CN112947370B - Safety analysis method and system for steam boiler system - Google Patents

Safety analysis method and system for steam boiler system Download PDF

Info

Publication number
CN112947370B
CN112947370B CN202110148981.4A CN202110148981A CN112947370B CN 112947370 B CN112947370 B CN 112947370B CN 202110148981 A CN202110148981 A CN 202110148981A CN 112947370 B CN112947370 B CN 112947370B
Authority
CN
China
Prior art keywords
model
steam boiler
event
boiler system
mapping
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN202110148981.4A
Other languages
Chinese (zh)
Other versions
CN112947370A (en
Inventor
陈祖希
谭兴
骆翔宇
梅萌
郑黎晓
徐中伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shubairui Xiamen Information Technology Co ltd
Huaqiao University
Original Assignee
Shubairui Xiamen Information Technology Co ltd
Huaqiao University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shubairui Xiamen Information Technology Co ltd, Huaqiao University filed Critical Shubairui Xiamen Information Technology Co ltd
Priority to CN202110148981.4A priority Critical patent/CN112947370B/en
Publication of CN112947370A publication Critical patent/CN112947370A/en
Application granted granted Critical
Publication of CN112947370B publication Critical patent/CN112947370B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B23/00Testing or monitoring of control systems or parts thereof
    • G05B23/02Electric testing or monitoring
    • G05B23/0205Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults
    • G05B23/0218Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults characterised by the fault detection method dealing with either existing or incipient faults
    • G05B23/0243Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults characterised by the fault detection method dealing with either existing or incipient faults model based detection method, e.g. first-principles knowledge model
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B2219/00Program-control systems
    • G05B2219/20Pc systems
    • G05B2219/24Pc safety
    • G05B2219/24065Real time diagnostics

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Automation & Control Theory (AREA)
  • Control Of Steam Boilers And Waste-Gas Boilers (AREA)

Abstract

本发明公开了一种蒸汽锅炉系统的安全分析方法及系统,本发明通过对蒸汽锅炉系统的控制结构和控制流程分析,获得控制结构的分析结果到控制流程的映射关系和蒸汽锅炉系统到Event‑B模型的建模元素的映射关系,进而建立了用于蒸汽锅炉系统的安全预防的初始的Event‑B模型,并进一步对初始的Event‑B模型进行了修正,利用修正后的Event‑B模型进行蒸汽锅炉系统的安全性的预防,实现了蒸汽锅炉系统的安全预防。

Figure 202110148981

The invention discloses a safety analysis method and system for a steam boiler system. By analyzing the control structure and control process of the steam boiler system, the invention obtains the mapping relationship between the analysis result of the control structure and the control process and the steam boiler system to the Event‑ The mapping relationship of the modeling elements of the B model, and then the initial Event-B model for the safety prevention of the steam boiler system is established, and the initial Event-B model is further revised, and the revised Event-B model is used. The safety prevention of the steam boiler system is carried out, and the safety prevention of the steam boiler system is realized.

