Architecture Level Safety Analyses for Safety-Critical Systems

<table class="algorithm-group"><tr><td><table class="algorithm" id="figbox1"><tr><td colspan="2">device interface</td></tr><tr><td colspan="2">features</td></tr><tr><td colspan="2">set_speed  : out data port;</td></tr><tr><td colspan="2">disengage  : out event port;</td></tr><tr><td colspan="2">control_on  : out event port;</td></tr><tr><td colspan="2">BA1  : requires bus access  Marine.Standard;</td></tr><tr><td colspan="2"> </td></tr><tr><td colspan="2">flows</td></tr><tr><td colspan="2">on_flow_src  : flow source  set_speed;</td></tr><tr><td colspan="2"> </td></tr><tr><td colspan="2">annex EMV2<svg height="11.5564pt" id="M1" style="vertical-align:-2.26807pt" version="1.1" viewbox="-0.0498162 -9.28833 19.9468 11.5564" width="19.9468pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M293 -169V-141C218 -131 209 -90 209 -44C209 19 222 85 222 152C222 207 198 255 139 269V273C199 286 222 334 222 388C222 454 209 523 209 588C209 632 218 671 293 681V709C234 709 148 695 148 577C147 513 155 438 155 372C155 337 152 291 64 285V256C152 250 155 204 155 169C156 105 148 31 148 -41C148 -157 234 -169 293 -169Z" id="g113-124"></path><glyph.data ascent="3473" descent="-2876" horiz-adv-x="347" vert-adv-y="347"></glyph.data></g><g transform="matrix(.013,0,0,-0.013,4.511,0)"><path d="M471 153C471 170 463 194 452 212C400 220 373 229 322 255C373 281 400 290 452 298C463 316 471 339 471 357C456 366 431 371 410 370C377 329 356 310 308 279C311 336 317 364 336 413C326 432 310 451 294 459C279 451 262 432 252 413C271 364 277 336 280 279C232 310 211 329 178 370C157 371 132 367 117 357C117 340 125 316 136 298C188 290 215 281 266 255C215 229 188 220 136 212C125 194 117 171 117 153C132 144 157 139 178 140C211 181 232 200 280 231C277 174 271 146 252 97C262 78 278 59 294 51C309 59 326 78 336 97C317 146 311 174 308 231C356 200 377 181 410 140C431 139 456 143 471 153Z" id="g113-43"></path><glyph.data ascent="3473" descent="-2876" horiz-adv-x="587" vert-adv-y="587"></glyph.data></g><g transform="matrix(.013,0,0,-0.013,12.142,0)"><path d="M471 153C471 170 463 194 452 212C400 220 373 229 322 255C373 281 400 290 452 298C463 316 471 339 471 357C456 366 431 371 410 370C377 329 356 310 308 279C311 336 317 364 336 413C326 432 310 451 294 459C279 451 262 432 252 413C271 364 277 336 280 279C232 310 211 329 178 370C157 371 132 367 117 357C117 340 125 316 136 298C188 290 215 281 266 255C215 229 188 220 136 212C125 194 117 171 117 153C132 144 157 139 178 140C211 181 232 200 280 231C277 174 271 146 252 97C262 78 278 59 294 51C309 59 326 78 336 97C317 146 311 174 308 231C356 200 377 181 410 140C431 139 456 143 471 153Z" id="g113-43"></path><glyph.data ascent="3473" descent="-2876" horiz-adv-x="587" vert-adv-y="587"></glyph.data></g></svg></td></tr><tr><td colspan="2">use types  ErrorModelLibrary;</td></tr><tr><td colspan="2">use behavior  ErrorModelLibrary::Simple;</td></tr><tr><td colspan="2"> </td></tr><tr><td colspan="2">error propagations</td></tr><tr><td colspan="2">set_speed: out propagation<svg height="11.5564pt" id="M2" style="vertical-align:-2.26807pt" version="1.1" viewbox="-0.0498162 -9.28833 4.62754 11.5564" width="4.62754pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M293 -169V-141C218 -131 209 -90 209 -44C209 19 222 85 222 152C222 207 198 255 139 269V273C199 286 222 334 222 388C222 454 209 523 209 588C209 632 218 671 293 681V709C234 709 148 695 148 577C147 513 155 438 155 372C155 337 152 291 64 285V256C152 250 155 204 155 169C156 105 148 31 148 -41C148 -157 234 -169 293 -169Z" id="g113-124"></path><glyph.data ascent="3473" descent="-2876" horiz-adv-x="347" vert-adv-y="347"></glyph.data></g></svg>NoValue<svg height="11.5564pt" id="M3" style="vertical-align:-2.26807pt" version="1.1" viewbox="-0.0498162 -9.28833 4.62754 11.5564" width="4.62754pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M283 255V284C195 290 192 337 192 375C192 436 200 508 200 580C200 696 116 709 54 709V681C127 671 139 634 139 588C138 524 125 452 125 387C125 333 149 286 209 272V268C148 253 125 206 125 151C126 87 139 16 139 -47C139 -92 127 -131 54 -141V-169C115 -169 200 -152 200 -41C200 32 192 104 192 164C192 202 195 249 283 255Z" id="g113-126"></path><glyph.data ascent="3473" descent="-2876" horiz-adv-x="347" vert-adv-y="347"></glyph.data></g></svg>;</td></tr><tr><td