CN114626200B - Space man-machine system task safety comprehensive modeling and dynamic simulation method - Google Patents
Space man-machine system task safety comprehensive modeling and dynamic simulation method Download PDFInfo
- Publication number
- CN114626200B CN114626200B CN202210125439.1A CN202210125439A CN114626200B CN 114626200 B CN114626200 B CN 114626200B CN 202210125439 A CN202210125439 A CN 202210125439A CN 114626200 B CN114626200 B CN 114626200B
- Authority
- CN
- China
- Prior art keywords
- task
- machine system
- safety
- machine
- model
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 212
- 238000005094 computer simulation Methods 0.000 title claims abstract description 57
- 230000008569 process Effects 0.000 claims abstract description 159
- 230000007246 mechanism Effects 0.000 claims abstract description 82
- 238000011156 evaluation Methods 0.000 claims abstract description 67
- 238000004458 analytical method Methods 0.000 claims abstract description 66
- 230000007704 transition Effects 0.000 claims abstract description 59
- 238000004088 simulation Methods 0.000 claims abstract description 54
- 238000012546 transfer Methods 0.000 claims abstract description 26
- 230000010354 integration Effects 0.000 claims abstract description 22
- 239000000203 mixture Substances 0.000 claims abstract description 9
- 238000002347 injection Methods 0.000 claims abstract description 8
- 239000007924 injection Substances 0.000 claims abstract description 8
- 230000007613 environmental effect Effects 0.000 claims description 90
- 230000008859 change Effects 0.000 claims description 40
- 230000006870 function Effects 0.000 claims description 24
- 238000009826 distribution Methods 0.000 claims description 17
- 238000010586 diagram Methods 0.000 claims description 13
- 238000005315 distribution function Methods 0.000 claims description 10
- 230000008878 coupling Effects 0.000 claims description 9
- 238000010168 coupling process Methods 0.000 claims description 9
- 238000005859 coupling reaction Methods 0.000 claims description 9
- 230000003993 interaction Effects 0.000 claims description 8
- 238000006243 chemical reaction Methods 0.000 claims description 7
- 230000006872 improvement Effects 0.000 claims description 7
- 230000001149 cognitive effect Effects 0.000 claims description 4
- 238000012544 monitoring process Methods 0.000 claims description 4
- 238000013139 quantization Methods 0.000 claims description 3
- 238000000556 factor analysis Methods 0.000 claims description 2
- 230000007547 defect Effects 0.000 abstract description 3
- 230000009471 action Effects 0.000 description 33
- 230000001960 triggered effect Effects 0.000 description 20
- 230000000694 effects Effects 0.000 description 12
- 238000012423 maintenance Methods 0.000 description 10
- 239000011159 matrix material Substances 0.000 description 10
- 238000011160 research Methods 0.000 description 10
- 238000009434 installation Methods 0.000 description 9
- 238000005070 sampling Methods 0.000 description 9
- 238000010276 construction Methods 0.000 description 8
- 230000005012 migration Effects 0.000 description 8
- 238000013508 migration Methods 0.000 description 8
- 230000002159 abnormal effect Effects 0.000 description 5
- 238000013461 design Methods 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 5
- 238000000342 Monte Carlo simulation Methods 0.000 description 3
- 230000001808 coupling effect Effects 0.000 description 3
- 238000004132 cross linking Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 230000035772 mutation Effects 0.000 description 3
- 239000000243 solution Substances 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 238000013210 evaluation model Methods 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 230000000007 visual effect Effects 0.000 description 2
- 230000005856 abnormality Effects 0.000 description 1
- 238000004422 calculation algorithm Methods 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000015556 catabolic process Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000006731 degradation reaction Methods 0.000 description 1
- 238000002474 experimental method Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 210000002381 plasma Anatomy 0.000 description 1
- 230000001902 propagating effect Effects 0.000 description 1
- 238000004451 qualitative analysis Methods 0.000 description 1
- 238000004445 quantitative analysis Methods 0.000 description 1
- 230000005855 radiation Effects 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
- 230000035945 sensitivity Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000013076 uncertainty analysis Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F30/00—Computer-aided design [CAD]
- G06F30/20—Design optimisation, verification or simulation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2111/00—Details relating to CAD techniques
- G06F2111/08—Probabilistic or stochastic CAD
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Evolutionary Computation (AREA)
- Geometry (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a space man-machine system task security comprehensive modeling and dynamic simulation method, which comprises the following steps: analyzing the composition of the space man-machine system, and determining the safety influencing factors; analyzing a task process of the space man-machine system, and constructing a task process safety evaluation reference model; constructing a factor logic model; determining a state trigger mechanism of various security influencing factors; constructing a security structure function; constructing a task process safety evaluation comprehensive integration model, and injecting a state transition trigger mechanism; based on the task process safety evaluation comprehensive integration model after the injection state transfer trigger mechanism, performing uncertainty dynamic simulation analysis to obtain an uncertainty dynamic simulation result; and according to the uncertainty dynamic simulation result, analyzing the space man-machine system task safety simulation result to obtain the space man-machine system task safety index. The invention overcomes the defects of the existing security simulation analysis method based on the PSA method.
Description
Technical Field
The invention belongs to the technical field of system safety, and particularly relates to a space man-machine system task safety comprehensive modeling and dynamic simulation method.
Background
Safety accidents are the result of human errors, equipment faults, environmental disturbances and coupling actions of human-machine systems breaking through control measures, propagating and evolving unconstrained, and are represented by the occurrence of a series of unexpected events, the nature of which is the sequential failure of system control measures. The safety factor is a direct cause of occurrence and spread of safety accidents in space man-machine systems. The safety behavior of the system can be influenced by a plurality of unsafe factors of personnel, equipment and environment, and particularly, with the progress of scientific technology and the improvement of the production and manufacturing level, the proportion of accidents caused by the personnel factors is up to more than 70 percent.
The early foreign human-computer system safety evaluation technology research mainly comprises the safety research of a platform, but a plurality of major safety accidents enable human factor reliability research and application to be carried out abroad at the same time, and human factor reliability modeling and analysis become the key points of the human-computer system safety technology research. The technical researches of safety modeling and simulation of foreign space man-machine systems take probability safety evaluation (PSA) as a core, comprehensively consider the influence of human factor reliability (HR) and space environment on the safety of the system, and perform safety modeling and simulation analysis engineering application on space man-machine systems such as international space stations, spaceship, orbital space aircraft OSP, manned rescue spacecraft CRV, manned lunar-penetrating spacecraft CEV and the like.
In recent years, research on safety evaluation technology of man-machine systems is gradually developed in China, and the research mainly comprises two aspects, namely taking a machine subsystem as a research object, taking the human subsystem as a safety influencing factor, and quantitatively researching the safety performance of the machine subsystem through human error analysis. On the other hand, the human subsystem is taken as an object, the human subsystem is placed under the overall safety constraint of the human-machine system, and the reliability and safety requirements which the human subsystem needs to meet are researched. At present, the safety evaluation of the man-machine system in China is not applied to the space man-machine system, and the method is more based on the PRA method.
As can be seen from the technical research conditions at home and abroad, the technical research of the safety evaluation of the foreign space man-machine system takes probability safety evaluation (PSA) as a core, an effective space man-machine system safety evaluation method at home is not available, and the system safety evaluation method under the coupling condition of human factors, software and hardware equipment factors and environmental factors cannot be comprehensively considered.
Since the system security assessment is as important as the system reliability assessment work, and as the device reliability is continuously improved, human factors are highlighted, it is necessary to consider the system security under the multi-factor coupling condition.
In summary, the existing security analysis method using Probability Security Assessment (PSA) as a core system cannot dynamically express the dynamic process of the space man-machine system changing along with time, and cannot describe the possible security state evolution process of the space man-machine system in the real environment, so from the perspective of dynamic simulation analysis, the PSA method has a static characteristic, and therefore, a dynamic simulation method is required to be adopted to acquire the dynamic process of the system security and the corresponding index parameter change condition.
