SALLAK Mohamed

In this thesis, we asked ourselves the following question: "What is the probability of occurrence of an undesirable event if the probabilities of occurrence of its basic events are imprecise? In other words, if these probabilities are given as intervals. In trying to answer this question we realized that the difficulty comes from the non-coherence of the fault tree structure, except that taking into account non-coherent fault trees creates a real computational challenge and answering this challenge was the main motivation of this thesis. On the other hand, non-coherent fault trees also create a challenge in the calculation of importance factors. Concerning this point, a research work is necessary, whether the probabilities of occurrence of the basic events are imprecise but also when they are precise. We propose two methods to calculate the probability of occurrence of an undesirable event. The first one is developed in the framework of the theory of belief functions and is based on binary decision diagrams. As for the second one, it is given in the framework of the theory of imprecise probabilities and it allows to give satisfactory results in a relatively short time (the same time that would have been taken if the probabilities were precise). We also propose a reinterpretation of the Birnbaum importance factor which is defined only for the basic events of a coherent fault tree. This reinterpretation allows to extend this factor in a trivial way to non-coherent fault trees.

No summary available.

The recent need for connectivity in railways introduces new security threats that are managed separately from traditional safety risks. We establish a state of the art around the combination Safety/Security their interactions and methods to manage these risks jointly.

The recent need for connectivity in railways introduces new security threats that are managed separately from traditional safety risks. We establish a state of the art around the combination Safety/Security their interactions and methods to manage these risks jointly.

Dependability (SoF) has become a necessity in the industrial world during the 20th century. SoF is a field of activity that proposes ways to increase system attributes in a reasonable time and at a lower cost. In systems engineering, SoTL is defined as the property that allows system users to place justified confidence in the service it provides and is a measure of a system's availability, reliability and maintainability, and the performance of maintenance support, and, in some cases, other characteristics such as durability, safety and security. The concept on which our work is based is textbf availability. A(t) availability is the ability of a system to be operational at a specific time. The cost of a high availability system is very expensive. The designer must make a trade-off between availability and economic costs. Users may reject unsafe, unreliable or unsecure systems. Therefore, any user (or industry) will ask this question before having a product: "What is the optimal product on the market?" To answer this question, we must combine the following two points: - The best availability of the system: the user wants a product that lasts as long as possible. - The best cost of the system: the user wants a product that does not cost him a fortune. The calculation of availability is mainly based on the knowledge of failure rates and repairs of the system components. The availability analysis allows to calculate the capacity of a system to provide a required level of performance according to the level of degradation. Several methods have been used to calculate the availability of a system, including the Universal Generator Function (UGF), the inclusion-exclusion technique, Markov models, etc. These methods use different probabilistic techniques to evaluate this criterion, but these proposed approaches remain effective only for very specific cases, for example the cases of binary systems. A binary system is a system where two cases are possible: perfect operation and total failure. While multi-state systems (MSS) considerably restrict the application of most of these methods. In real life, systems correspond to EMS. In such scenarios, systems and their components may operate at different performance levels between the perfect operating state and the total failure state. However, the availability assessment of EMSs is more difficult than in the binary case, as different combinations of component failure modes must be considered. Throughout this thesis, we are looking for a method that helps us to calculate and optimize the availability of EMS taking into account the cost factor.

Several European actors of railways and GNSS (Global Navigation Satellite System) are committed to develop a safe on-board train positioning system including satellite localization technologies to enable the ETCS (European Train Control System) to manage rail traffic more efficiently. Known risky situations can arise when operating this system, especially when GNSS signals are disturbed. No robust predictive error model exists today to characterize degradations due to local propagation phenomena around the train reception antenna. Different failure detection mechanisms are available to mitigate risks. Nevertheless, such available processes still suffer from safety flaws mainly due to strong model hypotheses on error distributions associated to system measurements. Recent European projects on GNSS have adopted the existing apportionment principles to allocate safety targets, in terms of tolerable hazard rates (THRs), to functions managing feared events due to GNSS. However, the top-down analysis of the allocation process imposes strong requirements for the developed (or in development) dedicated mechanisms. The paper proposes an original method for handling THRs no longer as crisp values but as intervals to take into account both aleatory and epistemic uncertainties of the models used for failure detection and the environmental effect. The proposed allocation methodology based on the common Fault Tree Analysis and interval propagation methods considers model and data uncertainties adding versatility to the allocation method recommended by the standard EN50126.

No summary available.

