Design and Analysis of Safety Critical Systems
|
|
- Mitchell McCormick
- 6 years ago
- Views:
Transcription
1 Design and Analysis of Safety Critical Systems Peter Seiler and Bin Hu Department of Aerospace Engineering & Mechanics University of Minnesota September 30, 2013
2 Uninhabited Aerial Systems (UAS) Flight Research (UMN UAV Lab) Public Safety (AeroVironment) Agricultural Monitoring Emergency Response (NASA/JPL) 2
3 Design Challenges for Low-Cost UAS Human Factors Guidance and Controls Navigation Modeling/System Identification Safety Critical Software 3
4 Design Challenges for Low-Cost UAS Systems Design and Reliability 4
5 Recent Policy Changes Increased reliability needed to integrate UAS into the national airspace 5
6 Outline Existing design techniques in commercial aviation Analytical redundancy is rarely used Certification issues Tools for Systems Design and Certification Motivation for model-based fault detection and isolation (FDI) Extended fault trees Stochastic false alarm and missed detection analysis Conclusions and future work 6
7 Outline Existing design techniques in commercial aviation Analytical redundancy is rarely used Certification issues Tools for Systems Design and Certification Motivation for model-based fault detection and isolation (FDI) Extended fault trees Stochastic false alarm and missed detection analysis Conclusions and future work 7
8 Boeing Dreamliner seats Length=56.7m, Wingspan=60.0m Range < 15200km, Speed< M0.89 First Composite Airliner Honeywell Flight Control Electronics Commercial Fly-by-Wire Boeing seats Length=63.7m, Wingspan=60.9m Range < 17370km, Speed< M0.89 Boeing s 1 st Fly-by-Wire Aircraft Ref: Y.C. Yeh, Triple-triple redundant 777 primary flight computer,
9 777 Primary Flight Control Surfaces [Yeh, 96] Advantages of fly-by-wire: Increased performance (e.g. reduced drag with smaller rudder), increased functionality (e.g. soft envelope protection), reduced weight, lower recurring costs, and possibility of sidesticks. Issues: Strict reliability requirements <10-9 catastrophic failures/hr No single point of failure 9
10 Classical Feedback Diagram Pilot Inputs Primary Flight Computer Actuators Sensors Reliable implementation of this classical feedback loop adds many layers of complexity. 10
11 Triplex Control System Architecture Actuators Sensors Actuator Control Electronics Each ACE votes on redundant actuator commands Pilot Inputs Column All data communicated on redundant data buses Each PFC votes on redundant sensor/pilot inputs Primary Flight Computer 11
12 777 Triple-Triple Architecture [Yeh, 96] Sensors x3 Databus x3 Triple-Triple Primary Flight Computers Actuator Electronics x4 12
13 777 Triple-Triple Architecture [Yeh, 96] Left PFC INTEL AMD MOTOROLA Sensors x3 Databus x3 Triple-Triple Primary Flight Computers Actuator Electronics x4 13
14 Main Design Requirements: Redundancy Management < 10-9 catastrophic failures per hour No single point of failure Must protect against random and common-mode failures Basic Design Techniques Hardware redundancy to protect against random failures Dissimilar hardware / software to protect against common-mode failures Voting: To choose between redundant sensor/actuator signals Encryption: To prevent data corruption by failed components Monitoring: Software/Hardware monitoring testing to detect latent faults Operating Modes: Degraded modes to deal with failures Equalization to handle unstable / marginally unstable control laws Model-based design and implementation for software 14
15 Main Design Requirements: Redundancy Management < 10-9 catastrophic failures per hour No single point of failure Must protect against random and common-mode failures Basic Design Techniques Hardware redundancy to protect against random failures Dissimilar hardware / software to protect against common-mode failures Voting: To choose between redundant sensor/actuator signals Encryption: To prevent data corruption by failed components Monitoring: Software/Hardware monitoring testing to detect latent faults Operating Modes: Degraded modes to deal with failures Equalization to handle unstable / marginally unstable control laws Model-based design and implementation for software 15
16 Outline Existing design techniques in commercial aviation Analytical redundancy is rarely used Certification issues Tools for Systems Design and Certification Motivation for model-based fault detection and isolation (FDI) Extended fault trees Stochastic false alarm and missed detection analysis Conclusions and future work 16
17 Analytical Redundancy Small UASs cannot support the weight associated with physical redundancy. Approach: Use model-based or datadriven techniques to detect faults. Parity-equation architecture (Wilsky) 17
18 Analytical Redundancy Small UASs cannot support the weight associated with physical redundancy. Research Objectives: Hardware, models, data (Freeman, Balas) Advanced filter design Tools for systems design, analysis and certification Approach: Use model-based or datadriven techniques to detect faults. Parity-equation architecture (Wilsky) 18
19 Analytical Redundancy Small UASs cannot support the weight associated with physical redundancy. Research Objectives: Hardware, models, data (Freeman, Balas) Advanced filter design Tools for systems design, analysis and certification Approach: Use model-based or datadriven techniques to detect faults. Parity-equation architecture (Wilsky) 19
