代写Coursework for 661985 – Safety Critical Systems代写Python语言

Portfolio for Safety-Directed Design of a Brake-By-Wire System for Car

Coursework for 661985 - Safety Critical Systems

The Portfolio explores the iterative design of a Brake-By-Wire (BBW) system for cars.

There are two parts to this assignment. Part 1 is worth 40% of the assignment and Part 2 is worth 60% of the assignment.

You will analyse this architecture using Fault Tree Analysis and Markov Models and you will be asked to reflect on results. The tasks involve logical analysis and a small component of programming.

The proposed architecture for the system is given in Figure 1 below:

Figure 1. The proposed architecture of the BBW system

System Specification

•    The BBW features separate braking on each wheel.

•    All components of the system are powered by a common power supply (PS).

•    An electromechanical pedal (PL) receives the braking demand from the driver and sends this as message (PLm) to three pedal nodes PN1, PN2, and PN3.

•    From each pedal node PNX (where X:1…3) two replicas ofthe message PNXm are sent by the pedal node to busses B1 and B2.

•    Wheel nodes WN1 and WN3 each read the three messages PNXB1m from bus B1 and Wheel nodes WN2 and WN4 read the three messages PNXB2m from bus B2.

•    As long as one of the messages is received a wheel node can create the braking output applied to the corresponding wheel (WN1b ... WN4b).

Failures

Each component in this system has only one failure mode that shares the name of the component. For example:

•    The failure mode of component PS is PS

•    The failure mode of component B1 is B1

The failure mode of each component leads to omission of all outputs. For example:

•    If PS fails, you get O-p (Omission of p)

•    If PN1 fails, you get O-PN1m on both busses

In the absence of component failures, all four wheels apply the braking output and the car brakes correctly. When components fail, the system may fail to brake on one or more wheels. The effects vary depending on the number of wheel failures. For example:

•    If one wheel fails to brake, or three wheels fail to brake, the car is likely to  skid off its course. In this case, to correct the skidding failure, an electronic stability program could release the wheel that is diagonal to the wheel that fails to brake. The car then brakes slowly, and the stopping distance is increased.

•   If all wheels fail, then the car experiences catastrophic loss of braking.

The assignment tasks follow in two parts:

•    Part  1: Safety Analysis and Iteration of Design. This part assesses the material taught by Prof. Papadopoulos in the first part of the course

•    Part 2: Reliability Analysis and Iteration of Design. This part assesses the material taught by Dr Aslansefat in the second part of the course.

Part 1 - Safety Analysis and Iteration of Design

Part 1 is worth 40% of the Portfolio mark.

Based on the design given for the BBW in Figure 1 and its specification:

1.   Draw, or alternatively specify clearly using a set of logical expressions, a fault tree for the event “Omission of braking output by WN1”, i.e. for the event O-WN1b (10 marks).

2.   Calculate the minimal cut-sets of the fault tree (10 marks).

3.   Identify components that are single point of failure (5 marks).

4.   Based on the cut-sets, describe weaknesses and strengths ofthe system (5 marks).

5.   Draw, or alternatively specify clearly using a set of logical expressions, a fault tree for the “Loss of  braking in all three wheels W1, W2 and W3” that will cause skidding. Name the top event “OW123” (5 marks).

6.   Calculate the minimal cut-sets for this tree (5 marks).

Notes:

• Explain your solutions in [1-6] above with a short paragraph of text to show your understanding. Avoid verbosity. Up to 30% of marks will be deducted for lack of explanation.

• Fault trees should be constructed systematically by traversing the model of the system architecture and applying the algorithm taught in the course. Unsystematic, simplified, fault trees that somehow capture the failure logic correctly will be awarded less marks. If the calculation of cut-sets that follows from such simplified fault trees is trivial, it will be awarded less marks.

•    For clarity, in your fault trees, use the names of components, messages and component failure modes as displayed in Figure 1. Marks will be deducted if you use names that don’t correspond to the figure.

•   To avoid repetition of branches, expand the branch that is repeated only once and use references to the top event of this branch elsewhere. Marks will be deducted if you  unnecessarily expand repeated branches.

•    You may use HiP-HOPS or any other tool available free on the internet to construct the fault tree or calculate cutsets. However, make sure that you answer the questions. Fault trees must be drawn as graphs using the guidelines given above. Calculations of cutsets must be explicit, contain all logical steps, and explained. Tools will not necessarily do these things for you.

•    Graphs could be produced in a fault tree analysis or drawing tool. However, hand-drawn images photographed and carefully embedded in a report are acceptable as long as they are clear, and any symbols or text are clearly readable.

Part 2 -Dynamic Reliability Analysis of the BBW

Part 2 is worth 60% of the Portfolio mark.

Based on the design given for the BBW in Figure 1 and its specification, you will analyse the architecture using Markov Models. Calculation of reliability involves some coding. Note that the system description, failure modes, and behaviours in conditions of failure (e.g. Skidding) remain exactly as described earlier in the specification of the system.

Further assumptions that underpin reliability analysis are as follows:

•    It is assumed that all components have two states Operational and Failed.

•    It is assumed that the system is completely healthy at the starting point.

•   The failure distribution of all components is exponential with a constant failure rate.

Based on this design and the assumptions solve the following tasks:

7.   Only consider the independent failure modes ofthe 4 Wheels in the BBW, and assume that the rest of the system is perfect. Each single wheel failure leads the BBW to hazardous states of asymmetrical braking. In each of the 4 cases, skidding prevention is applied by locking the diagonal wheel leading the system to a corresponding recovery state with reduced braking capacity. We assume that the skidding prevention mechanism is perfect, i.e. the probability of its failure is zero. We also assume that any further wheel failure from asymmetrical braking or recovery states will lead the BBW to a single terminally failed state. Draw a Markov model and explain the model construction procedure (10 marks).

8.   Consider that in  [7], all wheels have the same failure rate of 0.0001 failures per hour. Provide a Python code to calculate and visualise the reliability curve for 2000 hours (10 marks).

9.   Only consider the failure modes of PL, PN1, PN2, PN3 and PS, assuming that the wheels are perfect. Draw a Markov model which shows how the system moves into a state of complete loss of braking and explain the model construction procedure (10 marks).

10. Consider that in [9], all failure modes have the same failure rate of 0.000623 failures per hour. Provide a Python code to calculate and visualise the reliability curve for 900 hours. (10 marks).

11. Consider only failure modes of B1 and B2, and assume that all other components are perfect. Also, assume that the busses are repairable with a failure rate of 0.0002 failures per hour, and a repair rate of 0.01 repairs per hour. Construct a Markov model to evaluate the Availability and MTBF of the bus subsystem of the two busses. Provide a Python code for steady-state availability and MTBF calculation (10 marks).

12. Consider only the failure modes of PN1, PN2 and PN3. Assume that all other components are perfect. Only focus on the reliability of pedal nodes, and explain how it can be improved using a reconfigurable Triple Modular Redundancy (TMR) architecture with one hot standby redundancy (see Figure 2). Apply the fixed  failure rate  of 0.000432  failures per  hour to  all components. Construct a Markov model to evaluate the reliability of the Pedal Node subsystem consisting of the three PN nodes with the new architecture. Provide a Python code for reliability calculation and visualise the reliability curve for 3850 hours (10 marks).

Figure 2, Reconfigurable TMR with Hot Standby Spares

Notes:

• Explain your solutions in [7-12] above with a short paragraph of text to show your understanding. Avoid verbosity. Up to 30% of marks will be deducted for lack of explanation.

•   For computational problems [8, 10, 11 and 12], submit your Python code in separate files. These files should be named according to the question number (e.g., Question8.py, Question10.py, etc.). Please ZIP the files with the final report and submit it as a single-file submission.

• Ensure your code is runnable. If your code cannot be executed due to errors, it will be examined manually, and marks will be awarded based on the effort and correctness of the approach.