Figure 202110148981

Description

Safety analysis method and system for steam boiler system
Technical Field
The invention relates to the field of safety management, in particular to a safety analysis method and a safety analysis system for a steam boiler system.
Background
The steam boiler system refers to an industrial boiler system which heats water to certain parameters and produces high-temperature steam, the water is heated in a boiler barrel to be changed into steam, and the fire gives out heat in a hearth, namely the principle of the steam boiler. Such systems are of great value and, once malfunctioning, have a significant impact on the surrounding environment, industrial production and social life, and therefore their safety issues have been a focus of attention in the field. Related safety analysis may be performed on the systems before development, but the safety analysis cannot prevent unsafe conditions from happening, and once the systems are out of control, serious consequences such as casualties, property loss and the like can be caused. How to realize the safety prevention of the steam boiler system becomes a technical problem to be solved urgently.
Disclosure of Invention
The invention aims to provide a safety analysis method and a safety analysis system of a steam boiler system, so as to realize safety prevention of the steam boiler system.
In order to achieve the purpose, the invention provides the following scheme:
a safety analysis method of a steam boiler system, the analysis method comprising the steps of:
drawing a control structure block diagram of the steam boiler system according to the function and control action of each component of the steam boiler system;
analyzing the potential failure mode and failure consequence of the steam boiler system according to the control structure block diagram, and establishing an analysis result list containing a failure mode, failure component level influence, failure system level influence, failure reason and countermeasure;
according to the analysis result list, establishing a mapping relation from the analysis result to a control process of the steam boiler system as a first mapping relation;
establishing a mapping relation from the steam boiler system to a modeling element of the Event-B model as a second mapping relation according to the analysis result list and the first mapping relation;
establishing an initial Event-B model for safety prevention of the steam boiler system according to the analysis result list, the first mapping relation and the second mapping relation;
correcting the initial Event-B model to enable the corrected Event-B model to meet the functional requirements of the steam boiler system;
and performing safety prevention on the steam boiler system by using the corrected Event-B model.
Optionally, the control process of the steam boiler system comprises a sensing phase, a detection phase, a control phase and a prevention phase.
Optionally, the first mapping relationship includes: mapping of failure modes and failure causes to sensing phases, mapping of failure system level effects to detection phases, mapping of failure system level effects to safety invariants, mapping of countermeasures to stop modes and degraded modes.
Optionally, the second mapping relationship includes: mapping relation of variables, constants and invariants from the sensing phase to the Event-B model; mapping from the detection phase to the prevention phase; and mapping relations from the detection phase, the security invariance of the Event-B model, the degradation mode and the stop mode to the sensing phase.
Optionally, the initial Event-B model is modified, so that the modified Event-B model meets the functional requirements of the steam boiler system, and the method specifically includes:
judging whether the initial Event-B model meets the functional requirements of a steam boiler system or not, and obtaining a first judgment result;
if the first judgment result shows yes, judging whether the initial Event-B model corresponds to the analysis result list or not, and obtaining a second judgment result;
if the first judgment result shows that the initial Event-B model cannot meet the functional requirements or the second judgment result shows that the initial Event-B model cannot meet the functional requirements, the modeling elements corresponding to the non-corresponding parts in the analysis result list are added in the initial Event-B model to obtain an updated initial Event-B model, and the step of 'judging whether the initial Event-B model meets the functional requirements of the steam boiler system to obtain a first judgment result' is returned;
and if the second judgment result shows that the Event-B model is the modified Event-B model, outputting the initial Event-B model updated by the last iteration as the modified Event-B model.
A safety analysis system for a steam boiler system, the analysis system comprising:
the control structure block diagram establishing module is used for drawing a control structure block diagram of the steam boiler system according to the function and the control action of each component of the steam boiler system;
the analysis result list establishing module is used for analyzing the potential failure mode and failure consequence of the steam boiler system according to the control structure block diagram and establishing an analysis result list containing a failure mode, a failure component level influence, a failure system level influence, a failure reason and a countermeasure;
the first mapping relation establishing module is used for establishing a mapping relation from the analysis result to the control process of the steam boiler system according to the analysis result list to serve as a first mapping relation;
the second mapping relation establishing module is used for establishing a mapping relation from the steam boiler system to a modeling element of the Event-B model as a second mapping relation according to the analysis result list and the first mapping relation;