20 Tools for Systems Design and Certification Diagram Reference: R. Isermann. Fault-Diagnosis Systems: An Introduction from Fault Detection to Fault Tolerance. Springer-Verlag,
21 Tools for Systems Design and Certification Why are new tools required? Example: Fault Tree Analysis Diagram Reference: R. Isermann. Fault-Diagnosis Systems: An Introduction from Fault Detection to Fault Tolerance. Springer-Verlag,
22 Fault Tree Analysis 22
23 Fault Tree Analysis Probability of hardware component failure can be estimated from field data. 23
24 Fault Tree Analysis Probability of hardware component failure can be estimated from field data. Model-based fault detection introduces new failure models (false alarms, missed detections, etc.) 24
25 Extended Fault Tree Analysis References 1. Aslund, Biteus, Frisk, Krysander, and Nielsen. Safety analysis of autonomous systems by extended fault tree analysis. IJACSP, Hu and Seiler, A Probabilistic Method for Certification of Analytically Redundant Systems, SysTol Conference, Incorporate failure modes due to false alarms and missed detections (per hour) (Enumerate time-correlated failures and apply total law of probability) 25
26 Example: Dual-Redundant Architecture s(k) Primary Sensor m ( k 1 ) Fault Detection Logic (FDI) d (k) mˆ ( k) Back-up Sensor m ( k 2 ) Switch Objective:Compute reliability of system assuming sensors have a mean-time between failure of 1000Hrs. 26
27 Failure Modes Missed Detection, M N Primary Fails Missed Detection 0 T 1 T 1 +N 0 N Time False Alarm, F N False Alarm T S Backup Fails System Failure 0 T 2 +N 0 N T 2 Time Proper Detection, D N Primary Fails T 1 Failure Detected System Failure 0 T 2 +N 0 N T S Backup Fails T 2 Time Failure Detected Primary Fails Backup Fails System Failure Early False Alarm, E N 0 T 1 T 2 +N 0 N T S T 2 Time 27
28 System Failure Rate Notation: Sensor failure per hour False alarm per hour Detection per failure Approximate system failure probability: 28
29 System Failure Rate Notation: Sensor failure per hour False alarm per hour Detection per failure Approximate system failure probability: Primary sensor fails + missed detection Failure detected + Backup sensor fails False alarm + Backup sensor fails 29
30 System Failure Rate Notation: Sensor failure per hour False alarm per hour Detection per failure Question: How can we compute these probabilities? Approximate system failure probability: Primary sensor fails + missed detection Failure detected + Backup sensor fails False alarm + Backup sensor fails 30
31 False Alarm Analysis What is the conditional probability of an alarm given that no fault has occurred? Abstraction: Discretetime uncertain linear system driven by noise. 31
32 Problem Formulation (Healthy) Dynamics for residual Simple Thresholding Objective: Assume n k is a stationary Gaussian process and assume known dynamic model for residuals. Compute the probability P N that r k > T for some k in {1,,N}. 32
33 Problem Formulation (Healthy) Dynamics for residual Simple Thresholding References 1. Glaz and Johnson. Probability inequalities for multivariate distributions with dependence structures. JASA, Hu and Seiler, Probability Bounds for False Alarm Analysis of Fault Detection Systems, Allerton, Theorem: There exist bounds γ k (k=1,,n) such that 1. γ k P N 2. γ k are monotonically non-increasing in k 3. γ k requires evaluation of k-dim. Gaussian integrals 33
34 Results: Effects of Correlation Neglecting correlations is accurate for small a False Alarm Probabilities and Bounds for N=360,000 but not for a near 1. For each (a,t), P 1 = which gives NP 1 =3.6 x 10-6 Residual Generation r = ar + n + k +1 k k f k d k Decision Logic 0 if rk T = 1 else 34
35 Worst-case False Alarm Probability Reference Hu and Seiler, Worst-Case False Alarm Analysis of Aerospace Fault Detection Systems, Submitted to ACC, Issue: Model depends on unknown (uncertain) parameters, ϵ. Objective: Compute the worst-case false alarm probability Main Result: Robust H 2 analysis results can be used to compute worstcase residual variance. This yields bounds on P N *. 35
36 Conclusions Commercial aircraft achieve high levels of reliability. Analytical redundancy is rarely used (Certification Issues) Model-based fault detection methods are an alternative that enables size, weight, power, and cost to be reduced. Tools for Systems Design and Certification Extended fault trees Stochastic false alarm and missed detection analysis Methods to validate analysis using flight test data (Hu and Seiler, 2014 AIAA) 36
37 Acknowledgments NASA Langley NRA NNX12AM55A: Analytical Validation Tools for Safety Critical Systems Under Loss-of-Control Conditions, Technical Monitor: Dr. Christine Belcastro Air Force Office of Scientific Research: Grant No. FA , "A Merged IQC/SOS Theory for Analysis of Nonlinear Control Systems, Technical Monitor: Dr. Fariba Fahroo. NSF Cyber-Physical Systems: Grant No , Embedded Fault Detection for Low-Cost, Safety-Critical Systems, Program Manager: Theodore Baker. 37
38 Backup Slides 38
39 Dual-Redundant Architecture s(k) Primary Sensor m ( k 1 ) Fault Detection Logic (FDI) d (k) mˆ ( k) Back-up Sensor m ( k 2 ) Switch Objective:Efficiently compute the probability P S,N that the system generates bad data for N 0 consecutive steps in an N-step window. 39
40 Assumptions 1. Knowledge of probabilistic performance a. Sensor failures: P[ T i =k ] where T i := failure time of sensor i b. FDI False Alarm: P[ T S N T 1 =N+1 ] c. FDI Missed Detection: P[ T S k+n 0 T 1 =k ] 2. Neglect intermittent failures 3. Neglect intermittent switching logic 4. Sensor failures and FDI logic decision are independent Sensors have no common failure modes. 40
