Improving Safety Assessment of Complex Systems: An Industrial Case Study

Bozzano, Marco; Cavallo, Antonella; Cifaldi, Massimo; Valacca, Laura; Villafiorita, Adolfo

doi:10.1007/978-3-540-45236-2_13

Cited by 37 publications

(26 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Within this project, a tool (FSAP/NuSMV [2]) for automating fault injection, automatic fault tree construction and failure ordering analysis has been developed. However, it only generates flat fault tree structures (and-or) which may become inconvenient for large systems, and the approach does not support compositional safety assessment.…”

Section: Related Workmentioning

confidence: 99%

Tool support for incremental failure mode and effects analysis of component-based systems

Elmqvist

Nadjm‐Tehrani

2008

Proceedings of the Conference on Design, Automation and Test in Europe

View full text Add to dashboard Cite

show abstract

Section: Related Workmentioning

confidence: 99%

Tool support for incremental failure mode and effects analysis of component-based systems

Elmqvist

Nadjm‐Tehrani

2008

Proceedings of the Conference on Design, Automation and Test in Europe

View full text Add to dashboard Cite

show abstract

“…The verification of safety-critical systems using formal techniques is not something new [19], as can be seen from methods such as state machine hazard analysis, which was based on Petri nets [20], and the application of model checking to safety-critical system verification based on various formal models such as finite state machines [4], Statecharts [3], Process Control Event Diagrams [28], Scade [8], and Altarica [3]. A common method for the application of model checking to safety-critical system verification is through the specification of safety-related properties using some temporal logic such as Computation Tree Logic (CTL) or Linear Temporal Logic (LTL) and then checking for the satisfaction of the safety specification [15].…”

Section: Related Workmentioning

confidence: 99%

“…However, the assumption is not valid, so transforming each hazard into a formal property for verification, as in [15], is not sufficient. Some works have also integrated traditional FTA techniques with model checking, such as in the Enhanced Safety Assessment for Complex Systems (ESACS) project [3], [9], which expressed the Minimal Cut Sets (MCS), that is, the minimal combinations of component failures, generated by a model checker, using fault trees. Nevertheless, failure modes of components must still be injected by a safety engineer into the system model before model checking can be performed.…”

Section: Related Workmentioning

confidence: 99%

Model Checking Safety-Critical Systems Using Safecharts

Hsiung

Chen

Lin

2007

IEEE Trans. Comput.

View full text Add to dashboard Cite

Abstract-With rapid developments in science and technology, we now see the ubiquitous use of different types of safety-critical systems in our daily lives such as in avionics, consumer electronics, and medical systems. In such systems, unintentional design faults might result in injury or even death to human beings. To make sure that safety-critical systems are really safe, there is a need to verify them formally. However, the verification of such systems is getting more and more difficult because designs are becoming very complex. To cope with high design complexity, currently, model-driven architecture design is becoming a well-accepted trend. However, existing methods of testing and standards conformance are restricted to implementation code, so they do not fit very well with model-based approaches. To bridge this gap, we propose a model-based formal verification technique for safety-critical systems. In this work, the model-checking paradigm is applied to the Safecharts model, which was used for modeling but not yet used for verification. Our contributions listed are as follows: First, the safety constraints in Safecharts are mapped to semantic equivalents in timed automata for verification. Second, the theory for safety constraint verification is proven and implemented in a compositional model checker (that is, the State-Graph Manipulator (SGM)). Third, prioritized and urgent transitions are implemented in SGM to model the risk semantics in Safecharts. Finally, it is shown that the priority-based approach to mutual exclusion of resource usage in the original Safecharts is unsafe and corresponding solutions are proposed here. Application examples show the feasibility and benefits of the proposed model-driven verification of safety-critical systems.

show abstract

“…Achieving a high degree of safety is one of the most approaches [5][6][7][8][9][10]. They intend to build precise models for the system architecture and its failure modes, so that computers can help to do the tedious and error-prone hazard sources tracing and probability calculation.…”

Section: Introductionmentioning

confidence: 99%

“…Formal languages are used to describe normal and failure behaviours of the system, and model checking tools or simulation engines are used to do automatic analysis. Some commercial safety analysis software tools/packages based on this idea are available, such as FSAP/NuSMV-SA [5] and SCADE [6]. However, the major portion of this kind of model is still a normal process, rather than a failure process.…”

Section: Introductionmentioning

confidence: 99%

A model-based framework for the safety analysis of computer-based railway signalling systems

Niu

Tang

2010

WIT Transactions on the Built Environment

View full text Add to dashboard Cite

Ensuring safety in railway signalling systems is always considered as significant as a guarantee of the safe and efficient operation of the whole railway. In fact, safety analysis of the signalling system with distributed computer technique is becoming extraordinarily difficult, because of the frequent and complex interaction between components and the various backup modes. The dominant approaches are subjective, difficult to reuse and not well structured, thus leaving the safety analysis process time-consuming and error-prone. This paper develops a hierarchical methodology for safety analysis based on the failure propagation model and state-transition model. Unlike traditional safety analyses, the proposed approach demonstrates more accurate representation of practical failure behaviour in a computer-based signalling system. Dynamic properties, system structure and failures at the component level are separately modelled in different layers, and connected with synthesis laws. The analysis can be easily refined as the system design progresses and automatically produces safety-related information to help the engineer in making design decisions. The preliminary design of the Communication Based Train Control (CBTC) system for the Yizhuang Line in Beijing is used to demonstrate this approach.

show abstract

Improving Safety Assessment of Complex Systems: An Industrial Case Study

Cited by 37 publications

References 18 publications

Tool support for incremental failure mode and effects analysis of component-based systems

Tool support for incremental failure mode and effects analysis of component-based systems

Model Checking Safety-Critical Systems Using Safecharts

A model-based framework for the safety analysis of computer-based railway signalling systems

Contact Info

Product

Resources

About