[PPT] - Automated Analysis of Reli liability Architecture Fondazione Bruno PowerPoint Presentation

SLIDE 1

Automated Analysis of Reli liability Architecture

Fondazione Bruno Kessler Marco Bozzano, Alessandro Cimatti, and Cristian Mattarei Alpine Verification Meeting, 2013

SLIDE 2

Outline

Architectural Design in Critical Systems
Redundant systems
Reliability Analysis
Automated Approaches
EUF modeling and Fault Tree Analysis
Efficient Analysis via predicate abstraction
Conclusion

2

SLIDE 3

Power system: …in a perfect world

Engine +

3

SLIDE 4

Power system: …in real world

4

SLIDE 5

Power system: …in real world

5

SLIDE 6

Power system: …in real world

6

SLIDE 7

Power system: …in real world

7

SLIDE 8

Outline

Architectural Design in Critical Systems
Redundant Systems
Reliability Analysis
Automated Approaches
EUF modeling and Fault Tree Analysis
Efficient Analysis via Predicate Abstraction
Conclusion

8

SLIDE 9

𝑵𝟐 𝑵𝟑 𝑵𝟓 𝑵𝟒 𝑵𝟔 𝑵𝟕 Nominal architecture

Redundant systems definition: TMR

[Abraham74]

9

SLIDE 10

Increase reliability for critical design
Usage of redundant scheme (e.g. Triple Modular Redundancy)
Hard to analyze and optimize system reliability

𝑵𝟐 𝑵𝟑 𝑵𝟓 𝑵𝟒 𝑵𝟔 𝑵𝟕 Nominal architecture Redundant architecture

Redundant systems definition: TMR

[Abraham74]

10

SLIDE 11

Triple Modular Redundancy patterns

11

1 voter 2 voters 3 voters

SLIDE 12

12

Reliability analysis: manual approach

[Hamamatsu10]

SLIDE 13

13

Reliability analysis: manual approach

[Hamamatsu10]

SLIDE 14

14

Reliability analysis: manual approach

[Hamamatsu10]

SLIDE 15

15

Reliability analysis: manual approach

[Hamamatsu10]

SLIDE 16

16

Triple Redundant Module comparison (1 voter)

Reliability analysis: manual approach

[Hamamatsu10]

SLIDE 17

17

Triple Redundant Module comparison (1 voter)

Reliability analysis: manual approach

[Hamamatsu10]

SLIDE 18

Reliability analysis: manual approach

Time expensive and error prone reliability

computation

Specific approach for linear structures (not

generalizable)

Needs space discretization

SLIDE 19

Outline

Architectural Design in Critical Systems
Redundant Systems
Reliability Analysis
Automated Approaches
EUF modeling and Fault Tree Analysis
Efficient Analysis via Predicate Abstraction
Conclusion

19

SLIDE 20

Modeling of the extended system

20

SLIDE 21

Modeling of the extended system

21

Duplicate the behavior (nominal and faulty)
Introduce a multiplexer, triggered by the fault event
Model the (generic) behavior of components

using uninterpreted functions (e.g. x = y → 𝑔 𝑦 = 𝑔 𝑧 )

SLIDE 22

Modeling of the extended system

22

SLIDE 23

Fault Tree Analysis: equivalence check

23

𝐺𝑈 𝐺, 𝑈𝑀𝐹 = {𝑔 ∈ 2𝐺|∃𝑗 ∈ 𝐽. 𝑈𝑀𝐹 𝑗, 𝑔 ∧ 𝑔 𝑗𝑡 𝑛𝑗𝑜𝑗𝑛𝑏𝑚} 𝑈𝑀𝐹 𝐽, 𝐺 = 𝑂𝑝𝑛𝑗𝑜𝑏𝑚 𝐽 ≠ 𝑆𝑓𝑒𝑣𝑜𝑒𝑏𝑜𝑢(𝐽, 𝐺)

𝐽 𝑈𝑀𝐹

SLIDE 24

Fault Tree Analysis: equivalence check

24

𝐺𝑈 = 𝐺𝑁11 ∧ 𝐺𝑁12 ∨ 𝐺𝑁11 ∧ 𝐺𝑁13 ∨ ⋯ ∨ (𝐺𝑁23 ∧ 𝐺𝑊

2)