41 Failure Modes Missed Detection, M N Primary Fails Missed Detection 0 T 1 T 1 +N 0 N Time False Alarm, F N False Alarm T S Backup Fails System Failure 0 T 2 +N 0 N T 2 Time Proper Detection, D N Primary Fails T 1 Failure Detected System Failure 0 T 2 +N 0 N T S Backup Fails T 2 Time Failure Detected Primary Fails Backup Fails System Failure Early False Alarm, E N 0 T 1 T 2 +N 0 N T S T 2 Time 41
42 System Failure Probability Apply basic probability theory: 42
43 System Failure Probability Apply basic probability theory: Knowledge of probabilistic performance a. Sensor failures: P[ T i =k ] where T i := failure time of sensor i 43
44 System Failure Probability Apply basic probability theory: Knowledge of probabilistic performance a. Sensor failures: P[ T i =k ] where T i := failure time of sensor i b. FDI False Alarm: P[ T S N T 1 =N+1 ] 44
45 System Failure Probability Apply basic probability theory: Knowledge of probabilistic performance a. Sensor failures: P[ T i =k ] where T i := failure time of sensor i b. FDI False Alarm: P[ T S N T 1 =N+1 ] c. FDI Missed Detection: P[ T S k+n 0 T 1 =k ] 45
46 Example Sensor Failures: Geometric distribution with parameter q Residual-based threshold logic m 1( k ) y(k) Fault Detection Filter r(k) Threshold, T d(k) Residual r ( k + 1) = n( k) + f ( k) Decision Logic 0 if d( k) = 1 f is an additive fault n is IID Gaussian noise, variance=σ r( k) T else 46
47 Example Per-frame false alarm probability can be easily computed For each k, r(k) is N(0,σ 2 ) : T [ d(k) = 1 No Fault] = 1 P = Pr p( r) dr F P F = 1 erf ( ) T 2σ 2 T Approximate per-hour false alarm probability x 10-3 P FA (30) = for σ = 0.25 P [ TS N T1 = N + 1] = 1 (1 P ) F N NP F P FA (N) 1 Per-frame detection probability P D can be similarly computed Time Window, N 47
48 System Failure Rate Notation: Sensor failure per hour False alarm per hour Approximate system failure probability: Detection per failure 48
49 System Failure Rate Notation: Sensor failure per hour False alarm per hour Approximate system failure probability: Detection per failure Primary sensor fails + missed detection Failure detected + Backup sensor fails False alarm + Backup sensor fails 49
50 System Failure Rate 10-3 P S,N 10-4 f/σ=1 f/σ=6 f/σ= T/σ Sensor mean time between failure = 1000hr and N= ( = 1 hour at 100Hz rate) 50
51 Correlated Residuals Example analysis assumed IID fault detection logic. Many fault-detection algorithms use dynamical models and filters that introduce correlations in the residuals. Question:How can we compute the FDI performance metrics when the residuals are correlated in time? FDI False Alarm: P[ T S N T 1 =N+1 ] FDI Missed Detection: P[ T S k+n 0 T 1 =k ] 51
52 False Alarm Analysis with Correlated Residuals Problem:Analyze the per-hour false alarm probability for a simple first-order fault detection system: Residual Generation (0<a<1) r = ar + n + k +1 k k f k f is an additive fault n is IID Gaussian noise, variance=1 Residuals are correlated in time due to filtering d Decision Logic k 0 if rk T = 1 else The N-step false alarm probabilityp N is the conditional probability that d k =1 for some 1 k N given the absence of a fault. P N = 1 T T L pr ( r1,..., rn ) dr1 T T Ldr There are N= samples per hour for a 100Hz system N 52
53 False Alarm Analysis Residuals satisfy the Markov property: P N can be expressed as an N-step iteration of 1- dimensional integrals: 53 = = = = T T N T T T T N N N N N N N N N dr r p r f P dr r r p r f r f dr r r p r f r f r f ) ( ) ( 1 ) ( ) ( ) ( ) ( ) ( ) ( 1 ) ( M k k k k f n ar r + + = +1 ( ) ( ) k k k k r r p r r r p 1 1 1,, + + = L ( ) ( ) ( ) ( ) ,, r p r r p r r p r r p k k k R = L L = T T N T T N R N dr dr r r p P L L 1 1 ),..., ( 1 This has the appearance of a power iteration A N x
54 False Alarm Probability Theorem:Let λ 1 be the maximum eigenvalue and ψ 1 the corresponding eigenfunctionof λψ = T 1 1( ) ψ 1 T x ( y) p( y x) dy Then P N cλ N 1 1 where c = 1, ψ 1 Proof This is a generalization of the matrix power iteration The convergence proof relies on the Krein-Rutmantheorem which is a generalization of the Perron-Frobenius theorem. For a=0.999 and N=360000, the approximation error is Ref: B. Hu and P. Seiler. False Alarm Analysis of Fault Detection Systems with Correlated Residuals, Submitted to IEEE TAC,
The Use of Fuzzy Spaces in Signal Detection
The Use of Fuzzy Spaces in Signal Detection S. W. Leung and James W. Minett Department of Electronic Engineering, City University of Hong Kong Correspondence to: Dr. Peter S. W. Leung Department of Electronic
More informationSYSTEM SAFETY ASSESSMENT RELIABILITY OF SYSTEMS AND EQUIPMENT
SYSTEM SAFETY ASSESSMENT RELIABILITY OF SYSTEMS AND EQUIPMENT TYPES OF FAILURE : - Systematic - Non-Systematic Infant Mortality Random Wear-out WEIBULL DISTRIBUTION DORMANT (LATENT) FAILURES BOOLEAN ALGEBRA
More informationON-LINE SENSOR CALIBRATION MONITORING AND FAULT DETECTION FOR CHEMICAL PROCESSES
ON-LINE SENSOR CALIBRATION MONITORING AND FAULT DETECTION FOR CHEMICAL PROCESSES Xiao Xu, J. Wesley Hines, Robert E. Uhrig Maintenance and Reliability Center The University of Tennessee Knoxville, TN 37996-23
More informationDetection of Sensor Faults in Autonomous Helicopters *
Proc. of the 25 IEEE International Conference on Robotics and Automation (ICRA 25), Barcelona, Spain, April 25 Detection of Sensor Faults in Autonomous Helicopters * Guillermo Heredia, Aníbal Ollero, Rajesh
