article

Formal Fault Tree Analysis - Practical Experiences

Authors:

Frank Ortmeier,

Gerhard SchellhornAuthors Info & Claims

Electronic Notes in Theoretical Computer Science (ENTCS), Volume 185

Pages 139 - 151

https://doi.org/10.1016/j.entcs.2007.05.034

Published: 01 July 2007 Publication History

Abstract

Safety is an important requirement for many modern systems. To ensure safety of complex critical systems, well-known safety analysis methods have been formalized. This holds in particular for automation sytsems and transportation systems. In this paper we present the formalization of one of the most wide spread safety analysis methods: fault tree analysis (FTA). Formal FTA allows to rigorously reason about completeness of a faulty tree. This means it is possible to prove whether a certain combination of component failures is critical for system failure or not. This is a big step forward as informal reasoning on cause-consequence relations is very error-prone. We report on our experiences with a real world case study from the domain of railroads. The here presented case study is - to our knowledge - the first complete formal fault tree analysis for an infinite state system. Until now only finite state systems have been analyzed with formal FTA by using model checking.

References

[1]

M. Balser. Verifying Concurrent System with Symbolic Execution -- Temporal Reasoning is Symbolic Execution with a Little Induction. PhD thesis, University of Augsburg, Augsburg, Germany, 2005

[2]

Balser, M., Reif, W., Schellhorn, G., Stenzel, K. and Thums, A., Formal system development with KIV. In: Maibaum, T. (Ed.), LNCS, number 1783. Springer-Verlag. pp. 363-366.

[3]

Bienmöller, T., Damm, W. and Wittke, H., The STATEMATE verification environment -- making it real. In: Emerson, E.A., Sistla, A.P. (Eds.), LNCS, number 1855. Springer. pp. 561-567.

[4]

Bruns, G. and Anderson, S., Validating safety models with fault trees. In: Górski, J. (Ed.), SafeComp'93: 12th International Conference on Computer Safety, Reliability, and Security, Springer-Verlag. pp. 21-30.

[5]

http://www.cms.dmu.ac.uk/~cau/itlhomepage

[6]

Damm, W., Josko, B., Hungar, H. and Pnueli, A., A compositional real-time semantics of STATEMATE designs. In: de Roever, W.-P., Langmaack, H., Pnueli, A. (Eds.), LNCS, volume 1536. Springer. pp. 186-238.

[7]

Hansen, K., Ravn, A. and Stavridou, V., From safety analysis to software requirements. IEEE Transactions on Software Engineering. v24 i7. 573-584.

[8]

K.M. Hansen, A.P. Ravn, and V. Stavridou. From safety analysis to formal specification. ProCoS II document {ID/DTH KMH 1/1}, Technical University of Denmark, 1994

[9]

Harel, D. and Naamad, A., The statemate semantics of statecharts. ACM Transactions on Software Engineering and Methodology. v5 i4. 293-333.

[10]

J. Klose and A. Thums. The STATEMATE reference model of the reference case study 'Verkehrsleittechnik'. Technical Report 2002-01, Universität Augsburg, 2002

[11]

Ortmeier, F., Thums, A., Schellhorn, G. and Reif, W., Combining formal methods and safety analysis -- the ForMoSA approach. In: LNCS, 3147. Springer.

[12]

Frank Ortmeier and Wolfgang Reif. Formal safety analysis of transportation control systems. In Proceedings of SEFM 2005, 2005

[13]

G. Schellhorn, A. Thums, and W. Reif. Formal fault tree semantics. In Proceedings of The Sixth World Conference on Integrated Design & Process Technology, Pasadena, CA, 2002

[14]

A. Thums. Formale Fehlerbaumanalyse. PhD thesis, Universität Augsburg, Augsburg, Germany, 2004. (in German)

[15]

A. Thums, G. Schellhorn, and W. Reif. Comparing fault tree semantics. In D. Haneberg, G. Schellhorn, and W. Reif, editors, FM-TOOLS 2002, Technical Report 2002-11, pages 25 -- 32. Universität Augsburg, 2002

[16]

W.E. Vesely, F.F. Goldberg, N.H. Roberts, and D.F. Haasl. Fault Tree Handbook. Washington, D.C., 1981. NUREG-0492

[17]

Chaochen, Zhou and Hansen, M.R., Duration calculus: Logical foundations. Formal Aspects of Computing. 283-330.

