A new modeling approach to the safety evaluation of N-modular redundant computer systems in presence of imperfect maintenance

A large number of safety-critical control systems are based on N-modular redundant architectures, using majority voters on the outputs of independent computation units. In order to assess the compliance of these architectures with international safety standards, the frequency of hazardous failures must be analyzed by developing and solving proper formal models. Furthermore, the impact of maintenance faults has to be considered, since imperfect maintenance may degrade the safety integrity level of the system. In this paper, we present both a failure model for voting architectures based on Bayesian networks and a maintenance model based on continuous time Markov chains, and we propose to combine them according to a compositional multiformalism modeling approach in order to analyze the impact of imperfect maintenance on the system safety. We also show how the proposed approach promotes the reuse and the interchange of models as well the interchange of solving tools.

[1]  Valeria Vittorini,et al.  Repairable fault tree for the automatic evaluation of repair policies , 2004, International Conference on Dependable Systems and Networks, 2004.

[2]  Barry W. Johnson,et al.  Dependability metrics to assess safety-critical systems , 2005, IEEE Transactions on Reliability.

[3]  Stefano Marrone,et al.  Using repairable fault trees for the evaluation of design choices for critical repairable systems , 2005, Ninth IEEE International Symposium on High-Assurance Systems Engineering (HASE'05).

[4]  A. Bobbio,et al.  Dynamic Bayesian Networks for modeling advanced Fault Tree features in dependability analysis , 2005 .

[5]  Luigi Portinale,et al.  FROM ARTIFICIAL INTELLIGENCE TO DEPENDABILITY: MODELING AND ANALYSIS WITH BAYESIAN NETWORKS , 2005 .

[6]  William H. Sanders,et al.  Integrated frameworks for multi-level and multi-formalism modeling , 1999, Proceedings 8th International Workshop on Petri Nets and Performance Models (Cat. No.PR00331).

[7]  Pietro Marmo,et al.  Hazard Analysis of Complex Distributed Railway Systems , 2003, SRDS.

[8]  R. B. Randall,et al.  A hybrid maintenance model with imperfect inspection for a system with deterioration and Poisson failure , 1999, J. Oper. Res. Soc..

[9]  Giuliana Franceschinis,et al.  COMPARISON OF METHODOLOGIES FOR THE SAFETY AND DEPENDABILITY ASSESSMENT OF AN INDUSTRIAL PROGRAMMABLE LOGIC CONTROLLER , 2001 .

[10]  Valeria Vittorini,et al.  The OsMoSys approach to multi-formalism modeling of systems , 2004, Software & Systems Modeling.

[11]  Andrea Bondavalli,et al.  Analysis of Safety Related Architectures , 2003, 2003 The Ninth IEEE International Workshop on Object-Oriented Real-Time Dependable Systems.

[12]  Brian Randell,et al.  Fundamental Concepts of Dependability , 2000 .

[13]  Stefano Marrone,et al.  The software architecture of the OsMoSys multisolution framework , 2007, ValueTools '07.

[14]  L. Impagliazzo,et al.  Architecture and safety requirements of the ACC railway interlocking system , 1996, Proceedings of IEEE International Computer Performance and Dependability Symposium.

[15]  Francesco Flammini,et al.  The software architecture of the OsMoSys multisolution framework , 2007, Valuetools 2007.

[16]  T. S. Dillon,et al.  The Effect of Incomplete and Deleterious Periodic Maintenance on Fault-Tolerant Computer Systems , 1986, IEEE Transactions on Reliability.

[17]  Giovanni Chiola,et al.  Stochastic Well-Formed Colored Nets and Symmetric Modeling Applications , 1993, IEEE Trans. Computers.

[18]  Francesco Flammini,et al.  Modelling system reliability aspects of ERTMS/ETCS by fault trees and Bayesian networks , 2006 .

[19]  Jean Bézivin,et al.  Principles, standards and tools for model engineering , 2005, 10th IEEE International Conference on Engineering of Complex Computer Systems (ICECCS'05).

[20]  Hyunki Kim,et al.  The design and evaluation of all voting triple modular redundancy system , 2002, Annual Reliability and Maintainability Symposium. 2002 Proceedings (Cat. No.02CH37318).

[21]  T. Pasquale,et al.  Hazard analysis of complex distributed railway systems , 2003, 22nd International Symposium on Reliable Distributed Systems, 2003. Proceedings..

[22]  Francesco Flammini,et al.  Evaluating the Hazardous Failure Rate of majority voting computer architectures by means of Bayesian Network models , 2007 .

[23]  Luigi Portinale,et al.  From AI to Dependability : using Bayesian Networks for Reliability Modeling and Analysis , 2004 .

[24]  Salvatore J. Bavuso,et al.  Dynamic fault-tree models for fault-tolerant computer systems , 1992 .