More informationSIL Safety Guide Series MS Single-Acting Spring-Return Hydraulic Linear Actuators
SIL Safety Guide Series MS Single-Acting Spring-Return Hydraulic Linear Actuators Rev 0, November 17 2015 Page 1 of 9 Table of Contents 1 INTRODUCTION 3 1.1 Terms and abbreviations 3 1.2 Acronyms 4 1.3
More informationReal Time Pipeline Leak Detection on Shell s North Western Ethylene Pipeline
Real Time Pipeline Leak Detection on Shell s North Western Ethylene Pipeline Dr Jun Zhang & Dr Ling Xu* REL Instrumentation Limited ABSTRACT In the past ten years, a number of pipeline leak detection systems
More informationNegative Selection Algorithm for Aircraft Fault Detection
Negative Selection Algorithm for Aircraft Fault Detection D. Dasgupta 1, K. KrishnaKumar 2, D. Wong, M. Berry 1 Division of Computer Science, University of Memphis Memphis, TN 2 Computational Sciences
More informationFault Isolation for Spacecraft Systems: An Application to a Power Distribution Testbed
Preprints of the 8th IFAC Symposium on Fault Detection, Supervision and Safety of Technical Processes (SAFEPROCESS) Fault Isolation for Spacecraft Systems: An Application to a Power Distribution Testbed
More informationA Generalized Delay-timer for Alarm Triggering
2012 American Control Conference Fairmont Queen Elizabeth, Montreal, Canada June 27-June 29,2012 A Generalized Delay-timer for Alarm Triggering Naseeb Ahmed Adnan, Yue Cheng, Iman Izadi and Tongwen Chen
More informationFunctional Safety Experience on Railway Signalling in Japan. Yuji Hirao Nagaoka University of Technology (Japan)
Functional Safety Experience on Railway Signalling in Japan Yuji Hirao Nagaoka University of Technology (Japan) Functional Safety Experience on Railway Signalling in Japan 1. Application of computers to
More informationImplementing a Reliable Leak Detection System on a Crude Oil Pipeline
Implementing a Reliable Leak Detection System on a Crude Oil Pipeline By Dr Jun Zhang & Dr Enea Di Mauro* 1. Introduction Pipeline leak detection or integrity monitoring (PIM) systems have been applied
More informationFailure Modes, Effects and Diagnostic Analysis
Failure Modes, Effects and Diagnostic Analysis Project: Detcon FP-700 Combustible Gas Sensor Customer: Detcon The Woodlands, TX USA Contract No.: DC 06/08-04 Report No.: DC 06/08-04 R001 Version V1, Revision
More informationCertification Report of the ST3000 Pressure Transmitter
Certification Report of the ST3000 Pressure Transmitter Revision No.: 1.0 Date: Report Number: Product: Customer: Order Number: Authority: Responsible: 2006-Dec-12 SAS-128/2006T ST3000 Pressure Transmitter
More informationThe agri-motive safety performance integrity level Or how do you call it?
TÜV Rheinland InterTraffic GmbH Safety in Transportation 4 The agri-motive safety performance integrity level Or how do you call it? Dipl.-Ing. Sebastian Gräfling, TÜV Rheinland InterTraffic GmbH Contents
More informationSafety in the process industry
Products Solutions Services Safety in the process industry Simply reliable Table of contents Endress+Hauser: At home in the process safety Smart devices and concepts for hazardous areas Introduction to
More informationEffective Alarm Management for Dynamic and Vessel Control Systems
DYNAMIC POSITIONING CONFERENCE October 12-13, 2010 OPERATIONS SESSION Effective Alarm Management for Dynamic and Vessel Control Systems By Steve Savoy Ensco Offshore Company 1. Introduction Marine control
More informationApplication Note. Application Note for BAYEX
Application Note Application Note for BAYEX Preface This application note provides the user a more detailed description of the Bayesian statistical methodology available in Version 8.05 and above, of the
More informationDEPTH OF EMBEDMENT OF A SHEET PILE WALL
IJRET: International Journal of Research in Engineering and Technology eissn: 319-1163 pissn: 31-738 DEPT OF EMBEDMENT OF A SEET PILE WALL M U Jagadeesha M.E.,M.I.E.,M.I.S.T.E, Lecturer, Jimma Institute
More informationSession Ten Achieving Compliance in Hardware Fault Tolerance
Session Ten Achieving Compliance in Hardware Fault Tolerance Mirek Generowicz FS Senior Expert (TÜV Rheinland #183/12) Engineering Manager, I&E Systems Pty Ltd Abstract The functional safety standards
More informationHigh Integrity Pressure Protection System
High Integrity Pressure Protection System 412748_CCI_HIPPS.indd 1 A CCI HIPPS offering is unique in its: Innovative custom engineered system approach Variety of actuator and valve solutions for an optimized
More informationCertification Report of the ST 3000 Pressure Transmitter with HART 6
Certification Report of the ST 3000 Pressure Transmitter with HART 6 Revision No.: 2.4 Date: Report Number: 2010-Mar-18 SAS-190/2006T Product: ST 3000 Pressure Transmitter with HART 6 Customer: Order Number:
More informationBench Model of Electrical Control System for Inflatable Hemi- Spherical Structure
Bench Model of Electrical Control System for Inflatable Hemi- Spherical Structure Sunil Kumar *, R. Shyam **, Amitabha Pal, P.Bala Subramaniam,,Narendra Singh Aerial Delivery Research & Development Establishment,
More informationSYNERGY IN LEAK DETECTION: COMBINING LEAK DETECTION TECHNOLOGIES THAT USE DIFFERENT PHYSICAL PRINCIPLES
Proceedings of the 2014 10 th International Pipeline Conference IPC2014 September 29-October 3, 2014, Calgary, Alberta, Canada IPC2014-33387 SYNERGY IN LEAK DETECTION: COMBINING LEAK DETECTION TECHNOLOGIES
