10 Model-Based Analysis and Development of Dependable Systems

  • Christian Buckl
  • Alois Knoll
  • Ina Schieferdecker
  • Justyna Zander
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6100)


The term dependability was defined in the 1980s to encompass aspects like fault tolerance and system reliability. According to IFIP, it is defined as the trustworthiness of a computing system which allows reliance to be justifiably placed on the service it delivers. Hence, dependability is the capability of a system to successfully and safely complete its mission. This chapter concentrates on safety and reliability aspects. It starts with a review of the basic terminology including, for example, fault, failure, availability, and integrity. In the following, a mathematical model of fault-tolerant systems is defined. It is used in the further sections for comparison with different techniques for safety and reliability analysis. Also selected currently available model-based development tools are reviewed. A summary and identification of future research challenges conclude the chapter.


Dependable System System Under Test International Electrotechnical Commission Model Drive Architecture Fault Tree Analysis 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Object Management Group: OMG Unified Modelling Language Specification. 2.1.2 edn. (November 2007)Google Scholar
  2. 2.
    Arora, A., Gouda, M.: Closure and convergence: A foundation of fault-tolerant computing. IEEE Transactions on Software Engineering 19(11), 1015–1027 (1993)CrossRefGoogle Scholar
  3. 3.
    Arora, A., Kulkarni, S.S.: Detectors and correctors: A theory of fault-tolerance components. In: International Conference on Distributed Computing Systems, pp. 436–443 (1998)Google Scholar
  4. 4.
    Laprie, J.C.: Dependable computing and fault-tolerance: Concepts and terminology. In: Proceedings of the 15th International Symposion on Fault Tolerant Computing Systems, pp. 2–11 (June 1985)Google Scholar
  5. 5.
    Avizienis, A., Laprie, J.C., Randell, B.: Fundamental concepts of dependability. Technical report, LAAS-CNRS (April 2001)Google Scholar
  6. 6.
    Department of Defense: Standard Practise for System Safety. MIL-STD-882D (2000)Google Scholar
  7. 7.
    United Kingdom Ministry of Defence: Safety Management Requirements for Defence Systems. Def Stan 00-56 (2000)Google Scholar
  8. 8.
    International Electrotechnical Commission: Functional safety of electrical/electronic/programmable electronic safety-related systems. IEC 61508 (2002)Google Scholar
  9. 9.
    International Standards Organization: Quality management and quality assurance - Vocabulary. ISO 8402-1986 (1986)Google Scholar
  10. 10.
    Pradhan, D.K.: Fault-Tolerant Computer System Design. Prentice-Hall, Englewood Cliffs (1996)Google Scholar
  11. 11.
    Avizienis, A.: The four-universe information system model for the study of fault-tolerance. In: International Symposium on Fault-Tolerant Computing, Santa Monica, CA, vol. 12, pp. 6–13 (June 1982)Google Scholar
  12. 12.
    Lee, P.A., Anderson, T.: Fault Tolerance: Principles and Practice. Springer, New York (1990)CrossRefzbMATHGoogle Scholar
  13. 13.
    Powell, D., Chérèque, M., Drackley, D.: Fault-tolerance in delta-4. ACM SIGOPS Operating Systems Review 25(2), 122–125 (1991)CrossRefGoogle Scholar
  14. 14.
    Arora, A., Kulkarni, S.S.: Designing masking fault-tolerance via nonmasking fault-tolerance. IEEE Transactions on Software Engineering 24(6), 435–450 (1998)CrossRefGoogle Scholar
  15. 15.
    Kulkarni, S.S.: Component based design of fault-tolerance. PhD thesis, Ohio State University, Adviser-Anish Arora (1999)Google Scholar
  16. 16.
    Randell, B., Lee, P., Treleaven, P.C.: Reliability issues in computing system design. ACM Computing Surveys 10(2), 123–165 (1978)CrossRefzbMATHGoogle Scholar
  17. 17.
    Stamatis, D.H.: Failure Mode and Effect Analysis: FMEA from Theory to Execution. American Society for Quality (2003)Google Scholar
  18. 18.
    Haimes, Y.Y.: Risk Modeling, Assessment, and Management. Wiley, Chichester (2005)zbMATHGoogle Scholar
  19. 19.
    Society of Automotive Engineers: Recommended Failure Modes and Effects Analysis (FMEA) Practices for Non-Automobile Applications. SAE ARP 5580 (2001)Google Scholar
  20. 20.
    International Electrotechnical Commission: Analysis techniques for system reliability - Procedure for failure mode and effects analysis (FMEA). IEC 60812:2006 (2006)Google Scholar
  21. 21.
    British Standards: Reliability of systems, equipment and components. Guide to the specification of dependability requirements. BS5760-4:2003 (2003)Google Scholar
  22. 22.
    Ericson, C.: Fault Tree Analysis: A History. In: Proceedings of the 17th International System Safety Conference (1999)Google Scholar
  23. 23.
