1 / 27

ESA PetriNet: Petri Net Tool for Reliability Analysis

SMC 2009. ESA PetriNet: Petri Net Tool for Reliability Analysis. Romaric Guillerm , Nabil Sadou, Hamid Demmou. LAAS-CNRS. 14 Oct. 2009. Outline. General Context and Motivation System Modelling Feared Scenario Deriving Algorithm The Tool: ESA PetriNet Case Study Conclusion.

heidi
Download Presentation

ESA PetriNet: Petri Net Tool for Reliability Analysis

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SMC 2009 ESA PetriNet: Petri Net Tool for Reliability Analysis Romaric Guillerm, Nabil Sadou, Hamid Demmou LAAS-CNRS 14 Oct. 2009

  2. Outline • General Context and Motivation • System Modelling • Feared Scenario Deriving Algorithm • The Tool: ESA PetriNet • Case Study • Conclusion

  3. General Context • Complexity of embedded system • Integration of mechanic, hydraulic, electric, electronic and information technologies • Existence of reconfigurations to maintain the system in safe degraded states • Hybrid aspect (both discrete and continuous) • Complexity of the modelling • Complexity of safety analysis

  4. Motivations • Why searching for critical scenarios? • To evaluate safety as soon as possible during the design phase • To minimize the cost and the time of design • What is a feared scenario? • List of events which leads from a normal operating state to a feared one with a partial order relation between these eventsThe order of occurrence of the events is important !

  5. System Modelling • Hybrid aspect: • Continuous dynamic: energetic system (differential equations) • Discrete dynamic: operation mode, failure and reconfiguration mechanisms (Petri net) • Use of Petri nets with a temporal abstraction temporal Petri nets • The discrete part is deal with the Petri net structure and the continuous part is deal with the temporal aspect (through a temporal abstraction)

  6. t4 F G t3 interlacement F F G t31 t31 t32… t21 I1 I1 t41 F1 t41 t11 Petri nets player A D partial orders t t C 1 2 … B E Algorithm F1 I1 A D C t11 t21 E B F2 I2 Feared Scenario Deriving Algorithm • Algorithm: • Automatic method for deriving feared scenarios. • It is not a classical Petri nets player. • It is a player based on linear logic which guides the construction of partial order. It avoids the state space explosion.

  7. Feared Scenario Deriving Algorithm It is done on four steps: • Determine the normal states: The places that when marked represent a normal operation states. These ‘normal’ places will be used as stop criteria for the backward reasoning. • Determine the target state (partial feared state or state to be analysed): It can be either a partial feared state or another partial state with a direct or indirect link to the feared state (Simulation, PHA).

  8. OKe de OK1 OK2 OKS r2 r2 rS dS d1 re d2 Obj4 – alimentation KOe KO1 KO2 KOS Obj2 – satellite 2 Obj3 – ground station Obj1 – satellite 1 3. Backward Reasoning • Starting from the feared state in the reversed Petri net: • The goal is to determine the normal states from which the system goes to the feared state. • Only the necessary transitions are fired. • The objects are introduced progressively. • Normal ‘conditioning’ states are the stop criterion. Potentially enabled transition Marking enrichment

  9. OKe de OK1 OK2 OKS r1 r2 rS dS d1 re d2 Obj4 – alimentation KOe Obj2 – satellite 2 Obj3 – ground station Obj1 – satellite 1 KO1 KO2 KOS 4. Forward Reasoning • Starting from the conditioning state in the initial Petri net: • Analysis of the bifurcations (transition conflict in the Petri net) between the normal behavior and the feared one. • Determination of the complete context of the feared state. • Scenario deriving Initial Marking : IM1=OKs OKe KOe OKe KOe I1 de F2 KOs OKs ds I2 F1

