Safety Analysis

Model-Based Safety Analysis (Powerpoint Talk)

System safety analysis has traditionally been a manual process that uses a variety of techniques such as Fault Tree Analysis (FTA) and Failure Modes and Effects Criticality Analysis (FMECA) to derive the safety requirements of each component from the system hazards. However, these techniques are highly subjective and dependent on the skill of the practitioner. Since these analyses are usually based on an informal system model, it is unlikely that they will be complete, consistent, and error free. In fact, the lack of precise models of the system architecture and its failure modes often forces the safety analysts to devote much of their effort to gathering architectural details about the system behavior from several sources and embedding this information in the safety artifacts such as the fault trees.

The MT-FCS project has investigated a number of approaches ways to automate parts of the safety analysis process, both to improve the the integration of systems and safety engineering and to relieve the safety analysts of tasks that can be better done by computers. In the first part of the project, we used formal verification tools such as model checkers and theorem provers to demonstrate that the component models satisfied their safety requirements.

More recently, we have been investigating an approach called Model-Based Safety Analysis in which the system and safety engineers use the same system models created during a model-based development process. By extending the system model with a fault model as well as relevant portions of the physical system to be controlled, automated support can be provided for much of the safety analysis. By using a common model for both system and safety engineering and automating parts of the analysis, it should be possible to both reduce the cost and improve the quality of the safety analysis.

Publications Related to Safety Analysis

• Anjali Joshi, Mats P.E. Heimdahl, Steven P. Miller, and Mike W. Whalen, Model-Based Safety Analysis, NASA Contractor Report CR-2006-213953, Feb 2006.
• Anjali Joshi, Steven P. Miller, Michael Whalen, and Mats P.E. Heimdahl, A Proposal For Model-Based Safety Analysis, in Proceedings of the 24th Digital Avionics Systems Conference (DASC'05), Washington, D.C., October 30-November 3, 2005. Selected as best paper of the Open Systems Architecture track.
• Alan C. Tribble, Steven P. Miller and David L. Lempia, Software Safety Analysis of a Flight Guidance System , NASA/CR-2004-213004, March 2004.
• Steven P. Miller, Alan C. Tribble, Michael W. Whalen, and Mats P. E. Heimdahl, Proving the Shalls: Early Validation of Requirements Through Formal Methods, Journal of Software Tools for Technology Transfer, [in press].
• Alan C. Tribble and Steven P. Miller, Safety Analysis of Software Intensive Systems, IEEE Aerospace and Electronic Systems, Vol. 19, No. 10, pp. 21 - 26, October 2004.
• Alan C. Tribble and Steven P. Miller, Software Safety Analysis of a Flight Management System Vertical Management Function - A Status Report, Proceedings of the 22nd Digital Avionics Systems Conference (DASC'03), October 2003.
• Steven P. Miller, Mats P.E. Heimdahl, and Alan C. Tribble, Proving the Shalls, in Proceedings of FM 2003: the 12^th International FME Symposium, Sept. 8-14, 2003
• Alan C. Tribble, David D. Lempia, and Steven P. Miller, Software Safety Analysis of a Flight Guidance System, in Proceedings of the 21st Digital Avionics Systems Conference (DASC'02), Irvine, California, Oct. 27-31, 2002. Selected as best paper of the Flight Critical Systems track.