Abstract
Model checking is a formal method that has proven useful for verifying e.g. logic designs of safety systems used in nuclear plants. However, redundant subsystems are implemented in nuclear plants in order to achieve a certain level of fault-tolerance. A formal system-level analysis that takes into account both the detailed logic design of the systems and the potential failures of the hardware equipment is a difficult challenge. In this work, we have created new methodology for modelling hardware failures, and used it to enable the verification of the fault-tolerance of the plant using model checking. We have used an example probabilistic risk assessment (PRA) model of a fictional nuclear power plant as reference and created a corresponding model checking model that covers several safety systems of the plant. Using the plant-level model we verified several safety properties of the nuclear plant. We also analysed the fault-tolerance of the plant with regard to these properties, and used abstraction techniques to manage the large plant-level model. Our work is a step towards being able to exhaustively verify properties on a single model that covers the entire plant. The developed methodology follows closely the notations of PRA analysis, and serves as a basis for further integration between the two approaches.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Clarke, E.M., Grumberg, O., Peled, D.: Model checking. MIT Press (2001)
FBK-IRST, Carnegie Mellon University, University of Genova and University of Trento: NuSMV model checker v.2.5.4 (2012)
Lahtinen, J., Valkonen, J., Björkman, K., Frits, J., Niemelä, I., Heljanko, K.: Model checking of safety-critical software in the nuclear engineering domain. Reliability Engineering & System Safety 105, 104–113 (2012)
Lahtinen, J., Launiainen, T., Heljanko, K.: Model checking methodology for large systems, faults and asynchronic behaviour - SARANA 2011 work report. VTT Technology 12, VTT Technical Research Centre of Finland (2012), http://www.vtt.fi/inf/pdf/technology/2012/T12.pdf
Lahtinen, J.: Hardware failure modelling methodology for model checking. Research report: VTT-R-00213-14, VTT Technical Research Centre of Finland (2014), http://www.vtt.fi/inf/julkaisut/muut/2014/VTT-R-00213-14.pdf
Bozzano, M., Villafiorita, A.: The FSAP/NuSMV-SA safety analysis platform. International Journal on Software Tools for Technology Transfer 9(1), 5–24 (2007)
Joshi, A., Heimdahl, M.P.E.: Model-based safety analysis of simulink models using SCADE design verifier. In: Winther, R., Gran, B.A., Dahll, G. (eds.) SAFECOMP 2005. LNCS, vol. 3688, pp. 122–135. Springer, Heidelberg (2005)
Arnold, A., Point, G., Griffault, A., Rauzy, A.: The AltaRica formalism for describing concurrent systems. Fundam. Inf. 40(2,3), 109–124 (1999)
Bieber, P., Castel, C., Seguin, C.: Combination of fault tree analysis and model checking for safety assessment of complex system. In: Bondavalli, A., Thévenod-Fosse, P. (eds.) EDCC 2002. LNCS, vol. 2485, pp. 19–31. Springer, Heidelberg (2002)
Schneider, F., Easterbrook, S.M., Callahan, J.R., Holzmann, G.J.: Validating requirements for fault tolerant systems using model checking. In: ICRE, pp. 4–13. IEEE Computer Society (1998)
Bernardeschi, C., Fantechi, A., Gnesi, S.: Model checking fault tolerant systems. Softw. Test., Verif. Reliab. 12(4), 251–275 (2002)
Bruns, G., Sutherland, I.: Model checking and fault tolerance. In: Johnson, M. (ed.) AMAST 1997. LNCS, vol. 1349, pp. 45–59. Springer, Heidelberg (1997)
Authén, S., Holmberg, J.E.: Reliability analysis of digital systems in a probabilistic risk analysis for nuclear power plants. Nuclear Engineering and Technology 44(5), 471–482 (2012)
Authén, S., Gustafsson, J., Holmberg, J.E.: Guidelines for reliability analysis of digital systems in PSA context - Phase 3 status report. NKS Report NKS-277, Nordic Nuclear Safety Research, NKS (2013)
Pakonen, A., Mätäsniemi, T., Lahtinen, J., Karhela, T.: A toolset for model checking of PLC software. In: IEEE 18th Conference on Emerging Technologies & Factory Automation (ETFA), pp. 1–6 (September 2013)
Bradley, A.R.: SAT-based model checking without unrolling. In: Jhala, R., Schmidt, D. (eds.) VMCAI 2011. LNCS, vol. 6538, pp. 70–87. Springer, Heidelberg (2011)
Sterin, B., Een, N., Mishchenko, A., Brayton, R.: The benefit of concurrency in model checking. In: Proceedings of the International Workshop on Logic Synthesis, IWLS 2011, pp. 176–182 (2011)
Kuismin, T., Heljanko, K.: Increasing confidence in liveness model checking results with proofs. In: Bertacco, V., Legay, A. (eds.) HVC 2013. LNCS, vol. 8244, pp. 32–43. Springer, Heidelberg (2013)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Lahtinen, J. (2014). Verification of Fault-Tolerant System Architectures Using Model Checking. In: Bondavalli, A., Ceccarelli, A., Ortmeier, F. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2014. Lecture Notes in Computer Science, vol 8696. Springer, Cham. https://doi.org/10.1007/978-3-319-10557-4_23
Download citation
DOI: https://doi.org/10.1007/978-3-319-10557-4_23
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-10556-7
Online ISBN: 978-3-319-10557-4
eBook Packages: Computer ScienceComputer Science (R0)