Home     FAQ Background Publications Download Legal notice    Contact  

Kaiser,B, P Liggesmeyer, O Mäckel (2003). A new component concept for fault trees.

Proceedings of the 8th Australian Workshop on Safety Critical Systems and Software (SCS'03), Canberra Conferences in Research and Practice in Information Technology, Vol 33.   

Abstract:The decomposition of complex systems into manageable parts is an essential principle when dealing with complex technical systems. However, many safety and reliability modelling techniques do not support hierarchical decomposition in the desired way. Fault tree analysis (FTA) offers decomposition into modules, a breakdown with regard to the hierarchy of failure influences rather than to the system architecture. In this paper we propose a compositional extension of the FTA technique. Each technical component is represented by an extended fault tree. Besides the internal basic events and gates, each component can have input and output ports. By connecting these ports, components can be integrated into a higher-level system model. All components can be developed independently and stored in separate files or component libraries. Mathematically, each component fault tree (CFT) represents a logical function from its input ports and internal events to its output ports. As in traditional FTA, both qualitative and quantitative analyses are possible. Known algorithms e.g. based on binary decision diagrams (BDDs) can still be applied. The Windows-based safety analysis tool UWG3 was developed to prove this concept in practice. It allows creating component libraries in an exchangeable XML format. We have carried out some case studies in order to show that the new concept improves clearness and intuitive modelling while obtaining the same results as traditional FTA.

Keywords:  Fault trees, Safety, Reliability   more...

Kaiser, Bernhard (2002). Integration von Sicherheits- und Zuverlässigkeitsmodellen in den Entwicklungsprozess eingebetteter Systeme.

Softwaretechnik-Trends 22(4), Gesellschaft für Informatik (Hg.) 2002.   

Zusammenfassung: Zur Unterstützung von Analyse und Entwurf eingebetteter Systeme wurde eine Vielzahl formalisierter Modelle vorgeschlagen. Davon weitgehend isoliert stehen Modelle und Verfahren, die zur kausalen und quantitativen Analyse der Zuverlässigkeit und Sicherheit eingesetzt werden [FMcD]. In diesem Artikel wird ein Rahmenwerk zur Integration verschiedener Modelle der Sicherheits- und Zuverlässigkeitsanalyse sowohl untereinander als auch mit Entwicklungs- Modellen vorgestellt. Quantitative Analysen erfolgen weiterhin mit den Verfahren der Teilmodelle, das Werkzeug des Rahmenwerks steuert den Gesamtablauf. Da das Rahmenwerk sich nicht nur für zwei oder drei spezifische Techniken eignen soll, muss es in der Lage sein, alle relevanten Aussageformen in einer Rahmensprache beschreiben zu können und so zwischen den Modellen zu übersetzen. In der Praxis soll dafür eine XML-Sprache und eine Hierarchie von XML-Schemata zum Einsatz kommen.

Keywords:Eingebettete Systeme, Betriebssicherheit, Fehlerbaumanalyse, Zustandsautomaten, Modellbasierte Entwicklung, XML.   more...

Kaiser, B (2003). A fault-tree semantics to model software-controlled systems.

Softwaretechnik-Trends 23(3), Gesellschaft für Informatik (Hg.) 2003.   

Abstract :Fault tree analysis is a well-known technique to assess safety and reliability of technical systems. However, being a combinatorial model, fault trees can only express which combinations of failures contribute to a certain hazard or accident. There is no means to model sequences of actions and temporal orders of states and events. Since today technical systems are often controlled by software that executes over time, the traditional fault tree model is no longer sufficient. Moreover, integration of software modelling techniques with safety assessment techniques is hampered by the lack of semantically equivalent entities in both domains. To overcome these drawbacks, we propose an extended fault tree semantics that distinguishes events that happen at a point in time from states that last over a period of time. Typed fault tree gates are introduced and calculation rules for quantitative analysis are given. We address the integration of this new concept into our safety and reliability analysis tools UWG3 and ESSaRel.

Keywords:  Safety and reliability analysis, Fault tree analysis, Embedded Systems   more...

Kaiser, B, C Gramlich, M Förster (2007). State/event fault trees - A safety analysis model for software-controlled systems.

Reliability Engineering and System Safety 92 (2007), 1521-1537 (DOI: 10.1016/j.ress.2006.10.010

Abstract : Safety models for software-controlled systems should be intuitive, compositional and have the expressive power to model both software and hardware behaviour. Moreover, they should provide quantitative results for failure or hazard probabilities. Fault trees are an accepted and intuitive model for safety analysis, but they are incapable of expressing state dependencies or temporal order of events. We propose to combine fault trees with an explicit State/Event semantics, using a graphical notation that is similar to Statecharts. Our new model, named State/Event Fault Trees (SEFTs), subsumes both deterministic state machines suited to describe software behaviour, and Markov chains that model probabilistic failures, while keeping the visualisation of causal chains known from fault trees. We allow exponentially distributed probabilistic events, deterministic delays, and triggered events. The model provides a component concept, where components are connected by typed ports. Quantitative evaluation is achieved by translating the component models to Deterministic and Stochastic Petri Nets (DSPNs) and using an existing tool for analysis or simulation. This paper revisits the model elements and the analysis procedure and provides a small case study of a fire alarm system, completed by an outlook on our tool project ESSaRel.

Keywords:  Safety and reliability analysis, Fault tree analysis, SEFT, Embedded systems   more...

Adler, R, M Förster, M Trapp (2007). Determining configuration probabilities of safety-critical adaptive systems.

Proceedings of the 21st International Conference on Advanced Information Networking and Applications, AINA 2007,
Vol 2, 548-555.

Abstract : This article presents a novel technique to calculate the probability that an adaptive system assumes a configuration. An important application area of dynamic adaptation is the cost-efficient development of dependable embedded systems. Dynamic adaptation exploits implicitly available redundancy, reducing the need for hardware redundancy, to make systems more available, reliable, survivable and, ultimately, more safe. Knowledge of configuration probabilities of a system is an essential requirement for the optimization of safety efforts in development. In perspective, it is also a prerequisite for dependability assessment. Our approach is based on a modeling language for complex reconfiguration behavior. We transform the adaptation model into a probabilistic target model that combines a compositional fault tree with Markov chains. This hybrid model can be evaluated efficiently using a modified BDD-based algorithm. The approach is currently being implemented in ESSaRel.

Keywords:  Dependability, Adaptive systems, Fault tree analysis, Markov chains, Safety   more...