1. Safety Analysis – A quick introduction RTS February 2006 Anders P. Ravn Aalborg University

2. Safety Assessment Find faults that may lead to mishaps, analyze their relations, and estimate their consequences. May involve probabilistic reasoning (Reliability Engineering).

3. Fault Tree - Events Primary Events: Basic event – fault in atomic component Undeveloped Event – fault in composite component (may be analyzed later) External event – expected event from environment Intermediate event: Nodes inside a fault-tree

4. Fault Tree - Gates... condition Inhibit gate

5. Example – ”Wake too late” Wake too late Alarm clock fails Phone fails ”Inner clock” fails

6. Example ”Alarm clock fails” Beeper fails Button fails Alarm clock fails electronics fail SW fails Power fails Button read failsBeeper not set

7. Cut Set A cut set is a set of events that causes a top level event A singleton cut set is a single point of failure

8. Example – ”Wake too late” Wake too late Alarm clock fails Phone fails ”Inner clock” fails

9. Example ”Alarm clock fails” Beeper fails Button fails Alarm clock fails electronics fail SW fails Power fails Button read failsBeeper not set

10. Extensions etc. Probabilities on edges Event tree (forward analysis from initiating event) Combinations (cause-consequence diagrams) Many tools Kirsten M. Hansen, Anders P. Ravn and Victoria Stavridou, From Safety Analysis to Formal Specification, IEEE Trans. Softw. Eng.24,pp. 573-584, July 1998