More informationAvionics/Systems Policy Updates - Small Airplane Directorate
Avionics/Systems Policy Updates - Small Airplane Directorate Presented to: AEA 2014 By: Bill Schinstock Date: March, 2014 Overview Challenge Focus on GA Safety Key Safety Initiatives Policy/Regulatory
More informationY. ORMIERES. Fire risk analysis method for nuclear installations
Y. ORMIERES Fire risk analysis method for nuclear installations 2 Fire risk analysis method for nuclear installations A position on the management of fire safety analysis in nuclear installations by specifying:
More informationDigital EPIC 2 Safety manual
Safety manual Before installation these instructions must be fully read and understood Table of contents Safety manual... 1 1. Introduction... 1 1.1 Terms and abbreviations... 2 1.2 Acronyms... 2 1.3 Product
More informationUse of Autoassociative Neural Networks for Signal Validation
"Use of Autoassociative Neural Networks for Signal Validation", by J. Wesley Hines, Darryl J. Wrest and Robert E. Uhrig, published in the proceeding of NEURAP 97 Neural Network Applications, Marseille,
More informationImmunity-Based Aircraft Fault Detection System
Immunity-Based Aircraft Fault Detection System D. Dasgupta *, K. KrishnaKumar, D. Wong, M. Berry Abstract In the study reported in this paper, we have developed and applied an Artificial Immune System
More informationStability of Inclined Strip Anchors in Purely Cohesive Soil
Stability of Inclined Strip Anchors in Purely Cohesive Soil R. S. Merifield 1 ; A. V. Lyamin 2 ; and S. W. Sloan 3 Abstract: Soil anchors are commonly used as foundation systems for structures requiring
More informationMechanics issn Transport issue 1, 2009 Communications article 0342
Mechanics issn 1312-3823 Transport issue 1, 2009 Communications article 0342 Academic journal FUNCTIONAL SAFETY ASSESSMENT OF LED BASED SIGNAL LAMP http://www.mtc-aj.com Jan Famfulík, Radek Krzyžanek jan.famfulik@vsb.cz,
More informationIntroduction. Additional information. Additional instructions for IEC compliant devices. Measurement made easy
ABB MEASUREMENT & ANALYTICS SIL-SAFETY MANUAL TTH300, TTF300 Temperature transmitter Additional instructions for IEC 61508 compliant devices Measurement made easy TTH300 TTF300 Introduction TTH300, TTF300
More informationJET ENGINE SENSOR VALIDATION WITH PROBABILISTIC NEURAL NETWORKS
JET ENGINE SENSOR VALIDATION WITH PROBABILISTIC NEURAL NETWORKS C Romessis Research Assistant K Mathioudakis Associate Professor Laboratory of Thermal Turbomachines National Technical University of Athens
More informationBenefits of Enhanced Event Analysis in. Mark Miller
Benefits of Enhanced Event Analysis in Data Center OTDR Testing Mark Miller Dr. Fang Xu AFL/Noyes Test & Inspection Overview Challenges Topics Techniques and Improvements Benefits of enhanced event analysis
More informationPPA Michaël GROSSI - FSCE PR electronics
Functional Safety Component selection according to IEC61511 Title 2 Presentation Michaël GROSSI: Ex / SIL Product manager @ Degree in Instrumentation & Measurement More than 10 years experience in Functional
More informationComposite Event Detection in Wireless Sensor Networks
Composite Event Detection in Wireless Sensor Networks Chinh T. Vu, Raheem A. Beyah and Yingshu Li Georgia State University 04-12-2007 Outline Why? Motivation What? Preliminaries How? Scheme Conclusion
More informationIEC61511 Standard Overview
IEC61511 Standard Overview Andre Kneisel Instrumentation Engineer Chevron C.T. Refinery SAFA Symposium 2011 August 5 th, 2011 Presentation Overview Provide some understanding of the key aspects of Functional
More informationVision Based Intelligent Fire Detection System
International Journal of Engineering Science Invention Volume 2 Issue 3 ǁ March. 2013 Vision Based Intelligent Fire Detection System AGITHA.K Dept. of Electronics &Telecommunication, VESIT hembur, Mumbai
More informationUSING A REAL TIME SIMULATOR IN A LARGE AND COMPLEX ROAD TUNNEL FOR TIME AND COST SAVINGS
USING A REAL TIME SIMULATOR IN A LARGE AND COMPLEX ROAD TUNNEL FOR TIME AND COST SAVINGS Lars Elertson, Swedish Transport Administration Abstract 56 km of tunnel tubes compose the road tunnel E4 Stockholm
More informationSAFETY INTEGRITY LEVEL MANUAL. IEC and IEC XP95 and Discovery SIL Approved Product Range
SAFETY INTEGRITY LEVEL MANUAL IEC 61508 and IEC 61511 XP95 and Discovery SIL Approved Product Range 0729 Contents General Information... 2 ty Integrity Levels explained... 3 Why do we need ty Integrity
More informationFailure Modes, Effects and Diagnostic Analysis
Failure Modes, Effects and Diagnostic Analysis Project: Honeywell Temperature Transmitter STT650 with 4-20 ma Output Company: Honeywell International Inc. Field Products 512 Virginia Drive Fort Washington,
More informationCoupling Multiple Hypothesis Testing with Proportion Estimation in Heterogeneous Categorical Sensor Networks
Advancing the Science of Information Coupling Multiple Hypothesis Testing with Proportion Estimation in Heterogeneous Categorical Sensor Networks DTRA SBIR Phase II Contract: W911SR-10-C-0038 Chris Calderon,
More informationFailure Modes, Effects and Diagnostic Analysis
Failure Modes, Effects and Diagnostic Analysis Project: Type 95IR/95UV/95DS Flame Scanners Customer: FIREYE Derry, New Hampshire USA Contract No.: FIR 04/08-21 Report No.: FIR 04/08-21 R002 Version V1,
More informationSession Four Functional safety: the next edition of IEC Mirek Generowicz Engineering Manager, I&E Systems Pty Ltd