In order to remain highly competitive, industrial companies found their business strategies on the quality and the cost of the product/service they deliver to their clients. Therefore, it is crucial for them to guarantee the availability and reliability of their industrial equipment through maintenance. However, while applying maintenance, industrials face a major issue: what is the optimal maintenance strategy to adopt in order to minimize the total cost of maintenance while maintaining an acceptable level of system availability? In this paper, we answer this question by proposing an optimization approach that takes in consideration the various costs related to maintenance and integrates them in a global cost function to minimize. A critical threshold of the remaining useful life under which the system should be replaced is identified, as well as an inspection step giving the regularity with which the system should be inspected. We then illustrate the approach with an example: a mechanical bearing system of a train motor subject to degradation and to monitoring. This example has allowed us to determine the remaining useful life threshold as well as the number of inspections that minimize the total cost of maintenance.  Index Terms-remaining useful life, weibull distribution, cost optimization, predictive maintenance, rolling bearing system.

The challenges of automating socio-technical systems are strongly linked to the strengths and limitations of technical and human resources, such as perceptual characteristics, cooperative capacities, job-sharing arrangements, modeling of human behavior and the contribution of innovative design approaches. Automation Challenges of Socio-technical Systems exposes the difficulties in implementing and sustaining symbiosis between humans and machines in both the short and long terms. Furthermore, it presents innovative solutions for achieving such symbiosis, drawing on skills from cognitive sciences, engineering sciences and the social sciences. It is aimed at researchers, academics and engineers in these fields.

One of the undeniable steps in the safe design of systems is the problem of choosing the best system configuration in the most effective way so as to maximize the overall system availability and to minimize the overall system cost. The main objective of our paper is to propose a methodology of optimization of the availability of multi-states systems with multi-states components in presence of both aleatory and uncertainties. The problem is formulated as follows: let us consider several configurations of a system, each configuration consisting of components with several states of working and imprecise failure and repair rates provided in form of intervals. The objective is to find the best configuration regarding the system availabilities and costs. We first compute the imprecise steady availability of each configuration by using an original method based on Markov approaches combined with interval contraction techniques. We also compute the overall cost of each configuration. When having the availability and the cost of all the configurations, the idea is to define an objective function in terms of cost, lower and upper bounds of availability, and imprecision (length of availability interval). Then, this function is computed so that we have the best configuration according to our criterion. To illustrate our proposed methodology, we will propose a use-case describing a system formed of n components, and each component has different degraded states from perfect functioning to total failure. Each configuration of the system will have a different structure (parallel, series, series-parallel, complex,…), with different choices of component characteristics (imprecise failure and repair rates). Then, according to different criteria as high availability, low cost, or low availability imprecision, we will propose the best system configuration.

The graphical representation of the expert system in the form of a valuation-based system enables an easy use of variables and their relationships, and consequently simplifies their use for analysts and non-experts. This chapter begins with an overview of the Performance shaping factor based human Reliability assEssment using vaLUation-baseD systEms (PRELUDE) methodology. PRELUDE is a human reliability analysis methodology. The chapter introduces a case study where the suggested methodology is used for the retrospective analysis of a real railway accident scenario. The complete methodology is made up of a qualitative section that considers human factors specifically related to one type of field or application, as well as a quantitative section that builds an expert system, formalizing expert knowledge and providing a frame for formal decision-making. Human reliability analysis provides decision-making skills by presenting quantitative results as probability intervals – the estimation of the probability of human failure error.

The implementation of a predictive maintenance policy is a major challenge in the industry which tries to reduce as much as possible the costs related to maintenance. Indeed, the systems are more and more complex and require a more and more thorough follow-up in order to remain operational and secure. Predictive maintenance requires on the one hand to evaluate the state of degradation of the system components, and on the other hand to predict the future occurrence of a failure. More precisely, it is a question of estimating the time remaining before the arrival of a failure, also called Remaining Useful Life or RUL in English. The estimation of a RUL is a real challenge because the relevance and effectiveness of maintenance actions depend on the accuracy of the results obtained. There are many methods allowing to realize a residual life prognosis, each one with its specificities, its advantages and its disadvantages. The work presented in this manuscript focuses on a general methodology to estimate the RUL of a component. The objective is to propose a method applicable to a large number of different cases and situations without requiring major modifications. Moreover, we also seek to treat several types of uncertainties in order to improve the accuracy of the prognostic results. In the end, the developed methodology constitutes a decision aid for the planning of maintenance operations. The estimated RUL allows to decide on the optimal moment of the necessary interventions, and the treatment of uncertainties brings an additional level of confidence in the obtained values.

