Reliability Assessment of IoT-enabled Systems using Fault Trees and Bayesian Networks

Abdulhamid, Alhassan, Kabir, Sohag, Ghafir, Ibrahim, Lei, Ci

18 January 2024

No / The Internet of Things (IoT) has brought significant advancements in various domains, providing innovative and efficient solutions. However, ensuring the safe design and operation of IoT devices is crucial, as the consequences of component failure can range from system downtime to dangerous operating states. Several methods have been proposed to evaluate the failure behaviours of IoT-based systems, including Fault Tree Analysis (FTA), a methodology adopted from other safetycritical domains. This study integrated FTA and Bayesian Network (BN) models to assess IoT system reliability based on components’ reliability data and other statistical information. The integrated model achieved efficient predictive failure analysis, considering combinations of 12 basic events to quantify the overall system’s reliability. The model also enables criticality analysis, ranking basic events based on their contributions to system failure and providing a guide for design modification in order to enhance IoT safety. By comparing failure data in FTA and criticality indices obtained using the BN model, the proposed integration offers a probabilistic estimation of IoT system failure and a viable safety guide for designing IoT systems.

Internet of Things

System safety

Reliability analysis

Fault tree

Bayesian network

Risk assessment

Enabling safety-informed design decision making through simulation, reasoning and analysis

Jensen, David Charles

30 April 2012

While many organizations claim to "put safety first," safety is rarely considered early in the design process when system-level architectural decisions are made. Instead, system design follows an abstraction-to-detail process to first meet functional and then performance requirements. Following this process, safety assurance occurs in the later stages of design through a rigorous expert review process. The significant cost of safety-based redesign and the growing complexity of engineered systems motivates a need for early design-stage fault analysis. This research presents a novel method of including safety into the model-based design and analysis of complex systems using low-fidelity behavior simulations. Specifically, this research demonstrates the adaption of the functional design process to explicitly include the system property of safety in the system representation. Next, early design fault analysis is extended to connect component failure behavior to system-level hazards. Finally, this research develops three methods of results clustering to provide different evaluation metrics of the system design. In summary, this research demonstrates a framework for incorporating safety into early design decision making. This research addresses safety and failure in the design of complex systems incorporating diverse technology domains as found in energy, transportation, and aerospace systems. / Graduation date: 2012

Complex Systems

Design

Safety

Risk

Reliability

Modeling

Engineering design

System safety

Safety factor in engineering

Engineering design -- Decision making

System safety -- Decision making

System design -- Reliability

Lessons from Systems Engineering Failures: Determining Why Systems Fail, the State of Systems Engineering Education, and Building an Evidence-Based Network to Help Systems Engineers Identify and Fix Problems on Complex Projects

Diane C. Aloisio (5929472)

03 January 2019

As the complexity of systems increases, so does what can go wrong with them. For example, the United States Air Force selected McDonnell Douglas’ design for the F-15 Eagle fighter aircraft in 1967 and the aircraft’s first test flight was in 1972, 5 years later. In contrast, the US military selected Lockheed Martin as one of two companies to develop the F-35 Lightning II in 1997 and its first flight was in 2006, 9 years later, and the first production aircraft had its first flight in 2011, 14 years after the selection. This complex program’s problems have been well-documented by the U.S. Government Accountability Office (GAO) and have contributed to the project’s long lead time and skyrocketing budget. GAO reports on other military projects reveal that problems the F-35 project has experienced are shared among all of these projects. In this dissertation I posit that similar problems plague all complex systems engineering projects and that a combination of these problems may lead to negative consequences, such as budget and schedule exceedances, quality concerns, not achieving mission objectives, as well as accidents resulting in loss of human life.<div><br></div><div>Accidents, or unexpected events resulting in loss, have been well-studied over time and we currently have sophisticated theories that help explain how they occur. The leading theory is that most accidents are a result of an accumulation of “mundane” errors at an organization, and that these errors are similar across industries. However, these mundane errors, such as failing to follow procedures and poorly training personnel, occur in all companies, such as companies that design and manufacture military aircraft. My theory is that these mundane errors accumulate in all organizations and result in many different kinds of systems engineering failures, including failures traditionally referred to as “accidents” that result in loss of life, as well as other types of failures which I refer to as “project failures”.<br></div><div><br></div><div>What can be learned from these systems engineering failures? In this dissertation, I begin by mining publicly-available reports to determine whether seemingly dissimilar failures, accidents and project failures, share common causes. I then explain the similarities and dissimilarities between these causes and provide examples from the failures I studied. To help provide systems engineers with actionable advice on these common causes, I describe how I linked the causes to recommendations from accident reports in a cause-recommendation network. I then discuss the results of interviews I held with systems engineers to determine whether the problems I identified in past failures occur in similar ways to the problems they have encountered on their projects. I also discuss the criticisms these systems engineers have about systems engineering education based on the tasks their newly-hired systems engineers struggle with. I explain how I used what I learned about problems in systems engineering that lead to failures to develop survey questions designed to gauge whether systems engineering education at Purdue prepares students to identify and fix these problems. Then, to help systems engineers learn from the data I collected and solve the problems they encounter on their projects, I describe how I built an interactive, web-based tool that presents expert advice on systems engineering failures. I finally explain the results from feedback I received from experts and novices in systems engineering to determine whether this tool could be useful for engineers in this context.<br></div>