Disclosure of Invention
The technical solution of the invention is as follows: the method overcomes the defects of the prior art, provides a space man-machine system task safety comprehensive modeling and dynamic simulation method, and aims to overcome the defects of the existing safety simulation analysis method based on the PSA method.
In order to solve the technical problems, the invention discloses a space man-machine system task security comprehensive modeling and dynamic simulation method, which comprises the following steps:
Analyzing the composition of the space man-machine system, and determining safety influencing factors in the task process of the space man-machine system: human factors, software and hardware equipment factors and environmental factors; determining a failure distribution function of each security influencing factor;
Analyzing a task process of the space man-machine system, and constructing a task process safety evaluation reference model of the space man-machine system from a task angle;
Based on the safety influence factors, constructing a factor logic model of the space man-machine system; wherein the factor logic model comprises: a human factor logic model, an organic factor logic model, an environmental factor logic model, and a human-machine-loop factor logic model; wherein, the machine refers to software and hardware equipment;
Analyzing the state transition mechanisms of human factors, software and hardware equipment factors and environmental factors, and determining the state trigger mechanisms of various security influence factors;
constructing a safety structure function of a task key event in the task process of the space man-machine system;
Constructing a task process safety evaluation comprehensive integration model of the space man-machine system, and associating a task process safety evaluation reference model, a factor logic model and a safety structure function of a task key event in a task process through the task process safety evaluation comprehensive integration model;
Based on the state trigger mechanisms for determining various security influence factors, the state transfer trigger mechanisms are injected into the task process security evaluation comprehensive integrated model, so that the task process security evaluation comprehensive integrated model has the capability of state dynamic conversion;
Based on the task process safety evaluation comprehensive integration model after the injection state transfer trigger mechanism, performing uncertainty dynamic simulation analysis to obtain an uncertainty dynamic simulation result;
And according to the uncertainty dynamic simulation result, analyzing the space man-machine system task safety simulation result to obtain the space man-machine system task safety index.
In the above-mentioned space man-machine system task safety comprehensive modeling and dynamic simulation method,
The space man-machine system S obtained after analysis is represented as follows:
S={H1,H2,...,Hh,M1,M2,...,Mm,E1,E2,...,Ee}
Wherein H i represents the ith person factor, i=1, 2,..h, H represents the total number of person factors; m j denotes the j-th hardware and software device factor, j=1, 2,..m, M denotes the total number of hardware and software device factors; e k denotes the k-th environmental factor, k=1, 2, E, E represents the total number of environmental factors;
The corresponding failure distribution functions for H i、Mj and E k are F Hi(t)、FMj (t) and F Ek (t), respectively.
In the above-mentioned comprehensive modeling and dynamic simulation method of task security of space man-machine system, the task process of space man-machine system is analyzed, and a task process security evaluation reference model of space man-machine system is constructed from the task perspective, comprising:
According to the sequence relation of the task processes of the space man-machine system, carrying out event tree modeling on the task processes of the space man-machine system to obtain an event tree reference model;
And modeling the task process of the space man-machine system according to the event tree reference model to obtain a task process safety evaluation reference model of the space man-machine system.
In the above-mentioned space man-machine system task security comprehensive modeling and dynamic simulation method, based on security influencing factors, constructing a factor logic model of the space man-machine system, comprising:
specifying a human monitoring model and a control path model according to the participation degree of a human in the task process of the space human-machine system, and constructing to obtain a human factor logic model;
determining the logic relationship among all factors of the machine by adopting a classical fault tree, a dynamic fault tree and a Bayesian network, and constructing a factor logic model of the machine;
Constructing a factor logic model of the environment according to the basic conditions of the internal and external environments when each specific task occurs in the task process of the space man-machine system;
Based on the task process safety evaluation reference model, combining a human factor logic model, a machine factor logic model and an environmental factor logic model, determining the interaction and/or coupling logic relationship among the human-machine, the human-ring and the machine-ring, and constructing to obtain the human-machine-ring factor logic model.
In the above-mentioned space man-machine system task security comprehensive modeling and dynamic simulation method, the state trigger mechanism of various security influencing factors is as follows:
When human factors change: according to the operation situation, determining a failure distribution function corresponding to human factors, and judging whether a person makes errors or not; when the person is determined not to be lost, skipping out the analysis of the human factors; when the occurrence of mistakes is determined, analyzing the influence inside the team, the influence of task events and the influence of machines, and calculating the probability of cognitive decision and misoperation of the corresponding people and the probability of faults, failures or misoperation of the machines;
When the software and hardware equipment factors change: judging the influence of state transition of the machine on the machine according to the working environment; according to the determined influence of state transition of the machine on the machine, simulating and analyzing the influence on the environment to obtain a real-time environment state; based on the determined influence of state conversion of the machine on the machine and the obtained real-time environment state, human factor analysis is carried out;
When environmental factors change: and analyzing the environmental factor change trigger mechanism, constructing an environmental factor change rule model, and analyzing the environmental factor change trend.
In the above-mentioned space man-machine system task security comprehensive modeling and dynamic simulation method, the security structure function of the task key event in the task process of the space man-machine system is constructed, including:
Determining a task key event E k in the task process of the space man-machine system;
Modeling a task process of the space man-machine system by adopting a layered modeling mode, and defining a state change structure function of the space man-machine system related to a task key event E k in the task process of the space man-machine system to obtain a safety structure function of E k Wherein/>For a vector of x ki (t),X ki (t) represents a state variable of the mission critical event E k with the i-th basic event, i=1, 2,..n.
In the above-mentioned space man-machine system task security comprehensive modeling and dynamic simulation method, based on determining the state trigger mechanism of various security influencing factors, injecting a state transition trigger mechanism into the task process security evaluation comprehensive integration model, comprising:
And injecting the interrelationship among different states and the state transition trigger mechanism into the task process safety evaluation comprehensive integration model by constructing a system state control logic relation diagram according to the state trigger mechanisms of the determined various safety influence factors.
In the above-mentioned space man-machine system task security comprehensive modeling and dynamic simulation method, the uncertainty dynamic simulation analysis includes: task critical event uncertainty simulation analysis and task process safety evaluation comprehensive integrated model based process uncertainty simulation analysis of space man-machine system tasks.
In the above comprehensive modeling and dynamic simulation method for task safety of space man-machine system, according to the uncertainty dynamic simulation result, the analysis of the task safety simulation result of space man-machine system is performed to obtain the task safety index of space man-machine system, comprising:
according to the uncertainty dynamic simulation result, making the system safety life xi be a random variable;
and calculating and obtaining the security improvement quantized value, the failure probability distribution and the security importance of the space man-machine system according to the failure times of the N simulation systems.
In the above-mentioned space man-machine system task safety comprehensive modeling and dynamic simulation method,
The security improvement quantization value R s (t) is:
The failure probability distribution P s (t) is:
Wherein n (t- Δt/2) represents the number of failures of the system during (t- Δt/2), and n (t+Δt/2) represents the number of failures of the system during (t+Δt/2);
the security importance D (eta) is as follows:
Wherein D (eta) represents the safety importance of the safety influencing factor eta, n (eta) represents the number of system failures caused by the failure of the safety influencing factor eta, Indicating the total number of failures of all security influencing factors.
The invention has the following advantages:
(1) The invention discloses a comprehensive modeling and dynamic simulation method for task safety of a space man-machine system, which can more effectively reflect dynamic characteristics of the system safety, can obtain the possibility and uncertainty of different states of the system in the whole task period, and can solve the safety importance of the system, so that the influence of each safety influence factor on the safety of the space man-machine system in the whole task period of the system can be comprehensively reflected, the safety and reliability design of the space man-machine system are more effective, and the quantized result is provided for improving or improving the artificial efficiency design of the system, and support and decision are provided for the safety analysis design of the space man-machine system.