One of the undeniable steps in the safe design of systems is the problem of choosing the best system configuration in the most effective way so as to maximize the overall system availability and to minimize the overall system cost. The main objective of our paper is to propose a methodology of optimization of the availability of multi-states systems with multi-states components in presence of both aleatory and uncertainties. The problem is formulated as follows: let us consider several configurations of a system, each configuration consisting of components with several states of working and imprecise failure and repair rates provided in form of intervals. The objective is to find the best configuration regarding the system availabilities and costs. We first compute the imprecise steady availability of each configuration by using an original method based on Markov approaches combined with interval contraction techniques. We also compute the overall cost of each configuration. When having the availability and the cost of all the configurations, the idea is to define an objective function in terms of cost, lower and upper bounds of availability, and imprecision (length of availability interval). Then, this function is computed so that we have the best configuration according to our criterion. To illustrate our proposed methodology, we will propose a use-case describing a system formed of n components, and each component has different degraded states from perfect functioning to total failure. Each configuration of the system will have a different structure (parallel, series, series-parallel, complex,…), with different choices of component characteristics (imprecise failure and repair rates). Then, according to different criteria as high availability, low cost, or low availability imprecision, we will propose the best system configuration.

Our work is part of crisis management training in virtual environments. Scripting plays an essential role in human learning in virtual environments. It allows both to propose and orchestrate personalized learning situations and also to lead the learner towards relevant and formative scenarios. The work presented in this thesis focuses on the dynamic generation of scenarios and their execution in virtual environments. For this scripting, we aim at a set of objectives that are often contradictory: the user's freedom of action, the generation of varied scenarios that are faithful to the author's intention, the scripting control and the resilience of the scripting system. The different approaches to interactive storytelling favor more or less some of these objectives, but it is difficult to reconcile them all, and that is the challenge of our work. In addition to these objectives, we also seek to facilitate the modeling of the scenaristic content, which is still a real issue when it comes to scripting complex environments such as crisis management. We propose an emergent approach in which the scenario experienced by the learner will emerge from the interactions between the learner, the virtual characters and our scripting system MENTA. MENTA is in charge of scenario control by proposing a set of adjustments (on the simulation) that respond to scenario objectives chosen by the trainer (e.g., to work on certain skills in particular). These adjustments take the form of a prescribed scenario that is generated by MENTA via a planning engine that we have coupled with fuzzy cognitive maps through a FRAG macro-operator. A FRAG allows to model fragments of scenarios as a sequence of scripted actions/events. The originality of our approach relies on a strong coupling between planning and graphical models which allows to keep the exploration properties and generative power of a planning engine (which favors the variability and resilience of the system), while facilitating the modeling of the scenario content as well as the author's intention through scenario fragments which will be scripted by the author and reused in the planning. We have worked on a concrete example of scenarios concerning the management of a massive influx of injured people, then we have implemented MENTA and generated scenarios related to this example. Finally, we tested and analyzed the performance of our system.

Abstract-The growing complexity of industrial systems is driving public and private decision-makers to optimize the life cycle of a system, particularly with regard to maintenance operations. In this article, we propose an approach to optimize and plan the maintenance strategy taking into account both the costs of operations and the risks associated with system failure. The novelty of the proposed approach lies in an integration, in the objective function that we minimize, of the set of maintenance costs as well as the financial, environmental and human risks that could be caused by a possible system failure. This is based on the system's remaining useful life (RUL) as an indicator of the health status of the system. The decision variables are then: a critical threshold of RUL below which the component is replaced and an inspection step giving the regularity with which the system is inspected.

No summary available.

No summary available.

No summary available.

This paper presents an original experimental protocol, which aims to study human reliability in railway systems by computing the human error probability (HEP) of human operators. The experiment is conducted on a railway traffic management system that places operators in simulated situations involving railway failures. The obtained experimental result is analyzed first by two classical human reliability analysis methods to estimate the HEP of each subject. Then, a model of human operators using valuation-based system is proposed. Finally, a methodology automatically populates the proposed model by allowing the verification of temporal properties on the simulation trace.

No summary available.

No summary available.

No summary available.

No summary available.

