Advanced Multi-System Simulation Capabilities with AltaRica

摘要

Recently, AIRBUS and ONERA were involved in the ESACS (Enhanced Safety Assessment for Complex Systems)European project. The aim of this project was to investigate new safety assessment techniques based on the use offormal design languages and associated tools. Two case-studies based on AIRBUS aircraft were used to validate theapproach. Both a complete hydraulic system and an electric system were modelled. We also built a model depictingthe two systems and their interconnections and performed a safety analysis focusing on failure propagation.In this paper, we report how the combination of these two medium sized models was assessed and analysed with theAltaRica language. With respect to analysis, we explain how we used Cecilia OCAS, developed by DassaultAviation, a French aircraft manufacturer. Simulation was first performed interactively with graphical views of thesystem that help to understand precisely how failures propagate inside a system as well as between systems. Then weused a model checker that performs symbolically an exhaustive simulation of the system. As a main result, we foundout that these tools and the underlying safety approach were very efficient to assess whether qualitative safetyrequirements are fulfilled by a system design or not.