Search Results

Fault tree analyses and the associated safety assessment process plays an essential role in demonstrating acceptable avionic system compliance to the system safety requirements derived from safety related regulations associated with the civil aircraft certification process (e.g. 14CFR/CS §25.1309). SAE ARP4754A and SAE ARP4761 are established industry guidelines for the safety process and fault tree methodology applicable to civil aircraft certification based on techniques which have now been in use for decades. System model-based techniques, used for some time in system and software development, are now being applied in the safety assessment process. These system behavior models of functions with their associated dependencies and assignments have been supplemented with failure modes and effects to “automatically” generate fault tree like outputs. These system model-based fault trees are intended to become integral to the safety assessment process.

Current communication architectures in the aircraft cabin are mostly proprietary and limited to the boundaries of the diverging systems, i.e. existing cabin systems operate mostly isolated from each other. Modern system design, however, requires a shared communication platform in order to enable novel services by means of a contract-based data and information exchange. Data-driven predictive maintenance applications are one example for which the fundamentals are studied intensively, but its integration into a multi-system environment with respect to communication requirements is often neglected. As the aircraft cabin is a highly dynamic environment with changing air pressure, humidity, temperature, and flight attitude, context information is needed in order to get meaningful predictions for e.g. the Remaining Useful Life (RUL) of a system, component or item.

Avionics equipment, especially for safety-critical systems, is developed by means of a series of design steps, propagating and refining requirements through a number of hierarchical levels, from the aircraft level, through system and sub-system levels, down to equipment, subassemblies and individual components (see SAE ARP4754A [11]). At each development level, accompanying safety assessments (e.g. per SAE ARP4761 [12]) are performed to derive safety requirements which ensure compliance to the overall safety requirements determined by the aircraft and systems functional hazard assessments (FHAs). The safety related requirements of all development levels flow through the process down into the individual equipment specifications and are ultimately implemented in the equipment design where the design data is approved for the certificated aircraft (or engine) type. The equipment production process builds the equipment according to this approved design data.

Simulation of avionics equipment is essential due to the complex nature of its development and integration process. Throughout the development process, executable component models are used to demonstrate the feasibility and the compliance of the system design with respect to its functional requirements. In later development phases, there is the need for system integration tests where a mix of real and simulated equipment is used to verify the overall system behavior. Since Boeing 777 and Airbus A380 programs, IMA1 technology has entered several civil aircraft systems. In recent programs like Boeing 787 and Airbus A350 the number of IMA components has significantly increased. In this paper we present a simulation model for a new IMA component - the common Remote Data Concentrator (CRDC)2, which is developed by Thales-Diehl for the Airbus A350 XWB. Building simulation models of IMA components is in general a challenging task due to their complexity on both software and hardware level.