Component-based timed hazard analysis of self-healing systems

Today, self-healing is increasingly used in embedded real-time systems, that are applied in safety-critical environments, to reduce hazards. These systems implement self-healing by reconfiguration, i.e., the exchange of system components during run-time that aims at stopping or removing failures. This reaction is subject to hard real-time constraints because reacting too late does not yield the intended effects. Consequently, it is necessary to analyze the propagation of failures over time and also take into account how the propagation of failures is changed by the reconfiguration. Current approaches do not analyze the propagation times of failures and the changes of structural reconfiguration on the failure propagation. We enhance our hazard analysis approach by extending our failure propagation models by propagation times and taking the system's real-time reconfiguration behavior into account. This allows to analyze how a reconfiguration with certain duration changes the failure propagation of a real-time system and thus whether it is able to prevent a hazard. We show the feasibility of our approach by an example case study from the RailCab project.

[1]  Holger Giese,et al.  Modeling Techniques for Software-Intensive Systems , 2009 .

[2]  Jan Magott,et al.  A Method of Analysis of Fault Trees with Time Dependencies , 2000, SAFECOMP.

[3]  J. A. McDermid,et al.  Towards integrated safety analysis and design , 1994, SIAP.

[4]  Stefan Henkler,et al.  Modeling and verifying dynamic communication structures based on graph transformations , 2011, Computer Science - Research and Development.

[5]  Mary Shaw,et al.  Software Engineering for Self-Adaptive Systems: A Research Roadmap , 2009, Software Engineering for Self-Adaptive Systems.

[6]  Bernhard Kaiser,et al.  State/event fault trees - A safety analysis model for software-controlled systems , 2007, Reliab. Eng. Syst. Saf..

[7]  Martin Walker,et al.  Compositional Temporal Fault Tree Analysis , 2007, SAFECOMP.

[8]  Grzegorz Rozenberg,et al.  Handbook of Graph Grammars and Computing by Graph Transformations, Volume 1: Foundations , 1997 .

[9]  Lars Grunske,et al.  Timed Behavior Trees for Failure Mode and Effects Analysis of time-critical systems , 2008, J. Syst. Softw..

[10]  Lars Grunske,et al.  Model-Driven safety evaluation with state-event-based component failure annotations , 2005, CBSE'05.

[11]  Frank Ortmeier,et al.  Deductive cause-consequence analysis (DCCA) , 2005 .

[12]  Sherif Abdelwahed,et al.  Practical Implementation of Diagnosis Systems Using Timed Failure Propagation Graph Models , 2009, IEEE Transactions on Instrumentation and Measurement.

[13]  Olivier H. Roux,et al.  Structural translation from Time Petri Nets to Timed Automata , 2005, J. Syst. Softw..

[14]  Peter Neumann,et al.  Safeware: System Safety and Computers , 1995, SOEN.

[15]  Silvio Simani,et al.  Model-based fault diagnosis in dynamic systems using identification techniques , 2003 .

[16]  Holger Giese,et al.  Component-Based Hazard Analysis: Optimal Designs, Product Lines, and Online-Reconfiguration , 2006, SAFECOMP.

[17]  Javier Esparza,et al.  The mathematics of Petri Nets , 1990 .

[18]  Carl E. Landwehr,et al.  Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.

[19]  Girish Keshav Palshikar Temporal fault trees , 2002, Inf. Softw. Technol..