Framework%20for%20the%20Development%20and%20Testing%20of%20Dependable%20and%20Safety-Critical%20Systems

1
Framework for the Development and Testing
ofDependable and Safety-Critical Systems

• IKTA 065/2000.
• 2001-2003.
• Supported by the Information and Communication
  Technology Programme of the Ministry of Education

2
Partners

• Coordinator
• Budapest University of Technology and Economics,
• Dept. of Measurement and Information Systems
• Industrial partners
• Prolan Process Control Co.
• B.Braun Medical Hungary Ltd.
• Magic Onyx Hungary Ltd.

3
Goals

• Improving quality of system design by
• model analysis tools and techniques for embedded
  and reactive systems
• applied formal mathematics (hidden from the
  designer)
• Support of standardized languages and tools
• UML for visual design
• off-the-shelf tools for analysis
• Transfer of know-how and tools for verification

4
Background

• Convergence of communication and information
  technologies
• Embedded systems Computer controlled network of
  intelligent sensors and actors
• Convergence of the design methodologies of
  everyday and mission critical systems
• computer systems supervised by non-professionals
• fault tolerance required

5
Embedded systems

• Long life is expected
• Continuous interaction with the environment
• Faults not a simple implementation issue
• Specification faults
• Software design faults
• Transient (physical) faults
• Permanent physical faults

6
The subject of the project

• Guaranteeing QoS by checking and proving
• completeness and consistency of the specification
• correct operation of the system in presence of
  anticipated faults
• functional correctness of control flow (dynamic
  behaviour)

7
Additional requirements

• Standard languages
• data exchange formats (XML)
• tool independence (UML ? XMI)
• readiness for new checking/analysis methods
• ISO 9000 conform (UML-based) tools
• Reuse of existing methods and tools

8
Novel approach
Design of an IT system
Mathematical analysis
Automated model generation
(Semi-)formal specification, system model (UML)
Mathematical model
Analysis
Back-annotation
Code generation
Implementation
9
Fundamental questions
Design of an IT system
Mathematical analysis
Proof of correctness
Redundancy of the model
Transformation semantics
UML dialect (restrictions)
UML system model
Mathematical model
Automated model generation
Efficiency of the analysis
Analysis
Back-annotation
Problem specific UML extensions
Code generation
Control heuristics
Visualization of dynamic sequences
Implementation
Reversibility of the transformation
10
System architecture
Documentation
Prototyping (simulation)
Database design Object code
CTL
Proof of Correctness
Semi-formal specification
XMI
TRD 3
Performability
Central repository relational database
Deductive
XMI
SPN
modelling
database
UML model commercial tool
TRD 2
Planner
XMI
Fault simulation, Dependability analysis
XMI
DFN
back- annotation
XMI
Fault model, typical solutions
Transformation Rule Description (TRD)
Transformation Engine Prolog
Model library
11
Applied analysis methods

• 1. Analysis of the completeness and consistency
  of the specification
• 2. Analysis of fault propagation and testability
• 3. Formal verification of control flow

12
Analysis of the specification

• Safety criteria
• Completeness and consistency of the semi-formal
  specification (UML)
• Analysis techniques
• static analysis
• reachability analysis (model checking)
• theorem proving
• Constructive methods
• design patterns (correctness proved)

13
Analysis of fault propagation

• Extension of the model by fault effects fault
  propagation
• Checking the operation in the presence of
  expected faults
• Proving coverage of fault tolerance techniques
• Risk analysis

14
Analysis of fault propagation II.

• Extended model ? complexity explosion
• Hierarchical view
• hierarchic checking and model refinement
• non-determinism
• Applied formalism Data flow networks
• Proposed methods
• testability analysis (list based fault
  propagation)
• test generation (adaptation of gate-level
  techniques)

15
Formal verification of control flow

• Critical points of embedded systems
• Complex control algorithms
• Event driven, asynchronous operation
• ? Exhaustive testing is not possible
• Classical formal methods
• Temporal logic model checking
• Proposed additional techniques
• Petri-nets linear algebra operation research

16
Expected results

• Tool prototypes
• completeness and consistency checker
• fault proparation and testability analyzer
• model verifier
• Demonstration by industrial examples
• functions of an artificial kidney machine
• modules of a train control application
• Education materials
• application of the analysis tools and techniques