Formal fault tree construction and system safety analysis

Fault Tree Analysis is a traditional deductive safety analysis technique that is applied during the system design stage. However, traditional fault trees often suffer from a lack of formal semantics to check the correctness or consistency of the descriptions. This is especially a problem in safety-critical system analysis. To overcome this limitation, we propose a novel formal fault tree construction method, which is different from traditional methods that focus on providing the formal semantics for the fault tree constructs after the informal fault tree has been built. In our method, the correctness of the fault tree is proved by the construction process itself, and the time relationships among different events are guaranteed by introducing temporal logic notations. Furthermore, by the stepwise deduction process, the hidden domain rules and inattentive design deficiencies can be discovered at an earlier stage, which helps the designers and domain experts effectively check and revise their system design in a timelier manner.

[1]  Donald J. Reifer,et al.  Software Failure Modes and Effects Analysis , 1979, IEEE Transactions on Reliability.

[2]  Wolfgang Reif,et al.  SAFETY ANALYSIS OF A RADIO-BASED CROSSING CONTROL SYSTEM USING FORMAL METHODS , 2000 .

[3]  Nancy G. Leveson,et al.  Safety Analysis Using Petri Nets , 1987, IEEE Transactions on Software Engineering.

[4]  David Coppit,et al.  Formal semantics of models for computational engineering: a case study on dynamic fault trees , 2000, Proceedings 11th International Symposium on Software Reliability Engineering. ISSRE 2000.

[5]  Tetsuo Tamai,et al.  CAFE: An Industrial-Strength Algebraic Formal Method , 2000 .

[6]  Axel van Lamsweerde,et al.  Learning machine learning , 1991 .

[7]  Stuart Anderson,et al.  Validating Safety Models with Fault Trees , 1993, SAFECOMP.

[8]  Axel van Lamsweerde,et al.  Goal-Oriented Requirements Engineering: A Guided Tour , 2001, RE.

[9]  Xiang Jian Fault Tree Analysis of Software Reliability Allocation , 1999 .

[10]  Michael R. Lyu,et al.  Handbook of software reliability engineering , 1996 .

[11]  Ben J Hicks,et al.  World Multiconference on Systemics, Cybernetics and Informatics , 2000 .

[12]  Ron Koymans,et al.  Specifying Message Passing and Time-Critical Systems with Temporal Logic , 1992, Lecture Notes in Computer Science.

[13]  Ramalingam Shanmugam Assurance Technologies: Principles and Practices , 1992 .

[14]  Peter Neumann,et al.  Safeware: System Safety and Computers , 1995, SOEN.

[15]  Gerhard Schellhorn,et al.  Formal Fault Tree Semantics , 2002 .

[16]  Axel van Lamsweerde,et al.  Handling Obstacles in Goal-Oriented Requirements Engineering , 2000, IEEE Trans. Software Eng..

[17]  John A. McDermid,et al.  Experience with the application of HAZOP to computer-based systems , 1995, COMPASS '95 Proceedings of the Tenth Annual Conference on Computer Assurance Systems Integrity, Software Safety and Process Security'.

[18]  Anders P. Ravn,et al.  From Safety Analysis to Software Requirements , 1998, IEEE Trans. Software Eng..

[19]  Axel van Lamsweerde,et al.  Managing Conflicts in Goal-Driven Requirements Engineering , 1998, IEEE Trans. Software Eng..

[20]  Zohar Manna,et al.  The Temporal Logic of Reactive and Concurrent Systems , 1991, Springer New York.