Chapter

Integrated Formal Methods

Volume 3771 of the series Lecture Notes in Computer Science pp 129-149

An Automated Failure Mode and Effect Analysis Based on High-Level Design Specification with Behavior Trees

  • Lars GrunskeAffiliated withSchool of ITEE/ARC Centre for Complex Systems, University of Queensland
  • , Peter LindsayAffiliated withSchool of ITEE/ARC Centre for Complex Systems, University of Queensland
  • , Nisansala YatapanageAffiliated withSchool of ITEE/ARC Centre for Complex Systems, University of QueenslandSoftware Quality Institute, Griffith University
  • , Kirsten WinterAffiliated withSchool of ITEE/ARC Centre for Complex Systems, University of Queensland

* Final gross prices may vary according to local VAT.

Get Access

Abstract

Formal methods have significant benefits for developing safety critical systems, in that they allow for correctness proofs, model checking safety and liveness properties, deadlock checking, etc. However, formal methods do not scale very well and demand specialist skills, when developing real-world systems. For these reasons, development and analysis of large-scale safety critical systems will require effective integration of formal and informal methods. In this paper, we use such an integrative approach to automate Failure Modes and Effects Analysis (FMEA), a widely used system safety analysis technique, using a high-level graphical modelling notation (Behavior Trees) and model checking. We inject component failure modes into the Behavior Trees and translate the resulting Behavior Trees to SAL code. This enables us to model check if the system in the presence of these faults satisfies its safety properties, specified by temporal logic formulas. The benefit of this process is tool support that automates the tedious and error-prone aspects of FMEA.

Keywords

Automated Hazard Analysis FMEA High-Level Design Specification Model Checking Behavior Trees SAL