| In modern aviation,the Integrated Modular Avionics(IMA)architecture plays a dominant role in the popular aircraft.The IMA provides the framework for sharing resources for avionics functional applications in an open and safe manner.The aircraft and avionics functions,such as the datalink applications,are implemented as application software hosted in the IMA platform.To ensure the robustness of avionics system,the IMA platform implements partitioning mechanism to provide hosted application software with a segregated partition from both spatial and temporal aspects,preventing the unintended interferes among these applications.Partitioning makes the system design and development more flexible,meanwhile,it introduces more complexity to the software design,changes the existing architecture and the classical methodology of system integration.Furthermore,it impacts the safety of aircraft.To ensure the safety of passengers and aircraft,the design and development of partition software design and development shall follow regulations and standards defined by airworthiness authorities.After a brief introduction of the evolvement of avionics architecture,IMA and partitioning mechanism,civil datalink system architecture and airworthiness certification management,the system safety assessment is performed for the partition software which implements datalink application.A reliability number is allocated to the partition software.The framework of partiton software reliability is proposed,and the failure mode specific to partition software is analyzed to identify the corrective anction and state transition.Furthermore,the Strochastic Petir Nets(SPN)model is established for the partition software reliability quantitative analysis.The method and process described herein is valid for other partition software applications.The main contributions of this dissertation are as following:(1)The optimized system safety assessment process.Due to the deficiencies of current safety assessment processes and existing datalink system architecture,the airborne datalink system architecture addressing the future applications and communication channels osproposed,in which the datalink applications are implemented as partition software.The datalink architecture is refined based on the safety assessment to ensure the safety objectives are met.The reliablity number for partition software is allocated during the process.Comparing to the existing safety assessment process,the optimized process implements the reliabilty objective allocation for partition software,and the failure mode and failure rate of partition software is feedback to the equipment and system level safety assessment process,which improves the classic system safety assessment process.(2)The reliability framework for partition software.The reliability framework of partition software is proposed,addressing the system safety requirements,airborne airworthiness management requirements,partition software specific requirements and normal software reliability attributes.The evaluation parameter system for partition software reliability is established with these qualitative goals and quantitative objectives.The qualitative goals include functional hazards,failure condition classification,function redundancy,design assurance level,failure mode,recovery capability and fault tolarency and the objectives for airworthiness software development etc.The quantitative objectives include the partition software reliablity model and failure rated etc.(3)Reliability modeling and quantitative analysis for partition software.Based on the failure mode and effect analysis for partition software,the Petri nets model for partition software is established with five places(including initial,idle,normal,waiting and error)and eight transitions(e.g.Gernal Processing Module initialization,partition initialization,normal to waiting,waiting to normal etc.)identified.Furthermore,the firing delay of each transition and the associated firing rate is specified.Since the firing delays follow or approximate to exponential distribution,which satisfies the condition for applying the SPN.The SPN model for partition software is achieved,which means the corresponding reachability graph is isomorphic to a finite Continuous Time Markov Chain(CTMC).And then,the isomorphic CTMC is specified,as well as the CTMC transition matrix and state transition equation.The steady probability of partition software in each state can be calculated by solving the state transition equation with the initial state.The probability of the partition software in error state is the failure rate of partition software,which is a function to start time of partition software and failure rate of the General Processing Model(GPM).(4)Lifecycle model for partition software development and the best engineering practice.Regarding for the qualitative goals in the reliability framework of partition software,a development lifecycle model and team organization for developing airworthiness certifiable airborne software are proposed,as well as some suggestions for airborne software development.The effectiveness of the lifecycle model to ensure the reliability of partition software is discussed from the software engineering and quality perspective,some suggestions are proposed to ensure the qualitative objectives for partition software are satisfied by a proper organization following the optimized safety assessment process and software development lifecycle model.The verification methods for verifying the items in partition software reliability framework are proposed.The test environment is established,and then the qualitative goals and quantitative objectives in the reliability framework for partition software reliability is verified by testing and analyzing based on the SPN model and analysis method. |
PDF Full Text Request