the initial Event-B model establishing module is used for establishing an initial Event-B model for safety prevention of the steam boiler system according to the analysis result list, the first mapping relation and the second mapping relation;
the Event-B model correction module is used for correcting the initial Event-B model so that the corrected Event-B model can meet the functional requirements of the steam boiler system;
and the safety prevention module is used for performing safety prevention on the steam boiler system by using the corrected Event-B model.
Optionally, the control process of the steam boiler system comprises a sensing phase, a detection phase, a control phase and a prevention phase.
Optionally, the first mapping relationship includes: mapping of failure modes and failure causes to sensing phases, mapping of failure system level effects to detection phases, mapping of failure system level effects to safety invariants, mapping of countermeasures to stop modes and degraded modes.
Optionally, the second mapping relationship includes: mapping relation of variables, constants and invariants from the sensing phase to the Event-B model; mapping from the detection phase to the prevention phase; and mapping relations from the detection phase, the security invariance of the Event-B model, the degradation mode and the stop mode to the sensing phase.
Optionally, the Event-B model modification module specifically includes:
the first judgment submodule is used for judging whether the initial Event-B model meets the functional requirements of the steam boiler system or not and obtaining a first judgment result;
the second judgment submodule is used for judging whether the initial Event-B model corresponds to the analysis result list or not if the first judgment result represents yes, and obtaining a second judgment result;
an Event-B model modification submodule, configured to, if the first determination result indicates that the initial Event-B model cannot meet the functional requirements or the second determination result indicates that the initial Event-B model does not meet the functional requirements, add a modeling element corresponding to a non-corresponding part in an analysis result list to the initial Event-B model, obtain an updated initial Event-B model, call the first determination submodule, and perform "determine whether the initial Event-B model meets the functional requirements of the steam boiler system, and obtain a first determination result";
and the corrected Event-B model output submodule is used for outputting the initial Event-B model updated by the last iteration as the corrected Event-B model if the second judgment result shows that the initial Event-B model is positive.
According to the specific embodiment provided by the invention, the invention discloses the following technical effects:
the invention discloses a safety analysis method of a steam boiler system, which comprises the following steps: drawing a control structure block diagram of the steam boiler system according to the function and control action of each component of the steam boiler system; analyzing the potential failure mode and failure consequence of the steam boiler system according to the control structure block diagram, and establishing an analysis result list containing a failure mode, failure component level influence, failure system level influence, failure reason and countermeasure; according to the analysis result list, establishing a mapping relation from the analysis result to a control process of the steam boiler system as a first mapping relation; establishing a mapping relation from the steam boiler system to a modeling element of the Event-B model as a second mapping relation according to the analysis result list and the first mapping relation; establishing an initial Event-B model for safety prevention of the steam boiler system according to the analysis result list, the first mapping relation and the second mapping relation; correcting the initial Event-B model to enable the corrected Event-B model to meet the functional requirements of the steam boiler system; and performing safety prevention on the steam boiler system by using the corrected Event-B model. According to the invention, through analyzing the control structure and the control flow of the steam boiler system, the mapping relation from the analysis result of the control structure to the control flow and the mapping relation from the steam boiler system to the modeling element of the Event-B model are obtained, so that the initial Event-B model for safety prevention of the steam boiler system is further established, the initial Event-B model is further corrected, the corrected Event-B model is utilized to prevent the safety of the steam boiler system, and the safety prevention of the steam boiler system is realized.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings without inventive exercise.
FIG. 1 is a flow chart of a safety analysis method of a steam boiler system according to the present invention;
FIG. 2 is a schematic diagram of a safety analysis method of a steam boiler system according to the present invention;
FIG. 3 is a control block diagram of a steam boiler system according to the present invention;
FIG. 4 is a control process diagram of the steam boiler system provided by the present invention;
FIG. 5 is a first mapping relationship and a second mapping relationship provided by the present invention;
FIG. 6 is a flowchart of modifying an initial Event-B model according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The invention aims to provide a safety analysis method and a safety analysis system of a steam boiler system, so as to realize safety prevention of the steam boiler system.
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in further detail below.
