PDF(Pubmed)
Abstract:
With higher autonomy in maritime systems, tasks and responsibilities are moved from the human operator to software, increasing the complexity and the importance of safe and reliable functionality. Software failures, however, may be introduced from the early life cycle phases intentionally or unintentionally, and these must therefore be mitigated by safe and secure design approaches. A challenge is that existing methods are not particularly well-suited for analyzing software risks. Thus, the objective of this paper is to propose a systematic and efficient software failure identification approach by extending the Systems-Theoretic Process Analysis (STPA) with a software failure taxonomy and the System Modeling Language (SysML). This enables the control structure in STPA to cover both the dynamic and static aspects of the software functions. Combined with an implementation platform independent questionnaire, this gives a more systematic and guided search for potential software failures than existing approaches. To demonstrate the proposed approach, a case study on a ferry\'s navigation system that operates in manual control or semi-autonomous mode is performed. In the case study, the focus is on creating an avoidance map data structure, including both moving and static obstacles to be avoided by the ferry, and the subsequent process of collision risk warning calculation. Software failures are identified and evaluated in collision scenarios where the ferry operates under foggy conditions. The paper shows that the proposed systematic approach provides an improved process for identifying and analyzing critical software failures. This facilitates enhanced risk mitigation in the design and testing phases contributing to autonomous systems\' safety and security.
摘要:
海事系统的自主性更高,任务和责任从人类操作员转移到软件,增加了安全可靠功能的复杂性和重要性。软件故障,然而,可能是有意或无意地从早期生命周期阶段引入的,因此,必须通过安全可靠的设计方法来缓解这些问题。一个挑战是现有的方法不是特别适合于分析软件风险。因此,本文的目的是通过使用软件故障分类和系统建模语言(SysML)扩展系统理论过程分析(STPA),提出一种系统有效的软件故障识别方法。这使得STPA中的控制结构能够涵盖软件功能的动态和静态方面。结合实施平台独立问卷,与现有方法相比,这为潜在的软件故障提供了更系统和引导的搜索。为了证明拟议的方法,对在手动控制或半自主模式下运行的渡轮导航系统进行了案例研究。在案例研究中,重点是创建一个回避地图数据结构,包括轮渡要避免的移动和静态障碍物,以及后续的碰撞风险预警计算过程。在渡轮在雾天条件下运行的碰撞场景中,可以识别和评估软件故障。本文表明,所提出的系统方法为识别和分析关键软件故障提供了改进的过程。这有助于增强设计和测试阶段的风险缓解,有助于自主系统的安全性和安全性。
