The components of this system communicate with one another and with the exterior environment by way of a physical network. The set of equipment, including the network, constitutes a system called the system under diagnosis.
To improve the degree of confidence accorded to these items of equipment and to ensure their maintenance, monitoring of their proper operation is undertaken, as often as possible, for each of them, consisting in providing them with internal, hardware and/or software mechanisms for detecting anomalies known by the name “monitoring”.
The main function of such monitoring is to contribute to flight safety by frequently testing the availability of the equipment, that is to say the normality of their behaviours, while their auxiliary function is to contribute to the maintenance of the system under diagnosis by facilitating the locating of faults in the equipment.
In its main flight safety function, a monitoring is in charge of detecting a possible sudden unavailability of the monitored item of equipment so that the pilot can be warned of this situation.
In its auxiliary function of aiding maintenance, a function known by the initials “BITE”, derived from the expression “Built In Test Equipment”, a monitoring is in charge of providing, each time that it has brought about an alarm of non-availability during execution of its main flight safety function, a more or less detailed report of the operating state intended to augment a post-flight report termed PFR or LLR standing for “Post Flight Report” or “Last Leg Report” made for the benefit of the ground maintenance personnel.
The system under diagnosis is changeable; various events may modify its make-up: the insertion of new equipment into the network, equipment faults, reconfiguration of the network or selective passivation (that is to say the fact of no longer using part of the equipment). The locating of faults in the system under diagnosis is entrusted to a maintenance device.
The maintenance devices according to the known art are not suitable for taking these changes into account. The problem of taking changes into account is solved by maintenance systems in the form of automatons configured on the basis of a model established during the phase of development of the system under diagnosis. The drawback of these maintenance systems is that they require regular updating to take into account modifications of configurations or of the general state of the aeroplane. A diagnosis device for a system, a flowchart of which is presented in FIG. 1, is known, for example, from the document “Modeling techniques and algorithms for probabilistic model-based diagnosis and repair”, (Sampath Srinivas. Knowledge Systems Laboratory, Computer Science Department, Stanford University, Portland, 1995). This device comprises means for the observation 101 of a system under diagnosis 100, means for fault diagnosis 102 consisting in computing probabilities of failure for the elements of the system and means for the determination 103 of maintenance operations to be performed so as to repair the fault.
The maintenance devices according to the known art present another major drawback, which is the poor management of the quantity of information arising from the monitorings, on account of the use of empirical correlation rules. Faced with a large amount of more or less relevant information, current devices turn out to be inadequate and non-optimized.
The invention is aimed notably at alleviating the two problems cited above by proposing an improved maintenance system taking into account in a dynamic manner the changes of the system under diagnosis and automatically correlating the various known information.
For this purpose, the subject of the invention is a device for system diagnosis of an aircraft comprising equipment, the said device comprising:                means for the monitoring of the equipment, the said means emitting messages of observations on the basis of effects produced by equipment of the system, the said device being characterized in that it furthermore comprises:        means for the determination of a set of observations on the basis of the messages of observations arising from the means for monitoring, of a log of the messages of observations and of a model representing a current state of the system, the said means for the determination of a set of observations implementing temporal logic,        means for the determination of indictments on the basis of observations of the set of observations and of a behavioural model of the system, the indictments being logical relations between operating modes of equipment having produced effects,        means for the determination of maintenance operations on the basis of the indictments.        
The device according to the invention implements a model, termed a mirror model, which is updated with each modification of the system under diagnosis and which thus faithfully reflects the system under diagnosis. Such a model can also represent the causal relations (i.e. relations of causes to effects) of the system under diagnosis. It will then be possible for this model to be easily devised during the design of the system under diagnosis by using data arising from operational dependability analysis (FMEA Failure Mode Effect Analysis) and the design more generally. The use of a mirror model arising from the FMEA comprises a first advantage of an economic nature in so far as it makes it possible not to have to develop a specific model used solely for diagnosis.
The device according to the invention implements binary decision diagrams with the advantage of representing sets of combinations of variables of a function, in an extremely complete and concise manner. Less memory room is occupied relative to truth tables customarily used. Furthermore, the processing times for the functions represented in the form of a binary decision diagram are generally faster.
The device furthermore comprises an original architecture which makes it possible to successively process the temporal aspect, the causal aspect and the probabilistic aspect of the fault location problem. The temporal aspect consists in managing the chronology of the messages emitted by the various components of the system under diagnosis. The causal aspect consists in establishing a link between the messages and equipment or components from which these messages are liable to originate. Finally the probabilistic aspect makes it possible to determine the equipment to be suspected by priority.