Presentation is loading. Please wait.

Presentation is loading. Please wait.

March 8, 20071 Dynamic Fault Tree analysis using Input/Output Interactive Markov Chains Hichem Boudali, Pepijn Crouzen, and Mariëlle Stoelinga. Formal.

Published byEsteban Philson Modified over 10 years ago

Similar presentations

Presentation on theme: "March 8, 20071 Dynamic Fault Tree analysis using Input/Output Interactive Markov Chains Hichem Boudali, Pepijn Crouzen, and Mariëlle Stoelinga. Formal."— Presentation transcript:

1 March 8, 20071 Dynamic Fault Tree analysis using Input/Output Interactive Markov Chains Hichem Boudali, Pepijn Crouzen, and Mariëlle Stoelinga. Formal Methods and Tools group CS, University of Twente, NL.

2 March 8, 20072 Motivation (and setting) Systems do fail Example methodology: Dynamic Fault Trees (DFT) -- Reliability Engineering -- Goal: Reduce system failure probability. Methodology: Identify/analyze failure modes and their effects. But: DFTs have drawbacks

3 March 8, 20073 Outline Dynamic fault trees (DFT). Definition, Example, Solution, Drawbacks. Input/Output interactive Markov chains (I/O-IMC). DFT semantics in terms of I/O-IMCs. DFT compositional analysis. Translation, || Composition, Abstraction, Aggregation. Case studies. Summary.

4 March 8, 20074 Outline Dynamic fault trees (DFT). Definition, Example, Solution, Drawbacks. Input/Output interactive Markov chains (I/O-IMC). DFT semantics in terms of I/O-IMCs. DFT compositional analysis. Translation, || Composition, Abstraction, Aggregation. Case studies. Summary.

5 March 8, 20075 Dynamic Fault Trees (DFT) Extend standard fault trees with dynamic gates. Enable modelling complex behaviours and interactions between components. combination & order of failures matter. Unreliability = Prob[System fails within T time units]

6 March 8, 20076 (dynamic) Fault trees Upside-down tree (graph) Leaves: Basic events (BE) Nodes: Gates (complex events) BEs + Gates: Elements Arrows: Causal relations One top-node: the root node The top-node models system failure Failure propagation: From leaves to root

7 March 8, 20077 DFTs: Static gates (combination)

8 March 8, 20078 DFTs: Dynamic gates (order)

9 March 8, 20079 DFTs: Basic events (BE) Temperature of a BE: Relevant when used as a spare BE maps to a Basic Physical component

10 March 8, 200710 C AB 0.2 0.4 Failure rate: 0.2 f/h Failure rate: 0.4 f/h AND-gate Starting state: A is operational B is operational A has failed B is operational Pr(A fails in T hours) = 1 – e -0.2T As Mean time to failure = 1/0.2 = 5 hours A is operational B has failed A has failed B has failed Convert the DFT into a Continuous-time Markov chain. Analyze CTMC using standard solution techniques. For (partially) static DFT, binary decision diagrams can be used! DFT solution Unreliability = Prob[Being in state ]

11 March 8, 200711 DFT example Road trip fails if mobile phone fails BEFORE the car fails Spare tire is cold: It cannot fail when not in use State-Space Explosion! One of the drawbacks Although distinct modules, CTMC generation in One shot

12 March 8, 200712 DFT drawbacks State-space explosion. No formal syntax and semantics. Lack of modularity: Dynamic modules (e.g. Tires subsystem in the example) can not be reused. Restrictions on certain inputs to gates (e.g. spare gate). DFT-to-MC* conversion algorithm is hard to extend and/or modify. Compositional Aggregation DAG Compositionality Lift restrictions Extension: At the element level I/O-IMC *: DIFTree algorithm

13 March 8, 200713 Outline Dynamic fault trees (DFT). Definition, Example, Solution, Drawbacks. Input/Output interactive Markov chains (I/O-IMC). DFT semantics in terms of I/O-IMCs. DFT compositional analysis. Translation, || Composition, Abstraction, Aggregation. Case studies. Summary.

14 March 8, 200714 Input/Output Interactive Markov Chains (I/O-IMC) Combination of I/O automata and CTMC Discrete state space Markovian transitions Interactive transitions Action signature ? - Input actions ! - Output actions ; - Internal actions Input-enabled λ failed! Immediate

15 March 8, 200715 Outline Dynamic fault trees (DFT). Definition, Example, Solution, Drawbacks. Input/Output interactive Markov chains (I/O-IMC). DFT semantics in terms of I/O-IMCs. DFT compositional analysis. Translation, || Composition, Abstraction, Aggregation. Case studies. Summary.