(2) The invention discloses a space man-machine system task safety comprehensive modeling and dynamic simulation method which can meet the working requirements of task process safety comprehensive modeling and dynamic simulation evaluation of typical space man-machine system key task scenes, including space station, airship on-orbit operation, ground teleoperation and launching farm man-machine system typical task scenes, and has good popularization and application prospects.
(3) The invention discloses a space man-machine system task safety comprehensive modeling and dynamic simulation method, which considers the comprehensive modeling of a plurality of factors of a space man-machine system, synthesizes each factor logic model (a human factor logic model, a machine factor logic model, an environment factor logic model and a man-machine-ring factor logic model) with a task process safety evaluation reference model, and provides a specific implementation scheme for modeling of a complex task process safety evaluation comprehensive integration model.
(4) The invention discloses a space man-machine system task safety comprehensive modeling and dynamic simulation method, which solves the problems of incomplete traditional safety modeling and safety evaluation model construction under the man-machine-ring coupling effect, gives out specific steps of logic model construction of each factor, defines the state trigger mechanism of various safety influence factors, solves the problem of safety evaluation model integrity under the man-machine-ring coupling effect, and realizes the complete modeling of space man-machine system task process safety by constructing a space man-machine system task process safety evaluation comprehensive integration model.
(5) The invention discloses a space man-machine system task safety comprehensive modeling and dynamic simulation method, which solves the problem of insufficient dynamic characteristic reflection in the traditional safety modeling and evaluation simulation process, and solves the dynamic realization of the safety modeling and evaluation simulation process by integrating the injection of each factor logic model and a state transition trigger mechanism, so that the simulation process is more similar to a real task scene, the corresponding dynamic analysis result more accurately reflects the possible safety state change condition in the specific task scene, and the corresponding safety simulation analysis result can provide support and decision basis for model safety analysis design, task process optimization, planning of key task events and the like.
Drawings
FIG. 1 is a schematic flow chart of a method for comprehensively modeling and dynamically simulating task safety of a space man-machine system in an embodiment of the invention;
FIG. 2 is a schematic diagram of factors involved in task implementation in a task execution process of a space station load transfer subsystem according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of an event tree model modeling a task process safety assessment benchmark model in an embodiment of the present invention;
FIG. 4 is a graph of a human reliability uncertainty distribution in an embodiment of the present invention;
FIG. 5 is a schematic diagram of the components of a space station load transfer subsystem in accordance with an embodiment of the present invention;
FIG. 6 is a schematic diagram of a logical model among factors of a machine in an embodiment of the invention;
FIG. 7 is a schematic diagram of an environmental factor Markov model in accordance with an embodiment of the present invention;
FIG. 8 is a schematic diagram of an environment factor Markov comprehensive expansion model according to an embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the present invention more apparent, the embodiments of the present invention disclosed herein will be described in further detail with reference to the accompanying drawings.
As shown in fig. 1, in this embodiment, the method for comprehensively modeling and dynamically simulating task safety of a space man-machine system includes:
Step 1: and (5) analyzing the composition of the space man-machine system. Analyzing the composition of the space man-machine system, and determining safety influencing factors in the task process of the space man-machine system: human factors, software and hardware equipment factors and environmental factors; and determining a failure distribution function for each security influencing factor.
In this embodiment, the space man-machine system S may be represented by human factors, software and hardware device factors, and environmental factors:
S={H1,H2,...,Hh,M1,M2,...,Mm,E1,E2,...,Ee}
wherein H i represents the ith person factor, i=1, 2,..h, H represents the total number of person factors; m j denotes the j-th hardware and software device factor, j=1, 2,..m, M denotes the total number of hardware and software device factors; e k denotes the k-th environmental factor, k=1, 2, E, E represents the total number of environmental factors.
Further, to perform simulation analysis on system security, it is necessary to determine a failure (error) distribution function of each security influencing factor: f Hi(t)、FMj (t) and F Ek (t), wherein F Hi(t)、FMj (t) and F Ek (t) are failure distribution functions corresponding to H i、Mj and E k, respectively.
Step 2: and (5) analyzing task processes of the space man-machine system. And analyzing the task process of the space man-machine system, and constructing a task process safety evaluation reference model of the space man-machine system from the task angle.
In this embodiment, the analysis of task processes of the space man-machine system involves the description of task processes and modeling of specific task processes, and specifically includes:
and a sub-step 21, constructing an event tree reference model.
And modeling an Event Tree (ET) for the task process of the space man-machine system according to the sequence relation of the task process of the space man-machine system to obtain an event tree reference model. The event tree reference model is a reference model for evaluating the task reliability and the safety of the space man-machine system, and is used as a reference for evaluating the task reliability and the safety of the space man-machine system on the premise of not greatly influencing the occurrence of a safety event; when a major security event occurs, the event tree reference model will undergo task mode migration, so as to enter a security mode of task implementation, and the task mode migration will affect successful implementation of the reference task, but can ensure the security of astronauts.
And a sub-step 22, constructing a task process safety evaluation reference model of the space man-machine system.
And modeling the task process of the space man-machine system according to the event tree reference model to obtain a task process safety evaluation reference model of the space man-machine system.
Step 3: and (5) constructing a factor logic model. And constructing a factor logic model of the space man-machine system based on the safety influence factors.
In this embodiment, based on the analysis of the system security simulation logic relationship, the factor logic model of the space man-machine system can be divided into four types: a human factor logic model, an organic factor logic model, an environmental factor logic model, and a human-machine-loop (interactive or coupled) factor logic model; wherein, the machine refers to software and hardware equipment.
Preferably, the logic relation among all factors in the system can be clarified through methods such as fault trees, dynamic fault trees, reliability block diagrams and the like, and then a factor logic model is constructed. Taking the fault tree method as an example, the top event of the fault tree is the failure event of the system S, and the bottom event of the fault tree is the failure event of each factor, so that from the simplest perspective, the system S has h+m+k bottom events, but from the perspective of man-machine-ring interaction relationship, it is not convenient to simply consider that the system has h+m+k bottom events, and the man-machine-ring interaction effect should be considered in modeling.
Specific:
and (3) constructing a factor logic model of the person.
According to the participation degree of people in the task process of the space man-machine system, a monitoring model (namely information data acquisition, meter reading, temperature and humidity sensing and the like) and a control path model (namely a manual intervention model such as operation and control) of the people are regulated, and a factor logic model of the people is constructed. Wherein defining the monitoring model and the control path model of the person includes: and establishing a person-to-person information communication and cooperation model for team logic model construction. The analysis of the state transition trigger mechanism in the model should be determined in the human factor logic model, see in particular sub-step 41 in step 4.
And a sub-step 32, constructing a factor logic model of the machine.
Determining the logic relationship among all factors of the machine by adopting classical fault tree, dynamic fault tree, bayesian network and other methods, and constructing and obtaining a factor logic model of the machine. The factor logic model of the machine is used for determining the logic relation among all factors of the machine, and is used for determining the state transition condition, conditional transition probability and the like of the machine and the component parts (all factors) thereof. The factor logic model of the machine should analyze and determine the state transition trigger mechanism in the model, see in particular sub-step 42 in step 4.
And a substep 33, constructing a factor logic model of the environment.
And constructing and obtaining a factor logic model of the environment according to the basic conditions of the internal and external environments when each specific task occurs in the task process of the space man-machine system. The environmental factors refer to abnormal environmental conditions (such as gradual change or abrupt change environments) affecting the performance of the personnel, and the abnormal environmental conditions can affect the operation performance of the personnel through visual, auditory, tactile and other changes. The factor logic model of the environment is used for describing the basic conditions of the internal and external environments when a specific task occurs, and mainly relates to the physical environment in a task implementation scene, the conditions of a man-machine interaction interface in an operation process and the like. The environment factor logic model is constructed by mainly adopting a Markov model-based method. The analysis and determination should be performed on the state transition trigger mechanism in the model in the factor logic model of the environment, specifically, see step 43 in step 4.
