Stochastic Error Propagation Analysis of Model-driven Space Robotic Software Implemented in Simulink

Abstract

Model-driven software development methods are widely used in safety-critical domains including space robotics. The MATLAB Simulink environment is the common choice of control engineers. This article introduces a new method for a fully automatic transformation of a Simulink model to a dual-graph model for stochastic error propagation analysis. The error propagation analysis provides important inputs for system reliability methods, required by industrial standards such as FTA and FMEA. The dual-graph error propagation model is a mathematical abstraction of key system design aspects that influence error propagation processes: control flow, data flow, and component-level reliability properties. This model helps to estimate the likelihood of error propagation to hazardous system parts and quantify the negative impact of a fault in a particular component on the overall system reliability. In praxis, the manual creation of an error propagation model of a complex system requires a huge effort. The transformation method, introduced in this article, is a fast and promising solution. The method is demonstrated as a part of a stochastic analysis of a real-world model-driven space robotic software.