Aerospace Engineering

project failure

accident

system safety

survey

systems engineering skills

systems engineering abilities

systems engineering in practice

interview

Design and Implementation of a 200mm 3C-SiC CVD Reactor

Frewin, Christopher L

01 June 2006

Silicon carbide, SiC, is a semiconductor material which has many diverse uses in many of today's leading technologies. The wide band-gap aspect of the material has been utilized to create power and high frequency electronics, its physical hardness enables its use for MEMS devices, and the biological compatibility make perfect for utilization in medical applications. SiC is not a chemical compound normally found in nature and must be artificially generated. One of the methods used for the creation of single crystal, high quality SiC material is provided through the use of a chemical vapor deposition reactor. The University of South Florida currently has a horizontal hot-wallLPCVD reactor used by Dr. S. E. Saddow and his group to grow epitaxial SiC material for research grants by ONR and ARL.These agencies have commissioned the construction of a second LPCVD reactor for the primary purpose of growing 3C-SiC, a specific SiC crystal polytype, and this work describes the fabrication of the new reactor, MF2. This reactor was designed using the first reactor, MF1, as a template, but the design was modified to better facilitate single crystalline growth. The environment of the reactor is a very important consideration for crystal growth, and slight variations can cause critical defect incorporation into the crystal lattice. Many conditioning runs were required to facilitate the epitaxial growth of the different polytypes of SiC, and constant switching of the primary hot-zone required for the growth of hexagonal 4H-SiC and 6H-SiC to the hot zone required for 3C-SiC consumed precious resources and time. The new reactor uses a single primary control to monitor the three most important environmental concerns; hot-zone temperature, gaseous flow, and chamber pressure. The new reactor has been designed to use 100 mm Si substrates instead of the 50mm Si substrate size currently in use by MF1. The construction, testing, and 3C-SiC epitaxial growth on Si substrate capability of a 200 mm 3C-SiC hot-wall LPCVD reactor are demonstrated through this work.

Cubic silicon carbide

Chemical vapor deposition reactor

Control system

Crystal growth

System safety

American Studies

Arts and Humanities

Katalog der Risiken - Risiken und ihre Darstellung

Proske, Dirk

24 September 2008

Die Welt wird beherrscht durch Veränderung. Von den kleinsten Elementarteilchen bis zu den größten Galaxien kann man ein Entstehen und Vergehen beobachten. Diese Regel schließt auch die lebende Materie mit ein. Wir sehen Bäume wachsen oder das Getreide auf den Feldern reifen und wir müssen erkennen, daß auch wir, die Menschen, diesem Gesetz der Veränderung, dieser Vergänglichkeit unterliegen....

