Software safety analysis of function block diagrams using fault trees

Abstract As programmable logic controllers (PLCs) are often used to implement safety–critical embedded software, safety demonstration of PLC code is needed. In this paper, we propose a fault tree analysis technique on Function Block Diagrams (FBDs) which is one of the most widely used PLC programming languages. FBD is currently being used to develop Reactor Protection System (RPS) for a nuclear power plant in South Korea. Our approach to fault tree analysis, which combines fault-oriented and cause/effect-oriented viewpoints, is easy to understand and offers systematic guidelines to ensure safety of PLC code. Domain experts found the approach to be useful through a case study on RPS, and this paper compares completeness and comprehensiveness of the semi-automatically generated fault trees using the proposed approach against the one manually prepared by nuclear safety engineers.

[1]  Nancy G. Leveson,et al.  Safety verification of Ada programs using software fault trees , 1991, IEEE Software.

[2]  Thomas Maier FMEA and FTA to Support Safe Design of Embedded Software in Safety-Critical Systems , 1997 .

[3]  Yiannis Papadopoulos,et al.  Model-based synthesis of fault trees from Matlab-Simulink models , 2001, 2001 International Conference on Dependable Systems and Networks.

[4]  Angelika Mader,et al.  A Classification of PLC Models and Applications , 2000 .

[5]  Nancy G. Leveson,et al.  Safety verification in MURPHY using fault tree analysis , 1988, Proceedings. [1989] 11th International Conference on Software Engineering.

[6]  J. B. Dugan,et al.  Automatic synthesis of fault trees for computer-based systems , 1999 .

[7]  Guiseppe Mauri,et al.  Integrating safety analysis techniques, supporting identification of common cause failures , 2000 .

[8]  David Coppit,et al.  The Galileo fault tree analysis tool , 1999, Digest of Papers. Twenty-Ninth Annual International Symposium on Fault-Tolerant Computing (Cat. No.99CB36352).

[9]  A. Bossche,et al.  Automatic fault tree synthesis and real-time tree trimming, based on computer models , 1997, Annual Reliability and Maintainability Symposium.

[10]  W E Vesely,et al.  Fault Tree Handbook , 1987 .

[11]  Doo-Hwan Bae,et al.  Safety Verification of Ada95 Programs Using Software Fault Trees , 1999, SAFECOMP.

[12]  Sergio B. Guarro,et al.  The use of prime implicants in dependability analysis of software controlled systems , 1998 .

[13]  John A. McDermid,et al.  Analysis and synthesis of the behaviour of complex programmable electronic systems in conditions of failure , 2001, Reliab. Eng. Syst. Saf..

[14]  Nancy G. Leveson,et al.  Safeware: System Safety and Computers , 1995 .

[15]  John Andrews,et al.  Application of the digraph method of fault tree construction to a complex control configuration , 1990 .

[16]  Bin Li,et al.  Integrating software into PRA , 2003, 14th International Symposium on Software Reliability Engineering, 2003. ISSRE 2003..

[17]  George Apostolakis,et al.  Demonstration of the Dynamic Flowgraph Methodology using the Titan II Space Launch Vehicle Digital Flight Control System , 1993 .

[18]  H. S. Osborne,et al.  The international electrotechnical commission , 1953, Electrical Engineering.

[19]  George E. Apostolakis,et al.  Automated hazard analysis of digital control systems , 2002, Reliab. Eng. Syst. Saf..

[20]  George E. Apostolakis,et al.  The dynamic flowgraph methodology for assessing the dependability of embedded software systems , 1995, IEEE Trans. Syst. Man Cybern..