The Dynamic Fault Tree Rare Event Simulator

The dynamic-fault-tree rare event simulator, DFTRES, is a statistical model checker for dynamic fault trees (DFTs), supporting the analysis of highly dependable systems, e.g. with unavailability or unreliability under 10^(-30). To efficiently estimate such low probabilities, we apply the Path-ZVA algorithm to implement Importance Sampling with minimal user input. Calculation speed is further improved by selective automata composition and bisimulation reduction. DFTRES reads DFTs in the Galileo or JANI textual formats. The tool is written in Java 11 with multi-platform support, and it is released under the GPLv3. In this paper we describe the architecture, setup, and input language of DFTRES, and showcase its accurate estimation of dependability metrics of (resilient) repairable DFTs from the FFORT benchmark suite.</p

Rare event simulation for dynamic fault trees

Fault trees (FT) are a popular industrial method for reliability engineering, for which Monte Carlo simulation is an important technique to estimate common dependability metrics, such as the system reliability and availability. A severe drawback of Monte Carlo simulation is that the number of simulations required to obtain accurate estimations grows extremely large in the presence of rare events, i.e., events whose probability of occurrence is very low, which typically holds for failures in highly reliable systems. This paper presents a novel method for rare event simulation of dynamic fault trees with complex repairs that requires only a modest number of simulations, while retaining statistically justified confidence intervals. Our method exploits the importance sampling technique for rare event simulation, together with a compositional state space generation method for dynamic fault trees. We demonstrate our approach using two parameterized sets of case studies, showing that our method can handle fault trees that could not be evaluated with either existing analytical techniques, nor with standard simulation techniques

Supervisory Control Theory in System Safety Analysis

Development of safety critical systems requires a risk management strategy to identify and analyse hazards, and apply necessary actions to eliminate or control them as malfunctions could be catastrophic. Fault Tree Analysis (FTA) is one of the most widely used methods for safety analysis in industrial use. However, the standard FTA is manual, informal, and limited to static analysis of systems. In this paper, we present preliminary results from a model-based approach to address these limitations using Supervisory Control Theory. Taking an example from the Fault Tree Handbook, we present a systematic approach to incrementally obtain formal models from a fault tree and verify them in the tool Supremica. We present a method to calculate minimal cut sets using our approach. These compositional techniques could potentially be very beneficial in the safety analysis of highly complex safety critical systems, where several components interact to solve different tasks

A Hierarchy of Scheduler Classes for Stochastic Automata

Stochastic automata are a formal compositional model for concurrent stochastic timed systems, with general distributions and non-deterministic choices. Measures of interest are defined over schedulers that resolve the nondeterminism. In this paper we investigate the power of various theoretically and practically motivated classes of schedulers, considering the classic complete-information view and a restriction to non-prophetic schedulers. We prove a hierarchy of scheduler classes w.r.t. unbounded probabilistic reachability. We find that, unlike Markovian formalisms, stochastic automata distinguish most classes even in this basic setting. Verification and strategy synthesis methods thus face a tradeoff between powerful and efficient classes. Using lightweight scheduler sampling, we explore this tradeoff and demonstrate the concept of a useful approximative verification technique for stochastic automata

Rhabdomyolysis after COVID-19 Comirnaty Vaccination: A Case Report

Rhabdomyolysis is an acute disruption in skeletal muscle integrity, leading to the rapid release of 4 muscle contents into the bloodstream, such as creatine kinase (CK). It can have various causes, including infections. Throughout the pandemic, multiple cases of rhabdomyolysis following COVID-19 infections have been reported. However, rhabdomyolysis subsequent to COVID-19 vaccinations appears to be relatively rare. Here, we report such a case after a second COVID-19 Comirnaty (BioNTech/Pfizer) vaccination. Our patient developed rhabdomyolysis 1 day after the second Comirnaty vaccination with high creatine kinase (CK) levels, generalized weakness, and kidney failure. CK levels and muscle weakness resolved after treatment with intravenous fluids, but unfortunately, he remained hemodialysis dependent after discharge. To our knowledge, this is one of the first case reports describing a patient with rhabdomyolysis after a Comirnaty vaccination. However, as millions of people have received the Comirnaty vaccine, it is unclear whether the rhabdomyolysis in our patient is a rare side effect or an unrelated, coincidental event. Large observational studies are needed to elucidate the causality between the Comirnaty vaccination and rhabdomyolysis. Awareness is warranted in patients with myalgia and muscle weakness shortly after COVID-19 vaccination, in order to initiate treatment early and prevent life-threatening complications

