基于故障注入模型的电传飞控系统安全性分析

Safety analysis for flybywire system based on fault injection model

安全性分析既是飞机研制中提高安全性的主要手段,也是审定中验证设计方案是否满足适航要求的重要符合性方法。传统的安全性分析方法滞后于系统的设计过程,且高度依赖于分析人员的技术和经验,无法满足现代飞机复杂系统研制的需求。针对电传飞控系统提出了一种基于模型的安全性分析方法。使用Simulink分别构建了典型电传飞控系统的名义模型和拓展模型,利用单故障注入后的系统响应提出了故障影响的分析方法,以支持故障模式及影响分析的开展,基于状态遍历实现了组合故障注入,并利用组合故障注入后的系统响应提出故障树最小割集的分析方法,最后结合工程案例说明了本文方法的正确性与有效性。与经典的马尔可夫分析方法相比,该方法避免了对设计人员经验的依赖并且具有更高的精度;当系统方案修改时,该方法能直接更新安全性分析结果,避免了重新建模分析的繁琐工作。

Safety analysis is the main method to improve safety in the process of aircraft development,and is also an important method to examine if the design meets the safety requirements of airworthiness standards.Traditional safety analysis methods lag behind the system design process and are significantly dependent on the skills and experience of analysts,and thus cannot meet the requirements of safety analysis for modern complex systems gradually.This paper presents a model-based safety analysis method for the fly-by-wire system.The nominal model and extended model of the fly-by-wire flight control system are established with Simulink.Failure mode and effect analysis can be conducted by injecting the single fault mode and evaluating the impact through the system response.An analysis method of obtaining the minimal cut sets is proposed based on the system response by traversing all failure combinations.Finally,the correctness and effectiveness of the proposed method are illustrated by an engineering case.Compared with the classical Markov method,our method can avoid dependence on designers’experience,and has higher accuracy.In addition,with the change of design,our method can update the results of safety analysis automatically,which can avoid the tedious work of re-modeling and re-analysis.