As shown in figures 1 and 2, the invention carries out failure mode and influence analysis and steam boiler system control flow analysis based on the control structure diagram of the steam boiler system, and establishes a mapping relation between the two analysis results and an Event-B modeling element. And then obtaining modeling elements of the Event-B according to the mapping relation and combining an Event-B formalization method to complete the process of establishing and refining the model.
As shown in fig. 1, the present invention provides a safety analysis method of a steam boiler system, the analysis method comprising the steps of:
step 101, drawing a control structure block diagram of the steam boiler system according to the function and control action of each component of the steam boiler system.
Analyzing the steam boiler system, knowing the working mode and the control structure of the system, analyzing the function and the control action of each independent component in the system, and drawing a control structure chart of the system. The system consists of the following units: the system comprises a hearth, a pump, a valve, a sensor for measuring the water quantity of the hearth, a sensor for measuring the steam quantity discharged from the hearth of the steam boiler, a sensor for measuring the water quantity input through the pump and a sensor for measuring the water quantity output through the valve.
The control structure of the steam boiler system is shown in fig. 3.
And 102, analyzing the potential failure mode and failure consequence of the steam boiler system according to the control structure block diagram, and establishing an analysis result list containing the failure mode, the failure component level influence, the failure system level influence, the failure reason and the countermeasure.
Analyzing the potential failure mode and failure consequence analysis of the hardware layer of the steam boiler system according to the control structure diagram of the steam boiler system obtained in the step 101, and recording the analysis result in a form of a table.
The process of analyzing the failure mode and the failure consequence of the system is a bottom-up process, namely, starting from a component in the system, analyzing the influence of the failed component on other components, and then analyzing the influence of the failed component on the whole system. In this way, failure modes of different structural levels or functional levels can be determined, each failure mode can analyze the influence of the failure mode on the previous level and the influence on the whole system, and effective countermeasures after faults occur can be provided after the relevance of component failure and the system is known. The obtained analysis results are tabulated in table 1.
TABLE 1 analysis results List
Figure BDA0002931453560000061
And 103, establishing a mapping relation from the analysis result to the control process of the steam boiler system according to the analysis result list as a first mapping relation.
As shown in fig. 4, the control process of the steam boiler system includes a sensing stage, a control stage, and a prevention stage.
That is, the control process of the steam boiler system can be divided into four phases of cycles, first a sensing phase: reading data by all sensors such as mercury sensors, valve sensors and the like in the steam boiler system; then, a detection stage is carried out: if the value read by the water quantity sensor is inconsistent with the value calculated by the pump, the valve sensor and the steam quantity output sensor, a fault occurs; the following control phase: the steam boiler system completes the operation appointed by a user according to a sensor prediction algorithm in the controller and calculates the prediction value of the next cycle sensing stage according to the value obtained in the current sensing stage and the algorithm in the controller; and finally, a prediction stage: and comparing the predicted value obtained in the control stage with the value read in the next cycle sensing stage, and judging whether the steam boiler system has faults or not according to whether the values are equal or not.
An example of a sensor prediction algorithm is given: suppose the system mathematical model is:
xk+1=Axk+Bukk
zk=Cxk+vk
in the formula xk∈RnIs the system state, uk∈RnFor control input, zk∈RnFor controlled object output, A, B, C is the random variable ω of the system matrix of corresponding dimensionk、υkRepresenting process and measurement noise, respectively, independent of each other, with a normal distribution.
If the sensor measures zk+1If the link is lost due to a link failure caused by radio frequency interference, the predicted sensor data is shown in formula (1), and the algorithm timing is shown in formula (2), so as to ensure that the sensor data is transmitted in time:
Figure BDA0002931453560000071
Figure BDA0002931453560000072
where k +1 is the state prediction, Pk+1Is the error covariance before correction, Z is the sensor measurement, xk∈RnIs the system state.
The new sensor signals in the model prediction based flexible control algorithm are filtered and passed to the controller, and if there is no new sensor data within a time threshold, the algorithm will provide the predicted sensor data and an updated confidence level indicative of the degree of prediction to the controller. If new sensor data Zk+1Arriving after the time threshold, but before the end of the next sample time, is still used to update the current predicted value, as shown in equation (2), if the new value arrives after the next sample, it is considered lost. The basic idea is to discard old data because the new data can more accurately reflect the real situation of the controller. Sensor packet delays and losses in the algorithm are handled in a uniform manner. If continuous sensor measurement values are lost due to link failure, the corresponding continuous sensor prediction values are obtainedCalculated by equation (2).
