Abstract
Faults modelling is essential to anticipate failures in critical systems. Traditionally, Static Fault Trees are employed to this end, but Temporal and Dynamic Fault Trees are gaining evidence due to their enriched power to model and detect intricate propagation of faults that lead to a failure. In previous work, we showed a strategy based on the process algebra CSP and Simulink models to obtain fault traces that lead to a failure. Although that work used Static Fault Trees, it could be used with Temporal or Dynamic Fault Trees. In the present work we define an algebra of temporal faults (with a notion of fault propagation) and prove that it is indeed a Boolean algebra. This allows us to inherit Boolean algebra’s properties, laws and existing reduction techniques, which are very beneficial for faults modelling and analysis. We illustrate our work on a simple but real case study supplied by our industrial partner EMBRAER.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Notes
Pandora stands for: P-AND-ORA, which translates to Priority AND, Time.
This variant “M” is the machine-readable version of CSP.
The 2002 tutorial is reported in Nipkow et al. (2002), but there is a newer version published with the tool itself. The tool and the tutorial are available on their website at http://isabelle.in.tum.de.
Whether a top event indeed causes a catastrophic or major failure is out of the scope of this paper; we consider that, if it is possible that such failure occurs, then it will.
In our previous work we designed the observer to ignore order as well, by making similar traces—with different ordering—the same size. Here we modified the observer specification to make similar traces with different sizes.
In this work we do not show the mapping function from traces to ATF (and the mapping function with XBefore in Section 4.2). The mapping rules follow the traces: XBefore is obtained by the order of occurrence and the absence of an event is the complement (−).
In the final formula, \(\left (B {\cap } S {\cap } -A \right ) {\cup } \left (A {\cap } B {\cap } -S \right )\) is equivalent to \(\left (B {\cap } \left (S \oplus A \right ) \right )\). There is a typo in our previous work (Didier and Mota 2015). The expression was written with an OR (∨) but it should an XOR (⊕).
References
Akers (1978). Binary decision diagrams. IEEE Transactions on Computers, C-27 (6), 509–516. 10.1109/tc.1978.1675141.
ANAC (2011). Aeronautical Product Certification (in portuguese). DOU N circ 230, Seção 1, p. 28 01/12/2011. http://www2.anac.gov.br/biblioteca/resolucao/2011/RBAC21EMD01.pdf.
Andrews, J.D. (2001). The use of not logic in fault tree analysis. Quality and Reliability Engineering International, 17(3), 143–150. doi:10.1002/qre.405.
Astrom, K.J., & Murray, R.M. (2008). Feedback systems: an introduction for scientists and engineers. Princeton: Princeton University Press.
Bayse, E., Cavalli, A., Núñez, M., & Zaı̈di, F. (2005). A passive testing approach based on invariants: application to the WAP. Computer Networks, 48(2), 247–266. doi:10.1016/j.comnet.2004.09.009.
Boute, R. (1976). The binary decision machine as programmable controller. Euromicro Newsletter, 2(1), 16–22. doi:10.1016/0303-1268(76)90033-x 10.1016/0303-1268(76)90033-x.
Didier, A., & Mota, A. (2012). Identifying Hardware Failures Systematically. In: Gheyi, R., & Naumann, D. (Eds.) Formal Methods: Foundations and Applications, Lecture Notes in Computer Science. doi:10.1007/978-3-642-33296-8_10, (Vol. 7498 pp. 115–130). Berlin: Springer.
Didier, A.L.R., & Mota, A. (2015). A Lattice-Based representation of temporal failures. In 2015 IEEE International conference on information reuse and integration. Institute of electrical & electronics engineers (IEEE). doi:10.1109/iri.2015.55.
Dugan, J.B., Bavuso, S.J., & Boyd, M.A. (1992). Dynamic fault-tree models for fault-tolerant computer systems. IEEE Transactions on Reliability, 41(3), 363–377. doi:10.1109/24.159800.