This book focuses on modeling several forms of uncertainty (epistemic and aleatory) and dealing with parameter uncertainty in dependability analysis. For this purpose, we are modeling these forms of uncertainty through additive and non-additive theories. Several theories or modeling languages are used. After presenting some context of uncertainty sources and several theoretical frameworks for modeling the different forms of uncertainty, they are applied on assessing the performance of system reliability or dependability with usual dependability models. Industrial systems or toys systems for the sake of illustration are used. Beyond the usual models in dependability, the concept of evidential networks is introduced. Similar to Bayesian networks but considering non additive theories, the modeling principle is explained and applied to several forms of uncertainty and on several systems. This modeling tool is also used to computed importance measures which are necessary to improve systems or test the robustness of the assessment even in the context of several parameter uncertainties.

No summary available.

In recent years, there have been significant technological advances in autonomous transportation. Urban rail transportation has a significant advantage in operating fully automated commercial transportation. Mainline rail transportation also aims to benefit from the advantages of automation. This work is carried out within the framework of the TAS project at IRT SystemX, with the partners SNCF, Alstom Systra and the University of Technology of Compiègne. This paper presents the context of rail transport automation for main lines. The challenges of demonstrating security mainly for application software are discussed. In addition, a risk analysis of some functions of a complete automation (GoA 3/4) is performed. The objective of this analysis is to identify the challenges of determining the safety objectives of such a stand-alone system for further development and demonstration of compliance.

Humans continue to be one of the critical elements of modern transportation operations. Human Reliability Analysis (HRA) methods provide a multidisciplinary approach to evaluate the interaction between humans and the system.

Human reliability assessment (HRA) is an aspect of risk analysis concerned with identifying, analyzing, and quantifying the causes, contributions, and occurrence of human failures. Applications of existing HRA methods are often domain-specific, and difficult to implement even for experts. Also, due to the lack of empirical data, managing uncertainty is important, if not essential. In view of such limitations, we propose a new and comprehensive HRA methodology acronymed “PRELUDE” (Performance shaping factor-based human REliability assessment using vaLUation-baseD systEms). It is a quantitative and qualitative HRA methodology, applied to railway operations. The qualitative part characterizes a safety critical situation using performance shaping factors (PSFs). The PSFs are identified from domain specific human factors and PSF-based studies. The quantitative proposition is a framework of a graphical model (Valuation-based System) and belief functions theory. Appropriate representation and handling of all types of uncertainties, and combination of conflicting expert opinions is considered in this framework. To aid in the choice of appropriate combination method, combined expert data are discussed and compared using quantitative metrics. PRELUDE allows quantifying a human failure event given an operational context. Sensitivity analysis is used to establish a priority ranking among the PSFs. Finally, application on a railway accident scenario describes usage and applicability of our proposition.

No summary available.

No summary available.

No summary available.

No summary available.

No summary available.

No summary available.

No summary available.

No summary available.

No summary available.

No summary available.

No summary available.

No summary available.

No summary available.

Hazardous materials (hazmat) transport by rail can expose people living and working in the neighborhood of the railway to fatal risks. Despite the similarities with hazmat transport by road, hazmat transport by rail is subject to stricter schedule constraints, involving a well-defined path and a related timetable. While an alternative railway routing is not always available, it would be possible to define timetables in order to decrease risk. This approach requires the information about the dynamics of the population in the neighborhood of the railway. In this paper, an approach is proposed to show how variations of the timetable can sensibly decrease the average and maximum exposure. The methodology is proposed on an Italian rail section subject to different anthropogenic activities.

In reliability analysis, comparing system reliability is an essential task when designing safe systems. When the failure probabilities of the system components (assumed to be independent) are precisely known, this task is relatively simple to achieve, as system reliabilities are precise numbers. When failure probabilities are ill-known (known to lie in an interval) and we want to have guaranteed comparisons (i.e., declare a system more reliable than another when it is for any possible probability value), there are different ways to compare system reliabilities. We explore the computational problems posed by such extensions, providing first insights about their pros and cons.

During the last years, Binary Decision Diagrams (BDDs) have attracted the attention of researchers for reliability assessment of complex and large scale systems because they reduce significantly the time and resource demand of reliability computations. In this paper, we present an original extension of BDDs for reliability assessment of systems in the presence of epistemic uncertainty. The proposed method computes the imprecise system reliability from the imprecise reliabilities of the components presented as intervals. This method computes the imprecise system reliability, much faster than the classical inclusion-exclusion method. The efficiency of our proposed method will be demonstrated using numerical examples of imprecise reliability computation of several system configurations in term of time consumed for system reliability computation.

