Hazard Analysis of Collaborative Automation Systems: A Two-layer Approach based on Supervisory Control and Simulation

TL;DR

This paper introduces a two-layer hazard analysis method for safety-critical collaborative automation systems, combining formal supervisory control synthesis with detailed simulation-based risk assessment to improve hazard detection.

Contribution

It presents a novel hybrid approach that integrates formal methods and simulation for comprehensive hazard analysis of complex systems.

Findings

Effective hazard identification in industrial human-robot systems

Enhanced safety analysis through combined formal and simulation methods

Potential reduction in hazard analysis costs and risks

Abstract

Safety critical systems are typically subjected to hazard analysis before commissioning to identify and analyse potentially hazardous system states that may arise during operation. Currently, hazard analysis is mainly based on human reasoning, past experiences, and simple tools such as checklists and spreadsheets. Increasing system complexity makes such approaches decreasingly suitable. Furthermore, testing-based hazard analysis is often not suitable due to high costs or dangers of physical faults. A remedy for this are model-based hazard analysis methods, which either rely on formal models or on simulation models, each with their own benefits and drawbacks. This paper proposes a two-layer approach that combines the benefits of exhaustive analysis using formal methods with detailed analysis using simulation. Unsafe behaviours that lead to unsafe states are first synthesised from a formal model of the system using Supervisory Control Theory. The result is then input to the simulation where detailed analyses using domain-specific risk metrics are performed. Though the presented approach is generally applicable, this paper demonstrates the benefits of the approach on an industrial human-robot collaboration system.