Edifor, E., Walker, M., & Gordon, N. (2013). Quantification of Simultaneous-AND Gates in Temporal Fault Trees. In Zamojski, W., Mazurkiewicz, J., Sugier, J., Walkowiak, T., & Kacprzyk, J. (Eds.) New Results in Dependability and Computer Systems. doi:10.1007/978-3-319-00945-2_13, (Vol. 224 pp. 141–151): Springer International Publishing.
FAA (1993). RTCA, Inc., Document RTCA/DO-178B. U.S. Dept. of Transportation, Federal Aviation Administration, [Washington D.C.]
FAA (2007). Part 25 - Airworthiness Standards: Transport Category Airplanes. Tech. rep., Federal Aviation Administration (FAA) USA.
Givant, S., & Halmos, P. (2009). Introduction to Boolean Algebras, Undergraduate Texts in Mathematics, vol XIV. http://www.springer.com/mathematics/book/978-0-387-40293-2.
Gomes, A., Mota, A., Sampaio, A., Ferri, F., & Buzzi, J. (2010). Systematic Model-Based safety assessment via probabilistic model checking. In ISOLA (1) (pp. 625–639).
Jaskelioff, M., & Merz, S. (2005). Proving the Correctness of Disk Paxos. Archive of Formal Proofs. http://afp.sf.net/entries/DiskPaxos.shtml,Formalproofdevelopment.
Jesus, J., Mota, A., Sampaio, A., & Grijo, L. (2011). Architectural verification of control systems using CSP. In ICFEM (pp. 323–339).
Koren, I., & Krishna, C.M. (2007). Fault tolerant systems. San Francisco: Morgan Kaufmann Publishers Inc.
MathWorks (2010). Matlab®. http://www.mathworks.com/products/matlab.
MathWorks (2010). Simulink®. http://www.mathworks.com/products/simulink http://www.mathworks.com/products/simulink.
Merle, G. (2010). Algebraic modelling of Dynamic Fault Trees, contribution to qualitative and quantitative analysis. Theses École normale supérieure de Cachan - ENS Cachan. https://tel.archives-ouvertes.fr/tel-00502012.
Merle, G., Roussel, J.M., & Lesage, J.J. (2011). Algebraic determination of the structure function of Dynamic Fault Trees. Reliability Engineering & System Safety, 96(2), 267–277. doi:10.1016/j.ress.2010.10.001.
Merle, G., Roussel, J.M., & Lesage, J.J. (2011). Dynamic fault tree analysis based on the structure function 2011 Proceedings - Annual Reliability and Maintainability Symposium. doi:10.1109/rams.2011.5754452.
Merle, G., Roussel, J.M., & Lesage, J.J. (2014). Quantitative analysis of dynamic fault trees based on the structure function. Quality and Reliability Engineering International, 30(1), 143–156. doi:10.1002/qre.1487.
Merle, G., Roussel, J.M., Lesage, J.J., & Bobbio, A. (2010). Probabilistic algebraic analysis of fault trees with priority dynamic gates and repeated events. IEEE Transactions on Reliability, 59(1), 250–261. doi:10.1109/tr.2009.2035793.
Mota, A., Jesus, J., Gomes, A., Ferri, F., & Watanabe, E. (2010). Evolving a safe system design iteratively. In SAFECOMP (pp. 361–374).
Nipkow, T., Paulson, L.C., & Wenzel, M. (2002). Isabelle/HOL — A Proof Assistant for Higher-Order Logic, LNCS, vol. 2283 Springer. https://isabelle.in.tum.de/.
Nise, N.S. (1992). Control systems engineering. Benjamin-cummings Publishing Co., Inc., Redwood City, CA USA.
O’Connor, P., Newton, D., & Bromley, R. (2002). Practical reliability engineering Wiley.
Oliva, S. (2006). Non-Coherent Fault Trees Can Be Misleading. e-Journal of System Safety 42(3). http://www.system-safety.org/ejss/past/mayjune2006ejss/spotlight2_p1.php.