In a substep 34, a factor logic model of the man-machine-ring is constructed.
Based on the task process safety evaluation reference model, combining the human factor logic model, the machine factor logic model and the environmental factor logic model, determining the logic relationship (interaction and/or coupling) among the human-machine, the human-ring and the machine-ring, and constructing to obtain the human-machine-ring factor logic model.
Based on the above sub-steps 31-34, inputs are provided for building human-machine, human-loop, machine-loop security feature models (i.e., mission process security assessment integration models).
Step 4: and analyzing the system safety state and a transfer trigger mechanism. And analyzing the state transition mechanisms of human factors, software and hardware equipment factors and environmental factors to determine the state trigger mechanisms of various security influence factors.
For a specific man-machine system task process, system safety state analysis is the key for determining a system safety state transition trigger mechanism under a specific event, and state condition input can be provided for qualitative and quantitative analysis by defining unsafe states of the system and transition relations among the states. Each simulation interval should consider whether there is a person, interpretation, operation, etc. therein, and typically if the machine, ring is in a controllable security domain, no human factor is considered if the task process does not require human participation. Specifically, when a certain factor state transitions:
Substep 41, when the human factor changes: 41a) According to the operation situation, determining a failure distribution function corresponding to human factors, and judging whether a person makes errors or not; 41b) When the person is determined not to be lost, skipping out the analysis of the human factors, otherwise, turning to 41 c); 41c) When the occurrence of mistakes is determined, the internal influence of the team (the comprehensive performance of the individual and the team and the probability distribution corresponding to the human mistakes) and the influence of the task event action and the machine are analyzed, and the probability of the cognitive decision and the misoperation of the corresponding person and the probability of the failure, the failure or the misoperation of the machine are calculated.
A sub-step 42, when the software and hardware device factors change: 42a) According to the working environment, judging the influence of state transition (failure, failure or abnormality) of the machine on the machine, namely, when the state transition of a certain factor of the machine is obtained according to a factor logic model of the machine, the influence on a machine system is judged, and the state of a relevant factor of the machine is changed according to the influence degree obtained by simulation; 42b) According to the determined influence of state transition of the machine on the machine, simulating and analyzing the influence on the environment to obtain a real-time environment state; 42c) On the basis of the determined influence of the state transition of the machine on the machine itself and the obtained real-time environmental state, an analysis of the human factor is performed, if the human factor has no state change, the simulation is ended, otherwise the sub-step 41 is performed.
Substep 43, when the environmental factor changes:
43a) And analyzing the environmental factor change trigger mechanism.
I. environmental changes due to spatial environment
The environmental changes caused by the space environment mainly consider the outside-cabin activities (EVA), such as space walking and the like. For the outdoor environment, the middle and high-rise atmosphere, ionized layer plasmas, the earth basic magnetic field and the earth radiation band mode are determined according to the space geodetic coordinate range, geomagnetic activity conditions and solar activity conditions, the environmental factor disturbance data are calculated according to the design experience of manned spacecraft or space station, the outdoor environment factor disturbance law is determined through analysis by defining the environmental disturbance factors, and the space environment disturbance effect is predicted.
Environmental changes in spacecraft
Environmental changes caused by the environment within the spacecraft are mainly considered for intra-cabin activities (EVA), such as maintenance operations, etc. And if the environment in the spacecraft changes, considering the influence of the aircraft and the person on the environment in the cabin, analyzing and determining the disturbance law of the environment factors in the cabin through defining the disturbance factors of the environment, and predicting the disturbance effect of the environment in the cabin.
43B) And constructing an environmental factor change rule model.
Specifically, the environmental factor change rule model describes the transition of the internal and external environments of the system from one state to another state, such as from a normal state to an abnormal state (such as a state transition of uncomfortable environment and serious uncomfortable environment), or from the abnormal state to the normal state (due to human intervention or hardware system fault tolerance mechanism penalty, etc.).
I. Defining a random variable X i (t) =0 (i represents the environment state of an executable task of an i-th task of the space man-machine system, such as an in-cabin task and an out-cabin task), wherein the state represents the condition that the internal and external environments of the system meet the task execution condition at the time t, and the state corresponds to the system environment being in a proper working state, and has no influence on factors of people and machines in the man-machine system by default. This state is referred to as state 0.
Defining a random variable X i (t) =1j, wherein the state represents that the environmental state changes under the ith task execution condition at the moment t, and the environmental condition changes to the j level, and under the environmental state, the normal work of the astronaut can be influenced. This environmental state is referred to as state 1j.
Defining a random variable X i (t) =2k, wherein the state indicates that the environmental state changes under the ith task execution condition at the moment t, and the environmental condition changes to the k level, under the environmental state, the astronaut may not work normally, and maintenance operation (emergency maintenance operation task outside the normal task) must be performed, and the environmental state is referred to as a state 2k. After the maintenance operation is completed, the environment state is changed from the 2k state to the 1j or 0 state.
The random variable X i (t) =3l is defined, and this state indicates that the environmental state changes under the i-th task execution condition at time t, and the environmental condition changes to level l, which may cause the casualties of the astronauts, the given task cannot be implemented, the maintenance operation cannot be performed, and the astronauts need to be evacuated. This state is referred to as state 2l.
Iiii.define the random variable Y i (t) ∈ {2k→m,1j→m }, which represents the process of restoring the environmental state by maintenance work and other emergency operations, etc., in the interval of time t+Δt, the possible environmental state after restoration being 2k, 1j or 0 state.
43C) And analyzing the change trend of environmental factors.
The environmental state is modeled by means of a state transition diagram. On the premise of analyzing and determining an environmental factor change mechanism, the environmental factor change trend analysis work can be completed by constructing an environmental state transfer relation matrix, and the influence of the environmental change state on people and machines can be determined by human factor reliability analysis and machine fault mode analysis, and the environmental state change influence can be quantitatively analyzed in a parameterized mode.
Step 5: a safety structure function of a mission critical event in a mission process of a space man-machine system is constructed.
A mission critical event E k in the course of a mission of the space man-machine system is determined.
Modeling a task process of the space man-machine system by adopting a layered modeling mode, and defining a state change structure function of the space man-machine system related to a task key event E k in the task process of the space man-machine system to obtain a safety structure function of E k Wherein/>For a vector of x ki (t),X ki (t) represents a state variable of the mission critical event E k with the i-th basic event, i=1, 2,..n.
Step 6: and constructing a task process safety evaluation comprehensive integration model of the space man-machine system.
In this embodiment, the task process safety evaluation comprehensive integration model may be constructed by combining a task process safety evaluation reference model, a factor logic model, and a safety structure function of a task key event in a task process. Namely, the safety structure functions of the task process safety evaluation benchmark model, the factor logic model and the task key events in the task process are related through the task process safety evaluation comprehensive integration model.
Step 7: state transition trigger mechanism injection. Based on the state trigger mechanism for determining various security influence factors, the state transfer trigger mechanism is injected into the task process security evaluation integrated model, so that the task process security evaluation integrated model has the capability of state dynamic conversion.
In this embodiment, according to the state trigger mechanisms of the determined various security influencing factors, the interrelationships between different states and the state transition trigger mechanisms are injected into the task process security assessment comprehensive integration model by constructing a system state control logic relationship diagram.
Step 8: uncertainty dynamic simulation analysis. And carrying out uncertainty dynamic simulation analysis based on the task process safety evaluation comprehensive integrated model after the injection state transfer trigger mechanism to obtain an uncertainty dynamic simulation result.
In this embodiment, the uncertainty dynamic simulation analysis includes, but is not limited to: task critical event uncertainty simulation analysis and task process safety evaluation comprehensive integrated model based process uncertainty simulation analysis of space man-machine system tasks.
Sub-step 81, task key event uncertainty simulation analysis.
