This paper reports our experience on the development of a design-for-safety (DFS) workbench called Risk Assessment and Management Environment (RAME) for microelectronic avionics systems. Our objective is to transform DFS practice from an ad-hoc, inefficient, error-prone approach to a stringent engineering process such that DFS can keep up with the rapidly growing complexity of avionics systems. In particular, RAME is built upon an information infrastructure that comprises a fault model, a knowledge base, and a failure reporting/tracking system. This infrastructure permits systematic learning from prior projects and enables the automation of failure modes, effects and criticality analysis (FMECA). Among other unique features, the most important advantage of RAME is its capability of directly accepting design source code in hardware description languages (HDLs) for automated failure mode analysis, which enables RAME to be compatible and to evolve with most electronic-computer-aided-design systems. Through an initial experimental evaluation of the RAME prototype, we show that our approach to FMECA automation improves failure mode analysis turn-around-time, completeness, and accuracy
