EXPERIMENTS IN MODEL BASED SAFETY ANALYSIS: FLIGHT CONTROLS

Since the ESACS and ISAAC projects, Airbus and Onera have been investigating failure propagation models and more specifically AltaRica model-based safety analysis. This paper presents results and lessons learnt from an industrial system architecture modeling experiment: rudder control system of the Airbus A340–500/600 aircraft. After introducing failure propagation model construction and analysis, the paper focuses on modeling the reconfigurations, the command/monitoring architecture and finally the latent failures. The main advantage of this approach is the improved readability of safety analysis results that facilitates a quick understanding of the system behaviour. This improves the communication between the safety and design communities.