SLIDE 25

Reliability Function Extraction

𝑮𝒏𝟐 𝑮𝒘 𝑮𝒏𝟒 𝑮𝒏𝟑 ⊤ ⊥ 𝑮𝒏𝟑

25

𝐺

𝑡𝑧𝑡 ∶ ℝ 0,1 × ⋯ × ℝ 0,1 ⟼ ℝ 0,1

BDD representation of the Fault Tree

SLIDE 26

Reliability Function Extraction

𝑮𝒏𝟐 𝑮𝒘 𝑮𝒏𝟒 𝑮𝒏𝟑 ⊤ ⊥ 𝑮𝒏𝟑

26

𝑮𝒘 + 𝐺

𝑡𝑧𝑡 𝐺 𝑤, 𝐺𝑛1, 𝐺𝑛2, 𝐺𝑛3 =

𝐺

𝑡𝑧𝑡 ∶ ℝ 0,1 × ⋯ × ℝ 0,1 ⟼ ℝ 0,1

BDD representation of the Fault Tree

SLIDE 27

Reliability Function Extraction

𝑮𝒏𝟐 𝑮𝒘 𝑮𝒏𝟒 𝑮𝒏𝟑 ⊤ ⊥ 𝑮𝒏𝟑

27

𝐺

𝑤 +

𝐺

𝑡𝑧𝑡 𝐺 𝑤, 𝐺𝑛1, 𝐺𝑛2, 𝐺𝑛3 =

+(𝟐 − 𝑮𝒘) ∗ 𝑮𝒏𝟐 ∗ 𝑮𝒏𝟑 +

𝐺

𝑡𝑧𝑡 ∶ ℝ 0,1 × ⋯ × ℝ 0,1 ⟼ ℝ 0,1

BDD representation of the Fault Tree

SLIDE 28

Reliability Function Extraction

𝑮𝒏𝟐 𝑮𝒘 𝑮𝒏𝟒 𝑮𝒏𝟑 ⊤ ⊥ 𝑮𝒏𝟑

28

𝐺

𝑤 +

𝐺

𝑡𝑧𝑡 𝐺 𝑤, 𝐺𝑛1, 𝐺𝑛2, 𝐺𝑛3 =

+(1 − 𝐺

𝑤) ∗ 𝐺𝑛1 ∗ 𝐺𝑛2 +

+(𝟐 − 𝑮𝒘) ∗ 𝑮𝒏𝟐 ∗ (𝟐 − 𝑮𝒏𝟑) ∗ 𝑮𝒏𝟒 +

𝐺

𝑡𝑧𝑡 ∶ ℝ 0,1 × ⋯ × ℝ 0,1 ⟼ ℝ 0,1

BDD representation of the Fault Tree

SLIDE 29

Reliability Function Extraction

𝑮𝒏𝟐 𝑮𝒘 𝑮𝒏𝟒 𝑮𝒏𝟑 ⊤ ⊥ 𝑮𝒏𝟑

29

𝐺

𝑤 +

𝐺

𝑡𝑧𝑡 𝐺 𝑤, 𝐺𝑛1, 𝐺𝑛2, 𝐺𝑛3 =

+(1 − 𝐺

𝑤) ∗ 𝐺𝑛1 ∗ 𝐺𝑛2 +

+(𝟐 − 𝑮𝒘) ∗ (𝟐 − 𝑮𝒏𝟐) ∗ 𝑮𝒏𝟑 ∗ 𝑮𝒏𝟒 +(1 − 𝐺

𝑤) ∗ 𝐺𝑛1 ∗ (1 − 𝐺𝑛2) ∗ 𝐺𝑛3 +

𝐺

𝑡𝑧𝑡 ∶ ℝ 0,1 × ⋯ × ℝ 0,1 ⟼ ℝ 0,1

BDD representation of the Fault Tree

SLIDE 30

Reliability Function Extraction

𝑮𝒏𝟐 𝑮𝒘 𝑮𝒏𝟒 𝑮𝒏𝟑 ⊤ ⊥ 𝑮𝒏𝟑

30

𝐺

𝑤 +

𝐺

𝑡𝑧𝑡 𝐺 𝑤, 𝐺𝑛1, 𝐺𝑛2, 𝐺𝑛3 =

+(1 − 𝐺

𝑤) ∗ 𝐺𝑛1 ∗ 𝐺𝑛2 +

+(1 − 𝐺

𝑤) ∗ (1 − 𝐺𝑛1) ∗ 𝐺𝑛2 ∗ 𝐺𝑛3

+(1 − 𝐺

𝑤) ∗ 𝐺𝑛1 ∗ (1 − 𝐺𝑛2) ∗ 𝐺𝑛3 +

𝐺

𝑡𝑧𝑡 ∶ ℝ 0,1 × ⋯ × ℝ 0,1 ⟼ ℝ 0,1

BDD representation of the Fault Tree

SLIDE 31

Automated Analysis of Reliability Architecture

1. Model the extended system with uninterpreted

functions

2. Perform Fault Tree Analysis
3. Extract Reliability Function, from BDD

representation of Fault Tree

31

SLIDE 32

Automated Analysis of Reliability Architecture

1. Model the extended system with uninterpreted

functions

2. Perform Fault Tree Analysis
3. Extract Reliability Function, from BDD

representation of Fault Tree

4. Evaluate the results with analytical tools

(Octave/Matlab)

32

SLIDE 33

33

Automated Analysis of Reliability Architecture

SLIDE 34

34

Automated Analysis of Reliability Architecture

SLIDE 35

35

𝐺

𝑡𝑧𝑡 = 𝐺 𝑤 + 3 ∗ 𝐺 𝑛 2 − 3 ∗ 𝐺 𝑤 ∗ 𝐺 𝑛 2 …

Automated Analysis of Reliability Architecture

SLIDE 36

36

Triple Redundant Module comparison (1 voter)

e d c b a

1-Rv 1-Rm

𝐺

𝑡𝑧𝑡 = 𝐺 𝑤 + 3 ∗ 𝐺 𝑛 2 − 3 ∗ 𝐺 𝑤 ∗ 𝐺 𝑛 2 …

Automated Analysis of Reliability Architecture

SLIDE 37

Uniform probability analysis

1 voter patterns comparison (2D) 1 voter patterns comparison (3D)

37

SLIDE 38

Uniform probability analysis

1 vs 2 voters comparison (2D) 1 vs 2 voters comparison (3D)

38

SLIDE 39

Not uniform probability analysis

Varying 𝐺

𝑛 for 𝑁1 (1 voter)

Varying 𝐺

𝑤 for 𝑊 1 (2 voters)

39

SLIDE 40

Automated Analysis of Reliability Architectures

Full automated technique for the Analysis of

Reliability Architecture

Symbolic technique (it generates the closed form of

Reliability function)

Allows for the reusability of analysis results (i.e.

generation of Reliability Functions Libraries)

AllSMT approach: Hard to deal with big system

definition (> 10 stages)

SLIDE 41

Outline

Architectural Design in Critical Systems
Redundant Systems
Reliability Analysis
Automated Approaches
EUF modeling and Fault Tree Analysis
Efficient Analysis via Predicate Abstraction
Conclusion

41

SLIDE 42

Modular Abstraction

Boolean Data

42

SLIDE 43

Modular Abstraction

43

SLIDE 44

𝑄𝑝1 𝑝𝑜 = 𝑝1 𝑄𝑝2 𝑝𝑜 = 𝑝2 𝑄𝑝3 𝑝𝑜 = 𝑝3 … 𝑄𝑗2 𝑗𝑜1 = 𝑗21 𝑄𝑗3 𝑗𝑜1 = 𝑗31 … 𝑄𝑗1 𝑗𝑜1 = 𝑗11 𝑄𝑗4 𝑗𝑜2 = 𝑗12

Modular Abstraction

44

… 𝐵1 𝑇1

𝐵

𝐷1 𝐺

1

= =

SLIDE 45

𝑄𝑝1 𝑝𝑜 = 𝑝1 𝑄𝑝2 𝑝𝑜 = 𝑝2 𝑄𝑝3 𝑝𝑜 = 𝑝3 … 𝑄𝑗2 𝑗𝑜1 = 𝑗21 𝑄𝑗3 𝑗𝑜1 = 𝑗31 … 𝑄𝑗1 𝑗𝑜1 = 𝑗11 𝑄𝑗4 𝑗𝑜2 = 𝑗12

Modular Abstraction

45

… 𝐵1 𝑇1

𝐵

𝐷1 𝐺

1

= = … 𝐵2 𝑇2

𝐵

𝐷2 𝐺2

SLIDE 46

𝑄𝑝1 𝑝𝑜 = 𝑝1 𝑄𝑝2 𝑝𝑜 = 𝑝2 𝑄𝑝3 𝑝𝑜 = 𝑝3 … 𝑄𝑗2 𝑗𝑜1 = 𝑗21 𝑄𝑗3 𝑗𝑜1 = 𝑗31 … 𝑄𝑗1 𝑗𝑜1 = 𝑗11 𝑄𝑗4 𝑗𝑜2 = 𝑗12

Modular Abstraction

46

… 𝐵1 𝑇1

𝐵

𝐷1 𝐺

1

= = … 𝐵2 𝑇2

𝐵

𝐷2 𝐺2 … 𝐵1 𝑇1

𝐵

… 𝑇2

𝐵

𝐷2 V

≠?

𝐺

1

𝐺2 = =

SLIDE 47

Modular Abstraction

47

SLIDE 48

Concrete vs Abstraction: linear

SLIDE 49

DAG like example with 60 modules

49

SLIDE 50

Concrete vs Abstraction: Tree and DAG (< 15 modules)

SLIDE 51

Abstraction: Tree and DAG

SLIDE 52

Outline

Architectural Design in Critical Systems
Redundant Systems
Reliability Analysis
Manual Reliability techniques
Automated Approaches
EUF modeling and Fault Tree Analysis
Efficient Analysis via Predicate Abstraction
Conclusion

52

SLIDE 53

Conclusion

Automated technique for the analysis of reliability

architectures

Management of linear, Tree and DAG like structures
Efficient analysis of large systems (> 140 modules)

via predicate abstraction

Automated Analysis of Reliability Architectures Marco Bozzano, Alessandro Cimatti and Cristian Mattarei In proc. of ICECCS 2013 Efficient Analysis of Reliability Architectures via Predicate Abstraction Marco Bozzano, Alessandro Cimatti and Cristian Mattarei Under review of FMCAD 2013

53

SLIDE 54

Thank you!

Cristian Mattarei Fondazione Bruno Kessler FBK ES-Group mattarei@fbk.eu