Browse > Article

Systematic Evaluation of Fault Trees using Real-Time Model Checker  

지은경 (한국과학기술원 전자전산학과)
차성덕 (한국과학기술원 전자전산학과)
손한성 (한국원자력연구소(KAERI), MMIS팀)
유준범 (한국과학기술원 전자전산학과)
구서룡 (한국과학기술원 원자력공학과)
성풍현 (한국과학기술원 원자력 및 양자공학과)
Publication Information
Journal of KIISE:Software and Applications / v.29, no.12, 2002 , pp. 860-872 More about this Journal
Abstract
Fault tree analysis is the most widely used saftly analysis technique in industry. However, the analysis is often applied manually, and there is no systematic and automated approach available to validate the analysis result. In this paper, we demonstrate that a real-time model checker UPPAAL is useful in formally specifying the required behavior of safety-critical software and to validate the accuracy of manually constructed fault trees. Functional requirements for emergency shutdown software for a nuclear power plant, named Wolsung SDS2, are used as an example. Fault trees were initially developed by a group of graduate students who possess detailed knowledge of Wolsung SDS2 and are familiar with safety analysis techniques including fault tree analysis. Functional requirements were manually translated in timed automata format accepted by UPPAAL, and the model checking was applied using property specifications to evaluate the correctness of the fault trees. Our application demonstrated that UPPAAL was able to detect subtle flaws or ambiguities present in fault trees. Therefore, we conclude that the proposed approach is useful in augmenting fault tree analysis.
Keywords
software engineering; formal method; requirement engineering; fault tree; model checking;
Citations & Related Records
연도 인용수 순위
  • Reference
1 M. Lindahl, P. Pettersson and W. Yi. 'Formal Design and Analysis of a Gear-Box Controller,' In Proc. of the 4th Workshop on Tools and Algorithms for the Construction and Analysis of Systems, number 1384 in Lecture Notes in Computer Science, pages 281-297. Springer-Verlag, March 1998   DOI   ScienceOn
2 J. Bengtsson, K. G. Larsen, F. Larsson, P. Pettersson and W. Yi. 'UPPAAL - a Tool Suite for Automatic Verification of Real-Time Systems,' In In Proceedings of the 4th DIMACS Workshop on Verification and Control of Hybrid Systems, New Brunswick, New Jersey, October 1995   DOI   ScienceOn
3 Kirsten M. Hansen, Anders P. Ravn, and Victoria Stavridou. 'From Safety Analysis to Software Requirements,' IEEE Transactions on Software Engineering, 24(7):573-584, July 1998   DOI   ScienceOn
4 Program Functional Specification, SDS2 Programmable Digital Comparators, Wolsong NPP 2,3,4,' Technical Report 86-68300-PFS-000 Rev.4, AECL CANDU, May 1994
5 L. Acetoa, A. Bergueno and K. G. Larsen. 'Model Checking via Reachability Testing for Timed Automata,' In In Proceedings of the 4th International Workshop on Tools and Algorithms for the Construction and Analysis of Systems, Gulbenkian Foundation, Lisbon , Portugal 1998. LNCS 1384, pages 263-280, Bernhard Steffen (Ed.)   DOI   ScienceOn
6 A. Pnueli. 'The temporal logic of programs,' In In Proceedings of the 18th IEEE Symposium on Foundations of Computer Science, pages 46-77, 1977
7 H. Lorin and P. Pettersson. 'Formal Verification of a TDMA Protocol Startup Mechanism,' In Proc. of the Pacific Rim Int. Symp. on Fault-Tolerant Systems, pages 235-242. December 1997   DOI
8 K. G. Larsen, P. Pettersson and W. Yi. 'Diagnostic Model-Checking for Real-Time Systems,' In Proc. of Workshop on Verification and Control of Hybrid Systems III, number 1066 in LNCS, pages 575-586. Springer-Verlag, October 1995   DOI
9 E. M. Clarke, Jr., O. Grumberg and D. A. Peled, 'Model Checking,' MIT Press, 1999
10 R. Alur, C. Courcoubetis, and D. L. Dill. 'Model-Checking in Dense Real-time,' Information and Computation, 104(1), 1993. preliminary version appeared in Proc. 5th LICS, 1990   DOI   ScienceOn
11 E. A. Emerson and E. M. Clarke. 'Using branching-time temporal logic to synthesize synchronization skeletons,' Science of Computer Programming, 2, 1982   DOI   ScienceOn
12 H. E. Jensen, K. G. Larsen and A. Skou. 'Modelling and Analysis of a Collision Avoidance Protocol using SPIN and UPPAAL,' In In Proceedings of the 2nd SPIN Workshop, Rutgers University, New Jersey, USA, August 1996
13 W. E. Vesely. 'Fault Tree Handbook,' Technical Report NUREG-0492 [0942?], us Nuclear Regulatory Commission, 1981
14 T. A. Henzinger, X. Nicollin, J Sifakis, and S. Yovine. 'Symbolic Model Checking for Real-Time Systems,' Information and Computation. 111(2), 1994   DOI   ScienceOn
15 S. Owicki, and L. Lamport. 'Proving liveness properties of concurrent programs,' ACM Transactions on Programming Languages and Systems, 4(3), 1982   DOI
16 K. G. Larsen, P. Petterson and W. Yi. 'Model-Checking for Real-Time Systems,' In Invited paper. In Proceedings of 10th International Funderamentals of Computing Theory, Dresden, Germany, August 1995. LNCS 965, pages 62-88, Horst Reichel(Ed.)   DOI   ScienceOn
17 S. Yovine. 'Model-Checking Timed Automata,' In G. Rozenberg and F. Vaandrager, editors, In In Embedded Systems, Lecture Notes in Computer Science, 1998. invited paper
18 Z. Manna, and A. Pnueli. 'The anchored version of the temporal framework,' In In Linear Time, Branching Time, and Partial Order in Logics and Models for Concurrency, Lecture Notes In Computer Science 354. Springer-Verlag, 1989   DOI
19 T. A. Henzinger, O. Kupferman, and M. Y. Vardi. 'A space-efficient on -the-fly algorithm for real-time model checking,' In Proceedings of the Seventh International Conference on Concurreny Theory (CONCUR 1996), 1996. LNCS 1119, Springer-Verlag, 1996, pp. 514-529   DOI   ScienceOn
20 K. Havelund, A. Skou, K. G. Larsen and K. Lund. 'Formal Modelling and Analysis of an Audio/Video Protocol: An Industrial Case Study Using UPPAAL,' In In Proceedings of the 18th IEEE Real-Time Systems Symposium, San Francisco, California, USA, December 1997   DOI