Abstract: Provided is a system for safety analysis of failure behavior for a unit including two or more components with at least one inport for receiving failure data and one outport for transmitting failure data, wherein for the analysis of the failures data of the components and/or the unit a safety contract is used, and wherein the safety contract is generated automatically by a model-based safety analysis model comprising separate SAM modules which are related to the components of the unit.

Abstract: A method for generating a fault tree of a multi-component system is provided. The multicomponent system includes a logical-functional system layer and a physical system layer as different layers of abstraction. The physical system layer may correspond, for example, to software and/or hardware implementing the functional aspects of the logical-functional system layer. The method first provides a logical-functional fault tree for the logical-functional system layer and a physical fault tree for the physical system layer, the latter having elements corresponding to elements in the logical-functional fault tree. Next, a mixed-layer fault tree is generated by combining aspects of both fault trees in a systematic way. The disclosed is particularly relevant for analyzing safety-critical systems. However, the present concepts are not limited to these applications and may be applied to general use cases where fault tree analysis is applicable.

Abstract: A computer-implemented method for determining automatically a machine safety and/or a product quality of a flexible cyber-physical production system with a configuration adaptable during a production process including production steps executed by machines forming equipment of a physical factory of the cyber-physical production system to produce a product according to a product recipe, wherein the machine safety and/or product quality are calculated during runtime of the flexible cyber-physical production system by processing a meta-model of the flexible cyber-physical production system stored in a computer readable storage medium, is provided.

Abstract: Sensitivity analysis of failure events associated with components of a technical system is provided. It is possible to determine, for a plurality of components of a technical system configured in accordance with at least one initial design, importance values which are indicative of a dependency of at least one non-functional specification of a plurality of non-functional specifications of the technical system configured in accordance with the at least one initial design on a change of the technical system with respect to the components of the plurality of components. The method further includes determining a further design of the technical system based on the at least one initial design, the importance values, and a predefined function describing a joint quality score of the plurality of non-functional specifications for the technical system being configured in accordance with a respective design of the technical system.

Abstract: The computer-implemented method for testing a technical system having a plurality of technical components includes: providing a safety model modeling a safety relevant functionality of the technical system, providing a test model including test cases for testing the technical system, linking elements of the safety model with elements of the test model for enabling a tracing between the test cases of the test model and the safety-relevant functionality of the safety model, generating test parameters for at least one certain test case of the test cases and/or a new test case for the test model using the safety model linked to the test model, and testing the technical system using the certain test case and/or the new test case. Further, a computer program product, a computerized device and an arrangement having a technical system and a computerized device are provided.

Abstract: Provided is a computer-implemented method for controlling an operation of a technical system automatically, including at least the steps of: acquiring information about a modified configuration of at least one sub-system included in the technical system; generating a virtual model of the technical system including the at least one sub-system with the modified configuration for an evaluation of the operation; adjusting the virtual model to provide a control instruction for the operation of the technical system, wherein the adjusted virtual model is configured to compare an evaluation value acquired from the evaluation with a target requirement in a cryptographic and to derive the control instruction based on the comparison; and controlling the operation of the technical system based on the control instruction.

Abstract: The computer-implemented method for testing a technical system having a plurality of technical components includes: providing a safety model modeling a safety relevant functionality of the technical system, providing a test model describing test cases for testing the technical system, linking elements of the safety model with elements of the test model for enabling a tracing between the test cases of the test model and the safety-relevant functionality of the safety model, testing the technical system using at least one of the test cases generated based on the test model linked with the safety model, and analyzing the testing for providing coverage criteria for the safety-relevant functionality. Further, a computer program product, a computerized device and an arrangement having a technical system and a computerized device are suggested.

Abstract: A method for generating a fault tree of a multi-component system is provided. The multicomponent system includes a logical-functional system layer and a physical system layer as different layers of abstraction The physical system layer may correspond, for example, to software and/or hardware implementing the functional aspects of the logical-functional system layer. The method first provides a logical-functional fault tree for the logical-functional system layer and a physical fault tree for the physical system layer, the latter having elements corresponding to elements in the logical-functional fault tree. Next, a mixed-layer fault tree is generated by combining aspects of both fault trees in a systematic way. The disclosed is particularly relevant for analyzing safety-critical systems. However, the present concepts are not limited to these applications and may be applied to general use cases where fault tree analysis is applicable.