An important issue in Hazardous Material (hazmat) transportation risk assessment is to evaluate the probability bounds of accidents occurrence, whose values are difficult to be estimated due to its low frequency and the related lack of statistical data. This paper presents an original approach to integrate uncertainty in the quantitative analysis of hazmat transportation accidents. The proposed approach is based on the use of Valuation-Based Systems (VBSs) and belief functions theory. Furthermore, we propose to identify the factors for which the reduction of epistemic uncertainty (imprecision) gives the greatest impact on the uncertainty of the final results by using some proposed measures. The applicability and generality of the proposed approach is demonstrated on a case study.

Humans are and will remain one of the critical constituents of a technological system. The study of human factors is a broad domain with equally varying applications. Furthermore, with the advent of new technologies in safety-critical systems there is always a need to ensure system safety and reliability in accordance with increasingly demanding certification standards. Human reliability is a cause of concern as hardware becomes increasingly reliable and relatively human error is rising in its share of causing an accident. Human Reliability Analysis (HRA) provides a way to quantify the risk associated with a human. This paper presents a discussion on the development of a HRA model for the domain of transportation, rail transport in particular. Railway specific human factors studies are analyzed to identify safety relevant factors in order to create a relevant and relatively applicable Performance Shaping Factor list. This list of factors is compared with railway specific studies to address domain specific concerns, further augmenting it with quantification levels for each. A discussion on our proposition towards the integration of HRA for obtaining human induced system-level risk taking into account uncertainty in data and current work's positioning in proposed methodology is also included.

The installation of a multifunctional railway portal (or TCCS - Train Conformity Check system) can contribute to improve the safety of a railway infrastructure. The TCCS can detect the conformity of the trains traveling along the tracks, and can transfer the status information to a main traffic control center. This paper proposes a methodological approach based on Analytic Hierarchy Process (AHP) to evaluate the optimal locations to install a TCCS on a railway section. The eligibility and ranking of the potential sites have been defined with respect to constraints related to the rail line track layout and geometry, the TCCS technological features, and the required safety distance allowing the train to stop. The proposed approach has been applied to a real case study on the Italian railway.

Humans are and will remain one of the critical constituents of a technological system. The study of Human Factors is a broad domain with equally varying applications. Quantification thereof, with a Human Reliability Analysis (HRA) poses considerable challenges and advantages. In increasingly complex modern systems where large resources are allocated towards ensuring system's operational safety, it becomes necessary to analyze the actions of human operator who directly or indirectly influences system reliability. This paper envisages establishing a base towards a HRA model, to address existing issues. Railway systems and Advanced Driver Assistance Systems for automobiles are our application domains. we aim to identify the need of and usability in both. Human considered as a component of the System of Systems for risk assessment allows us to study its impact on system reliability and give feedback to improve system safety.

No summary available.

This paper has three main objectives. The first objective is to summarize the requirements for RAM (Reliability, Availability, and Maintainability) parameters of European Rail Traffic Management System (ERTMS) defined in the railway standards. The second objective is to emphasize that the RAM requirements should be considered at the ERTMS SoS level. The third objective is to highlight major issues, when dealing with ERTMS SoS, which are not treated or clearly defined in the railway standards. Indeed, the RAM parameters definitions do not take into account all types of uncertainty in failure data and human failures, and do not propose specific methods to obtain failure data from experts' opinion. In this work, a number of methods have been proposed to deal with these issues.

This paper presents an experimental protocol which aims to study human reliability in railway systems. The experiment is conducted on a railway traffic management system that places operators (experimental subjects) in simulated situations involving failures. Some classical HRA (Human Reliability Analysis) models are used to interpret the experimental results and to evaluate the probability of human error.

.

No summary available.

Understanding driver behaviors is an important need for the Advanced Driver Assistance Systems. In particular, the pedestrian detection systems become extremely distracting and annoying when they inform the driver with unnecessary warning messages. In this paper, we propose to study the driver behaviors whenever a pedestrian appears in front of the vehicle. A method based on the driving actions and the Hidden Markov Model (HMM) algorithm is developed to classify the driver awareness of pedestrian and the driver unawareness of pedestrian. The method is successfully validated using the collected data from the experiments that are conducted on a driving simulator. Furthermore, two simple methods based on the static parameters such as the Time-To-Collision and the Required Deceleration Parameter are also applied to our problem and are compared to the proposed method. The result shows a significant improvement of the HMM-based method compared to the simple ones.

