Download presentation

Presentation is loading. Please wait.

Published byEsteban Philson Modified over 4 years ago

1
March 8, 20071 Dynamic Fault Tree analysis using Input/Output Interactive Markov Chains Hichem Boudali, Pepijn Crouzen, and Mariëlle Stoelinga. Formal Methods and Tools group CS, University of Twente, NL.

2
March 8, 20072 Motivation (and setting) Systems do fail Example methodology: Dynamic Fault Trees (DFT) -- Reliability Engineering -- Goal: Reduce system failure probability. Methodology: Identify/analyze failure modes and their effects. But: DFTs have drawbacks

3
March 8, 20073 Outline Dynamic fault trees (DFT). Definition, Example, Solution, Drawbacks. Input/Output interactive Markov chains (I/O-IMC). DFT semantics in terms of I/O-IMCs. DFT compositional analysis. Translation, || Composition, Abstraction, Aggregation. Case studies. Summary.

4
March 8, 20074 Outline Dynamic fault trees (DFT). Definition, Example, Solution, Drawbacks. Input/Output interactive Markov chains (I/O-IMC). DFT semantics in terms of I/O-IMCs. DFT compositional analysis. Translation, || Composition, Abstraction, Aggregation. Case studies. Summary.

5
March 8, 20075 Dynamic Fault Trees (DFT) Extend standard fault trees with dynamic gates. Enable modelling complex behaviours and interactions between components. combination & order of failures matter. Unreliability = Prob[System fails within T time units]

6
March 8, 20076 (dynamic) Fault trees Upside-down tree (graph) Leaves: Basic events (BE) Nodes: Gates (complex events) BEs + Gates: Elements Arrows: Causal relations One top-node: the root node The top-node models system failure Failure propagation: From leaves to root

7
March 8, 20077 DFTs: Static gates (combination)

8
March 8, 20078 DFTs: Dynamic gates (order)

9
March 8, 20079 DFTs: Basic events (BE) Temperature of a BE: Relevant when used as a spare BE maps to a Basic Physical component

10
March 8, 200710 C AB 0.2 0.4 Failure rate: 0.2 f/h Failure rate: 0.4 f/h AND-gate Starting state: A is operational B is operational A has failed B is operational Pr(A fails in T hours) = 1 – e -0.2T As Mean time to failure = 1/0.2 = 5 hours A is operational B has failed A has failed B has failed Convert the DFT into a Continuous-time Markov chain. Analyze CTMC using standard solution techniques. For (partially) static DFT, binary decision diagrams can be used! DFT solution Unreliability = Prob[Being in state ]

11
March 8, 200711 DFT example Road trip fails if mobile phone fails BEFORE the car fails Spare tire is cold: It cannot fail when not in use State-Space Explosion! One of the drawbacks Although distinct modules, CTMC generation in One shot

12
March 8, 200712 DFT drawbacks State-space explosion. No formal syntax and semantics. Lack of modularity: Dynamic modules (e.g. Tires subsystem in the example) can not be reused. Restrictions on certain inputs to gates (e.g. spare gate). DFT-to-MC* conversion algorithm is hard to extend and/or modify. Compositional Aggregation DAG Compositionality Lift restrictions Extension: At the element level I/O-IMC *: DIFTree algorithm

13
March 8, 200713 Outline Dynamic fault trees (DFT). Definition, Example, Solution, Drawbacks. Input/Output interactive Markov chains (I/O-IMC). DFT semantics in terms of I/O-IMCs. DFT compositional analysis. Translation, || Composition, Abstraction, Aggregation. Case studies. Summary.

14
March 8, 200714 Input/Output Interactive Markov Chains (I/O-IMC) Combination of I/O automata and CTMC Discrete state space Markovian transitions Interactive transitions Action signature ? - Input actions ! - Output actions ; - Internal actions Input-enabled λ failed! Immediate

15
March 8, 200715 Outline Dynamic fault trees (DFT). Definition, Example, Solution, Drawbacks. Input/Output interactive Markov chains (I/O-IMC). DFT semantics in terms of I/O-IMCs. DFT compositional analysis. Translation, || Composition, Abstraction, Aggregation. Case studies. Summary.

16
March 8, 200716 f(C)! f(A)? f(B)? f(A)? f(C)! f(A)? f(B)? f(A)? f(B)? f(A)? DFT semantics (DFT element to I/O-IMC) f(A)? f(B)?

17
March 8, 200717 DFT semantics (DFT element to I/O-IMC)

18
March 8, 200718 Outline Dynamic fault trees (DFT). Definition, Example, Solution, Drawbacks. Input/Output interactive Markov chains (I/O-IMC). DFT semantics in terms of I/O-IMCs. DFT compositional analysis. Translation, || Composition, Abstraction, Aggregation. Case studies. Summary.

