Analysis and synthesis of the behaviour of complex programmable electronic systems in conditions of failure

This paper introduces a new method for safety analysis which modifies, automates and integrates a number of classical safety analysis techniques to address some of the problems currently encountered in complex safety assessments. The method enables the analysis of a complex programmable electronic system from the functional level through to low levels of its hardware and software implementation. In the course of the assessment, the method integrates design and safety analysis and harmonises hardware safety analysis with the hazard analysis of software architectures. It also introduces an algorithm for the synthesis of fault trees, which mechanises and simplifies a large and traditionally problematic part of the assessment, the development of fault trees. In this paper, we present the method and discuss its application on a prototypical distributed brake-by-wire system for cars. We argue that the method can help us rationalise and simplify an inherently creative and difficult task and therefore gain a consistent and meaningful picture of how a complex programmable system behaves in conditions of failure. q 2001 Elsevier Science Ltd. All rights reserved.

[1]  G. E. Apostolakis,et al.  A new methodology for the computer-aided construction of fault trees , 1977 .

[2]  P. O'Connor,et al.  Practical Reliability Engineering , 1981 .

[3]  A. Poucet STARS: Knowledge based tools for safety and reliability analysis , 1990 .

[4]  Paul D. Ezhilchelvan,et al.  A Characterisation of Faults in Systems , 1986, Symposium on Reliability in Distributed Software and Database Systems.

[5]  J.R. Taylor,et al.  An Algorithm For Fault-Tree Construction , 1982, IEEE Transactions on Reliability.

[6]  Dana Crowe,et al.  Failure Modes and Effects Analysis , 2001 .

[7]  Edward Yourdon,et al.  Structured design : fundamentals of a discip!ine of computer proqram and system desiqn , 1979 .

[8]  Alfred V. Aho,et al.  Compilers: Principles, Techniques, and Tools , 1986, Addison-Wesley series in computer science / World student series edition.

[9]  Thomas Thurner,et al.  Time-triggered architecture for safety-related distributed real-time systems in transportation systems , 1998, Digest of Papers. Twenty-Eighth Annual International Symposium on Fault-Tolerant Computing (Cat. No.98CB36224).

[10]  Hermann Kopetz,et al.  Distributed fault-tolerant real-time systems: the Mars approach , 1989, IEEE Micro.

[11]  John A. McDermid,et al.  A development of hazard analysis to aid software design , 1994, Proceedings of COMPASS'94 - 1994 IEEE 9th Annual Conference on Computer Assurance.

[12]  Andrea Bondavalli,et al.  Failure classification with respect to detection , 1990, [1990] Proceedings. Second IEEE Workshop on Future Trends of Distributed Computing Systems.

[13]  G. E. Apostolakis,et al.  CAT: a computer code for the automated construction of fault trees , 1978 .

[14]  David Budgen Combining mascot with modula‐2 to aid the engineering of real‐time systems , 1985, Softw. Pract. Exp..

[15]  John A. McDermid,et al.  Safety Cases for Software Application Reuse , 1995, SAFECOMP.

[16]  John A. McDermid,et al.  Support for safety cases and safety arguments using SAM , 1994 .

[17]  J. A. McDermid,et al.  Towards integrated safety analysis and design , 1994, SIAP.

[18]  Hermann Kopetz The Time-Triggered Approach to Real-Time System Design , 1995 .

[19]  Günter Grünsteidl,et al.  TTP - A Protocol for Fault-Tolerant Real-Time Systems , 1994, Computer.