The technology for controlling the distance between two trains is shifting from traditional fixed red, yellow and green signals on the infrastructure track circuits towards more and more dynamic systems, which are based on moving blocks, where the distance is computed according to real-time positioning, and the control of the distance is computed on-line. This is the case, for example, in the European Rail Traffic Management System (ERTMS), which proposes three different levels, from 1 to 3. This paper addresses the time-honoured problem of scheduling trains on a single track, in the light of recent results in robust team decision theory. The control model can be used in two modes: as a decision support tool for train dispatchers to evaluate the distance between trains in the current schedule, and as a planning tool to evaluate the effects of timetable changes. The main contribution of the paper is the application of a recent result in robust team decision theory to control noncritical train distances in moving blocks, such as in ERTMS Level 3. The case study is related to real data from an ERTMS simulation and controller software tool.

We present an efficient method based on the inclusion-exclusion principle to compute the reliability of systems in the presence of epistemic uncertainty. A known drawback of belief functions and other imprecise probabilistic theories is that their manipulation is computationally demanding. Therefore, we investigate some conditions under which the measures of belief function theory are additive. If this property is met, the application of belief functions is more computationally efficient. It is shown that these conditions hold for minimal cuts and paths in reliability theory. A direct implication of this result is that the credal state (state of beliefs) about the failing (working) behavior of components does not affect the credal state about the working (failing) behavior of the system. This result is proven using a reliability analysis approach based on belief function theory. This result implies that the bounding interval of the system's reliability can be obtained with two simple calculations using methods similar to those of classical probabilistic approaches. A discussion about the applicability of the discussed theorems for non-coherent systems is also proposed.

This paper presents and compares two model-based approaches to ensure the dependability of a rail system in the context of ERTMS (European Rail Traffic Management System). V&V activities against safety properties are carried out by simulating train operations on State machine models of railway infrastructures. This paper presents this approach by means of a comparative study between two tools which analyze the models with various verification strategies. The tools used are Matlab Simulink environment and the DIVERSITY symbolic execution tool from CEA LIST.

Systems of Systems (SoS) are large systems whose components are themselves systems that interact to perform certain functions, and for which the malfunction of a single system can have serious consequences on the operation of the entire SoS. It is therefore important that the design of these SoSs takes into account the requirements of Dependability and in particular their reliability and availability when they are solicited. Moreover, it is necessary that it ensures, through quantitative analysis, that these requirements are met. Uncertainty is also an important part of the thesis, because there are always differences between a system and its representation by a model. The objective of this thesis is to propose a methodology for the safe design of SoSs. The first step is to propose a dysfunctional model of the global SoS integrating the hardware aspects, the network aspects and the human factor. In a second step, we evaluate the SoS requirements. In a third step, it is about taking into account different types of uncertainties in the models. Concerning the application part, the subject would be articulated around the safe design of a railway system. The main contribution of this thesis lies in three aspects. First, a general methodology for modeling SoSs is proposed. Second, we consider ERTMS Level 2 as a SoS and evaluate its SoF requirements taking into account the unavailability of the SoS as an emergent property. Third, different types of uncertainties are quantitatively modeled in the proposed models using probabilistic and non-probabilistic theories.

In this paper, we propose a novel approach to recognize the awareness or the unawareness that a driver has of a pedestrian appearing on the road in front of the vehicle. Based on the theory of situation awareness and the collected driving data from the on board sensors, a suitable Hidden Markov Model (HMM) is used to model the "Driver Awareness of Pedestrian" and the "Driver Unawareness of Pedestrian". These behaviors are then recognized by using a maximum-likelihood decision method. A real-time validation taken on a driving simulator shows that the model and the output decisions are accurate and efficient.

The work presented in this paper aims to model a railway infrastructure composed of tracks, switches and signal lights to verify certain safety properties related to the exploitation of this infrastructure. The modeling will be done using statecharts formalism. The verification approach of the safety properties will be carried out by simulating the operation of the infrastructure. This approach is based on a reachability analysis of dangerous states related to the operation of the infrastructure. The reachability analysis of dangerous states allows to detecting a near accident. Finally, the Statechart model is used to simulate a scenario of a near accident between two trains.