19
March 8, 200719 Compositional Analysis Translation C AB 0.2 f(A)! 0.4 f(B)! f(A)? f(B)? f(C)!

20
March 8, 200720 Compositional Analysis Parallel Composition f(A)? f(B)? f(C)! 0.2 f(A)!

21
March 8, 200721 Compositional Analysis Parallel Composition 1 2 3 1 2 3 4 5 1||1 0.2 f(A)! f(A)? f(B)? f(C)! 0.2 f(B)? f(A)! f(C)! 1||2 2||3 3||1 f(B)? 0.2 f(A)! 3||2 4||35||3 Inputs: f(A)? and f(B)? Outputs: f(C)! Inputs: none Outputs: f(A)! C A C || A Synchronize on f(A)

22
March 8, 200722 f(A); f(A)! Compositional Analysis Abstraction (hiding) 1||1 0.2 f(B)? 0.2 f(C)! 1||2 2||3 3||1 3||2 4||35||3 C AB Abstraction (hiding): Makes signal internal

23
March 8, 200723 f(A); Compositional Analysis Aggregation (weak bisimulation) 1||1 0.2 f(B)? 0.2 f(C)! 1||2 2||3 3||1 3||2 4||35||3 Weak bisimulation: Disregard internal steps Aggregation: Finding a smaller model equivalent (behaviorally) to the original

24
March 8, 200724 Compositional-Aggregation Overview Translation Composition + Hiding Aggregation (minimization) Repeat Aggregated system CTMC Result: System failure probability

25
March 8, 200725 Outline Dynamic fault trees (DFT). Definition, Example, Solution, Drawbacks. Input/Output interactive Markov chains (I/O-IMC). DFT semantics in terms of I/O-IMCs. DFT compositional analysis. Translation, || Composition, Abstraction, Aggregation. Case studies. Summary.

26
March 8, 200726 Case studies Case study Analysis method Max number of states Max number of transitions Unreliability (T=1) (a) DIFTree Comp-Agg 4113 132 24608 426 0.00135668 (b) DIFTree Comp-Agg 8 36 10 119 0.657900 (c) DIFTree Comp-Agg 253 157 1383 756 2.00025 10 -9

27
March 8, 200727 Outline Dynamic fault trees (DFT). Definition, Example, Solution, Drawbacks. Input/Output interactive Markov chains (I/O-IMC). DFT semantics in terms of I/O-IMCs. DFT compositional analysis. Translation, || Composition, Abstraction, Aggregation. Case studies. Summary.

28
March 8, 200728 Summary Alleviate state-space explosion problem. Formal syntax & semantics. Enhanced DFT modularity: Dynamic module reuse. Lifting restrictions on allowed inputs. Readily extensible framework (extensions at the element level); e.g. repair. Works well for highly-modular dynamic FTs. Compositional semantics for DFTs Gain at the modeling & analysis levels

29
March 8, 200729 References H. Boudali, P. Crouzen, M. Stoelinga. Dynamic Fault Tree analysis using Input/Output Interactive Markov Chains, to appear, DSN 2007 proceedings. H. Boudali, P. Crouzen, M. Stoelinga. A compositional semantics for Dynamic Fault Trees in terms of Interactive Markov Chains, Technical report, to appear. More info: hboudali@cs.utwente.nlhboudali@cs.utwente.nl The END!

30
March 8, 200730 Extra slides

31
March 8, 200731 Future work Weaker bisimulation relation (i.e. more aggressive state reduction) Extension to non-exponential distributions (e.g. use of phase-type distributions) Further extensions to DFT modeling capabilities (i.e. definition of new gates and corresponding I/O-IMC) Fully automated tool (at this point, the tool is only partially automated)

32
March 8, 200732 Parallel Composition and Hiding

33
March 8, 200733 Aggregation (Weak Bisimulation)

34
March 8, 200734 Preservation Theorem (WB is a congruence)

35
March 8, 200735 CTMC Compositional-Aggregation Overview Step 1: Translation Step 2a: Parallel Composition Step 2b: Abstraction Step 3: Aggregation Step 4: Repetition Step 2a: (C||A) || B Step 2b: Hide f(B) Step 3: Aggregate (C||A)||B Step 5: CTMC Analysis C AB C A B f(A) f(B) f(C) DFT IOIMC C||A f(C) f(B) f(A) f(B) f(C) C||A||B 0.2 0.4 f(C)! f(C) IOIMC model can be reused! Steps 2–4: Compositional Aggregation

Similar presentations

OK

Concealing and Revealing the Art of Rhetoric in Science and Technology Carolyn R. Miller North Carolina State University November 2007.

Concealing and Revealing the Art of Rhetoric in Science and Technology Carolyn R. Miller North Carolina State University November 2007.

© 2018 SlidePlayer.com Inc.

All rights reserved.

To ensure the functioning of the site, we use **cookies**. We share information about your activities on the site with our partners and Google partners: social networks and companies engaged in advertising and web analytics. For more information, see the Privacy Policy and Google Privacy & Terms.
Your consent to our cookies if you continue to use this website.

Ads by Google

Ppt on you can win if you want lyrics Ppt on christian leadership Science ppt on carbon and its compounds Ppt on railway reservation system in java Ppt on fdi in indian retail Ppt on hvdc system in india Ppt on bolivia water war Ppt on op amp circuits schematics Ppt on supply chain management of nokia phone Ppt only output devices