16 March 8, 200716 f(C)! f(A)? f(B)? f(A)? f(C)! f(A)? f(B)? f(A)? f(B)? f(A)? DFT semantics (DFT element to I/O-IMC) f(A)? f(B)?

17 March 8, 200717 DFT semantics (DFT element to I/O-IMC)

18 March 8, 200718 Outline Dynamic fault trees (DFT). Definition, Example, Solution, Drawbacks. Input/Output interactive Markov chains (I/O-IMC). DFT semantics in terms of I/O-IMCs. DFT compositional analysis. Translation, || Composition, Abstraction, Aggregation. Case studies. Summary.

19 March 8, 200719 Compositional Analysis Translation C AB 0.2 f(A)! 0.4 f(B)! f(A)? f(B)? f(C)!

20 March 8, 200720 Compositional Analysis Parallel Composition f(A)? f(B)? f(C)! 0.2 f(A)!

21 March 8, 200721 Compositional Analysis Parallel Composition 1 2 3 1 2 3 4 5 1||1 0.2 f(A)! f(A)? f(B)? f(C)! 0.2 f(B)? f(A)! f(C)! 1||2 2||3 3||1 f(B)? 0.2 f(A)! 3||2 4||35||3 Inputs: f(A)? and f(B)? Outputs: f(C)! Inputs: none Outputs: f(A)! C A C || A Synchronize on f(A)

22 March 8, 200722 f(A); f(A)! Compositional Analysis Abstraction (hiding) 1||1 0.2 f(B)? 0.2 f(C)! 1||2 2||3 3||1 3||2 4||35||3 C AB Abstraction (hiding): Makes signal internal

23 March 8, 200723 f(A); Compositional Analysis Aggregation (weak bisimulation) 1||1 0.2 f(B)? 0.2 f(C)! 1||2 2||3 3||1 3||2 4||35||3 Weak bisimulation: Disregard internal steps Aggregation: Finding a smaller model equivalent (behaviorally) to the original

24 March 8, 200724 Compositional-Aggregation Overview Translation Composition + Hiding Aggregation (minimization) Repeat Aggregated system CTMC Result: System failure probability

25 March 8, 200725 Outline Dynamic fault trees (DFT). Definition, Example, Solution, Drawbacks. Input/Output interactive Markov chains (I/O-IMC). DFT semantics in terms of I/O-IMCs. DFT compositional analysis. Translation, || Composition, Abstraction, Aggregation. Case studies. Summary.

26 March 8, 200726 Case studies Case study Analysis method Max number of states Max number of transitions Unreliability (T=1) (a) DIFTree Comp-Agg 4113 132 24608 426 0.00135668 (b) DIFTree Comp-Agg 8 36 10 119 0.657900 (c) DIFTree Comp-Agg 253 157 1383 756 2.00025 10 -9

27 March 8, 200727 Outline Dynamic fault trees (DFT). Definition, Example, Solution, Drawbacks. Input/Output interactive Markov chains (I/O-IMC). DFT semantics in terms of I/O-IMCs. DFT compositional analysis. Translation, || Composition, Abstraction, Aggregation. Case studies. Summary.

28 March 8, 200728 Summary Alleviate state-space explosion problem. Formal syntax & semantics. Enhanced DFT modularity: Dynamic module reuse. Lifting restrictions on allowed inputs. Readily extensible framework (extensions at the element level); e.g. repair. Works well for highly-modular dynamic FTs. Compositional semantics for DFTs Gain at the modeling & analysis levels

29 March 8, 200729 References H. Boudali, P. Crouzen, M. Stoelinga. Dynamic Fault Tree analysis using Input/Output Interactive Markov Chains, to appear, DSN 2007 proceedings. H. Boudali, P. Crouzen, M. Stoelinga. A compositional semantics for Dynamic Fault Trees in terms of Interactive Markov Chains, Technical report, to appear. More info: hboudali@cs.utwente.nlhboudali@cs.utwente.nl The END!

30 March 8, 200730 Extra slides

31 March 8, 200731 Future work Weaker bisimulation relation (i.e. more aggressive state reduction) Extension to non-exponential distributions (e.g. use of phase-type distributions) Further extensions to DFT modeling capabilities (i.e. definition of new gates and corresponding I/O-IMC) Fully automated tool (at this point, the tool is only partially automated)

32 March 8, 200732 Parallel Composition and Hiding

33 March 8, 200733 Aggregation (Weak Bisimulation)

34 March 8, 200734 Preservation Theorem (WB is a congruence)

35 March 8, 200735 CTMC Compositional-Aggregation Overview Step 1: Translation Step 2a: Parallel Composition Step 2b: Abstraction Step 3: Aggregation Step 4: Repetition Step 2a: (C||A) || B Step 2b: Hide f(B) Step 3: Aggregate (C||A)||B Step 5: CTMC Analysis C AB C A B f(A) f(B) f(C) DFT IOIMC C||A f(C) f(B) f(A) f(B) f(C) C||A||B 0.2 0.4 f(C)! f(C) IOIMC model can be reused! Steps 2–4: Compositional Aggregation

Download ppt "March 8, 20071 Dynamic Fault Tree analysis using Input/Output Interactive Markov Chains Hichem Boudali, Pepijn Crouzen, and Mariëlle Stoelinga. Formal."