81A) For a mission critical event E k, randomly sampling n (n is greater than or equal to h+m+k) factors by using a Latin Hypercube Sampling (LHS) method in a single simulation interval. Resulting in the time at which each factor fails (or state transitions). The sample value of the failure state transition time of the ith factor is as follows: t i=Fi -1 (η). In the jth simulation run, the ith factor state transition time may be denoted as t ij, then: t ij=Fi -1(ηij); where η ij is the random number of the ith factor randomly sampled in the jth simulation. The j-th sampling of the mission critical event E k can be calculated by the random numbers of all factors, namely:
81b) After sampling N times, can obtain By/>The time at which the mission critical event E k failed (or state transition) is obtained.
81C) Assuming the j-th simulation, sampling yields a failure time of n factors: t 1j,t2j,...,tij,...,tnj; the factor failure times are ordered from small to large.
81D) From the state of the mission-critical event E k at the time of the small-to-large check failure time, it is determined whether the mission-critical event E k fails, and when the mission-critical event E k fails, it is possible to determine the sampling value t Sj of the failure time of the mission-critical event E k.
81E) According to 81 d), the time of each factor failure before the failure of the mission-critical event E k can be obtained, so that a time sequence diagram of the state transition of the related factor of the failure of the mission-critical event E k can be determined.
81F) After the running of the simulation for N times, the time to failure t kj of mission critical event E k (j=1, 2, once again, n.).
In a substep 82, the process uncertainty simulation analysis of the spatial man-machine system task of the comprehensive integrated model is evaluated based on the task process safety.
Based on the sub-step 81, simulation analysis is performed on the safety comprehensive integrated model through an uncertainty simulation method, so that occurrence probabilities of different safety states in the human-computer system task process and important sequences of safety critical task events, the human-computer system critical states and related basic events affecting astronauts are obtained, and an analysis basis is provided for calculating safety indexes of the human-computer system and determining safety affecting factors affecting the human-computer system.
Step 9: and determining the task safety index of the space man-machine system. And according to the uncertainty dynamic simulation result, analyzing the space man-machine system task safety simulation result to obtain the space man-machine system task safety index.
In the embodiment, according to the uncertainty dynamic simulation result obtained in the step 8, the safety life ζ of the system is made to be a random variable; and according to the failure times of the N simulation systems, calculating and obtaining the security improvement quantized value, the failure probability distribution and the security importance of the space man-machine system.
The security improvement quantization value R s (t) is:
The failure probability distribution P s (t) is:
where n (t- Δt/2) represents the number of failures of the system during (t- Δt/2), and n (t+Δt/2) represents the number of failures of the system during (t+Δt/2).
The security importance D (eta) is as follows:
Wherein D (eta) represents the safety importance of the safety influencing factor eta, n (eta) represents the number of system failures caused by the failure of the safety influencing factor eta, Indicating the total number of failures of all security influencing factors. When D (η) is 1, this means that as long as this factor fails once, the system must fail due to its failure. To improve system security, attention should be paid to those factors of greater importance.
In summary, the space man-machine system task safety comprehensive modeling and dynamic simulation method integrates human factors, machine factors (software and hardware equipment factors) and environmental factors, simulates the state migration characteristics and the uncertainty of the system safety state under the triggering action of different factors, can develop the simulation analysis of the system safety of human, machine and ring three-element coupling, and is different from the traditional system safety simulation aiming at machine factors alone.
Based on the above embodiments, a space station load transfer subsystem during the implementation of a space station engineering task will be described in detail below as an example.
Step one, analyzing the composition of the space man-machine system, and determining safety influencing factors in the task process of the space man-machine system: human factors, software and hardware device factors, and environmental factors.
In the task execution process of the space station load transfer subsystem (Space Station Payload Transfer Subsystem, SSPTS) for carrying out a typical space man-machine system, as shown in fig. 2, the factors involved in task execution include: the system comprises an astronaut A, an astronaut B, a load transfer subsystem software and hardware device and an internal and external environment where space load transfer tasks are carried out.
For executing the space station load transfer task, the space man-machine system for completing the corresponding task is composed of a spaceman A, a spaceman B and load transfer subsystem software and hardware equipment, and a certain instruction information interaction process exists between the ground control center and the spaceman A, B when necessary. Therefore, when corresponding tasks are executed, three types of factors including human factors, machine factors and environmental factors are involved. Taking the space load entering and exiting space station task process as an example, three types of factors are analyzed as shown in the following table 1:
TABLE 1 analysis Table for human-computer system composition during space load entering and exiting space station task
And step two, task process analysis of the space man-machine system, and constructing a task process safety evaluation reference model of the space man-machine system from a task angle.
According to the analysis table of the man-machine system composition of the space load entering and exiting space station task process obtained in the step (one), according to the sequence relation of the space man-machine system task process, the task process of one time space load entering and exiting space station can be known to involve 5 sequentially executed actions of unlocking the unlocking mechanism, installing space load, extending the telescopic mechanism, retracting the telescopic mechanism, rotating the rotating mechanism and the like, so that an event tree model can be adopted to model a task process safety evaluation reference model, and the task process safety evaluation reference model is shown in fig. 3.
Based on a security reference model, analyzing task mode migration conditions possibly caused by unsuccessful task of a stage, wherein task mode migration caused by unsuccessful installation space load is considered, and analyzing two conditions:
case 1: the load of the installation space is unsuccessful, the follow-up task is stopped after judging that the follow-up task is not likely to be continuously executed, and the task mode is migrated to the stopping state.
Case 2: the load of the installation space is unsuccessful, and after the proper maintenance is judged, the load action of the installation space can be continuously executed, and after the task enters a maintenance state and is recovered, the subsequent task is continuously executed. Because of the many task mode migration situations, the example only considers the task mode migration situations caused by unsuccessful installation space loads.
After the safety reference model construction and the task mode migration condition analysis are completed, the next step is entered.
And step three, performing factor logic model construction, and developing logic model construction aiming at human factors, machine factors and environmental factors of a human-machine system.
Based on the task process safety evaluation reference model in the step (II), analyzing safety characteristics of each intermediate event of the task process safety evaluation reference model, respectively carrying out logic model construction on factors of people, factors of machines and environmental factors, and carrying out logic model construction taking unlocking of the intermediate event by an unlocking mechanism as an example.
(31) Constructing a factor logic model of a person:
modeling basic events related to the operation of the astronaut, and calculating to obtain the probability distribution of the basic events related to the specific operation process of the astronaut by using related basic data. For the present example, each stage involves an astronaut operation, and the basic operation process related to the person is shown in table 1. The method in the embodiment can obtain the human factor reliability uncertainty distribution map of the basic operation process related to the human in each stage, and the modeling of the human factor in each stage can provide a basis for the modeling of the task process safety evaluation comprehensive integration model of the follow-up space human-machine system. From the analysis, it is possible to obtain the human reliability uncertainty distribution map of the basic operation process related to the human, such as the unlocking mechanism, the load of the installation space, the extension of the telescopic mechanism, the retraction of the telescopic mechanism and the rotation of the rotary mechanism, as shown in fig. 4 (a) to 4 (e).
(32) Factor logic model of building machine:
In the embodiment, the machine is a space station load transfer subsystem, and a logic model among factors of the machine mainly characterizes association relations and fault logic relations among all components of the subsystem, so that the factors of the machine are modeled by building the logic model. As shown in fig. 5, the space station load transfer subsystem in this embodiment is composed of a telescopic mechanism, a rotary mechanism and related controller modules, and based on this composition and the task process working procedure, a logical model between the factors of the machine can be constructed, as shown in fig. 6. When a factor logic model of the machine is constructed, the influence of environmental disturbance and human errors on the machine needs to be considered, including the determination of the fault mode of the machine under special environmental conditions and the possible fault influence on the machine under human errors, and the determination of the possible fault mode. The failure mode of the machine is related to a basic operation process related to a person, and the failure mode related to the person is not considered for a process without participation of the person. If a person participates in the process, the factors of the person and the factors of the machine are required to be overlapped, and a person-machine logic overlapping model under the condition of the person and the machine is obtained. Taking the related action process of space load installation (stage) ("carrying out action→carrying out installation action→successfully judging installation action") as an example, analysis is carried out, when the astronaut A carries out the carrying action, errors occur, carrying load collides with the telescopic mechanism, so that the control part micro-switch has a problem, and the telescopic mechanism capable of correctly executing tasks under normal working conditions cannot complete the subsequent telescopic transfer function of the load due to the collision.