Fault Trees from Data: Efficient Learning with an Evolutionary Algorithm

Cyber-physical systems come with increasingly complex architectures and failure modes, which complicates the task of obtaining accurate system reliability models. At the same time, with the emergence of the (industrial) Internet-of-Things, systems are more and more often being monitored via advanced sensor systems. These sensors produce large amounts of data about the components' failure behaviour, and can, therefore, be fruitfully exploited to learn reliability models automatically. This paper presents an effective algorithm for learning a prominent class of reliability models, namely fault trees, from observational data. Our algorithm is evolutionary in nature; i.e., is an iterative, population-based, randomized search method among fault-tree structures that are increasingly more consistent with the observational data. We have evaluated our method on a large number of case studies, both on synthetic data, and industrial data. Our experiments show that our algorithm outperforms other methods and provides near-optimal results.Comment: This paper is an extended version of the SETTA 2019 paper, Springer-Verla

One Net Fits All: A unifying semantics of Dynamic Fault Trees using GSPNs

Dynamic Fault Trees (DFTs) are a prominent model in reliability engineering. They are strictly more expressive than static fault trees, but this comes at a price: their interpretation is non-trivial and leaves quite some freedom. This paper presents a GSPN semantics for DFTs. This semantics is rather simple and compositional. The key feature is that this GSPN semantics unifies all existing DFT semantics from the literature. All semantic variants can be obtained by choosing appropriate priorities and treatment of non-determinism.Comment: Accepted at Petri Nets 201

The impact of etiology in lesion-symptom mapping - A direct comparison between tumor and stroke

INTRODUCTION: Lesion-symptom mapping is a key tool in understanding the relationship between brain structures and behavior. However, the behavioral consequences of lesions from different etiologies may vary because of how they affect brain tissue and how they are distributed. The inclusion of different etiologies would increase the statistical power but has been critically debated. Meanwhile, findings from lesion studies are a valuable resource for clinicians and used across different etiologies. Therefore, the main objective of the present study was to directly compare lesion-symptom maps for memory and language functions from two populations, a tumor versus a stroke population. METHODS: Data from two different studies were combined. Both the brain tumor (N = 196) and stroke (N = 147) patient populations underwent neuropsychological testing and an MRI, pre-operatively for the tumor population and within three months after stroke. For this study, we selected two internationally widely used standardized cognitive tasks, the Rey Auditory Verbal Learning Test and the Verbal Fluency Test. We used a state-of-the-art machine learning-based, multivariate voxel-wise approach to produce lesion-symptom maps for these cognitive tasks for both populations separately and combined. RESULTS: Our lesion-symptom mapping results for the separate patient populations largely followed the expected neuroanatomical pattern based on previous literature. Substantial differences in lesion distribution hindered direct comparison. Still, in brain areas with adequate coverage in both groups, considerable LSM differences between the two populations were present for both memory and fluency tasks. Post-hoc analyses of these locations confirmed that the cognitive consequences of focal brain damage varied between etiologies. CONCLUSION: The differences in the lesion-symptom maps between the stroke and tumor population could partly be explained by differences in lesion volume and topography. Despite these methodological limitations, both the lesion-symptom mapping results and the post-hoc analyses confirmed that etiology matters when investigating the cognitive consequences of lesions with lesion-symptom mapping. Therefore, caution is advised with generalizing lesion-symptom results across etiologies