飞机差动刹车纠偏过程的STAMP/STPA安全性. (Chinese)

To prevent the occurrence of danger or accident during the correction process of all-electric differential braking, the safety problem was regarded as a control problem, and the safety analysis based on STAMP/STPA was carried out from the control point of view. First, based on the system-theoretic accident model and process (STAMP), the STAMP model of the aircraft all-electric differential braking system considering human-machine coordination was established to determine the control feedback relationship of the entire differential braking system. Then, the system theoretic process analysis (STPA) method was used to analyze the safety of the differential braking correction process, determine system-level accidents and hazards, identify potential risks and unsafe control actions (UCA), and conduct qualitative analysis of UCA from the aspects of control, feedback, and coordination. Finally, an airplane ground sliding model was established to simulate and analyze some unsafe control behaviors (UCA1, UCA2, and UCA5) that occurred during the correction process. Simulation results show that the differential braking action was not provided in the case of 1° initial yaw angle or 1 m/s continuous crosswind, and the aircraft was out of the runway after 5 s; the differential braking action delay occurred at 1° initial yaw angle (with no crosswind), and the aircraft was out of the runway when the delay was greater than 5 s. From the quantitative point of view, the safety constraints of the aircraft all-electric differential braking correction process were proposed, and the effectiveness of the STAMP/STPA method was verified. [ABSTRACT FROM AUTHOR]

为防止飞机在全电差动刹车纠偏过程中发生危险或事故,将该过程的安全问题视为一个控制问题,从控制的角度开展STAMP/STPA安全性分析.首先,基于系统理论事故模型及过程（system-theoretic accident model and process,STAMP）建立考虑人机协调的飞机全电差动刹车系统STAMP模型,确定整个差动刹车系统的控制反馈关系;然后,采用系统理论过程分析（system theoretic process analysis,STPA）方法对差动刹车纠偏过程进行安全性分析,确定系统级事故和危险,识别潜在风险和不安全控制行为（unsafe control action,UCA）,从控制、反馈和协调3个方面对不安全控制行为进行定性致因分析;最后,建立飞机地面滑跑模型,对纠偏过程中出现的部分不安全控制行为（UCA1、UCA2和UCA5）进行仿真分析.仿真结果表明:在1°初始偏航角或1 m/s持续侧风的情况下未提供差动刹车动作,飞机在5 s后会偏出跑道;在1°初始偏航角（无侧风）情况下发生差动刹车动作延迟,延迟大于5 s时飞机会偏出跑道.仿真结果从定量角度对飞机全电差动刹车纠偏过程提出了安全约束,并验证了STAMP/STPA方法的有效性. [ABSTRACT FROM AUTHOR]

Copyright of Journal of Harbin Institute of Technology. Social Sciences Edition / Haerbin Gongye Daxue Xuebao. Shehui Kexue Ban is the property of Harbin Institute of Technology and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)