We present a dynamic fault tree analysis of a reconfigurable software system designed for use in avionics in this paper. Each of the critical subsystems of the Mission Avionics System (MAS) is supplied with a hot spare backup to take over control should the primary processor detect an error. Two additional pools of spares are provided in addition to the hot spare backups. MAS also uses triplicated bus systems and redundant memories. A more interesting feature than the hardware redundancy management, however, is the software reconfigurability. Two of the software functions, Scene&Obstacle and PathGeneration, have alternative software modules available to provide minimal functionality in case of large hardware losses or major software errors. This reconfigurability of the software functionality, when coupled with the hardware redundancy, presents a challenge in the construction of a valid model. We add a further modeling challenge by including consideration of coverage failures, which can cripple the system regardless of available redundancy. We derive and present a dynamic fault tree model that can be used to assess the reliability and sensitivity of the selected MAS. The dynamic fault tree can be solved via a combination of BDD (Binary Decision Diagram) and Markov approaches.
[1]
Hiromitsu Kumamoto,et al.
Probabilistic Risk Assessment
,
1996
.
[2]
Salvatore J. Bavuso,et al.
Dynamic fault-tree models for fault-tolerant computer systems
,
1992
.
[3]
J. B. Dugan,et al.
Automatic synthesis of fault trees for computer-based systems
,
1999
.
[4]
David Coppit,et al.
The Galileo fault tree analysis tool
,
1999,
Digest of Papers. Twenty-Ninth Annual International Symposium on Fault-Tolerant Computing (Cat. No.99CB36352).
[5]
David Coppit,et al.
Developing a low-cost high-quality software tool for dynamic fault-tree analysis
,
2000,
IEEE Trans. Reliab..
[6]
Herbert Hecht.
Fault-Tolerant Software
,
1979,
IEEE Transactions on Reliability.