(33) Constructing a factor logic model of the environment:
Generally, the environment in which the space man-machine system is located includes the in-orbit spacecraft interior environment (in-cabin) and the spacecraft exterior environment (out-of-cabin). Wherein the external environment affects the outside-cabin activities (EVA) of the astronaut, while the inside-cabin environment affects the inside-cabin and outside-cabin activities of the astronaut, since the outside-cabin activities are usually matched by the inside-cabin activities.
Environmental factors refer to abnormal environmental conditions (e.g., gradual or abrupt environments) that affect the performance of a person, which can affect the performance of the person's operation through visual, audible, tactile, etc. changes. The factor logic model of the environment is used for describing the basic conditions of the internal and external environments when a specific task occurs, and mainly relates to the physical environment in a task implementation scene, the conditions of a man-machine interaction interface in an operation process and the like. The environment factor logic model is constructed by mainly adopting a Markov model-based method.
In order to better realize the modeling of environmental factors, the consideration of environmental mutation is increased on the basis of a Markov model, and a Markov model triggered based on the factor mutation is provided for the modeling process of the environmental factors.
Firstly, for defining the random variable X i(t)=0、Xi(t)=1j、Xi(t)=2k、Xi (t) =3l and Y i (t) ∈ {2k→m,1j→m }, the accurate definition of the random variable is shown in the specification. And according to the environment factor change condition, an environment factor Markov reference model is constructed, and the extension of the telescopic mechanism is described by taking extension of the telescopic mechanism as an example, and the extension of the telescopic mechanism relates to the cabin outside environment, wherein the cabin inside environment influences the operation process of people, and the cabin outside environment influences the telescopic action of the telescopic mechanism.
Then, according to the specific action process of extending the telescopic mechanism (working condition judgment, sending a telescopic instruction and executing telescopic action by the telescopic mechanism), the two actions of judging the working condition and sending the telescopic instruction are taken as examples, and the environment in the cabin is influenced. According to a specific action process, an environment-action influence analysis matrix is constructed, and an environment factor Markov reference model is constructed through matrix analysis, as shown in FIG. 7. Wherein Y i (t) ∈ {2k→m,1j→m } belongs to the content in step (four) of the state transition trigger mechanism, and the variable does not directly enter the environment state transition Markov reference model.
Finally, the environmental state is modeled by means of a state transition diagram. And determining an environment state transition matrix through the environment state transition relation. Taking the example shown in fig. 7 as an example, the environmental state transition matrix is as follows.
Wherein p mnq (t) represents the environmental state transition probability at the time t, m represents the current state, the initial value is 0, n represents the possible state of the environment in the next Δt time, q represents whether to carry out corresponding maintenance operation or other emergency operation in the current state, and q is defaulted to 0 under the condition of a reference model.
The analysis of the change trend of the environmental factors under the reference model can be completed by constructing the environment state transfer relation matrix, and the influence of the environment change state on the human and the machine can be determined by establishing the influence matrix of the environmental factors on the human and the machine, particularly in the substep (43) in the step (four).
And step four, analyzing the system safety state and the transfer trigger mechanism, respectively developing analysis of three factor state transfer mechanisms of the man-machine system, and determining the three factor state trigger mechanisms. Specific:
(41) Human factor state trigger mechanism: taking the "condition judgment" action as an example, the possible results of the action are analyzed, as the result states which can be generated when the person executes the action, as the state transitions which can be caused by the "condition judgment" action, the states which can be caused by the action are divided into two types: the working condition judgment is successful and the working condition judgment is failed.
41A) According to the operation situation, the probability distribution of human errors is obtained, whether human errors occur is determined through Monte Carlo simulation analysis, taking fig. 4 (a) as an example, when the sampling is in the distribution range, the human errors are considered not to occur, and when the sampling is out of the range, the human errors are considered to occur.
41B) When the human is not in error, the analysis of human factors is jumped out; otherwise go to 41 a).
41C) When the misinformation of the person occurs, the internal influence of the team (the comprehensive performance of the individual and the team and the corresponding probability distribution of the misinformation of the person) and the influence of the task event action and the machine (namely the software and hardware system) are analyzed, and the probability of the cognitive decision and the misinformation of the person and the probability of the failure, the failure or the misoperation of the machine (namely the software and hardware system) are calculated.
Taking the distribution of fig. 4 (a) as an example, as shown in the following table 2, the factor state trigger condition of a person under the condition of 10 times of monte carlo simulation is given. When the number of simulation times is enough, the factor state triggering condition of the person is more similar to the real condition. By carrying out sampling simulation on different actions of people, the state transition condition of the actions of all people in the task process can be obtained.
| Number of simulations | State transition condition | Number of simulations | State transition condition |
| 1 | Not triggered | 6 | Not triggered |
| 2 | Not triggered | 7 | Not triggered |
| 3 | Not triggered | 8 | Not triggered |
| 4 | Not triggered | 9 | Triggering state transitions |
| 5 | Not triggered | 10 | Not triggered |
TABLE 2 schematic form of simulation times and human factor status triggering
(42) Factor state trigger mechanism of machine: taking the specific action process of extending the telescopic mechanism as an example, wherein the factor change of the machine is directly related to the working process of the hardware equipment, and the telescopic mechanism is analyzed to execute telescopic action.
42A) According to the working environment, the telescopic mechanism is firstly judged to execute telescopic action state conversion to comprise normal state and fault state (the condition of function degradation is not considered here), and when the machine fault can cause environmental state change, the influence of the machine on the environment can be determined according to the fault mode influence of the machine.
42B) According to the influence of the machine, the influence of simulation analysis on the environment is carried out, the real-time environment state is obtained through environment simulation, and the fault of the telescopic mechanism of the manned spacecraft has no influence on the environment, so that the problem is not considered.
42C) Based on the state of the machine and the environmental state (only the state of the machine is considered here), when the state of the machine is not triggered, simulation has no state change, and the change condition of human factors is only related to the human body; when the state of the machine is triggered and transferred, the human factor change is directly related to the state of the machine, the simulation analysis is carried out according to the human factor modeling method, and the result is fed back to the task process safety evaluation reference model in the step (two).
Because the hardware device state transition trigger simulation algorithm is a well-known content, only the Monte Carlo simulation times of the telescopic mechanism executing the telescopic action and the factor state trigger condition of the machine are given here, as shown in the following table 3:
| Number of simulations | State transition condition | Number of simulations | State transition condition |
| 1 | Not triggered | 6 | Not triggered |
| 2 | Not triggered | 7 | Not triggered |
| 3 | Triggering state transitions | 8 | Not triggered |
| 4 | Not triggered | 9 | Triggering state transitions |
| 5 | Not triggered | 10 | Not triggered |
TABLE 3 schematic form of simulation times and factor (telescopic mechanism executing action) state triggering conditions of machine
(43) Factor state trigger mechanism of environment: and determining the trend of the environmental change through a factor logic model of the environment according to the situation.
43A) Defining a random variable Y i (t) ∈ {2k → m,1j → m }, wherein the state represents the process of restoring the environmental state through maintenance operation and other emergency operations in the interval of time t+Δt, and the possible environmental state after restoration is 2k, 1j or 0 state.
43B) Based on the environmental state transition reference model obtained in the sub-step (33) in the step (three), the reference model is expanded by considering factor mutation triggering to form an environmental factor Markov comprehensive expansion model, and the model is added with the influence of a random variable Y i (t) epsilon {2 k- & gt m,1 j- & gt m } on the environmental state on the basis of fig. 7, as shown in fig. 8. The effect of the random variable Y i (t) on the environmental state can be seen from fig. 8.