Cited By

Thumati BKemp J(2022)Large-scale Fault Tree Implementation: A Software Tutorial2022 Annual Reliability and Maintainability Symposium (RAMS)10.1109/RAMS51457.2022.9893997(1-5)Online publication date: 24-Jan-2022
https://dl.acm.org/doi/10.1109/RAMS51457.2022.9893997
Ahmad WHasan OTahar S(2020)Formal reliability and failure analysis of ethernet based communication networks in a smart grid substationFormal Aspects of Computing10.1007/s00165-019-00503-132:1(71-111)Online publication date: 27-Jan-2020
https://dl.acm.org/doi/10.1007/s00165-019-00503-1
Ahmed WHasan OPervez UQadir J(2017)Reliability modeling and analysis of communication networksJournal of Network and Computer Applications10.1016/j.jnca.2016.11.00878:C(191-215)Online publication date: 15-Jan-2017
https://dl.acm.org/doi/10.1016/j.jnca.2016.11.008
Show More Cited By

Recommendations

Formal safety analysis of a radio-based railroad crossing using deductive cause-consequence analysis (DCCA)
EDCC'05: Proceedings of the 5th European conference on Dependable Computing

In this paper we present the formal safety analysis of a radio-based railroad crossing. We use deductive cause-consequence analysis (DCCA) as analysis method. DCCA is a novel technique to analyze safety of embedded systems with formal methods. It ...
Modeling Guidelines and Usage Analysis Towards Applying HiP-HOPS Method to Airborne Electrical Systems
SAFECOMP 2015: Proceedings of the 34th International Conference on Computer Safety, Reliability, and Security - Volume 9337

Aircraft development process requires safety assessment to ensure aircraft continued airworthiness by guaranteeing that hazards related to aircraft functions are properly addressed. Safety analyses require increasingly more reliable and efficient ...
Using deductive cause-consequence analysis (DCCA) with SCADE
SAFECOMP'07: Proceedings of the 26th international conference on Computer Safety, Reliability, and Security

Esterel Technologies' SCADE Suite is one of the most important development tools for software for safety-critical systems. It is used for designing many critical components of aerospace, automotive and transportation applications. For such systems ...

Comments

Information & Contributors

Information

Published In

cover image Electronic Notes in Theoretical Computer Science (ENTCS)

Electronic Notes in Theoretical Computer Science (ENTCS) Volume 185, Issue

July, 2007

147 pages

ISSN:1571-0661

Issue’s Table of Contents

Copyright © Elsevier B.V. © 2007.

Publisher

Elsevier Science Publishers B. V.

Netherlands

Publication History

Published: 01 July 2007

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 02 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Thumati BKemp J(2022)Large-scale Fault Tree Implementation: A Software Tutorial2022 Annual Reliability and Maintainability Symposium (RAMS)10.1109/RAMS51457.2022.9893997(1-5)Online publication date: 24-Jan-2022
https://dl.acm.org/doi/10.1109/RAMS51457.2022.9893997
Ahmad WHasan OTahar S(2020)Formal reliability and failure analysis of ethernet based communication networks in a smart grid substationFormal Aspects of Computing10.1007/s00165-019-00503-132:1(71-111)Online publication date: 27-Jan-2020
https://dl.acm.org/doi/10.1007/s00165-019-00503-1
Ahmed WHasan OPervez UQadir J(2017)Reliability modeling and analysis of communication networksJournal of Network and Computer Applications10.1016/j.jnca.2016.11.00878:C(191-215)Online publication date: 15-Jan-2017
https://dl.acm.org/doi/10.1016/j.jnca.2016.11.008
Liu YShen GHuang ZYang Z(2017)Quantitative risk analysis of safety---critical embedded systemsSoftware Quality Journal10.1007/s11219-015-9302-625:2(503-527)Online publication date: 1-Jun-2017
https://dl.acm.org/doi/10.1007/s11219-015-9302-6
Yue HHe QTong LRui ZBo Z(2016)Analysis on in-vehicle information security defenseJournal of Computational Methods in Sciences and Engineering10.3233/JCM-16063616:3(527-535)Online publication date: 1-Jan-2016
https://dl.acm.org/doi/10.3233/JCM-160636
Ahmed WHasan O(2015)Towards Formal Fault Tree Analysis Using Theorem ProvingProceedings of the International Conference on Intelligent Computer Mathematics - Volume 915010.1007/978-3-319-20615-8_3(39-54)Online publication date: 13-Jul-2015
https://dl.acm.org/doi/10.1007/978-3-319-20615-8_3
Xu BHuang ZHu JWei OZhou YAndersen AXu C(2013)Minimal cut sequence generation for state/event fault treesProceedings of the 2013 Middleware Doctoral Symposium10.1145/2541534.2541592(1-6)Online publication date: 9-Dec-2013
https://dl.acm.org/doi/10.1145/2541534.2541592
Lindsay PYatapanage NWinter K(2012)Cut Set Analysis using Behavior Trees and model checkingFormal Aspects of Computing10.1007/s00165-011-0181-824:2(249-266)Online publication date: 1-Mar-2012
https://dl.acm.org/doi/10.1007/s00165-011-0181-8
Tarasyuk ATroubitsyna ELaibinis L(2011)Quantitative verification of system safety in event-BProceedings of the Third international conference on Software engineering for resilient systems10.5555/2045537.2045542(24-39)Online publication date: 29-Sep-2011
https://dl.acm.org/doi/10.5555/2045537.2045542

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents