In order to guarantee the robustness of on-board circuits in critical applications, designers sometimes develop protection systems that are oversized, expensive and in fact unnecessary. This is the case, for example in the aeronautical field, where on-board circuits are subject to particle flows that can lead to serious malfunction. In order to avoid this, engineers tend to consider failure of the circuit itself, whereas a local failure may not have any impact on the system as a whole. “In order to optimise system security, you should consider the impact of a potential fault in one circuit on the whole system, obviously without sacrificing anything in terms of safety”, said Vincent Beroulle, director of the LCIS*.
The objective of the Safe-Air project, run jointly by companies from the Valence area (Thalès Valence and Aedivces Consulting), the LCIS, TIMA** and the Hubert Curien laboratory in Saint Etienne, was to find a method for detecting a problem as soon as it occurs or to prevent it from affecting the system as a whole.
This approach helps optimise solutions and reduce costs by forecasting, right from the start of system design, which parts will be the most critical in order to install local countermeasures. “Systems are usually tested once they have been designed and manufactured, which means that it is often too late to intervene cheaply. ” When designing complex systems, engineers generally use high level system model descriptions enabling them to simulate possible ‘faults’ caused, for example, by high-energy particles. However, since they are designed in order to validate systems operations, these complex models are not appropriate for the introduction of potential faults and are not always realistic in such situations. The method developed by the Safe-Air project enables designers to check their models’ realism by verifying, during the later stages of system development, that the upstream hypotheses have proved correct. And if this is not the case, it provides tools to help them make the models more realistic.
The method has been applied to case studies put forward by the companies involved in the project, particularly in the aeronautical field. “We analysed a sensor-based system that provides information about an aircraft’s speed in order to help manage its flight. We succeeded in identifying the critical parts of the circuit, making recommendations to render them more robust and identifying redundant protective systems, thus optimising costs.” Having a method that automates system robustness analysis helps engineers to demonstrate the quality of their design. The method still needs to be confirmed using other case studies and adopted by companies from other industries.
*System Design and Integration Laboratory.
**Techniques of Informatics and Microelectronics for Integrated Systems Architecture