Abstract: Various embodiments include modeling a component fault tree for a circuit with an input-side and an output-side component. These include using a fault tree corresponding to a hazard for each respective component, obtaining information about the components of the circuit and a connection between components, and connecting the respective fault trees based on the circuit description. Each fault tree includes an input fault mode or a basic event and an output fault mode. The output fault mode and the input fault mode are each assigned to a component terminal. An output fault mode of the input-side component tree is connected to an input fault mode of the output-side component tree if: there is a connection between the assigned terminal of the input-side component and the output-side component and the output fault mode of the input-side component correlates to an input fault mode of the output-side component.

Abstract: A computer-implemented method and an apparatus for determining an optimal system configuration out of a plurality of candidate system configurations j is provided.

Abstract: A method for modelling technical systems having a plurality of technical components, including the step of assigning a component Markov chain to each component having a Markov chain for representing various states of the respective component, at least one input one failure mode for externally triggering a transition from one state of the Markov chain into another state of the Markov chain, and at least one output failure mode to each Markov chain for propagating failures to other components, is provided.

Abstract: Modeling a multi-component control or actuator system using a fault tree is provided, which solves the problem of ring closures included in a fault tree. To identify ring closures, failure propagation paths are back-traced and is checked if the respective failure propagation path forms a ring closure.

Abstract: Provided is an application of the described (or similar) decision-theoretic approaches to ensure the quality, output and timeliness of manufactured products for flexible and adaptable production systems, by determining and integrating suitable quality assurance measures which are integrated into the production process in an optimal manner. Thereby, a pareto-optimal sequence of production steps and quality assurance mechanisms are determined that provides an optimal trade-off between target product quality, production time and production costs. Since the approach is performed in an automated way, it can even be performed for flexible production scenarios down to a production of lot size I.

Abstract: A computer-based method for automated hazard detection for a technical system, the method includes the step of selecting an output failure mode of a component of a component fault tree of the technical system as a top level hazard. The computer-based method includes the step of generating a hazard information tree by means of a subtree of the component fault tree, wherein the subtree is selected by means of the top level hazard, wherein the subtree is modified by removing predefined nodes from the subtree and by enhancing output failure modes of the subtree with information from which component the output failure modes originate, wherein the modified subtree is saved in a memory unit as hazard information tree. The computer-based method includes the step of evaluating the hazard information tree, and providing a control signal comprising a result of the evaluation.

Abstract: A computer-implemented method and device for resolving closed loops in automatic fault tree analysis of a multi-component system is provided. Also provided is a method for resolving closed loops in automatic fault tree analysis of a multi-component system, the closed loops corresponding, for example, to closed-loop control circuitry of a multi-component device. The closed loops are first identified in a top-down approach within failure propagation paths. Next, the loops are resolved by setting each loop interconnection to Boolean TRUE, adjusting the fault tree in a specific way and finally setting each loop interconnection to Boolean FALSE. Embodiments of the invention are relevant for analyzing safety-critical systems. However, the present concepts are not limited to these applications and may be applied to general use cases where fault tree analysis is applicable. The proposed solution advantageously provides a method that features linear complexity.

Abstract: Provided is a method and system for identifying and evaluating common cause failures of system components, wherein at least one analytical artifact and machine readable system related to at least one of spatial, topological data and machine readable system related lifecycle data are processed to analyze automatically a susceptibility of system components to common cause failure based on common cause failure influencing factors.

Abstract: A method for modelling technical systems having a plurality of technical components, including the step of assigning a component Markov chain to each component having a Markov chain for representing various states of the respective component, at least one input one failure mode for externally triggering a transition from one state of the Markov chain into another state of the Markov chain, and at least one output failure mode to each Markov chain for propagating failures to other components, is provided.

Abstract: Provided is a method for determining at least one indication of at least one change, having the steps of receiving at least one input data record having the at least one change and associated data, and determining the at least one indication of the at least one change by applying a learning-based approach to the at least one received input data record. The invention is also directed to a determination unit and a computer program product.

Abstract: Provided is a system for safety analysis of failure behavior for a unit including two or more components with at least one inport for receiving failure data and one outport for transmitting failure data, wherein for the analysis of the failures data of the components and/or the unit a safety contract is used, and wherein the safety contract is generated automatically by a model-based safety analysis model comprising separate SAM modules which are related to the components of the unit.

Abstract: A computer-based method for generating a component fault tree for a technical system is provided, including loading a data model of a failure mode and effect analysis for the technical system, generating for each component of the technical system a component element for the component fault tree, wherein component output ports of the component elements are connected to input ports of the component elements, generating for each component of the data model a component fault tree element for the respective component element, wherein each component fault tree element is associated with the respective component element, generating for each failure effect of a failure mode of a component of the data model an output failure mode for the respective component fault tree elements, and generating for each failure mode of the component of the data model a basic event for the respective component fault tree elements.