Research On Hazard Analysis Method For Autonomous Ships

Following the revolution of steam technology,electric power technology,computer and information technology,the fourth industrial revolution is changing the world,which repre-sented by artificial intelligence,internet of things,cloud computing,virtual reality and quan-tum information technology,etc.The advancement of information and communication tech-nology and the improvement of information analysis capability have created revolutionary development opportunities for all walks of life.In the shipping industry,the autonomous ship that carry cargo and passengers in a safer,more efficient and green way are attracting un-precedented attention,which has become the future development tendency of the shipping industry.As a representative of digital transformation and new technological innovation in the shipping industry,the autonomous ship will undergo disruptive changes in overall design structure,system interaction ways,power sources and other aspects,which comparing with conventional ships that are only controlled manually.At the same time,with the interconnec-tivity between ship-shore and ship subsystems,the autonomous ship will become the hub of sensors and the generator of data in the modern shipping ecosystem.In this context,in order to avoid the possible negative impacts on the current maritime traffic conditions due to the introduction of autonomous ships,and to ensure that the expected safety level of the autono-mous ship is at least not lower than the existing safety level of the conventional ship,it is not only necessary to pay attention to traditional safety of the autonomous ship,such as naviga-tion safety and cargo safety,but also need to consider non-traditional security of the autono-mous ship that represented by cyber security.Therefore,the theoretical research towards the safety and security of autonomous ships is very necessary and has important significance.In this dissertation,the safety and security of autonomous ships are focused,and the hazard analysis method is taking as the main object of research.After clarifying the opera-tional characteristics of autonomous ships,a novel hazard analysis methodology that synthe-sizes safety and security is proposed,which is suitable for autonomous ships.Taking a re-motely-controlled ship as an example,the proposed method is used to execute the hazard analysis process.Meanwhile,the correctness of the result of hazard analysis is verified by us-ing the model checking tool UPPAAL.The main research work and achievements of this dis-sertation are shown as follows.(1)The research on the definition of autonomous ships and the taxonomy method of lev-els of autonomy.Starting from the historical evolution and development of autonomous ships.the limitations of the existing taxonomy of autonomy levels are analysed on the basis of clar-ifying the definition of autonomous ships and normalizing their Chinese and English expres-sions.To circumvent these limitations,a taxonomy method of levels of autonomy based on navigation practice is proposed.The results show that the key to the taxonomy of levels of autonomy is whether the autonomous ships can independently complete the corresponding task or achieve the corresponding function from the human intervention,rather than depend-ing on the levels of automation or the location of decision-making.Taking two test ships equipped with autonomous navigation technology as examples,compared with the existing taxonomy of autonomy levels,the proposed method can avoid effectively the problem that the inaccurate determination of the ship's overall level of autonomy due to the autonomous im-plement of some individual functions.The generated taxonomy results are more in line with objective facts.The applicability evaluation process was developed for 29 widely used hazard analysis methods.(2)The research on the applicability of hazard analysis methods.To screen out one or more hazard analysis methods that can capture the operational characteristics of autonomous ships,an applicability evaluation method based on system engineering for autonomous ships is proposed.Based on the established applicability evaluation procedure,the proposed method generates the system-level safety requirements in a functional manner,and the evaluation cri-teria linked to the design goals of autonomous ships.The applicability evaluation process is developed for 29 widely used hazard analysis methods.The evaluation results show that Sys-tem-Theoretic Process Analysis(STPA)method satisfies all the evaluation criteria,which can better understand the behavior of the system,identify hazards and reveal the hazard causal factors.STPA is found to be one of the most highly promising hazard analysis methods that currently suitable for autonomous ships.(3)The research on the hazard analysis methodology that synthesizes safety and security for autonomous ships.On the basis of clarifying the operational characteristics of autonomous ships,and considering the negative impact of increasing cyber threats on the system safety and security of autonomous ships,a STPA-based analysis methodology that synthesizes safety and security is proposed in this dissertation,namely STPA-SynSS.This method proposes six improvements on the foundation of STPA and provides a comprehensive process of identify-ing hazards and revealing hazard causal factors,which realized the continuous tracking and closed-loop management of potential hazards.The collision avoidance scenario of a remotely controlled ship with a few seafarers onboard is taken as an example,the proposed method is used to execute the detailed hazard analysis process for the above scenario,and the specific control strategies of hazards are generated.The comparative analysis of hazard analysis re-sults shows that compared with STPA,STPA-SynSS can identify more unsafe/unsecure con-trol behaviors and loss scenarios,and the more targeted hazard control strategies can be gen-erated.The results of comparative analysis prove the effectiveness and advancement of the proposed STPA-SynSS.(4)The research on the safety modeling for autonomous ships considering ageing components.The resulting unsafe/unsecure control behaviors due to performance degradation of components need to be considered when using STPA-SynSS to generate the loss scenarios.To characterize the characteristics of the system safety state of autonomous ships degrading over time,the system safety analysis is extended from the "two-state hypothesis" to multi-state.According to the control structure constructed in the case analysis of STPA-SynSS,the safety of a remotely-controlled ship is modeled.The safety function that obeys exponential distribution and the time distribution function that describes the time when the system reaches the safety limit state are generated.This model can be used to guide designers to incorporate more targeted safety design into the system,and to establish corresponding protection mechanisms for ageing components to avoid the hazard transitions from a potential state to an actual accident state that may cause losses.(5)The research on the formal modeling of autonomous ships and the verification of hazard analysis results.To overcome the limitation that the correctness and completeness of hazard analysis results cannot be verified,the formal method is groundbreakingly introduced in the hazard analy sis process.In this dissertation,a STPA-SynSS extension process based on time automata is proposed.On the basis of constructing the time automata network model,the model checking tool UPPAAL is used to search the finite state space of the system model ex-haustively to verify the satisfaction relationship between the semantic model and its property specifications,thereby verifying the activity of the system modeling and the correctness of the hazard analysis results.The verification results show that the time automata network model of the remotely-controlled ship is deadlock-free and runs correctly,and all unsafe/unsecure con-trol actions identified by STPA-SynSS will occur,which verifies the correctness of the hazard analysis results of STPA-SynSS.Meanwhile,the effectiveness of the proposed STPA-SynSS extension process is proved.The conclusion of this dissertation lay a solid theoretical foundation for identifying and controlling the potential hazards of autonomous ships.To some extent,the conclusion meets the urgent needs of the shipping industry to clarify and improve the safety of autonomous ships.At the same time,it can provide a reference for the safety and security design of au-tonomous ships and effectively guarantee the safe operation of autonomous ships.