  10. The Tool: ESA PetriNet • Web link: http://www.laas.fr/ESA

  11. Example – Presentation • 2 main tanks • 1 electrovalve for each tank • 1 relief electrovalve shared between the 2 tanks Volume regulation system of two tanks Objective: To keep the volume of each tank inside the interval [Vimin, Vimax] Interest: Overflow of the tank 1

  12. Example – Modelling • “tank” class: tank1 tank2

  13. Example – Modelling • “electrovalve” and “relief electrovalve” classes: EV1 EVS EV2

  14. Example – Scenarios Research • Research of the feared scenarios with the Petri net modelling: • Feared state: overflow of the tank 1

  15. Example – Scenarios Research

  16. Conclusion • The approach that we have presented in this paper is the deriving feared scenario method in hybrid systems. • The T-temporal Petri net modeling approach allows to address the two aspects separately: • The discrete aspect by linear logic, through the Petri net structure • The continuous aspect by temporal abstractions, through the t-temporal aspect. • The extraction of the feared scenarios is automated by a tool: ESA PetriNet - temporal edition • But the great disadvantage of the approach is the temporal abstraction required for the system modelling…

  17. Further Information… • … We have developed another new approach based on Differential Predicate Transition Petri net (DPT Petri net). • The DPT Petri net modelling approach, in which the continuous and the discrete parts are represented by two different formalisms, allows to address the two aspects separately: • The discrete aspect by linear logic • The continuous aspect by local simulation of the differential equations. • The causal relations are determined by combining the initial deriving feared scenarios algorithm (discrete simulator) and a differential equations solver (continuous simulator). • These two simulators evolves alternatively, the discrete simulator determines the state changes according to the timed data transmitted by the continuous simulator.

  18. Thank you for your attention ----- Questions? http://www.laas.fr/ESA SMC 2009

  19. Annexes Hybrid Edition of ESA PetriNet

  20. Differential Predicate Transition Petri Nets (DPT Petri Nets) • The main features to take into account the continuous part are : • A set of variables (xi) is associated with each token. • A differential equation system (Fi) is associated with each place (Pi): • An enabling function (ei) is associated with each transition (ti): . It triggers the firing of the enabled transitions. • A junction function (ji) is associated with each transition (ti): . It defines the value xi associated with the tokens of the output places

  21. Continuous Scenario Deriving Algorithm • The discrete algorithm is limited to discrete systems or hybrid systems in which the continuous dynamic is approximated by temporal abstraction • To deal with continuous dynamic, it is necessary exploit directly the hybrid model • Combines the Discrete Scenario Driving Algorithm with differential equation solver

  22. Continuous Scenario Deriving Algorithm Algorithm Solver Configuration change Definition of the equations to integrate List of the enabled transitions List of enabling functions to keep a watch on List of junction functions to keep a watch on P1 t1 P2 Execution of the junction functions T2<T3 Integration of the equations t3 t2 Dates of firing of the transitions P3 P4 T2 T3

  23. Example – Presentation • 2 main tanks • 1 electrovalve for each tank • 1 relief electrovalve shared between the 2 tanks Volume regulation system of two tanks Objective: To keep the volume of each tank inside the interval [Vimin, Vimax] Interest: Overflow of the tank 1

  24. Example – Modelling • “tank” class: Variables associated to places: XV1_cr = {v1} ; XV1_dec = {v1} ; XV1_dec_s = {v1} Enabling functions: eT11: v1=V1max=110 eT12: v1=V1min=90 eT14: v1=V1L=115 eT15: v1=V1min=90 eT13: v1=V1S=120 Junction functions: jT11=jT12=jT13=jT14=jT15=O Differential equations: FV1_cr: Dv1=0.017 FV1_dec: Dv1=-0.017 FV1_dec_s: Dv1=-0.017 tank1

  25. Example – Modelling • “electrovalve” and “relief electrovalve” classes: ev1 evs

  26. Example – Scenarios Research • Research of the feared scenarios with the Petri net modelling: • Feared state: overflow of the tank 1

  27. Example – Scenarios Research

More Related