Causality and Temporal Dependencies in the Design of Fault Management Systems

Reasoning about causes and effects naturally arises in the engineering of safety-critical systems. A classical example is Fault Tree Analysis, a deductive technique used for system safety assessment, whereby an undesired state is reduced to the set of its immediate causes. The design of fault management systems also requires reasoning on causality relationships. In particular, a fail-operational system needs to ensure timely detection and identification of faults, i.e. recognize the occurrence of run-time faults through their observable effects on the system. Even more complex scenarios arise when multiple faults are involved and may interact in subtle ways. In this work, we propose a formal approach to fault management for complex systems. We first introduce the notions of fault tree and minimal cut sets. We then present a formal framework for the specification and analysis of diagnosability, and for the design of fault detection and identification (FDI) components. Finally, we review recent advances in fault propagation analysis, based on the Timed Failure Propagation Graphs (TFPG) formalism.Comment: In Proceedings CREST 2017, arXiv:1710.0277

Embedded intelligence for electrical network operation and control

Integrating multiple types of intelligent, mulitagent data analysis within a smart grid can pave the way for flexible, extensible, and robust solutions to power network management

Fault Localization in Multi-Threaded C Programs using Bounded Model Checking (extended version)

Software debugging is a very time-consuming process, which is even worse for multi-threaded programs, due to the non-deterministic behavior of thread-scheduling algorithms. However, the debugging time may be greatly reduced, if automatic methods are used for localizing faults. In this study, a new method for fault localization, in multi-threaded C programs, is proposed. It transforms a multi-threaded program into a corresponding sequential one and then uses a fault-diagnosis method suitable for this type of program, in order to localize faults. The code transformation is implemented with rules and context switch information from counterexamples, which are typically generated by bounded model checkers. Experimental results show that the proposed method is effective, in such a way that sequential fault-localization methods can be extended to multi-threaded programs.Comment: extended version of paper published at SBESC'1

A survey on online monitoring approaches of computer-based systems

This report surveys forms of online data collection that are in current use (as well as being the subject of research to adapt them to changing technology and demands), and can be used as inputs to assessment of dependability and resilience, although they are not primarily meant for this use

Investigation of gas circulator response to load transients in nuclear power plant operation

Gas circulator units are a critical component of the Advanced Gas-cooled Reactor (AGR), one of the nuclear power plant (NPP) designs in current use within the UK. The condition monitoring of these assets is central to the safe and economic operation of the AGRs and is achieved through analysis of vibration data. Due to the dynamic nature of reactor operation, each plant item is subject to a variety of system transients of which engineers are required to identify and reason about with regards to asset health. The AGR design enables low power refueling (LPR) which results in a change in operational state for the gas circulators, with the vibration profile of each unit reacting accordingly. The changing conditions subject to these items during LPR and other such events may impact on the assets. From these assumptions, it is proposed that useful information on gas circulator condition can be determined from the analysis of vibration response to the LPR event. This paper presents an investigation into asset vibration during an LPR. A machine learning classification approach is used in order to define each transient instance and its behavioral features statistically. Classification and reasoning about the regular transients such as the LPR represents the primary stage in modeling higher complexity events for advanced event driven diagnostics, which may provide an enhancement to the current methodology, which uses alarm boundary limits

Finding the direction of disturbance propagation in a chemical process using transfer entropy

Published versio