Risiko

Sicherheitsbedürfnis

Bauingenieurwesen

Civil engineering

Electric engineering

Engineering geology

System safety

Technology

Technology; Philosophy

Engineering

ddc:300

rvk:QP 300

Cost effective optimization of system safety and reliability / Konstandseffektiv optimering av systemsäkerhet och tillförlitlighet

Bergström, Joakim, Nilsson-Sundén, Hampus

January 2015

A method able to analyze and optimize subsystems could be useful to reduce project cost, increase subsystem reliability, improve overall aircraft safety and reduce subsystem weight. The earlier the optimization of development of an aircraft in the design phase can be performed, the better the yield of the optimization becomes. This master thesis was formed in order to construct an automatic analysis method, implementing a Matlab script, evaluating devices forming aircraft subsystems using a Genetic Algorithm. In addition to aircraft subsystems, the method constructed in the work is compatible with systems of various industries with minor modifications of the script.

cost effective

optimization

system safety

reliability

fault tree

fault tree analysis

reliability block diagram

maltab

excel

optimering

systemsäkerhet

tillförlitlighet

Embaralhamento de pacotes e seleção de antenas como alternativa para aumentar a segurança em redes sem fio / Frame scrambling and antenna selection to increase wireless network security

Chiodi Junior, Marco Antônio

02 March 2016

Neste trabalho, é proposta a utilização de múltiplas antenas de transmissão juntamente com o embaralhamento de pacotes para aumentar a segurança de uma rede composta por dois nós legítimos (Alice e Bob) e um espião passivo, todos eles providos com múltiplas antenas. Levando em consideração o denominado intervalo de segurança (Security Gap) como métrica de desempenho e assumindo um cenário com desvanecimento quase-estático, foi então analisado (analítica e numericamente) o intervalo de segurança em termos de probabilidade de outage e de taxa de erro de pacotes (usando códigos convolucionais), mostrando que em ambas as situações é possível atingir níveis negativos de intervalo de segurança com um número praticável de antenas transmissoras. Além disso, mostra-se que usando uma aproximação para o intervalo de segurança baseado na probabilidade de outage, é possível estimar com precisão o número de antenas em Alice para se atingir um determinado nível de segurança. Também é mostrado que utilizando o esquema de seleção de antena de transmissão juntamente com o método de combinação de razão máxima na recepção (TAS/MRC) com o embaralhamento de pacote, é possível ter os mesmos resultados, ou muito similares, para um caso real utilizando a FER quando comparado com o caso ideal da probabilidade de outage. / In this work, the use of multiple transmitting antennas with frame scrambling is proposed to increase the security of a network composed by two legitimate nodes (Alice and Bob) and a passive eavesdropper, all of them provided with multiple antennas. Considering the so-called security gap as the performance metric and assuming a quasi-static fading scenario, it was evaluated (analytically and through numerical results) the security gap based on both the outage probability and the frame error rate (using convolutional codes), showing that, in both situations, it is possible to achieve negative values of security gap with a feasible number of transmitting antennas. Moreover, it is showed that using an approximation to security gap based on outage probability, one can accurately estimate the number of antennas in Alice needed to achieve a given level of security. It is also showed that using TAS/MRC with frame scrambling, it is possible to get the same results, or almost the same, in a real case using FER when it is compared to an ideal case with outage probability.

Redes locais sem fio

Segurança de sistemas

Engenharia elétrica

Wireless LANs

System safety

Electric engineering

Embaralhamento de pacotes e seleção de antenas como alternativa para aumentar a segurança em redes sem fio / Frame scrambling and antenna selection to increase wireless network security