Abstract Session Four Functional safety: the next edition of IEC 61511 Mirek Generowicz Engineering Manager, I&E Systems Pty Ltd The functional safety standard IEC 61511 provides a framework for managing
More informationOverfill Prevention Control Unit with Ground Verification & Vehicle Identification Options. TÜVRheinland
Scully Intellitrol Safety Manual Overfill Prevention Control Unit with Ground Verification & Vehicle Identification Options TÜVRheinland Functional Safety Type Approved FS IEC 61508 Certified SIL 2 / SIL
More informationChapter 2 Theory and Background
Chapter 2 Theory and Background In this chapter we present some basic concepts about the work in order to understand the idea and the context of this book better. 2.1 Fuzzy Inference System Fuzzy logic
More informationSoil Moisture Data Assimilation in Process Based Models
Soil Moisture Data Assimilation in Process Based Models Wade Crow, Rolf Reichle, John Bolten, and Iva Mladenova Emerging Technologies and Methods in Earth Observation for Agricultural Monitoring February
More informationThe SIL Concept in the process industry International standards IEC 61508/ 61511
The SIL Concept in the process industry International standards IEC 6508/ 65 Chris M. Pietersen MSc Safety Solutions Consultants BV (SSC) Director pietersen@safety-sc.com th Urea Symposium 9- May 008,
More informationEffective Use of Statistical Models to Establish and Update Vibration Alarm
Knowledge Base Article Effective Use of Statistical Models to Establish and Update Vibration Alarm Article ID: NK-1000-0468 Publish Date: 27 Feb 2015 Article Status: Article Type: Required Action: Approved
More informationPerformance Neuro-Fuzzy for Power System Fault Location
International Journal of Engineering and Technology Volume 3 No. 4, April, 2013 Performance Neuro-Fuzzy for Power System Fault Location 1,2 Azriyenni, 1 M.W. Mustafa 1 Electrical Engineering, Fakulti Kejuruteraan
More informationTHE NEXT GENERATION IN VISIBILITY SENSORS OUTPERFORM BOTH TRADITIONAL TRANSMISSOMETERS AND FORWARD SCATTER SENSORS
THE NEXT GENERATION IN VISIBILITY SENSORS OUTPERFORM BOTH TRADITIONAL TRANSMISSOMETERS AND FORWARD SCATTER SENSORS Steve Glander: Senior Sales Engineer All Weather, Inc. 1165 National Dr. Sacramento, CA
More informationFUNCTIONAL SAFETY IN FIRE PROTECTION SYSTEM E-BOOK
FUNCTIONAL SAFETY IN FIRE PROTECTION SYSTEM E-BOOK USEFUL TERMINOLOGY BASIC PROCESS CONTROL SYSTEM (BPCS) System which responds to input signals from the process, its associated equipment, other programmable
More informationSensor Network Design Technique for Monitoring Railroad Structures
2016 1 st International Workshop on Structural Health Monitoring for Railway Systems (IWSHM-RS 2016) ISBN: 978-1-60595-371-7 Sensor Network Design Technique for Monitoring Railroad Structures Zengye Ju
More informationHow to Use Fire Risk Assessment Tools to Evaluate Performance Based Designs
How to Use Fire Risk Assessment Tools to Evaluate Performance Based Designs 1 ABSTRACT Noureddine Benichou and Ahmed H. Kashef * Institute for Research in Construction National Research Council of Canada
More informationTrusted fault tolerant technology
Trusted fault tolerant technology The highest availability for your safety solution Experts in safety The prevention of one unplanned nuisance trip or one system failure can save your operation millions
More information67 th Canadian Chemical Engineering Conference EDMONTON, AB OCTOBER 22-25, 2017
Canadian Society for Chemical Engineering (CSChE) 67 th Canadian Chemical Engineering Conference EDMONTON, AB OCTOBER 22-25, 2017 MONDAY, 23 OCTOBER, 2017 Guillermo Pacanins, P. Eng., FS Senior Expert
More informationICONE DRAFT Proceedings of the 16th International Conference on Nuclear Engineering ICONE16 May 11-15, 2008, Orlando, Florida, USA
DRAFT Proceedings of the 16th International Conference on Nuclear Engineering ICONE16 May 11-15, 2008, Orlando, Florida, USA ICONE16-48187 THERMAL CYCLE EVALUATION FOR FEEDWATER HEATER OUT OF SERVICE CONDITION
More informationIEC PRODUCT APPROVALS VEERING OFF COURSE
IEC 61508 PRODUCT APPROVALS VEERING OFF COURSE Angela E. Summers, P.E., PhD, President, SIS-TECH Solutions, LP Published on-line: IEC 61508 Product Approvals Veering off Course, ControlGlobal.com, July
More informationUncertainty Analysis For Input Parameters Of Electrical Cabinet Fire Simulation By Coupling Latin Hypercube Sampling And CFAST
Uncertainty Analysis For Input Parameters Of Electrical Cabinet Fire Simulation By Coupling Latin ypercube Sampling And CFAST Wanhong WANG a, Dahuan ZU b, ui BAO c, Yun GUO a, Changhong PENG a * a School
More informationSecurity Management System - Configuring Video Analytics
Introduction This document describes the steps for configuring the Video Analytics (VA) module available in the Security Management System software. Security Management System video analytics module is
More informationReal-Time Root Cause Analysis for Complex Technical Systems
Real-Time Root Cause Analysis for Complex Technical Systems Jan Eric Larsson, Joseph DeBor IEEE HPRCT Monterey, CA, August 29 th 2007 Handling Alarm Cascades Root cause analysis: find the initiating events
More informationFunctional Safety for Semiconductor Designs
Functional Safety for Semiconductor Designs Alessandra Nardi, Software Engineering Group Director, Automotive Solutions Electronic Design Process Symposium 2018 Milpitas - September 14, 2018 Contributors:
More informationICS Regent. Fire Detector Input Modules PD-6032 (T3419)
