Using Markov models for safety analysis of programmable electronic systems

Abstract Markov Models (diagrams showing failure states) can easily represent the operation of a fault tolerant programmable electronic system (PES) as various system compenents fail and/or are repaired. These models can account for multiple failure rates as a function of failure state, common cause failures, on-line diagnostic capability of a PES, multiple failure modes, and different repair rates as a function of failure state. Further, the same physical system may behave differently in different operating modes and this can be accounted for by different Markov models. Such models can be constructed simply and accurately when a systematic method is used. This paper describes the systematic method and shows examples of the reliability and safety analysis developed for a new fault tolerant control system under two different operating modes. The importance of including the operating mode in the modeling and analysis is clearly demonstrated. One operating mode is substantially safer than the other.