TABLE 4 environmental-action impact analysis matrix schematic table
As shown in table 4, assuming that the state transition probability between the environment state variables is obtained through an experimental or statistical mode, the probability that the environment state where the environment state is located at a certain moment t is possibly obtained through the transition probability of the environment state variables, and then the uncertainty distribution of the human operation process (such as working condition judgment and telescopic instruction sending) is obtained through calculation according to a multi-factor coupled space human factor reliability uncertainty analysis method; the capability of realizing the functions of the hardware equipment (namely, the reliability of the hardware equipment for completing the given actions) can be obtained through the sensitivity degree of the hardware equipment to the environment change and the influence of the environment state on the function realization of the hardware equipment.
And fifthly, constructing a safety structure function of a mission critical event in the mission process of the space man-machine system.
On the basis of defining relevant bottom events and trigger mechanisms of a task key event E k in a task process of a space man-machine system, analyzing the safety characteristics of the task key event, modeling the task process of the man-machine system in a layered modeling mode, defining a man-machine system state change structure function related to the task key event in the task process, and under the condition of introducing time parameters, expressing the safety structure function of E k asWherein/>For a vector of x ki (t),X ki (t) represents a state variable of the mission critical event E k with the i-th basic event, i=1, 2,..n.
Taking the "condition determination" action as an example, hierarchical modeling involves three levels:
(51) The first layer is the determination of the entity object involved in the 'working condition judgment', which comprises people, machines and environments, and the action is set to comprise three basic events: human, machine, environment. Wherein the human factor logic model is modeled according to the substep (31) in the step (three), the machine factor logic model is modeled according to the substep (32) in the step (three), and the environment factor logic model is modeled according to the substep (33) in the step (three).
(52) The second layer is the "working condition judgment" which relates to the cross-linking coupling relation between the entity objects, the cross-linking coupling relation between the entity objects is carried out according to the step (four), and a mechanism for triggering transition of the entity object state is defined.
(53) The third layer is a comprehensive model of the action process of 'working condition judgment', and the comprehensive model of the action process is formed through the cross-linking coupling relation between basic events of people, machines and rings and entity objects, and the action safety structure function of 'working condition judgment' is comprehensively obtained on the basis of definite data input.
And step six, constructing a task process safety evaluation comprehensive integration model of the space man-machine system.
By constructing a task process safety evaluation comprehensive integration model of the space man-machine system, a task process safety evaluation reference model, a factor logic model and a safety structure function (including information such as basic events, entity object state trigger transfer mechanisms and the like) of a task key event in a task process are related.
And step seven, injecting a state transition trigger mechanism.
The task process safety evaluation comprehensive integrated model has the capability of state dynamic conversion through the injection of the state transition trigger mechanism, and the safety states of all levels of the man-machine system, the state transition trigger mechanism and specific execution time can be defined through the simulation times and human factor state trigger condition and the environment-action influence analysis matrix obtained through analysis in the step (four). Wherein, the state trigger time is related to the safety reliability characteristics and probability distribution of the specific simulation process and the specific object; the "environment-action impact analysis matrix" is related to the characteristics of the person and the machine, and corresponding data can be obtained through the experiments of the person and the machine, which are not described herein.
And step eight, performing uncertainty dynamic simulation analysis based on the task process safety evaluation comprehensive integrated model after the injection state transfer trigger mechanism to obtain an uncertainty dynamic simulation result.
And step nine, analyzing the task safety simulation result of the space man-machine system according to the uncertainty dynamic simulation result to obtain the task safety index of the space man-machine system.
Although the present invention has been described in terms of the preferred embodiments, it is not intended to be limited to the embodiments, and any person skilled in the art can make any possible variations and modifications to the technical solution of the present invention by using the methods and technical matters disclosed above without departing from the spirit and scope of the present invention, so any simple modifications, equivalent variations and modifications to the embodiments described above according to the technical matters of the present invention are within the scope of the technical matters of the present invention.
What is not described in detail in the present specification belongs to the known technology of those skilled in the art.
Claims (10)
1. The utility model provides a space man-machine system task security comprehensive modeling and dynamic simulation method which is characterized in that the method comprises the following steps:
Analyzing the composition of the space man-machine system, and determining safety influencing factors in the task process of the space man-machine system: human factors, software and hardware equipment factors and environmental factors; determining a failure distribution function of each security influencing factor;
Analyzing a task process of the space man-machine system, and constructing a task process safety evaluation reference model of the space man-machine system from a task angle;
Based on the safety influence factors, constructing a factor logic model of the space man-machine system; wherein the factor logic model comprises: a human factor logic model, an organic factor logic model, an environmental factor logic model, and a human-machine-loop factor logic model; wherein, the machine refers to software and hardware equipment;
Analyzing the state transition mechanisms of human factors, software and hardware equipment factors and environmental factors, and determining the state trigger mechanisms of various security influence factors;
constructing a safety structure function of a task key event in the task process of the space man-machine system;
Constructing a task process safety evaluation comprehensive integration model of the space man-machine system, and associating a task process safety evaluation reference model, a factor logic model and a safety structure function of a task key event in a task process through the task process safety evaluation comprehensive integration model;
Based on the state trigger mechanisms for determining various security influence factors, the state transfer trigger mechanisms are injected into the task process security evaluation comprehensive integrated model, so that the task process security evaluation comprehensive integrated model has the capability of state dynamic conversion;
Based on the task process safety evaluation comprehensive integration model after the injection state transfer trigger mechanism, performing uncertainty dynamic simulation analysis to obtain an uncertainty dynamic simulation result;
And according to the uncertainty dynamic simulation result, analyzing the space man-machine system task safety simulation result to obtain the space man-machine system task safety index.
2. The comprehensive modeling and dynamic simulation method for task safety of a space man-machine system according to claim 1, wherein,
The space man-machine system S obtained after analysis is represented as follows:
S={H1,H2,...,Hh,M1,M2,...,Mm,E1,E2,...,Ee}
Wherein H i represents the ith person factor, i=1, 2,..h, H represents the total number of person factors; m j denotes the j-th hardware and software device factor, j=1, 2,..m, M denotes the total number of hardware and software device factors; e k denotes the k-th environmental factor, k=1, 2, E, E represents the total number of environmental factors;
The corresponding failure distribution functions for H i、Mj and E k are F Hi(t)、FMj (t) and F Ek (t), respectively.
3. The method for comprehensively modeling and dynamically simulating task safety of a space man-machine system according to claim 2, wherein analyzing task processes of the space man-machine system and constructing a task process safety evaluation reference model of the space man-machine system from a task angle comprises:
According to the sequence relation of the task processes of the space man-machine system, carrying out event tree modeling on the task processes of the space man-machine system to obtain an event tree reference model;
And modeling the task process of the space man-machine system according to the event tree reference model to obtain a task process safety evaluation reference model of the space man-machine system.
4. The method for comprehensive modeling and dynamic simulation of task safety of a space man-machine system according to claim 3, wherein constructing a factor logic model of the space man-machine system based on safety influencing factors comprises:
specifying a human monitoring model and a control path model according to the participation degree of a human in the task process of the space human-machine system, and constructing to obtain a human factor logic model;
determining the logic relationship among all factors of the machine by adopting a classical fault tree, a dynamic fault tree and a Bayesian network, and constructing a factor logic model of the machine;
Constructing a factor logic model of the environment according to the basic conditions of the internal and external environments when each specific task occurs in the task process of the space man-machine system;
Based on the task process safety evaluation reference model, combining a human factor logic model, a machine factor logic model and an environmental factor logic model, determining the interaction and/or coupling logic relationship among the human-machine, the human-ring and the machine-ring, and constructing to obtain the human-machine-ring factor logic model.