This paper proposes a UML based approach for the modeling and the verification of Railway signalling Systems specifications. Particularly, we consider the European Rail Traffic Management System (ERTMS) and the European Train Control System (ETCS) specifications. First, the architecture of ERTMS/ETCS is described. The validation and verification procedure is also introduced. Then, class, sequences and use case diagrams related to the technical specifications of ERTMS/ETCS are presented. Finally, a case study from the technical specification of ERTMS/ETCS which represents the operation of "Establishing a communication session" between ERTMS/ETCS On-board equipment and RBC (Radio Block Center) to initiate a communication session is proposed.

This paper describes dynamic Valuation-Based System (VBS) for reliability assessment of systems under uncertainty. The reliability data and dependencies between components are represented using variables, sample spaces of variables, a set of valuations represented by probabilities, and basic probability assignments (bpas) that map sample spaces of sets of variables to the set of valuations. The uncertainties considered here are related to the states of components and their dependencies. The imprecise reliability of systems under uncertainty is estimated by an interval composed of upper and lower bounds. The proposed dynamic VBS approach is finally applied on a valve system and compared to the classical Bayesian Network approach.

In this paper, we propose an original simulation approach to evaluate the availability of systems in the presence of state uncertainty which arises from incompleteness or imprecision of knowledge and data. This approach is based on a simulation method combining the belief functions theory and the Statecharts. Then we propose a Statechart model of a railway signalling system, European Rail Traffic Management System (ERTMS) Level 2 considering state uncertainty, and evaluate its availability according to the RAMS requirements defined in the railway standards. Finally we propose a sensitivity analysis to estimate the state uncertainty of which constituent system has the most significant influence on the state uncertainty of the entire ERTMS Level 2.

The objective of the work presented in this article is to model a railway infrastructure composed of tracks, switches and traffic lights in order to verify some safety properties related to the operation of this infrastructure. The modeling will be done using the Statecharts formalism and the Stateflow tool. The approach to verify the safety properties will be done by simulating the operation of the infrastructure. This approach is based on an attainability research of the dangerous states related to the operation of the infrastructure. The attainability analysis of the dangerous states allows the detection of a near miss. Finally, the Statechart model will be used for the simulation of a near miss scenario between two trains.

In this paper, we propose a methodology to evaluate the unreliability of level crossings systems and to identify their critical components. First, a fault tree analysis to evaluate the occurrence probability of the Feared Event (Collision between train and vehicle) over the time is proposed. The human factors and devices failures are also taken into account. Then, an importance measures study is proposed to identify critical components in level crossing systems.

In the literature, different methods of classi- fication of uncertainties and their sources are proposed. The most common distinction being to divide uncertainties into two types: random uncertainty and epistemic uncertainty. The first being irreducible and due to the natural variability of random phenomena. The second is due to a lack of knowledge that can be reduced by making more efforts (data collection, expert consultation, accelerated testing, etc.). In this paper, we will propose a discussion of the validity of this distinction and show that it has implications for the choice of theory to be used to represent the different types of uncertainties.

No summary available.

No summary available.

Many practical methods and different approaches have been proposed to assess Multi-State Systems (MSS) reliability measures. The universal generating function (UGF) method, introduced in 1986, is known to be a very efficient way of evaluating the availability of different types of MSSs. In this paper, we propose an extension of the UGF method considering epistemic uncertainties. This extended method allows one to model ill-known 10 probabilities and transition rates, or to model both aleatory and epistemic uncertainty in a single model. It is based on the use of belief functions which are general models of uncertainty. We also compare this extension with UGF methods based on interval arithmetic operations performed on probabilistic bounds.

In this paper, we first propose the modeling of an ERTMS level 2 railway signaling system using Statecharts. Then, we propose the performance evaluation of this system in terms of availability and average time spent in each state (nominal operation mode, degraded mode and failure mode). The originality of this work lies in the attempt to model the whole ERTMS level 2 signalling system by considering it as a System of Systems. Moreover, human factors and network failures are also taken into account in the proposed model.

Currently, a high percentage of accidents in railway systems are accounted to human factors. As a consequence, safety engineers try to take into account this factor in risk assessment. However, human reliability data are very difficult to quantify, thus, qualitative methods are often used in railway system's risk assessments. Modeling of human errors through probabilistic approaches has shown some limitation concerning the quantification of qualitative aspects of human factors. The proposed paper presents an original method to account for the human factor by using Evidential Networks and fault tree analysis.