Similar presentations

Excess Heat Production During D2 Diffusion Through Palladium

Excess Heat Production During D2 Diffusion Through Palladium
PowerPoint Tutorial 1 Creating a Presentation

PowerPoint Tutorial 1 Creating a Presentation
Word Tutorial 2 Editing and Formatting a Document

Word Tutorial 2 Editing and Formatting a Document
Excel Tutorial 3 Working with Formulas and Functions

Excel Tutorial 3 Working with Formulas and Functions
Objectives Create an action query to create a table

Objectives Create an action query to create a table
2400 Boston St Suite 407 Baltimore MD, 21224 (410) 276.6090 www.rpic.com AP Optimization Building a World-Class Accounts Payable Operation By Brian Rosenberg.

2400 Boston St Suite 407 Baltimore MD, (410) AP Optimization Building a World-Class Accounts Payable Operation By Brian Rosenberg.
Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.
January 23, 20071 Quincy Wu Interconnecting VoIP on Taiwan Academic Network (TANet)

January 23, Quincy Wu Interconnecting VoIP on Taiwan Academic Network (TANet)
Slicer3D Wizard Workflow In KWWidgets for a year now,KWWidgets Includes State Machine Engine, Was used to port Slicer2s EMSegmentation Module (Golland,

Slicer3D Wizard Workflow In KWWidgets for a year now,KWWidgets Includes State Machine Engine, Was used to port Slicer2s EMSegmentation Module (Golland,
Academic Literacy and Study Strategies for Secondary-level and College Readers: A Research Update International Reading Associations 2007 Annual Convention.

Academic Literacy and Study Strategies for Secondary-level and College Readers: A Research Update International Reading Associations 2007 Annual Convention.
Scaling distributed search for diagnostics and prognostics applications Prof. Jim Austin Computer Science, University of York UK CEO Cybula Ltd.

Scaling distributed search for diagnostics and prognostics applications Prof. Jim Austin Computer Science, University of York UK CEO Cybula Ltd.
Measurement of the Hard photodisintegration of a proton-pair in the 3 He nucleus. Running now in JLab, hall A E03-101:GamPP n p p Ishay Pomerantz, Tel-Aviv.

Measurement of the Hard photodisintegration of a proton-pair in the 3 He nucleus. Running now in JLab, hall A E03-101:GamPP n p p Ishay Pomerantz, Tel-Aviv.
The Wiki and the Blog NIH Wiki Fair D. Calvin Andrus Chief Technology Officer Center for Mission Innovation Central Intelligence Agency 28 February 2007.

The Wiki and the Blog NIH Wiki Fair D. Calvin Andrus Chief Technology Officer Center for Mission Innovation Central Intelligence Agency 28 February 2007.
EIONET Workshop 20071 Session 4: Biodiversity related data sets at the European level Examples of using datasets from other thematic areas Climate change.

EIONET Workshop Session 4: Biodiversity related data sets at the European level Examples of using datasets from other thematic areas Climate change.
WIPO Life Science Symposium on IP and Bioethics - Felix AddorSeptember 4, 20071 Dr. Felix Addor Deputy Director General, Swiss Federal Institute of Intellectual.

WIPO Life Science Symposium on IP and Bioethics - Felix AddorSeptember 4, Dr. Felix Addor Deputy Director General, Swiss Federal Institute of Intellectual.
Rule 132 Medicaid Community Mental Health Service Program

Rule 132 Medicaid Community Mental Health Service Program
Equilibria and Complexity: What now? Christos H. Papadimitriou UC Berkeley christos.

Equilibria and Complexity: What now? Christos H. Papadimitriou UC Berkeley christos.
LAW February 20071 A 5/3 approximation algorithm for a hard case of stable marriage Rob Irving Computing Science Department University of Glasgow (joint.

LAW February A 5/3 approximation algorithm for a hard case of stable marriage Rob Irving Computing Science Department University of Glasgow (joint.
3 october 20071 Brown easyBorrow (beta) Brown University Library October 2007.

3 october Brown easyBorrow (beta) Brown University Library October 2007.
Word Tutorial 1 Creating a Document

Word Tutorial 1 Creating a Document

Similar presentations

Ads by Google