ICS Regent Fire Detector Input Modules (T3419) Issue 1, March, 06 Fire detector input modules provide interfaces for 16 fire detector inputs such as smoke detectors, flame detectors, temperature detectors,
More informationIntelligent alarm management
Intelligent alarm management icontrol Web s Advanced Alarm Management enables operators to work together to identify and resolve facility faults to minimize the MTTR. icontrol Web offers Advanced Alarm
More informationHAMMING AND GOLAY CODES
HAMMING AND GOLAY CODES Satish Kumar Buddha November 7, 2011 Satish Kumar Buddha () HAMMING AND GOLAY CODES November 7, 2011 1 / 29 Error correcting codes In Information theory and coding theory, error
More informationReliability and Safety Assessment in Offshore and Process Industries
Reliability and Safety Assessment in Offshore and Process Industries PSAM 7 / ESREL 04 Berlin, Germany Lars Bodsberg SINTEF, Trondheim, Norway 1 2 All models are wrong! Some are useful. (G.E. Box) 3 Many
More informationForce and Bungee Cord Length: Will Longer Length Un-Stretched of Cord result in a Greater or Lesser Force than a Shorter Length of Un-Stretched Cord
Force and Bungee Cord Length: Will Longer Length Un-Stretched of Cord result in a Greater or Lesser Force than a Shorter Length of Un-Stretched Cord Introduction: Answering the request of quite the adventurous
More informationFailure Modes, Effects and Diagnostic Analysis
Failure Modes, Effects and Diagnostic Analysis Project: 3144P 4-20mA HART Temperature Transmitter Device Label SW REV 1.1.X Customer: Rosemount Inc. (an Emerson Process Management company) Shakopee, MN
More informationFailure Modes, Effects and Diagnostic Analysis
Failure Modes, Effects and Diagnostic Analysis Project: Oldham OLCT 200 Transmitter Company: Industrial Scientific Corporation Oakdale, PA USA Contract Number: Q11/05-009 Report No.: IS 10/10-010 R001
More informationA DETAILED ANALYSIS OF SLOPE STABILITY USING FINITE ELEMENT METHOD (FEM)
A DETAILED ANALYSIS OF SLOPE STABILITY USING FINITE ELEMENT METHOD (FEM) S. Halder 1*, M. O. Imam 2 & M. S. Basir 1 1 Department of Civil & Water Resources Engineering, Chittagong University of Engineering
More informationFailure Modes, Effects and Diagnostic Analysis
Failure Modes, Effects and Diagnostic Analysis Project: Fireye Flame Sensor Module CE Flameswitch, model MBCE-110/230FR Company: Fireye Derry, NH USA Contract Number: Q09/10-26 Report No.: FIR 09/10-26
More informationA Systems Approach to the Development of an Aircraft Smoke Control System
A Systems Approach to the Development of an Aircraft Smoke Control System Danilo da Costa Ribeiro danilo.costa@embraer.com.br March 2016 Motivation 2 Motivation Technology Evolution Flight Control System
More informationUnited Electric Controls One Series Safety Transmitter Safety Manual
United Electric Controls One Series Safety Transmitter Safety Manual OneST-SM-02 1 INTRODUCTION This Safety Manual provides information necessary to design, install, verify and maintain a Safety Instrumented
More informationFlexibility, scalability andsecurity
THE OF INFORMATION TECHNOLOGY SYSTEMS An Official Publication of BICSI January/February 2014 l Volume 35, Number 1 data center Flexibility, scalability andsecurity plus + The Next Five Years in AV + Measuring
More informationAdvanced Pattern Recognition for Anomaly Detection Chance Kleineke/Michael Santucci Engineering Consultants Group Inc.
Advanced Software Technologies Advanced Pattern Recognition for Anomaly Detection Chance Kleineke/Michael Santucci Engineering Consultants Group Inc. August 16, 2017 Tampa Convention Center Tampa, Florida
More informationAlarm Analysis with Fuzzy Logic and Multilevel Flow Models
Alarm Analysis with Fuzzy Logic and Multilevel Flow Models Fredrik Dahlstrand Department of Information Technology Lund Institute of Technology Box 118, SE-221 00 Lund, Sweden Phone: +46 46 222 95 10 Fax
More informationComputers and Chemical Engineering
Computers and Chemical Engineering 8 (2) 89 98 Contents lists available at ScienceDirect Computers and Chemical Engineering j ourna l ho me pa g e: www.elsevier.com/locate/compchemeng A new method to detect
More informationFailure Modes, Effects and Diagnostic Analysis. Rosemount Inc. Chanhassen, MN USA
Failure Modes, Effects and Diagnostic Analysis Project: 3144P SIS Temperature Transmitter Customer: Rosemount Inc. Chanhassen, MN USA Contract No.: ROS 04/08-19 Report No.: ROS 04/08-19 R003 Version V1,
More informationFunctional Safety of Machinery Presented by Greg Richards Manufacturing in America 02/22-23/2017
Functional Safety of Machinery Presented by Greg Richards Manufacturing in America 02/22-23/2017 AGENDA Definition of Safety? Machinery Safety Standards Comparison of ISO 13849-1 and IEC 62061 Safety-related
More informationPULLOUT CAPACITY OF HORIZONTAL AND INCLINED PLATE ANCHORS IN CLAYEY SOILS
PULLOUT CAPACITY OF HORIZONTAL AND INCLINED PLATE ANCHORS IN CLAYEY SOILS BALESHWAR SINGH Associate Professor Department of Civil Engineering Indian Institute of Technology Guwahati Guwahati 78139, India
More informationFailure Modes, Effects and Diagnostic Analysis
Failure Modes, Effects and Diagnostic Analysis Project: Phoenix Type 85UVF/IRF Flame Scanner Company: FIREYE Derry, New Hampshire USA Contract Number: Q08/04-57 Report No.: FIR 08/04-57 R001 Version V2,
More informationSMOKE MANAGEMENT AND EGRESS ANALYSIS OF A SPORTS ARENA USING THE PERFORMANCE-BASED DESIGN