5. The comprehensive modeling and dynamic simulation method for task safety of a space man-machine system according to claim 4, wherein the state trigger mechanism of each type of safety influencing factors is as follows:
When human factors change: according to the operation situation, determining a failure distribution function corresponding to human factors, and judging whether a person makes errors or not; when the person is determined not to be lost, skipping out the analysis of the human factors; when the occurrence of mistakes is determined, analyzing the influence inside the team, the influence of task events and the influence of machines, and calculating the probability of cognitive decision and misoperation of the corresponding people and the probability of faults, failures or misoperation of the machines;
When the software and hardware equipment factors change: judging the influence of state transition of the machine on the machine according to the working environment; according to the determined influence of state transition of the machine on the machine, simulating and analyzing the influence on the environment to obtain a real-time environment state; based on the determined influence of state conversion of the machine on the machine and the obtained real-time environment state, human factor analysis is carried out;
When environmental factors change: and analyzing the environmental factor change trigger mechanism, constructing an environmental factor change rule model, and analyzing the environmental factor change trend.
6. The method for comprehensive modeling and dynamic simulation of task security of a space man-machine system according to claim 5, wherein the constructing the security structure function of the task key event in the task process of the space man-machine system comprises:
Determining a task key event E k in the task process of the space man-machine system;
Modeling a task process of the space man-machine system by adopting a layered modeling mode, and defining a state change structure function of the space man-machine system related to a task key event E k in the task process of the space man-machine system to obtain a safety structure function of E k Wherein/>For a vector of x ki (t),X ki (t) represents a state variable of the mission critical event E k with the i-th basic event, i=1, 2,..n.
7. The method for comprehensive modeling and dynamic simulation of task security of a space man-machine system according to claim 6, wherein the step of injecting a state transition trigger mechanism into the comprehensive integration model for task process security assessment based on determining state trigger mechanisms of various security influencing factors comprises:
And injecting the interrelationship among different states and the state transition trigger mechanism into the task process safety evaluation comprehensive integration model by constructing a system state control logic relation diagram according to the state trigger mechanisms of the determined various safety influence factors.
8. The method for comprehensive modeling and dynamic simulation of task security of a space man-machine system according to claim 7, wherein the uncertainty dynamic simulation analysis comprises: task critical event uncertainty simulation analysis and task process safety evaluation comprehensive integrated model based process uncertainty simulation analysis of space man-machine system tasks.
9. The method for comprehensive modeling and dynamic simulation of task safety of a space man-machine system according to claim 8, wherein the step of analyzing the result of the simulation of task safety of the space man-machine system according to the result of the dynamic simulation of uncertainty to obtain the task safety index of the space man-machine system comprises the steps of:
according to the uncertainty dynamic simulation result, making the system safety life xi be a random variable;
and calculating and obtaining the security improvement quantized value, the failure probability distribution and the security importance of the space man-machine system according to the failure times of the N simulation systems.
10. The comprehensive modeling and dynamic simulation method for task safety of space man-machine system according to claim 9, wherein,
The security improvement quantization value R s (t) is:
The failure probability distribution P s (t) is:
Wherein n (t- Δt/2) represents the number of failures of the system during (t- Δt/2), and n (t+Δt/2) represents the number of failures of the system during (t+Δt/2);
the security importance D (eta) is as follows:
Wherein D (eta) represents the safety importance of the safety influencing factor eta, n (eta) represents the number of system failures caused by the failure of the safety influencing factor eta, Indicating the total number of failures of all security influencing factors.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210125439.1A CN114626200B (en) | 2022-02-10 | 2022-02-10 | Space man-machine system task safety comprehensive modeling and dynamic simulation method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210125439.1A CN114626200B (en) | 2022-02-10 | 2022-02-10 | Space man-machine system task safety comprehensive modeling and dynamic simulation method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114626200A CN114626200A (en) | 2022-06-14 |
| CN114626200B true CN114626200B (en) | 2024-05-07 |
Family
ID=81898934
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210125439.1A Active CN114626200B (en) | 2022-02-10 | 2022-02-10 | Space man-machine system task safety comprehensive modeling and dynamic simulation method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114626200B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109766568A (en) * | 2018-11-21 | 2019-05-17 | 中国航天标准化研究所 | A kind of space flight human factors analysis Uncertainty Analysis Method of various factors coupling |
| CN112433609A (en) * | 2020-11-19 | 2021-03-02 | 北京航空航天大学 | Multi-subject-based information level human-computer interaction security modeling method |
| CN113592311A (en) * | 2021-08-02 | 2021-11-02 | 中国船舶工业综合技术经济研究院 | Method for selecting human factors for complex man-machine system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7774293B2 (en) * | 2005-03-17 | 2010-08-10 | University Of Maryland | System and methods for assessing risk using hybrid causal logic |
-
2022
- 2022-02-10 CN CN202210125439.1A patent/CN114626200B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109766568A (en) * | 2018-11-21 | 2019-05-17 | 中国航天标准化研究所 | A kind of space flight human factors analysis Uncertainty Analysis Method of various factors coupling |
| CN112433609A (en) * | 2020-11-19 | 2021-03-02 | 北京航空航天大学 | Multi-subject-based information level human-computer interaction security modeling method |
| CN113592311A (en) * | 2021-08-02 | 2021-11-02 | 中国船舶工业综合技术经济研究院 | Method for selecting human factors for complex man-machine system |
Non-Patent Citations (1)
| Title |
|---|
| 基于动态故障树与蒙特卡罗仿真的保护系统动态可靠性评估;戴志辉;王增平;焦彦军;;中国电机工程学报;20110705(第19期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114626200A (en) | 2022-06-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Parhizkar et al. | Supervised dynamic probabilistic risk assessment of complex systems, part 1: general overview | |
| CN104679650A (en) | Method for evaluating credibility of software architecture oriented models | |
| Alibrandi | Risk-informed digital twin of buildings and infrastructures for sustainable and resilient urban communities | |
| Ferrario et al. | Assessing nuclear power plant safety and recovery from earthquakes using a system-of-systems approach | |
| Lee et al. | Development of the machine learning-based safety significant factor inference model for diagnosis in autonomous control system | |
| CN112507608A (en) | Security simulation method and device for space human-computer interaction system | |
| Mkhida et al. | Integration of intelligent sensors in Safety Instrumented Systems (SIS) | |
| CN111830861A (en) | Deduction method and system for spacecraft task planning | |
| CN114626200B (en) | Space man-machine system task safety comprehensive modeling and dynamic simulation method | |
| Chen et al. | A fault propagation modeling method based on a finite state machine | |
| Singh et al. | Impact analysis of change in component reliabilities in safety‐critical systems | |
| Guiotto et al. | SMART-FDIR: Use of Artificial Intelligence in the Implementation of a Satellite FDIR | |
| Nozhenkova et al. | Creation of the base of a simulation model’s precedents for analysis of the spacecraft onboard equipment testing results | |
| CN111079227A (en) | Health assessment modeling method for spacecraft thermal control function system | |
| Contini et al. | Sensitivity analysis for system design improvement | |
| Espinosa-Paredes et al. | Modeling of the High Pressure Core Spray Systems with fuzzy cognitive maps for operational transient analysis in nuclear power reactors | |
| US10997513B1 (en) | Dynamic, risk informed decision support systems and methods | |
| Nardone et al. | Probabilistic model checking applied to autonomous spacecraft reconfiguration | |
| CN112784446A (en) | BDI-based multi-subject full-factor security modeling method | |
| Collins et al. | Prognostic models based on statistical flowgraphs | |
| Zhu | Integrating software behavior into dynamic probabilistic risk assessment | |
| CN111625900A (en) | Helicopter system task reliability simulation calculation method | |
| CN117852873A (en) | Teleoperation task reliability safety evaluation method based on IDPAC | |
| Núñez-Carrera et al. | Failure analysis of the standby liquid control system for a boiling water reactor with fuzzy cognitive maps | |
| Chen | Research on RMS Integrated Modeling and Simulation Method of the Reconfigurable System Based on GSPN and Monte Carlo |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |