Correctness, Modeling and Performance of Aerospace Systems
About FAME
FAME Process
FAME Process
Analyze user requirements
Involved
System Engineers
Start
Begin of System Phase B
End
Before System SRR
Process objectives
Collect and analyze all the user requirements contained in SRD and OIRD that
impact the FDIR to derive the objectives of the FDIR and define the impacts
they will have on the S/C design from system level down to unit level.
Highlight possible limitations.
Tool Support
System Modeling & Fault Extension: Modeling nominal and faulty behavior
Formal Analyses: Derive requirements on the design of FDIR
Mission Modeling: Definition of phases, modes, and S/C configurations
Define partitioning / allocation
Involved
FDIR Engineers
Start
After System SRR
End
System PDR
Process objectives
Allocate RAMS and Autonomy Requirements contained in SOFDIR per Mission
Phase/Spacecraft Operational Mode in order to define FDIR approach and
Autonomy Concept during different mission phases/Spacecraft Operational Mode.
Model spacecraft FDIR architecture including all the involved subsystems
(avionics, payload, etc).
Tool Support
System Modeling: Modeling of FDIR, context, scope, architecture
Formal Analyses: Derive and collect FDIR requirements
FDIR objectives and strategies
Involved
FDIR Engineers
Start
After System SRR
End
System PDR
Process objectives
Specify FDIR Objectives at system-level specification in FOS and FDIR Strategies at subsystem level in FSS by using
FDIR Analysis and TFPM Analysis Report.
Design FDIR in the various subsystems, software and database on the base of
FDIR Reference Architecture.
Tool support
FDIR Modeling & Synthesis: Modeling / Synthesis of FDIR components
Formal Analyses: FDIR effectiveness validation
Implement FDIR, validate and verify
Involved
S/S Engineers, Testing Engineers
Start
S/S PDR
End
System QR
Process objectives
Implement FDIR in hardware or software and validated and verified respect to
specifications.
Tool support
Contract-based generation of test suites (future work)
FAME Environment
The following figure shows the general workflow in the FAME Environment.
FAME Environment
A central component of the FAME process are timed failure propagation models.
The specific models that are used in the FAME environment are TFPGs (Timed
Failure Propagation Graphs).
The following is a simple example for a system for which a TFPG was derived.
System Example (Battery-Sensor)
Generators powering batteries, in turn powering sensors