Formal Safety Analysis of a Radio-Based Railroad Crossing Using Deductive Cause-Consequence Analysis (DCCA)

In this paper we present the formal safety analysis of a radio-based railroad crossing. We use deductive cause-consequence analysis (DCCA) as analysis method. DCCA is a novel technique to analyze safety of embedded systems with formal methods. It substitutes error-prone informal reasoning by mathematical proofs. DCCA allows to rigorously prove whether a failure on component level is the cause for system failure or not. DCCA generalizes the two most common safety analysis techniques: failure modes and effects analysis (FMEA) and fault tree analysis (FTA). We apply the method to a real world case study: a radio-based railroad crossing. We illustrate the results of DCCA for this example and compare them to results of other formal safety analysis methods like formal FTA.

[1]  R. BurchJ.,et al.  Symbolic model checking , 1992 .

[2]  Pierre Bieber,et al.  Combination of Fault Tree Analysis and Model Checking for Safety Assessment of Complex System , 2002, EDCC.

[3]  Sérgio Vale Aguiar Campos,et al.  Symbolic Model Checking , 1993, CAV.

[4]  E. Allen Emerson,et al.  Temporal and Modal Logic , 1991, Handbook of Theoretical Computer Science, Volume B: Formal Models and Sematics.

[5]  J. Van Leeuwen,et al.  Handbook of theoretical computer science - Part A: Algorithms and complexity; Part B: Formal models and semantics , 1990 .

[6]  Andreas Thums,et al.  Formale Fehlerbaumanalyse , 2004 .

[7]  Gerhard Schellhorn,et al.  Formal Fault Tree Semantics , 2002 .

[8]  R. F. Griffiths,et al.  HAZOP and HAZAN: Notes on the identification and assessment of hazards : by T.A. Kletz, Institution of Chemical Engineers, Rugby, 1983, ISBN 0-85295-165-5, 81 pages, paperback, £8.00 incl. postage and packing. , 1984 .

[9]  Frank Ortmeier,et al.  Failure-Sensitive Specification A formal method for finding failure modes , 2004 .

[10]  R. C. Bromley,et al.  Failure modes, effects and criticality analysis (FMECA) , 1994 .

[11]  Michael R. Beauregard,et al.  The Basics of FMEA , 1996 .

[12]  Kenneth L. McMillan,et al.  Symbolic model checking , 1992 .

[13]  Makis Stamatelatos,et al.  Fault tree handbook with aerospace applications , 2002 .

[14]  Perdita Stevens,et al.  Modelling Recursive Calls with UML State Diagrams , 2003, FASE.

[15]  Kurt Stenzel,et al.  Formal System Development with KIV , 2000, FASE.

[16]  Andrea Bondavalli,et al.  Dependable Computing EDCC-4 , 2002, Lecture Notes in Computer Science.

[17]  Stefania Gnesi,et al.  FME 2003: Formal Methods: International Symposium of Formal Methods Europe, Pisa, Italy, September 8-14, 2003. Proceedings , 2003, Lecture Notes in Computer Science.

[18]  Gerhard Schellhorn,et al.  Model Checking FTA , 2003, FME.