Formal Support for Quantitative Analysis of Residual Risks in Safety-Critical Systems

With the increasing complexity in software and electronics in safety-critical systems new challenges to lower the costs and decrease time-to-market, while preserving high assurance have emerged. During the safety assessment process, the goal is to minimize the risk and particular, the impact of probable faults on system level safety. Every potential fault must be identified and analysed in order to determine which faults that are most important to focus on. In this paper, we extend our earlier work on formal qualitative analysis with a quantitative analysis of fault tolerance. Our analysis is based on design models of the system under construction. It further builds on formal models of faults that have been extended for estimated occurence probability allowing to analyse the system-level failure probability. This is done with the help of the probabilistic model checker PRISM. The extension provides an improvement in the costly process of certification in which all forseen faults have to be evaluated with respect to their impact on safety and reliability. We demonstrate our approach using an application from the avionic industry: an Altitude Meter System.

[1]  David S. Rosenblum,et al.  Using Scenarios to Predict the Reliability of Concurrent Component-Based Software Systems , 2005, FASE.

[2]  Andrea Bondavalli,et al.  Stochastic Dependability Analysis of System Architecture Based on UML Models , 2002, WADS.

[3]  Simin Nadjm-Tehrani,et al.  Safety Interfaces for Component-Based Systems , 2005, SAFECOMP.

[4]  Andrea Bondavalli,et al.  Failure classification with respect to detection , 1990, [1990] Proceedings. Second IEEE Workshop on Future Trends of Distributed Computing Systems.

[5]  Peter A. Lindsay,et al.  An Automated Failure Mode and Effect Analysis Based on High-Level Design Specification with Behavior Trees , 2005, IFM.

[6]  Sandeep K. Shukla,et al.  Evaluating the reliability of NAND multiplexing with PRISM , 2005, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[7]  Wu-Hon F. Leung On the Verifiability of Programs Written in the Feature Language Extensions , 2007 .

[8]  Marco Bozzano,et al.  ESACS: an integrated methodology for design and safety analysis of complex systems , 2003 .

[9]  Nicolas Halbwachs,et al.  Synchronous Observers and the Verification of Reactive Systems , 1993, AMAST.

[10]  Ralf H. Reussner,et al.  Reliability prediction for component-based software architectures , 2003, J. Syst. Softw..

[11]  Mats Per Erik Heimdahl,et al.  Behavioral Fault Modeling for Model-based Safety Analysis , 2007, 10th IEEE High Assurance Systems Engineering Symposium (HASE'07).

[12]  Christel Baier,et al.  Automated Performance and Dependability Evaluation Using Model Checking , 2002, Performance.

[13]  Carl E. Landwehr,et al.  Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.

[14]  Mats Per Erik Heimdahl,et al.  Model-Based Safety Analysis of Simulink Models Using SCADE Design Verifier , 2005, SAFECOMP.

[15]  Kirsten Winter,et al.  Probabilistic Model-Checking Support for FMEA , 2007 .

[16]  Marta Kwiatkowska,et al.  Controller Dependability Analysis by Probabilistic Model Checking , 2004 .

[17]  D. Hickey Distritrack: Automated Average-Case Analysis , 2007 .

[18]  Marta Z. Kwiatkowska,et al.  Stochastic Model Checking , 2007, SFM.

[19]  Simin Nadjm-Tehrani,et al.  Safety-Oriented Design of Component Assemblies using Safety Interfaces , 2007, Electron. Notes Theor. Comput. Sci..

[20]  Marta Z. Kwiatkowska,et al.  PRISM: Probabilistic Symbolic Model Checker , 2002, Computer Performance Evaluation / TOOLS.

[21]  Robert K. Brayton,et al.  Verifying Continuous Time Markov Chains , 1996, CAV.

[22]  Yiannis Papadopoulos,et al.  Automating the failure modes and effects analysis of safety critical systems , 2004, Eighth IEEE International Symposium on High Assurance Systems Engineering, 2004. Proceedings..

[23]  Zohar Manna,et al.  The Temporal Logic of Reactive and Concurrent Systems , 1991, Springer New York.

[24]  John A. McDermid,et al.  Analysis and synthesis of the behaviour of complex programmable electronic systems in conditions of failure , 2001, Reliab. Eng. Syst. Saf..

[25]  Ernest J. Henley,et al.  Reliability engineering and risk assessment , 1981 .

[26]  Joost-Pieter Katoen,et al.  Counterexamples in Probabilistic Model Checking , 2007, TACAS.

[27]  Thomas A. Henzinger,et al.  Reactive Modules , 1996, Proceedings 11th Annual IEEE Symposium on Logic in Computer Science.

[28]  Simin Nadjm-Tehrani,et al.  Formal verification of fault tolerance in safety-critical reconfigurable modules , 2005, International Journal on Software Tools for Technology Transfer.