    International Electrotechnical Commission: Fault Tree Analysis (FTA). IEC 61025 (1990)Google Scholar
  24. 24.
    Markov, A.A.: In: Classical Text in Translation: An Example of Statistical Investigation of the Text Eugene Onegin Concerning the Connection of Samples in Chains. Science in Context. Cambridge Journals, 591–600 (2006)Google Scholar
  25. 25.
    International Electrotechnical Commission: Application of Markov techniques. IEC 61165:2006 (2006)Google Scholar
  26. 26.
    Boudali, H., Crouzen, P., Stoelinga, M.: Dynamic Fault Tree Analysis Using Input/Output Interactive Markov Chains. In: International Conference on Dependable Systems and Networks, pp. 708–717 (2007)Google Scholar
  27. 27.
    Hausler, P.A., Linger, R.C., Trammell, C.J.: Adopting Cleanroom software engineering with a phased approach. IBM Syst. J. 33(1), 89–109 (1994)CrossRefGoogle Scholar
  28. 28.
    Wallmueller, E.: Software- Qualitätsmanagement in der Praxis. Hanser Verlag (2001) (in German)Google Scholar
  29. 29.
    Utting, M., Legeard, B.: Practical Model-Based Testing: A Tools Approach. Morgan Kaufmann Publishers Inc., San Francisco (2006)Google Scholar
  30. 30.
    Dijkstra, E.W.: Notes on Structured Programming. Circulated Privately (April 1970)Google Scholar
  31. 31.
    Bernard, E., Legeard, B., Luck, X., Peureux, F.: Generation of test sequences from formal specifications: Gsm 11-11 standard case study. Softw. Pract. Exper. 34(10), 915–948 (2004)CrossRefGoogle Scholar
  32. 32.
    Utting, M.: Model-Based Testing. In: Proceedings of the Workshop on Verified Software: Theory, Tools, and Experiments, VSTTE 2005 (2005)Google Scholar
  33. 33.
    Campbell, C., Grieskamp, W., Nachmanson, L., Schulte, W., Tillmann, N., Veanes, M.: Model-Based Testing of Object-Oriented Reactive Systems with Spec Explorer. Microsoft Research, MSR-TR-2005-59 (2005)Google Scholar
  34. 34.
    Frantzen, L., Tretmans, J., Willemse, T.A.C.: A Symbolic Framework for Model-Based Testing. In: Havelund, K., Núñez, M., Roşu, G., Wolff, B. (eds.) FATES 2006 and RV 2006. LNCS, vol. 4262, pp. 40–54. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  35. 35.
    Kamga, J., Herrmann, J., Joshi, P.: D-MINT Automotive Case Study. Deployment of Model-Based Technologies to Industrial Testing (D-MINT), ITEA2 Project, Deliverable 1.1 (2007)Google Scholar
  36. 36.
    Tretmans, J.: Model based testing with labelled transition systems. In: Hierons, R.M., Bowen, J.P., Harman, M. (eds.) FORTEST 2008. LNCS, vol. 4949, pp. 1–38. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  37. 37.
    Pretschner, A., Prenninger, W., Wagner, S., Kühnel, C., Baumgartner, M., Sostawa, B., Zölch, R., Stauner, T.: One evaluation of model-based testing and its automation. In: ICSE 2005: Proceedings of the 27th International Conference on Software Engineering, pp. 392–401. ACM, New York (2005)Google Scholar
  38. 38.
    Broy, M., Jonsson, B., Katoen, J.P., Leucker, M., Pretschner, A.: Model-Based Testing of Reactive Systems. LNCS, vol. 3472. Springer, Heidelberg (2005)zbMATHGoogle Scholar
  39. 39.
    D-MINT Consortium: D-MINT Project - Deployment of Model-Based Technologies to Industrial Testing (2008), (last visited 01/05/09)
  40. 40.
    Zander-Nowicka, J.: Model-based Testing of Real-Time Embedded Systems in the Automotive Domain. PhD thesis, Technical University Berlin (2009)Google Scholar
  41. 41.
    Conrad, M., Fey, I., Sadeghipour, S.: Systematic model-based testing of embedded automotive software. Electr. Notes Theor. Comput. Sci. 111, 13–26 (2005)CrossRefGoogle Scholar
  42. 42.
    Bringmann, E., Krämer, A.: Model-based testing of automotive systems. In: ICST, pp. 485–493. IEEE Computer Society, Los Alamitos (2008)Google Scholar
  43. 43.
    Rau, A.: Model-Based Development of Embedded Automotive Control Systems. PhD thesis, University of Tübingen (2002)Google Scholar
  44. 44.
    Lamberg, K., Beine, M., Eschmann, M., Otterbach, R., Conrad, M., Fey, I.: Model-Based Testing of Embedded Automotive Software Using MTest. In: Proceedings of SAE World Congress, Detroit, US (2004); SAE technical paper 2004-01-1593 Google Scholar
  45. 45.
    Conrad, M.: Modell-Basierter Test Eingebetteter Software im Automobil: Auswahl und Beschreibung von Testszenarien. PhD thesis, Technical University Berlin (2004) (in German)Google Scholar
  46. 46.
