Safety Analysis – A quick introduction RTS February 2006 Anders P. Ravn Aalborg University

Safety Assessment Find faults that may lead to mishaps, analyze their relations, and estimate their consequences. May involve probabilistic reasoning (Reliability Engineering).

Fault Tree - Events Primary Events: Basic event – fault in atomic component Undeveloped Event – fault in composite component (may be analyzed later) External event – expected event from environment Intermediate event: Nodes inside a fault-tree

Fault Tree - Gates... condition Inhibit gate

Example – ”Wake too late” Wake too late Alarm clock fails Phone fails ”Inner clock” fails

Example ”Alarm clock fails” Beeper fails Button fails Alarm clock fails electronics fail SW fails Power fails Button read failsBeeper not set

Cut Set A cut set is a set of events that causes a top level event A singleton cut set is a single point of failure

Example – ”Wake too late” Wake too late Alarm clock fails Phone fails ”Inner clock” fails

Example ”Alarm clock fails” Beeper fails Button fails Alarm clock fails electronics fail SW fails Power fails Button read failsBeeper not set

Extensions etc. Probabilities on edges Event tree (forward analysis from initiating event) Combinations (cause-consequence diagrams) Many tools Kirsten M. Hansen, Anders P. Ravn and Victoria Stavridou, From Safety Analysis to Formal Specification, IEEE Trans. Softw. Eng.24,pp , July 1998