model, and establishing association between the graph model and the semantic model;
step S6: XML metadata exchange files generated based on the extended SysML model are used for analyzing the XMI files, an analysis tree for organizing data in a tree structure is constructed, on the basis, the analysis and the updating of each model are realized, and the integration of system engineering and safety analysis is supported.
2. The secure and reliable semantic extension and modeling method of the SysML language according to claim 1, wherein the specific steps of the step S1 are as follows:
step S101: the non-functional requirement constitutive type inherits the self-requirement constitutive type;
step S102: the safety requirement constitutive type is inherited from a non-functional requirement constitutive type, and Level, Risk and Description fields are added to the attribute domain of the safety requirement constitutive type and are respectively used for representing the hierarchy, Risk Level and danger Description to which the safety requirement belongs;
step S103: expanding a functional requirement structural type from the requirement structural type, adding a Level field in the functional requirement structural type for describing the affiliated requirement Level, and adding a Redundant field to indicate whether Redundant design is needed or not;
step S104: and finally, the safety related requirement construction type inherits the self functional requirement construction type.
3. The secure and reliable semantic extension and modeling method of the SysML language according to claim 1, wherein the specific steps of the step S2 are as follows:
step S201: the method comprises the steps of expanding a Class meta-type definition component construction type, and defining a redundancy attribute label in the component construction type to support modeling of a redundancy fault-tolerant component;
step S202: the method comprises the steps of expanding a Class meta type to define a port construction type, deriving a component port migration relationship Pipe construction type from an Association meta type, wherein an attribute source of the component port migration relationship Pipe construction type represents an output source, a value of the component port migration relationship Pipe construction type is a component name and an output port name, a target of the component port migration relationship Pipe construction type represents an input target, and a value of the component name and an input port name;
step S203: defining an output voting component by expanding a Class meta Class, wherein the attribute vote of the output voting component represents a voting mechanism;
step S204: by expanding the State meta-class, a degraded State structure type and a fault State structure type are defined, and a redundancy mechanism and behavior information of functional disorder are simulated.
4. The secure and reliable semantic extension and modeling method of the SysML language according to claim 1, wherein the specific steps of the step S3 are as follows:
step S301: deriving a functional constructor from the Activity element class;
step S302: failure mode configuration is derived from the Parameter and attribute meta-classes.
5. The secure and reliable semantic extension and modeling method of the SysML language of claim 4 wherein the failure mode has the attributes of severity, frequency, risk priority RPN, cause of failure, direct impact, system impact, recommended action.
6. The secure and reliable semantic extension and modeling method of the SysML language according to claim 1, wherein the specific steps of the step S4 are as follows:
step S401: deriving an event structure Type from the Class meta-Class, wherein the attribute field Type of the event structure Type represents the Type of the event;
step S402: the logic gate configuration Type is derived from the Class meta-Class, and the attribute field Type of the logic gate configuration Type represents the Type of the logic gate, the input event and the output event.
7. The method for secure and reliable semantic extension and modeling of the SysML language of claim 1, wherein the types of the logic gates include one or more of AND gates, OR gates, NOT gates, XOR gates, sequential AND gates, disable gates, and voting gates.
8. The secure and reliable semantic extension and modeling method of the SysML language according to claim 1, wherein the specific steps of the step S5 are as follows:
step S501: establishing an extended requirement graph model by constructing safety requirements and safety related requirement primitive identifications;
step S502: establishing a redundant graphic model by constructing a component, a port, a pipeline connecting line, a voting component, a degradation state and a failure state primitive identification, and associating the graphic model and a semantic model;
step S503: and constructing event symbols, logic gate symbols, transfer symbols and connecting line graphic element identifications of the fault tree, creating a fault tree graphic model, and associating the graphic model and the semantic model.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210569302.5A CN114816431B (en) | 2022-05-24 | 2022-05-24 | A secure and reliable semantic extension and modeling method for SysML language |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210569302.5A CN114816431B (en) | 2022-05-24 | 2022-05-24 | A secure and reliable semantic extension and modeling method for SysML language |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114816431A true CN114816431A (en) | 2022-07-29 |