A mapping relationship from the former to the latter is established according to the analysis result list obtained in the step 102 and the control flow of the steam boiler system, the mapping elements of the former correspond to all the elements of the heading line in the analysis result list, and the mapping elements of the latter comprise the control process of the steam boiler system, and the stop mode and the degradation mode mentioned by the countermeasure in the analysis result list are used for corresponding to the safety invariant mapping elements of the invariant setting in the modeling element of the Event-B model. The specific mapping relationship is established according to the logical relationship between the former mapping element and the latter mapping element as follows: there is a mapping from failure mode, failure cause to sensing phase; there is a mapping from failed component level impact to detection phase; there is a mapping from the failed system level impact to the security invariants; there is a mapping from countermeasures to stop mode and degraded mode.
104, establishing a mapping relation from the steam boiler system to a modeling element of the Event-B model as a second mapping relation according to the analysis result list and the first mapping relation;
continuing to establish a mapping relationship from the steam boiler system to the modeling elements of the Event-B model, wherein the mapping elements of the Event-B model comprise the main modeling elements of the Event-B: variables, constants, invariants, events. The security invariants are used to prove that some requirements are indeed satisfied and thus correspond to the invariants elements in Event-B, and other patterns can be represented by corresponding variables, constants, events according to their functions. The specific mapping relationship is as follows: mapping relation of variables, constants and invariants from the sensing phase to the Event-B model; mapping from the detection phase to the prevention phase; and mapping relations from the detection phase, the security invariance of the Event-B model, the degradation mode and the stop mode to the sensing phase.
The mapping relationship obtained by the establishment is shown in fig. 5.
And 105, establishing an initial Event-B model for safety prevention of the steam boiler system according to the analysis result list, the first mapping relation and the second mapping relation.
And obtaining an Event-B modeling element by utilizing the analysis result list of the step 102 according to the mapping relation of the step 104, and accordingly, completing the establishment of the initial model by using an Event-B formalization method.
The modeling elements of the partial initial Event-B model are shown in tables 2-4.
TABLE 2 Carrier set Table
Carrier set name Definition of vector set The constant comprised by the set of vectors
M1 Pump model ON、OFF
M2 Valve model OPEN、CLOSED
M3 Steam boiler model NORMAL、DEGRADE、Stop
M4 Control model ENV、DET、CON、PRE
TABLE 3 VARIABLE-METER
Figure BDA0002931453560000092
TABLE 4 constant value table
Figure BDA0002931453560000091
Figure BDA0002931453560000101
Invariance:
Inv1.1:
Figure BDA0002931453560000102
Inv1.2:
Figure BDA0002931453560000103
inv1.1 indicates that the pump door is closed when the valve is in the open state; inv1.2 indicates that the valve must be closed when the pump door is open. These two invariants correspond to the functional requirement FUN-2. The proof of these two invariants is done in the model to complete the proof of the functional requirement FUN-2.
And step 106, correcting the initial Event-B model to enable the corrected Event-B model to meet the functional requirements of the steam boiler system.
The invention completes the refinement process of the models according to the specific functional requirements of the steam boiler system, and completes the certification obligations of the models and generates executable codes to complete the development of the steam boiler system by using a theorem certifier on a Rodin platform.
The initial Event-B model is refined according to the functional requirements of the steam boiler system until all functional requirements are met and the Event-B model can handle the list of analysis results from step 102. Wherein the functional requirements of the steam boiler system are shown in table 5.
TABLE 5 functional requirements Table for steam boiler System
ID Demand for
FUN-1 The system should rely on the predicted value of water level to detect whether the water level is within the safe limit
FUN-2 The pump and valve cannot be operated simultaneously
FUN-3 The valve being openable only before the start of operation
FUN-4 When the water level reaches the safety limit, the operation should be carried out in time
If the modeling elements of the initial Event-B model are not enough to describe the functional requirements of the steam boiler system, the modeling elements such as carrier sets, constants, variables, events and the like are continuously added to meet the functional requirements of the system.
Specifically, as shown in fig. 6, the modifying the initial Event-B model to make the modified Event-B model satisfy the functional requirements of the steam boiler system specifically includes: judging whether the initial Event-B model meets the functional requirements of a steam boiler system or not, and obtaining a first judgment result; if the first judgment result shows yes, judging whether the initial Event-B model corresponds to the analysis result list or not, and obtaining a second judgment result; if the first judgment result shows that the initial Event-B model cannot meet the functional requirements or the second judgment result shows that the initial Event-B model cannot meet the functional requirements, the modeling elements corresponding to the non-corresponding parts in the analysis result list are added in the initial Event-B model to obtain an updated initial Event-B model, and the step of 'judging whether the initial Event-B model meets the functional requirements of the steam boiler system to obtain a first judgment result' is returned; and if the second judgment result shows that the Event-B model is the modified Event-B model, outputting the initial Event-B model updated by the last iteration as the modified Event-B model.
