Abstract One approach to achieving fault tolerance in a complex engineered system is to include within it an automated Fault Management (sub)System (FMS), in addition to conventional monitoring by human operators. The FMS assists in ensuring an appropriate response to component failures by generating commands to switch system resource usage, control mode, redundancy etc on the basis of sensor data. The specification of the required logical behaviour of the FMS must be derived from a consideration of the total system behaviour in the nominal case and under failure assumptions and should be compatible with operational procedures demanded from human operators. This typically leads to significant levels of complexity due to the proliferation of possible system states. A recently developed computer-based tool, called Integrated Fault Management Environment (IFME), addresses this problem. IFME provides a graphical interface for specifying hierarchical system structure, interdependencies and logical behaviours. The defined logical system model may then be subjected to various analyses supported by the toolset, including batch-type and interactive simulation, diagnostic rule induction, Failure Mode Effects Analysis (FMEA) and operations procedures design. The logic (or qualitative) modelling approach is evaluated and placed in the context of conventional systems and control engineering techniques.
[1]
Danny A. Pearce.
The Induction of Fault Diagnosis Systems from Qualitative Models
,
1988,
AAAI.
[2]
Randall Davis,et al.
Diagnostic Reasoning Based on Structure and Behavior
,
1984,
Artif. Intell..
[3]
Farnam Jahanian,et al.
A Method for Verifying Properties of Modechart Specifications
,
1988,
RTSS.
[4]
D. K. Hitchins,et al.
IEE draft guide to the practice of system engineering (third draft)
,
1992
.
[5]
Nancy G. Leveson,et al.
Software Requirements Analysis for Real-Time Process-Control Systems
,
1991,
IEEE Trans. Software Eng..