colspan="2">disengage: out propagation<svg height="11.5564pt" id="M4" style="vertical-align:-2.26807pt" version="1.1" viewbox="-0.0498162 -9.28833 4.62754 11.5564" width="4.62754pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M293 -169V-141C218 -131 209 -90 209 -44C209 19 222 85 222 152C222 207 198 255 139 269V273C199 286 222 334 222 388C222 454 209 523 209 588C209 632 218 671 293 681V709C234 709 148 695 148 577C147 513 155 438 155 372C155 337 152 291 64 285V256C152 250 155 204 155 169C156 105 148 31 148 -41C148 -157 234 -169 293 -169Z" id="g113-124"></path><glyph.data ascent="3473" descent="-2876" horiz-adv-x="347" vert-adv-y="347"></glyph.data></g></svg>NoService<svg height="11.5564pt" id="M5" style="vertical-align:-2.26807pt" version="1.1" viewbox="-0.0498162 -9.28833 4.62754 11.5564" width="4.62754pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M283 255V284C195 290 192 337 192 375C192 436 200 508 200 580C200 696 116 709 54 709V681C127 671 139 634 139 588C138 524 125 452 125 387C125 333 149 286 209 272V268C148 253 125 206 125 151C126 87 139 16 139 -47C139 -92 127 -131 54 -141V-169C115 -169 200 -152 200 -41C200 32 192 104 192 164C192 202 195 249 283 255Z" id="g113-126"></path><glyph.data ascent="3473" descent="-2876" horiz-adv-x="347" vert-adv-y="347"></glyph.data></g></svg>;</td></tr><tr><td colspan="2">control_on: out propagation<svg height="11.5564pt" id="M6" style="vertical-align:-2.26807pt" version="1.1" viewbox="-0.0498162 -9.28833 4.62754 11.5564" width="4.62754pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M293 -169V-141C218 -131 209 -90 209 -44C209 19 222 85 222 152C222 207 198 255 139 269V273C199 286 222 334 222 388C222 454 209 523 209 588C209 632 218 671 293 681V709C234 709 148 695 148 577C147 513 155 438 155 372C155 337 152 291 64 285V256C152 250 155 204 155 169C156 105 148 31 148 -41C148 -157 234 -169 293 -169Z" id="g113-124"></path><glyph.data ascent="3473" descent="-2876" horiz-adv-x="347" vert-adv-y="347"></glyph.data></g></svg>NoService<svg height="11.5564pt" id="M7" style="vertical-align:-2.26807pt" version="1.1" viewbox="-0.0498162 -9.28833 4.62754 11.5564" width="4.62754pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M283 255V284C195 290 192 337 192 375C192 436 200 508 200 580C200 696 116 709 54 709V681C127 671 139 634 139 588C138 524 125 452 125 387C125 333 149 286 209 272V268C148 253 125 206 125 151C126 87 139 16 139 -47C139 -92 127 -131 54 -141V-169C115 -169 200 -152 200 -41C200 32 192 104 192 164C192 202 195 249 283 255Z" id="g113-126"></path><glyph.data ascent="3473" descent="-2876" horiz-adv-x="347" vert-adv-y="347"></glyph.data></g></svg>;</td></tr><tr><td colspan="2"> </td></tr><tr><td colspan="2">flows</td></tr><tr><td colspan="2">fPath_Src: error source set_speed<svg height="11.5564pt" id="M8" style="vertical-align:-2.26807pt" version="1.1" viewbox="-0.0498162 -9.28833 4.62754 11.5564" width="4.62754pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M293 -169V-141C218 -131 209 -90 209 -44C209 19 222 85 222 152C222 207 198 255 139 269V273C199 286 222 334 222 388C222 454 209 523 209 588C209 632 218 671 293 681V709C234 709 148 695 148 577C147 513 155 438 155 372C155 337 152 291 64 285V256C152 250 155 204 155 169C156 105 148 31 148 -41C148 -157 234 -169 293 -169Z" id="g113-124"></path><glyph.data ascent="3473" descent="-2876" horiz-adv-x="347" vert-adv-y="347"></glyph.data></g></svg>NoValue<svg height="11.5564pt" id="M9" style="vertical-align:-2.26807pt" version="1.1" viewbox="-0.0498162 -9.28833 4.62754 11.5564" width="4.62754pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M283 255V284C195 290 192 337 192 375C192 436 200 508 200 580C200 696 116 709 54 709V681C127 671 139 634 139 588C138 524 125 452 125 387C125 333 149 286 209 272V268C148 253 125 206 125 151C126 87 139 16 139 -47C139 -92 127 -131 54 -141V-169C115 -169 200 -152 200 -41C200 32 192 104 192 164C192 202 195 249 283 255Z" id="g113-126"></path><glyph.data ascent="3473" descent="-2876" horiz-adv-x="347" vert-adv-y="347"></glyph.data></g></svg>;</td></tr><tr><td colspan="2">end propagations;</td></tr></table></td></tr></table>

International Journal of Aerospace Engineering

figbox1

Box 1

Box 1: Architecture Level Safety Analyses for Safety-Critical Systems 