Failure Propagation and Transformation - a Safety Analysis

Speaker: Malcolm Wallace

27th July 2005 , 2pm , Devonshire G21/G22 Conference Room

Abstract

High integrity real-time software systems (HIRTS), as the name implies, have substantial requirements for reliability and safety. Traditional software analysis techniques tend towards determining a product's correctness, whether through proof, model-checking, abstract interpretation, or some other formal method. However, in the safety domain, it is of equal interest to know how a system behaves in the presence of failure, regardless of whether that failure is in the external environment, or caused by an internal software error. A demonstrable ability to continue to function in the presence of failures is good, and methods to mitigate potential hazards are important too. This talk will describe a modular representation and compositional analysis of a system's hardware and software components, called Fault Propagation and Transformation Calculus (FPTC). We show how, given an architectural description of components and their combination into a whole system, together with an FPTC expression of each component's failure behaviour, the failure properties of the whole system can be computed automatically from the individual FPTC expressions. From a safety point of view, this provides some idea of robustness: the system's capability to withstand certain types of failures in individual components. It also provides a way to understand how and where to develop fault accommodation within an architecture.