All of the proof obligations generated at step 106 are completed using a theorem prover on the Rodin platform and executable code is generated.
And step 107, performing safety prevention on the steam boiler system by using the corrected Event-B model.
A safety analysis system for a steam boiler system, the analysis system comprising:
and the control structure block diagram establishing module is used for drawing a control structure block diagram of the steam boiler system according to the function and the control action of each component of the steam boiler system.
And the analysis result list establishing module is used for analyzing the potential failure mode and failure consequence of the steam boiler system according to the control structure block diagram and establishing an analysis result list containing a failure mode, a failure component level influence, a failure system level influence, a failure reason and a countermeasure.
And the first mapping relation establishing module is used for establishing a mapping relation from the analysis result to the control process of the steam boiler system according to the analysis result list to serve as a first mapping relation.
The control process of the steam boiler system comprises a sensing stage, a detection stage, a control stage and a prevention stage.
The first mapping relationship comprises: mapping of failure modes and failure causes to sensing phases, mapping of failure system level effects to detection phases, mapping of failure system level effects to safety invariants, mapping of countermeasures to stop modes and degraded modes.
And the second mapping relation establishing module is used for establishing a mapping relation from the steam boiler system to a modeling element of the Event-B model as a second mapping relation according to the analysis result list and the first mapping relation.
The second mapping relationship comprises: mapping relation of variables, constants and invariants from the sensing phase to the Event-B model; mapping from the detection phase to the prevention phase; and mapping relations from the detection phase, the security invariance of the Event-B model, the degradation mode and the stop mode to the sensing phase.
And the initial Event-B model establishing module is used for establishing an initial Event-B model for safety prevention of the steam boiler system according to the analysis result list, the first mapping relation and the second mapping relation.
And the Event-B model correction module is used for correcting the initial Event-B model so that the corrected Event-B model meets the functional requirements of the steam boiler system.
The Event-B model modification module specifically comprises: the first judgment submodule is used for judging whether the initial Event-B model meets the functional requirements of the steam boiler system or not and obtaining a first judgment result; the second judgment submodule is used for judging whether the initial Event-B model corresponds to the analysis result list or not if the first judgment result represents yes, and obtaining a second judgment result; an Event-B model modification submodule, configured to, if the first determination result indicates that the initial Event-B model cannot meet the functional requirements or the second determination result indicates that the initial Event-B model does not meet the functional requirements, add a modeling element corresponding to a non-corresponding part in an analysis result list to the initial Event-B model, obtain an updated initial Event-B model, call the first determination submodule, and perform "determine whether the initial Event-B model meets the functional requirements of the steam boiler system, and obtain a first determination result"; and the corrected Event-B model output submodule is used for outputting the initial Event-B model updated by the last iteration as the corrected Event-B model if the second judgment result shows that the initial Event-B model is positive.
And the safety prevention module is used for performing safety prevention on the steam boiler system by using the corrected Event-B model.
According to the specific embodiment provided by the invention, the invention discloses the following technical effects:
the invention carries out the failure safety analysis on the steam boiler system based on the failure mode and the influence analysis method, adds corresponding redundant components in the system according to the analysis result, ensures the safety of the system from the hardware level, strictly analyzes the control structure and the control flow of the steam boiler system, and adds a prediction stage in the control flow so as to ensure the safety of the system from the software level. Namely, the safety of the system is simultaneously ensured from two layers of hardware and software.
The invention can replace the fault assembly after the tolerable fault occurs, and has certain elasticity.
The invention also establishes an effective mapping relation between the failure mode and the influence analysis and the control flow analysis of the system by combining the Event-B modeling element. The mapping provides a method for converting the fail-safe analysis expressed in natural language into Event-B modeling elements.
The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other.
The principles and embodiments of the present invention have been described herein using specific examples, which are provided only to help understand the method and the core concept of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, the specific embodiments and the application range may be changed. In view of the above, the present disclosure should not be construed as limiting the invention.

