A Formal Transformation Method for Automated Fault Tree Generation from a UML Activity Model

Fault analysis and resolution of faults should be part of any end-to-end system development process. This paper is concerned with developing a formal transformation method that maps control flows modeled in UML Activities to semantically equivalent Fault Trees. The transformation method developed features the use of propositional calculus and probability theory. Fault Propagation Chains are introduced to facilitate the transformation method. An overarching metamodel comprised of transformations between models is developed and is applied to an understood Traffic Management System of Systems problem to demonstrate the approach. In this way, the relational structure of the system behavior model is reflected in the structure of the Fault Tree. The paper concludes with a discussion of limitations of the transformation method and proposes approaches to extend it to object flows, State Machines and functional allocations.Comment: 1st submission made to IEEE Transactions on Reliability on 27-Nov-2017; 2nd submission (revision) made on 27-Apr-2018. This version is the 2nd submission. 20 pages, 11 figure

A formal transformation method for automated fault tree generation from a UML activity model

IEEE Fault analysis and resolution of faults should be part of any end-to-end system development process. This paper is concerned with developing a formal transformation method that maps control flows modeled in unified modeling language activities to semantically equivalent fault trees. The transformation method developed features the use of propositional calculus and probability theory. Fault propagation chains are introduced to facilitate the method. An overarching metamodel comprised of transformations between models is developed and is applied to an understood traffic management system of systems problem to demonstrate the approach. In this way, the relational structure of the system behavior model is reflected in the structure of the fault tree. The paper concludes with a discussion of limitations of the transformation method and proposes approaches to extend it to object flows, state machines, and functional allocations

Improving reliability of service oriented systems with consideration of cost and time constraints in clouds

Web service technology is more and more popular for the implementation of service oriented systems. Additionally, cloud computing platforms, as an efficient and available environment, can provide the computing, networking and storage resources in order to decrease the budget of companies to deploy and manage their systems. Therefore, more service oriented systems are migrated and deployed in clouds. However, these applications need to be improved in terms of reliability, for certain components have low reliability. Fault tolerance approaches can improve software reliability. However, more redundant units are required, which increases the cost and the execution time of the entire system. Therefore, a migration and deployment framework with fault tolerance approaches with the consideration of global constraints in terms of cost and execution time may be needed. This work proposes a migration and deployment framework to guide the designers of service oriented systems in order to improve the reliability under global constraints in clouds. A multilevel redundancy allocation model is adopted for the framework to assign redundant units to the structure of systems with fault tolerance approaches. An improved genetic algorithm is utilised for the generation of the migration plan that takes the execution time of systems and the cost constraints into consideration. Fault tolerant approaches (such as NVP, RB and Parallel) can be integrated into the framework so as to improve the reliability of the components at the bottom level. Additionally, a new encoding mechanism based on linked lists is proposed to improve the performance of the genetic algorithm in order to reduce the movement of redundant units in the model. The experiments compare the performance of encoding mechanisms and the model integrated with different fault tolerance approaches. The empirical studies show that the proposed framework, with a multilevel redundancy allocation model integrated with the fault tolerance approaches, can generate migration plans for service oriented systems in clouds with the consideration of cost and execution time

Formal transformation methods for automated fault tree generation from UML diagrams

With a growing complexity in safety critical systems, engaging Systems Engineering with System Safety Engineering as early as possible in the system life cycle becomes ever more important to ensure system safety during system development. Assessing the safety and reliability of system architectural design at the early stage of the system life cycle can bring value to system design by identifying safety issues earlier and maintaining safety traceability throughout the design phase. However, this is not a trivial task and can require upfront investment. Automated transformation from system architecture models to system safety and reliability models offers a potential solution. However, existing methods lack of formal basis. This can potentially lead to unreliable results. Without a formal basis, Fault Tree Analysis of a system, for example, even if performed concurrently with system design may not ensure all safety critical aspects of the design. [Continues.]</div

A state machine architecture for aerospace vehicle fault protection

Because of their complexity and the unforgiving environment in which they operate, aerospace vehicles are vulnerable to mission-critical failures. In order to prevent these failures, aerospace vehicles often employ Fault Detection, Isolation, and Recovery (FDIR) systems to sense, identify the source of, and recover from faults. Typically, aerospace systems use a rule-based paradigm for FDIR where telemetry values are monitored against specific logical statements such as static upper and lower limits. The model-based paradigm allows more complex decision logic to be used for FDIR. State machines are a particular tool for model-based FDIR that have been explored by industry but not yet widely adopted. This study develops a generic and modular state machine FDIR architecture that is portable to flight software. The study will focus on FDIR for the Guidance, Navigation, & Control subsystem, but it will be presented in a manner that is applicable to all vehicle subsystems. The state machine formulation is applied for on-board model-based fault diagnosis. Two specific case studies are employed to demonstrate the architecture. The first is a terrestrial application of unmanned aerial vehicles for 3D scanning and mapping, which is validated through flight testing. The second is a space-based application of automated close approach and capture for a Mars sample return mission, which is validated through software-in-the-loop testing with flight-like software components.Ph.D

Fail-Safe Testing of Safety-Critical Systems

This dissertation proposes an approach for testing of safety-critical systems. It is based on a behavioral and a fault model. The two models are analyzed for compatibility and necessary changes are identified to make them compatible. Then transformation rules are used to transform the fault model into the same model type as the behavioral model. Integration rules define how to combine them. This approach results in an integrated model which then can be used to generate tests using a variety of testing criteria. The dissertation illustrates this general framework using a CEFSM for the behavioral model and a Fault Tree for the fault model. We apply the technique to a variety of applications such as a Gas burner, an Aerospace Launch System, and a Railroad Crossing Control System. We also investigate the scalability of the approach and compare its efficiency with integrating a state chart and a fault tree. Construction and Analysis of Distributed Processes (CADP) has been used as a supporting tool for this approach to generate test cases from the integrated model and to analyze the integrated model for some properties such as deadlock and livelock