Rich Interfaces for Dependability: Compositional Methods for Dynamic Fault Trees and Arcade models

This paper discusses two behavioural interfaces for reliability analysis: dynamic fault trees, which model the system reliability in terms of the reliability of its components and Arcade, which models the system reliability at an architectural level. For both formalisms, the reliability is analyzed by transforming the DFT or Arcade model to a set of input-output Markov Chains. By using compositional aggregation techniques based on weak bisimilarity, significant reductions in the state space can be obtained

Availability analysis of software architecture decomposition alternatives for local recovery

We present an efficient and easy-to-use methodology to predict—at design time—the availability of systems that support local recovery. Our analysis techniques work at the architectural level, where the software designer simply inputs the software modules’ decomposition annotated with failure and repair rates. From this decomposition, we automatically generate an analytical model (a continuous-time Markov chain), from which an availability measure is then computed, in a completely automated way. A crucial step is the use of intermediate models in the input/output interactive Markov chain formalism, which makes our techniques efficient, mathematically rigorous, and easy to adapt. In particular, we use aggressive minimization techniques to keep the size of the generated state spaces small. We have applied our methodology on a realistic case study, namely the MPlayer open-source software. We have investigated four different decomposition alternatives and compared our analytical results with the measured availability on a running MPlayer. We found that our predicted results closely match the measured ones

Dynamic fault tree analysis using input/output interactive markov chains

Dynamic Fault Trees (DFT) extend standard fault trees by allowing the modeling of complex system components’ behaviors and interactions. Being a high level model and easy to use, DFT are experiencing a growing success among reliability engineers. Unfortunately, a number of issues still remains when using DFT. Briefly, these issues are (1) a lack of formality (syntax and semantics), (2) limitations in modular analysis and thus vulnerability to the state-space explosion problem, and (3) lack in modular model-building. We use the input/output interactive Markov chain (I/O-IMC) formalism to analyse DFT. I/O-IMC have a precise semantics and are an extension of continuous-time Markov chains with input and output actions. In this paper, using the I/O-IMC framework, we address and resolve issues (2) and (3) mentioned above. We also show, through some examples, how one can readily extend the DFT modeling capabilities using the I/O-IMC framework

A Bayesian network reliability modeling and analysis framework. Phd dissertation

(CTBN) framework for dynamic systems reliability modeling and analysis. Dynamic systems exhibit complex behaviors and interactions between their components; where not only the combination of failure events matters, but so does the sequence ordering of the failures. Similar to dynamic fault trees, the CTBN framework defines a set of ‘basic ’ BN constructs that capture well-defined system components ’ behaviors and interactions. Combining, in a structured way, the various ‘basic ’ Bayesian network constructs enables the user to construct, in a modular and hierarchical fashion, the system model. Within the CTBN framework, one can perform various analyses, including reliability, sensitivity, and uncertainty analyses. All the analyses allow the user to obtain closed-form solutions. Index Terms—Bayesian networks, dynamic systems, reliability modeling and analysis. ACRONYMS 1 BN Bayesian network CPD conditional probability distribution CSP cold spare CTBN continuous-time Bayesian network DBN dynamic Bayesian network DFT dynamic fault tree DTBN discrete-time Bayesian network FDEP functional dependency FT fault tree HSP hot spare MPD marginal probability distribution MTTF mean time to failure PAND priority AND PDF probability density function RBD reliability block diagram RV random variable SEQ sequence enforcing WSP warm spare NOTATION dormancy factor impulse function, , , , failure rates marginal probability density function of variabl

A rigorous, compositional, and extensible framework for dynamic fault tree analysis

Fault trees (FT) are among the most prominent formalisms for reliability analysis of technical systems. Dynamic FTs extend FTs with support for expressing dynamic dependencies among components. The standard analysis vehicle for DFTs is state-based, and treats the model as a CTMC, a continuous-time Markov chain. This is not always possible, as we will explain, since some DFTs allow multiple interpretations. This paper introduces a rigorous semantic interpretation of DFTs. The semantics is defined in such a way that the semantics of a composite DFT arises in a transparent manner from the semantics of its components. This not only eases the understanding of how the FT building blocks interact. It also is a key to alleviate the state explosion problem. By lifting a classical aggregation strategy to our setting, we can exploit the DFT structure to build the smallest possible Markov chain representation of the system. The semantics - as well as the aggregation and analysis engine is implemented in a tool, called CORAL. We show by a number of realistic and complex systems that this methodology achieves drastic reductions in the state space

CORAL - a tool for compositional reliability and availability analysis

such as system failure probability during a given mission time and system meantime-between-failures, are often important measures to assess in embedded systems design. There exist several techniques and formalisms for reliability/availability assessment. One such formalism is dynamic fault trees (DFT) [6]. DFTs are a graphical, high-level and versatile formalism to analyze the reliability of computer-based systems, describing the failure of a system in terms of the failure of its components. A DFT is comprised of basic events (modeling the failure of physical components) and gates (modeling how component failures induce system failures). DFTs extend standard (or static) fault trees by allowing the modeling of complex system components ’ behaviors and interactions. Typically, a DFT is analyzed by first converting it into a continuous-time Markov chain (CTMC) and by then computing the reliability measures from this CTMC. For over a decade now, DFTs have been experiencing a growing success among reliability engineers. Unfortunately, a number of issues remain when using DFTs, most notably: (1) the DFT semantics is rather imprecise and the lack of formality has, in some cases, led to undefined behavior and misinterpretation of the DFT model. (2) DFTs lack modula

Best of Three Worlds: Towards Sound Architectural Dependability Models

This paper surveys the most prominent formalisms for availability and reliability analysis and discusses the pros and cons of these approaches. Based on our findings, we outline a solution that unites the merits of the existing approaches into a sound architectural dependability model. I