Claims (6)

1. A safety analysis method of a steam boiler system, characterized in that the analysis method comprises the steps of:
drawing a control structure block diagram of the steam boiler system according to the function and control action of each component of the steam boiler system;
analyzing the potential failure mode and failure consequence of the steam boiler system according to the control structure block diagram, and establishing an analysis result list containing a failure mode, failure component level influence, failure system level influence, failure reason and countermeasure;
according to the analysis result list, establishing a mapping relation from the analysis result to a control process of the steam boiler system as a first mapping relation; the first mapping relationship comprises: mapping of failure modes and failure causes to a sensing stage, mapping of failure system level influences to a detection stage, mapping of failure system level influences to a safety invariance, and mapping of countermeasures to a stopping mode and a degradation mode;
establishing a mapping relation from the steam boiler system to a modeling element of the Event-B model as a second mapping relation according to the analysis result list and the first mapping relation; the second mapping relationship comprises: mapping relation of variables, constants and invariants from the sensing phase to the Event-B model; mapping from the detection phase to the prevention phase; mapping relations from a detection phase, a security invariant of an Event-B model, a degradation mode and a stop mode to a sensing phase;
establishing an initial Event-B model for safety prevention of the steam boiler system according to the analysis result list, the first mapping relation and the second mapping relation;
correcting the initial Event-B model to enable the corrected Event-B model to meet the functional requirements of the steam boiler system;
and performing safety prevention on the steam boiler system by using the corrected Event-B model.
2. A safety analysis method for a steam boiler system according to claim 1, characterized in that the control process of the steam boiler system comprises a sensing phase, a detection phase, a control phase and a prevention phase.
3. The safety analysis method of a steam boiler system according to claim 1, wherein the initial Event-B model is modified to make the modified Event-B model meet the functional requirements of the steam boiler system, and specifically comprises:
judging whether the initial Event-B model meets the functional requirements of a steam boiler system or not, and obtaining a first judgment result;
if the first judgment result shows yes, judging whether the initial Event-B model corresponds to the analysis result list or not, and obtaining a second judgment result;
if the first judgment result shows that the initial Event-B model cannot meet the functional requirements or the second judgment result shows that the initial Event-B model cannot meet the functional requirements, the modeling elements corresponding to the non-corresponding parts in the analysis result list are added in the initial Event-B model to obtain an updated initial Event-B model, and the step of 'judging whether the initial Event-B model meets the functional requirements of the steam boiler system to obtain a first judgment result' is returned;
and if the second judgment result shows that the Event-B model is the modified Event-B model, outputting the initial Event-B model updated by the last iteration as the modified Event-B model.
4. A safety analysis system for a steam boiler system, the analysis system comprising:
the control structure block diagram establishing module is used for drawing a control structure block diagram of the steam boiler system according to the function and the control action of each component of the steam boiler system;
the analysis result list establishing module is used for analyzing the potential failure mode and failure consequence of the steam boiler system according to the control structure block diagram and establishing an analysis result list containing a failure mode, a failure component level influence, a failure system level influence, a failure reason and a countermeasure;
the first mapping relation establishing module is used for establishing a mapping relation from the analysis result to the control process of the steam boiler system according to the analysis result list to serve as a first mapping relation; the first mapping relationship comprises: mapping of failure modes and failure causes to a sensing stage, mapping of failure system level influences to a detection stage, mapping of failure system level influences to a safety invariance, and mapping of countermeasures to a stopping mode and a degradation mode;
the second mapping relation establishing module is used for establishing a mapping relation from the steam boiler system to a modeling element of the Event-B model as a second mapping relation according to the analysis result list and the first mapping relation; the second mapping relationship comprises: mapping relation of variables, constants and invariants from the sensing phase to the Event-B model; mapping from the detection phase to the prevention phase; mapping relations from a detection phase, a security invariant of an Event-B model, a degradation mode and a stop mode to a sensing phase;
the initial Event-B model establishing module is used for establishing an initial Event-B model for safety prevention of the steam boiler system according to the analysis result list, the first mapping relation and the second mapping relation;
the Event-B model correction module is used for correcting the initial Event-B model so that the corrected Event-B model can meet the functional requirements of the steam boiler system;
and the safety prevention module is used for performing safety prevention on the steam boiler system by using the corrected Event-B model.
5. The safety analysis system of a steam boiler system according to claim 4, wherein the control process of the steam boiler system comprises a sensing phase, a detection phase, a control phase and a prevention phase.
6. The steam boiler system safety analysis system of claim 4, wherein the Event-B model modification module specifically comprises:
the first judgment submodule is used for judging whether the initial Event-B model meets the functional requirements of the steam boiler system or not and obtaining a first judgment result;
the second judgment submodule is used for judging whether the initial Event-B model corresponds to the analysis result list or not if the first judgment result represents yes, and obtaining a second judgment result;
an Event-B model modification submodule, configured to, if the first determination result indicates that the initial Event-B model cannot meet the functional requirements or the second determination result indicates that the initial Event-B model does not meet the functional requirements, add a modeling element corresponding to a non-corresponding part in an analysis result list to the initial Event-B model, obtain an updated initial Event-B model, call the first determination submodule, and perform "determine whether the initial Event-B model meets the functional requirements of the steam boiler system, and obtain a first determination result";
and the corrected Event-B model output submodule is used for outputting the initial Event-B model updated by the last iteration as the corrected Event-B model if the second judgment result shows that the initial Event-B model is positive.
CN202110148981.4A 2021-02-03 2021-02-03 Safety analysis method and system for steam boiler system Expired - Fee Related CN112947370B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110148981.4A CN112947370B (en) 2021-02-03 2021-02-03 Safety analysis method and system for steam boiler system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110148981.4A CN112947370B (en) 2021-02-03 2021-02-03 Safety analysis method and system for steam boiler system