Papadopoulos, Y., McDermid, J., Sasse, R., & Heiner, G. (2001). Analysis and synthesis of the behaviour of complex programmable electronic systems in conditions of failure. Reliability Engineering & System Safety, 71(3), 229–247. doi:10.1016/S0951-8320(00)00076-4.
Roscoe, A.W. (1997). The theory and practice of concurrency. New Jersey: Prentice Hall PTR.
Roscoe, A.W. (2010). Understanding concurrent systems. Texts in computer science springer. doi:10.1007/978-1-84882-258-0, https://www.cs.ox.ac.uk/ucs/.
SAE (1996). SAE ARP4761 Guidelines and Methods for Conducting the Safety Assessment Process on Civil Airborne Systems and Equipment.
Snooke, N., & Price, C. (2011). Model-driven automated software FMEA. In Reliability and maintainability symposium. doi:10.1109/RAMS.2011.5754453 (pp. 1–6).
Tannous, O., Xing, L., & Dugan, J.B. (2011). Reliability analysis of warm standby systems using sequential BDD 2011 Proceedings - Annual Reliability and Maintainability Symposium. doi:10.1109/rams.2011.5754426.
Vesely, W., Goldberg, F., Roberts, N., & Haasl, D. (1981). Fault Tree Handbook. NUREG-0492. US Independent Agencies and Commissions. http://www.nrc.gov/reading-rm/doc-collections/nuregs/staff/sr0492/.
Walker, M., & Papadopoulos, Y. (2008). Synthesis and analysis of temporal fault trees with PANDORA: The time of Priority AND gates. Nonlinear Analysis: Hybrid Systems, 2(2), 368–382. doi:10.1016/j.nahs.2006.05.003. Proceedings of the International Conference on Hybrid Systems and Applications, Lafayette, LA, USA, May 2006: Part II.
Walker, M., & Papadopoulos, Y. (2009). Qualitative temporal analysis: Towards a full implementation of the Fault Tree Handbook. Control Engineering Practice, 17(10), 1115–1125. doi:10.1016/j.conengprac.2008.10.003.
Walker, M., & Papadopoulos, Y. (2010). A hierarchical method for the reduction of temporal expressions in Pandora. In Proceedings of the first workshop on DYnamic aspects in DEpendability models for fault-tolerant systems, DYADEM-FTS ’10. doi:10.1145/1772630.1772634 (pp. 7–12). New York: ACM.
Walker, M.D. (2009). Pandora: a logic for the qualitative analysis of temporal fault trees. Ph.D. thesis, University of Hull. https://hydra.hull.ac.uk/resources/hull:2526.
Xing, L., Tannous, O., & Dugan, J.B. (2012). Reliability analysis of nonrepairable Cold-Standby systems using sequential binary decision diagrams. IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans, 42(3), 715–726. doi:10.1109/tsmca.2011.2170415.
Acknowledgments
We would like to thank Alexander Romanovsky, Zoe Andrews and Richard Payne for all discussions about fault modelling and dependability. We also thank the anonymous referees of FMi 2015 and ISF journal for comments in drafts of this work. This work was funded by CNPq, grants 476821/2011-8, 442859/2014-7, and 246956/2012-7, and by FACEPE grant IBPG-0408-1.03/11. This work was partially supported by the National Institute of Science and Technology for Software Engineering (INESFootnote 8), funded by CNPq and FACEPE, grants 573964/2008-4 and APQ-1037-1.03/08.
Author information
Authors and Affiliations
Corresponding author
Electronic supplementary material
Below is the link to the electronic supplementary material.
Rights and permissions
About this article
Cite this article
Didier, A., Mota, A. An algebra of temporal faults. Inf Syst Front 18, 967–980 (2016). https://doi.org/10.1007/s10796-016-9664-8
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10796-016-9664-8