Chiodi Junior, Marco Antônio

02 March 2016

Neste trabalho, é proposta a utilização de múltiplas antenas de transmissão juntamente com o embaralhamento de pacotes para aumentar a segurança de uma rede composta por dois nós legítimos (Alice e Bob) e um espião passivo, todos eles providos com múltiplas antenas. Levando em consideração o denominado intervalo de segurança (Security Gap) como métrica de desempenho e assumindo um cenário com desvanecimento quase-estático, foi então analisado (analítica e numericamente) o intervalo de segurança em termos de probabilidade de outage e de taxa de erro de pacotes (usando códigos convolucionais), mostrando que em ambas as situações é possível atingir níveis negativos de intervalo de segurança com um número praticável de antenas transmissoras. Além disso, mostra-se que usando uma aproximação para o intervalo de segurança baseado na probabilidade de outage, é possível estimar com precisão o número de antenas em Alice para se atingir um determinado nível de segurança. Também é mostrado que utilizando o esquema de seleção de antena de transmissão juntamente com o método de combinação de razão máxima na recepção (TAS/MRC) com o embaralhamento de pacote, é possível ter os mesmos resultados, ou muito similares, para um caso real utilizando a FER quando comparado com o caso ideal da probabilidade de outage. / In this work, the use of multiple transmitting antennas with frame scrambling is proposed to increase the security of a network composed by two legitimate nodes (Alice and Bob) and a passive eavesdropper, all of them provided with multiple antennas. Considering the so-called security gap as the performance metric and assuming a quasi-static fading scenario, it was evaluated (analytically and through numerical results) the security gap based on both the outage probability and the frame error rate (using convolutional codes), showing that, in both situations, it is possible to achieve negative values of security gap with a feasible number of transmitting antennas. Moreover, it is showed that using an approximation to security gap based on outage probability, one can accurately estimate the number of antennas in Alice needed to achieve a given level of security. It is also showed that using TAS/MRC with frame scrambling, it is possible to get the same results, or almost the same, in a real case using FER when it is compared to an ideal case with outage probability.

Redes locais sem fio

Segurança de sistemas

Engenharia elétrica

Wireless LANs

System safety

Electric engineering

Koncepční návrh moderního avionického systému pro letoun kategorie EASA CS-23 / Modern avionics system architecture for EASA CS-23 airplane

Vaňousová, Jana

January 2018

This master thesis covers with the modern architecture of avionics system for EASA CS-23 AIRPL. The thesis contains EASA CS-23 and EU-OPS analysis and market analysis of avionics systems for this category of aircrafts. The thesis also includes the design of avionics system architecture and its safety and reliability assessment – used tool is Failure Mode and Effect Analysis (FMEA). At the end of the thesis there is assesment of potential attack of the avionics system by third part.

Adapting a system-theoretic hazard analysis method for interoperability of information systems in health care

Costa Rocha, Oscar Aleixo

25 April 2022

The adoption of Health Information Systems (HIS) by primary care clinics and practitioners has become a standard in the healthcare industry. This increase in HIS utilization enables the informatization and automation of many paper-based clinical workflows, such as clinical referrals, through systems interoperability. The healthcare industry defines several interoperability standards and mechanisms to support the exchange of data among HIS. For example, the health authorities, Interior Health and Northern Health, created the CDX system to provide interoperability for HIS across British Columbia using SOAP Web Services and HL7 Clinical Document Architecture (CDA) interoperability standards. The CDX interoperability allows HIS such as Electronic Medical Record (EMR) systems to exchange information with other HIS, such as patients clinical records, clinical notes and laboratory testing results. In addition, to ensure the EMR systems adhere to the CDX specification, these health authorities conduct conformance testing with the EMR vendors to certify the EMR systems. However, conformance testing can only cover a subset of the systems' specifications and a few use cases. Therefore, systems properties that are not closely associated with the systems (i.e. emergent properties) are hard, or even impractical, to assure using only conformance testing. System safety is one of these properties that are particularly significant for EMR systems because it deals with patient safety. A well-known approach for improving systems safety is through hazard analysis. For scenarios where the human factor is an essential part of the system, such as EMR systems, the System-Theoretic Process Analysis (STPA) is more appropriate than traditional hazard analysis techniques. In this work, we perform a hazard analysis using STPA on the CDX conformance profile in order to evaluate and improve the safety of the CDX system interoperability. In addition, we utilize and customize a tool named FASTEN to support and facilitate the analysis. To conclude, our analysis identified a number of new safety-related constraints and improved a few other already specified constraints. / Graduate

system interoperability

system safety

systems theory

hazard analysis

domain-specific language

health information systems

conformance testing

requirements engineering

STAMP

STPA