Publications (2)

Publication Number Publication Date
CN112947370A CN112947370A (en) 2021-06-11
CN112947370B true CN112947370B (en) 2022-04-22

Family

ID=76242184

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110148981.4A Expired - Fee Related CN112947370B (en) 2021-02-03 2021-02-03 Safety analysis method and system for steam boiler system

Country Status (1)

Country Link
CN (1) CN112947370B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113469521A (en) * 2021-06-30 2021-10-01 同济大学 STPA-based security critical system formalization development method, system and storage medium
CN115544463A (en) * 2022-10-31 2022-12-30 卡斯柯信号有限公司 Safety interlocking system development method based on fault tree analysis
CN119689945A (en) * 2024-12-16 2025-03-25 瑞鸿电控设备(北京)有限公司 Intelligent control system for remote monitoring and analysis of electrical cabinet

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103955556B (en) * 2014-03-27 2017-07-28 北京交通大学 High Speed Train Operation Control onboard system fault logic modeling method
KR20170065080A (en) * 2015-12-02 2017-06-13 중앙대학교 산학협력단 Method for low power scheduling based TL-plane for a real time embedded system
CN105787198B (en) * 2016-03-17 2018-11-02 北京航空航天大学 It is a kind of from UML activity diagrams to the conversion method of Event-B models
CN106357465A (en) * 2016-11-10 2017-01-25 合肥工业大学 Quick establishment method of easy-to-configure Internet of Things monitoring system
CN108170892B (en) * 2017-11-30 2021-07-16 中国航空综合技术研究所 Fault mode and influence analysis method based on accident dynamic deduction simulation
CN110765568A (en) * 2019-08-23 2020-02-07 清华大学 Complex system design and security analysis integration method based on SysML

Also Published As

Publication number Publication date
CN112947370A (en) 2021-06-11

Similar Documents

Publication Publication Date Title
CN112947370B (en) Safety analysis method and system for steam boiler system
CN109033499B (en) Multi-stage consistency inspection method for predicting residual life of aircraft engine
CN112966879A (en) Environmental test chamber fault prediction method and device, computer equipment and storage medium
Salehi et al. PLCDefender: Improving remote attestation techniques for PLCs using physical model
US20240394419A1 (en) Computer-implemented method and surveillance arrangement for identifying manipulations of cyber-physical-systems as well as computer-implemented-tool and cyber-physical-system
US20090328211A1 (en) Control flow deviation detection for software security
CN110245085A (en) The embedded real-time operating system verification method and system examined using on-time model
Mrugalski et al. Confidence estimation of the multi-layer perceptron and its application in fault detection systems
CN103825576B (en) The polynomial filtering fault detection method of nonlinear system
CN111400890A (en) Attack-defense structure-based power grid upgrading method for resisting malicious data attack
CN111404915A (en) A three-layer model-based grid cyber-physical security risk detection method
CN117441319A (en) Computer-implemented methods and supervisory devices for identifying manipulations of cyber-physical systems and computer-implemented tools and cyber-physical systems
CN113935443B (en) Heterogeneous equipment multi-domain joint fault prediction method, device, terminal and storage medium
Hecht et al. Failure propagation modeling in FMEAs for reliability, safety, and cybersecurity using SysML
CN102955429A (en) Process for adaptive modeling of performance degradation
CN115758147A (en) Photovoltaic array fault detection and diagnosis method, system, equipment and medium
Li et al. Sensor fault diagnosis based on fuzzy neural Petri net
KR20150117129A (en) Apparatus for error simulation and method thereof
US11494654B2 (en) Method for machine failure prediction using memory depth values
CN108920939B (en) Information safety discrimination method, system and related device based on learning diagnostor
US20160366182A1 (en) Evaluation system
Chicaiza et al. Fault Data Injection Detection on a Digital-Twin: Fresnel Solar Concentrator
Ortega-Zamorano et al. Implementation of the C-Mantec neural network constructive algorithm in an arduino UNO microcontroller
CN118348948A (en) Anomaly detection method for industrial control networks based on multivariate time series prediction
Yan et al. Cyberattack Detection for Cyber Physical Systems Security–A Preliminary Study.

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20220422

CF01 Termination of patent right due to non-payment of annual fee