    Conrad, M.: A systematic approach to testing automotive control software. SAE Technical Paper Series, 2004210039, Detroit USA (2004)Google Scholar
  47. 47.
    Wiesbrock, H.W., Conrad, M., Fey, I., Pohlheim, H.: Ein Neues Automatisiertes Auswerteverfahren für Regressions und Back-To-Back-Tests Eingebetteter Regelsysteme. Softwaretechnik-Trends 22(3), 22–27 (2002) (in German)Google Scholar
  48. 48.
    Zoughbi, G., Briand, L.C., Labiche, Y.: A uml profile for developing airworthiness-compliant (rtca do-178b), safety-critical software. In: Engels, G., Opdyke, B., Schmidt, D.C., Weil, F. (eds.) MODELS 2007. LNCS, vol. 4735, pp. 574–588. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  49. 49.
    Khan, M.U., Geihs, K., Gutbrodt, F., Gohner, P., Trauter, R.: Model-driven development of real-time systems with uml 2.0 and c. In: MBD-MOMPES 2006: Proceedings of the Fourth Workshop on Model-Based Development of Computer-Based Systems and Third International Workshop on Model-Based Methodologies for Pervasive and Embedded Software (MBD-MOMPES 2006), Washington, DC, USA, pp. 33–42. IEEE Computer Society, Los Alamitos (2006)CrossRefGoogle Scholar
  50. 50.
    Johnson, I., Snook, C., Edmunds, A., Butler, M.: Rigorous development of reusable, domain-specific components, for complex applications. In: CSDUML 2004 - 3rd International Workshop on Critical Systems Development with UML (2004)Google Scholar
  51. 51.
    Bunse, C., Gross, H.G., Peper, C.: Applying a model-based approach for embedded system development. In: EUROMICRO 2007: Proceedings of the 33rd EUROMICRO Conference on Software Engineering and Advanced Applications (EUROMICRO 2007), Washington, DC, USA, pp. 121–128. IEEE Computer Society, Los Alamitos (2007)Google Scholar
  52. 52.
    Ermagan, V., Krueger, I., Menarini, M., ichi Mizutani, J., Oguchi, K., Weir, D.: Towards model-based failure-management for automotive software. In: SEAS 2007: Proceedings of the 4th International Workshop on Software Engineering for Automotive Systems, Washington, DC, USA. IEEE Computer Society, Los Alamitos (2007)Google Scholar
  53. 53.
    Holzmann, G.J.: The model checker spin. IEEE Trans. Software Eng. 23(5), 279–295 (1997)CrossRefGoogle Scholar
  54. 54.
    Buckl, C.: Model-Based Development of Fault-Tolerant Real-Time Systems. PhD thesis, TU München (October 2008)Google Scholar
  55. 55.
    Stahl, T., Voelter, M.: Model-Driven Software Development: Technology, Engineering, Management, 1st edn. Wiley, Chichester (May 2006)Google Scholar
  56. 56.
    Rugina, A.E., Feiler, P.H., Kanoun, K., Kaâniche, M.: Software dependability modeling using an industry-standard architecture description language. CoRR (2008)Google Scholar
  57. 57.
    Rugina, A.E.: Dependability modeling and evaluation - From AADL to stochastic Petri nets. PhD thesis, LAAS CNRS (2007)Google Scholar
  58. 58.
    International Society of Automotive Engineers: SAE Architecture Analysis and Design Language, AADL (November 2004)Google Scholar
  59. 59.
    Miller, J., Mukerji, J.: MDA Guide. Object Management Group, Inc. (June 2003), Version 1.0.1, omg/03-06-01Google Scholar
  60. 60.
    Wensley, J., Lamport, L., Goldberg, J., Green, M., Levitt, K., Melliar-Smith, P., Shostak, R., Weinstock, C.: Sift: Design and analysis of a fault-tolerant computer for aircraft control. Proceedings of the IEEE 66(10), 1240–1255 (1978)CrossRefGoogle Scholar
  61. 61.
    Henzinger, T.A.: Embedded software: Better models, better code. In: ICATPN, pp. 35–36 (2004)Google Scholar
  62. 62.
    Buckl, C., Regensburger, M., Knoll, A., Schrott, G.: A model-based code generator in the context of safety-critical systems. In: Third Latin-American Symposium on Dependable Computing - Fast Abstracts Volume, pp. 3–4 (2007)Google Scholar
  63. 63.
    Nicolescu, G., Mosterman, P.J. (eds.): Model-Based Design for Embedded Systems. CRC Press, Boca Raton (2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Christian Buckl
    • 1
  • Alois Knoll
    • 2
  • Ina Schieferdecker
    • 3
  • Justyna Zander
    • 3
  1. 1.fortiss GmbHGermany
  2. 2.Technische Universität MünchenGermany
  3. 3.Fraunhofer FOKUSTechnical University Berlin, GermanyGermany

Personalised recommendations