During the past decades, the scientific community has provided different frameworks for classifying uncertainty and its sources. The most common distinction -or at least, the one that is widely accepted in the reliability and risk analysis community- is the distinction between aleatory and epistemic uncertainty. The former is considered irreducible because it is due to the natural variability of random phenomena. The latter is attributed to the lack of knowledge, thus, it is reducible as long as we are able to gather more information. In this paper, we propose a discussion about this distinction from an historical point of view and we introduce some alternative theories to deal with uncertainty.

In this paper, extended component importance measures (Birnbaum importance, RAW, RRW and Crit- icality importance) considering aleatory and epistemic uncertainties are introduced. The D-S theory which is considered to be a less restricted extension of probability theory is proposed as a framework for taking into account both aleatory and epistemic uncertainties. The epistemic uncertainty defined in this paper is the total lack of knowledge of the component state. The objective is to translate this epistemic uncertainty to the epistemic uncertainty of system state and to the epistemic uncertainty of importance measures of components. The Affine Arithmetic allows us to provide much tighter bounds in the computing process of interval bounds of importance measures avoiding the error explosion problem. The efficiency of the proposed measures is demonstrated using a bridge system with different types of reliability data (aleatory uncertainty, epistemic uncertainty and experts' judgments). The influence of the epistemic uncertainty on the components' rankings is described. Finally, a case study of a fire-detector system located in a production room is provided. A comparison between the proposed measures and the probabilistic importance measures using two-stage Monte Carlo simulations is also made.

This paper presents an original method for evaluating reliability indices for Multi-State Systems (MSSs) in the presence of aleatory and epistemic uncertainties. In many real world MSSs an insufficiency of data makes it difficult to estimate precise values for component state probabilities. The proposed approach applies the Transferable Belief Model (TBM) interpretation of the Dempster-Shafer theory to represent component state beliefs and to evaluate the MSS reliability indices. We use the example of an oil transmission system to demonstrate the proposed approach and we compare it with the Universal Generating Function method. The value of the Dempster-Shafer theory lies in its ability to use several combination rules in order to evaluate reliability indices for MSSs that depend on the reliability of the experts' opinions as well as their independence.

The inclusion-exclusion principle is a well-known property of set and probability theories, that is instrumental to solve some problems such as the evaluation of systems reliability or of uncertainty over Boolean formulas. However, when using models that mixes sets and probabilities, this principle does not longer hold in general. It is therefore useful to know in which cases it continues to hold. This paper investigates this question when the models of uncertainty are belief functions. After exhibiting sufficient and necessary conditions for the principle to hold, we illustrate its use on some applications, i.e. reliability analysis and uncertainty over Boolean formulas.

There are different ways to classify uncertainty or its sources. The most common distinction is to divide uncertainty into two types: random uncertainty and epistemic uncertainty. The first type is irreducible and due to the natural variability of random phenomena. The second type is reducible and due to a lack of knowledge that can be reduced by making more efforts (collecting more data, consulting experts, accelerated testing. . . ). Recently, several authors have begun to challenge the use of classical probabilities to deal with these two types of uncertainties. New theories that deal with the different types of uncertainties have appeared. These theories are able to represent and propagate both random and epistemic uncertainty. Among these theories, the theory of belief functions is exploited in this manuscript to handle uncertainties in system reliability studies. Various issues related to reliability studies in the presence of epistemic uncertainties, as well as reasons why probability theory should not be used in this case, are discussed. The manuscript introduces methods for representing reliability data and combining expert opinions. Then, it presents several methods for propagating uncertainty about the reliability of components at the system level. An important result of these methods is that the lower (upper) bound on system reliability depends only on the lower (upper) bounds on component reliability, and that the belief and plausibility functions are additive for the collection of minimal paths and minimal cuts.

The introduction of instrumented systems dedicated to safety applications requires the evaluation of their reliability. Generic reliability databases are generally used for this purpose. However, the experience feedback for these systems, which generally present rare failures, is insufficient to validate the results obtained. Moreover, the collection of reliability data and their extrapolation to other components introduces uncertainties. The work of this thesis deals with the problem of taking into account the uncertainties related to the reliability data of components for the evaluation of the safety of systems by the formalism of fuzzy subsets. The proposed methodology is applied to the evaluation of failure probabilities of Safety Instrumented Systems (SIS) in the presence of imprecise reliability data. We introduce two new importance factors to help the designer. In addition, we propose a methodology to assist the design of SIS based on reliability network modeling and optimization by genetic algorithms of the structure of SIS for the respect of safety integrity levels (SIL) required The use of safety related systems imposes to evaluate their dependability.