, Volume 4, Number 2, p.73-83, 2003 SMOKE MANAGEMENT AND EGRESS ANALYSIS OF A SPORTS ARENA USING THE PERFORMANCE-BASED DESIGN K.H. Yang and C.S. Yang Mechanical Engineering Department, National Sun Yat-Sen
More informationFIMD: Fine-grained Device-free Motion Detection
ICPADS 2012 FIMD: Fine-grained Device-free Motion Detection Jiang Xiao, Kaishun Wu, Youwen Yi, Lu Wang, Lionel M. Ni Department of Computer Science and Engineering Hong Kong University of Science and Technology
More informationRecent Case Studies in Bearing Fault Detection and Prognosis
Recent Case Studies in Bearing Fault Detection and Prognosis Michael Roemer, Carl Byington, Jeremy Sheldon Impact Technologies, LLC Rochester, NY State College, PA Atlanta, GA Mike.Roemer@impact-tek.com
More informationAerospace and Defense Applications
Aerospace and Defense Applications SENSING AND CONTROL Sensor and Switch Solutions Aerospace and Defense Customers know Honeywell Sensing and Control (S&C) by two simple words: Problem solved. For more
More informationResearch on Decision Tree Application in Data of Fire Alarm Receipt and Disposal
Research Journal of Applied Sciences, Engineering and Technology 5(22): 5217-5222, 2013 ISSN: 2040-7459; e-issn: 2040-7467 Maxwell Scientific Organization, 2013 Submitted: October 09, 2012 Accepted: December
More informationEFFECT OF COMPACTION ON THE UNSATURATED SHEAR STRENGTH OF A COMPACTED TILL
EFFECT OF COMPACTION ON THE UNSATURATED SHEAR STRENGTH OF A COMPACTED TILL Vanapalli, S.K., Pufahl, D.E., and Fredlund, D.G. (University of Saskatchewan, Saskatoon, SK., Canada, S7N 5A9) Abstract An experimental
More informationFUNCTIONAL SAFETY: A PRACTICAL APPROACH FOR END-USERS AND SYSTEM INTEGRATORS
FUNCTIONAL SAFETY: A PRACTICAL APPROACH FOR END-USERS AND SYSTEM INTEGRATORS TINO VANDE CAPELLE 1, Dr. MICHEL HOUTERMANS 2, 3 1- HIMA Paul Hildebrandt GmbH + Co KG, Brühl, GERMANY 2 Risknowlogy, Brunssum,
More informationFUNCTIONAL SAFETY CERTIFICATE
FUNCTIONAL SAFETY CERTIFICATE This is to certify that the X5000 & S5000 Fixed Gas Detector Range MSA The Safety Company manufactured by General Monitors 1000 Cranberry Woods Drive 26776 Simpatica Cir Cranberry
More informationAddressing Challenges in HIPPS Design and Implementation
Addressing Challenges in HIPPS Design and Implementation Valve Manufacturer s Association Afton Coleman, CFSP March 11, 2016 Agenda SIS and SIL basics HIPPS Purpose Increased demand for HIPPS, why? The
More informationFailure Modes, Effects and Diagnostic Analysis
Failure Modes, Effects and Diagnostic Analysis Project: 3144P SIS Temperature Transmitter Customer: Rosemount Inc. Chanhassen, MN USA Contract No.: ROS 04/08-19 Report No.: ROS 04/08-19 R003 Version V2,
More informationOn a GPU Acceleration of the Stochastic Grid Bundling Method
On a GPU Acceleration of the Stochastic Grid Bundling Method Álvaro Leitao Rodríguez and Cornelis W. Oosterlee Technische Universiteit Delft (TU Delft) - Centrum Wiskunde & Informatica (CWI) 13/6/2014
More informationCROWD-SOURCED REMOTE ASSESSMENTS OF REGIONAL-SCALE POST-DISASTER DAMAGE
Eleventh U.S. National Conference on Earthquake Engineering Integrating Science, Engineering & Policy June 25-29, 2018 Los Angeles, California CROWD-SOURCED REMOTE ASSESSMENTS OF REGIONAL-SCALE POST-DISASTER
More informationNew Developments in the IEC61511 Edition 2
New Developments in the IEC61511 Edition 2 Presented by Dr Issam Mukhtar PhD(Eng.) TÜV FS Expert (IDNo.:117/06) 6 th May 2013 2010 Invensys. All Rights Reserved. The names, logos, and taglines identifying
More informationFailure Modes, Effects and Diagnostic Analysis. PR electronics A/S Rønde Denmark
Failure Modes, Effects and Diagnostic Analysis Project: 9203 Solenoid / Alarm Driver Customer: PR electronics A/S Rønde Denmark Contract No.: PR electronics 06/03-19 Report No.: PR electronics 06/03-19
More informationBasics of Safety Applications
Basics of Safety Applications Unrestricted Siemens 2016 usa.siemens.com/controls DISCLAIMER/ TERMS OF USE: THE INFORMATION PROVIDED HEREIN IS PROVIDED AS A GENERAL REFERENCE REGARDING THE USE OF THE APPLICABLE
More informationPressure Transmitter cerabar S PMC 731/631 cerabar S PMP 731/635 with ma output signal
Safety Manual SD 159P/00/en Pressure Transmitter cerabar S PMC 731/631 cerabar S PMP 731/635 with 4...20 ma output signal Functional safety manual Application Pressure measurements (e.g. limit pressure
More informationThis document downloaded from vulcanhammer.net vulcanhammer.info Chet Aero Marine
This document downloaded from vulcanhammer.net vulcanhammer.info Chet Aero Marine Don t forget to visit our companion site http://www.vulcanhammer.org Use subject to the terms and conditions of the respective
More informationRe: ENSC440 Functional Specification for a License Plate Recognition Auto-gate System
February 16 th, 2009 Mr. Patrick Leung School of Engineering Science Simon Fraser University 8888 University Drive Burnaby BC V5A 1S6 Re: ENSC440 Functional Specification for a License Plate Recognition
More informationPipeline Leak Detection: The Esso Experience
Pipeline Leak Detection: The Esso Experience Bruce Tindell, Project Manager, Esso Petroleum Company Ltd, UK Dr Jun Zhang, Managing Director, ATMOS International (formerly REL Instrumentation) Abstract
More informationTechnical Paper. Functional Safety Update IEC Edition 2 Standards Update
Technical Paper Functional Safety Update IEC 61511 Edition 2 Standards Update Functional Safety Update Table of Contents 1.0 Introduction 2.0 IEC 61511-1 changes 3.0 IEC 61511-2 changes 4.0 IEC 61511-3
More information