| CN114816431B CN114816431B (en) | 2024-07-09 |
Family
ID=82518267
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210569302.5A Active CN114816431B (en) | 2022-05-24 | 2022-05-24 | A secure and reliable semantic extension and modeling method for SysML language |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114816431B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116483348A (en) * | 2023-04-26 | 2023-07-25 | 哈尔滨工业大学 | A SysML Model Generation and Recommendation Method |
| CN119396724A (en) * | 2024-10-16 | 2025-02-07 | 北京航空航天大学 | A method for airborne software security modeling and automated testing |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150019187A1 (en) * | 2013-07-15 | 2015-01-15 | The Boeing Company | System and method for assessing cumulative effects of a failure |
| US20190138416A1 (en) * | 2017-11-09 | 2019-05-09 | Siemens Aktiengesellschaft | Method for analyzing a physical system architecture of a safety-critical system |
| CN110765568A (en) * | 2019-08-23 | 2020-02-07 | 清华大学 | Complex system design and security analysis integration method based on SysML |
| CN111290783A (en) * | 2020-03-07 | 2020-06-16 | 上海交通大学 | SysML model-based cascade failure cause graphical system |
-
2022
- 2022-05-24 CN CN202210569302.5A patent/CN114816431B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150019187A1 (en) * | 2013-07-15 | 2015-01-15 | The Boeing Company | System and method for assessing cumulative effects of a failure |
| US20190138416A1 (en) * | 2017-11-09 | 2019-05-09 | Siemens Aktiengesellschaft | Method for analyzing a physical system architecture of a safety-critical system |
| CN110765568A (en) * | 2019-08-23 | 2020-02-07 | 清华大学 | Complex system design and security analysis integration method based on SysML |
| CN111290783A (en) * | 2020-03-07 | 2020-06-16 | 上海交通大学 | SysML model-based cascade failure cause graphical system |
Non-Patent Citations (2)
| Title |
|---|
| 唐红英;胡军;陈朔;石梦烨;: "面向SysML的系统安全性分析工具与实例研究", 计算机科学, no. 05, 31 December 2020 (2020-12-31) * |
| 徐文华;张育平;: "一种基于航电系统架构模型的故障树自动建模方法", 计算机工程与科学, no. 12, 15 December 2017 (2017-12-15) * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116483348A (en) * | 2023-04-26 | 2023-07-25 | 哈尔滨工业大学 | A SysML Model Generation and Recommendation Method |
| CN116483348B (en) * | 2023-04-26 | 2024-10-11 | 哈尔滨工业大学 | A SysML model generation and recommendation method |
| CN119396724A (en) * | 2024-10-16 | 2025-02-07 | 北京航空航天大学 | A method for airborne software security modeling and automated testing |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114816431B (en) | 2024-07-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Robidoux et al. | Automated modeling of dynamic reliability block diagrams using colored Petri nets | |
| Ghadhab et al. | Safety analysis for vehicle guidance systems with dynamic fault trees | |
| US11138063B1 (en) | Integrated system failure analysis software toolchain (IS-FAST) | |
| Thieme et al. | Incorporating software failure in risk analysis––Part 2: Risk modeling process and case study | |
| JP2019515403A (en) | Graph database for diagnosis and system health monitoring | |
| Chen et al. | Systems modeling with EAST-ADL for fault tree analysis through HiP-HOPS | |
| CN110245085A (en) | Embedded real-time operating system verification method and system using online model verification | |
| CN114816431B (en) | A secure and reliable semantic extension and modeling method for SysML language | |
| Lai et al. | Integrating Safety Analysis into Model‐Based Systems Engineering for Aircraft Systems: A Literature Review and Methodology Proposal | |
| Bozzano et al. | Formal Methods for Aerospace Systems: Achievements and Challenges | |
| Snooke et al. | Model-driven automated software FMEA | |
| Priesterjahn et al. | From timed automata to timed failure propagation graphs | |
| Rugina et al. | An architecture-based dependability modeling framework using AADL | |
| Gario et al. | Fail-safe testing of safety-critical systems: a case study and efficiency analysis | |
| Kushal et al. | Architecture Level Safety Analyses for Safety‐Critical Systems | |
| Bozzano et al. | Codesign of dependable systems: a component-based modeling language | |
| Cuenot et al. | Towards improving dependability of automotive systems by using the east-adl architecture description language | |
| US20130219354A1 (en) | Systems and methods for generating high-quality formal executable software feature requirements | |
| Trapp | Assuring functional safety in open systems of systems | |
| CN116483705B (en) | A knowledge and model driven intelligent failure mode analysis method for airborne software | |
| Jang et al. | VERIFICATION METHOD FOR DISCRETE-EVENT SIMULATION BASED ON DISCRETE-EVENT SYSTEM FORMALISM. | |
| Kan et al. | Detecting safety‐related components in statecharts through traceability and model slicing | |
| Ortel et al. | Requirements engineering | |
| Andrews et al. | Selective regression testing of safety-critical systems: a black box approach | |
| Gürbüz et al. | Safety perspective for supporting architectural design of safety-critical systems |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |