Analyzing safety and fault tolerance using Time Petri nets

  • N. G. Leveson
  • J. L. Stolzy
Colloquium On Software Engineering Views Of Concurrency
Part of the Lecture Notes in Computer Science book series (LNCS, volume 186)


The application of Time Petri net modelling and analysis techniques to safety-critical real-time systems is explored and procedures described which allow analysis of safety, recoverability, and faulttolerance. These procedures can be used to help determine software requirements, to guide the use of fault detection and recovery procedures, to determine conditions which require immediate mitigating action to prevent accidents, etc. Thus it is possible to establish important properties during the synthesis of the system and software design instead of using guesswork and costly a posteriori analysis.


Reachability Graph Faulty State Control Fault Tolerance Software Safety Watchdog Timer 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [1]
    Azema, P., and Diaz, M. “Checking Experiments for Concurrent Systems,” FTCS-7, June 1977, p. 206.Google Scholar
  2. [2]
    Malasky, S.W. System Safety: Technology and Application, Garland STPM Press, New York, 1982.Google Scholar
  3. [3]
    Kopetz, H. “The Failure Fault (FF) Model,” FTCS-12, Santa Monica, Calif., June 1982, pp. 14–17.Google Scholar
  4. [4]
    Leveson, N.G. and Harvey, P.R. “Analyzing Software Safety,” IEEE Transactions on Software Engineering, vol. SE-9, no. 5, Sept. 1983.Google Scholar
  5. [5]
    Leveson, N.G. “Software Safety in Process-Control Systems,” IEEE Computer, February 1984.Google Scholar
  6. [6]
    Merlin, P.M. “A Study of the Recoverability of Computing Systems,” Ph.D. Thesis, Information and Computer Science Department, University of California, Irvine, 1974.Google Scholar
  7. [7]
    Merlin, P.M. and Farber, D.J. “Recoverability of Communication Protocols — Implications of a Theoretical Study,” IEEE Transactions on Communications, vol. COM-24, no. 9, September 1976, pp. 1036–1043.Google Scholar
  8. [8]
    MIL-STD-882b, System Safety Program Requirements, U.S. Department of Defense, April 1984.Google Scholar
  9. [9]
    Peterson, J.L. Petri Net Theory and the Modeling of Systems, Prentice Hall, 1981.Google Scholar
  10. [10]
    Vesely, W.E., Goldberg, F.F., Roberts, N.H., and Haasl, D.F. Fault Tree Handbook, NUREG-0492, U.S. Nuclear Regulatory Commission, January 1981.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1985

Authors and Affiliations

  • N. G. Leveson
    • 1
  • J. L. Stolzy
    • 1
  1. 1.Information and Computer ScienceUniversity of California, IrvineIrvine

Personalised recommendations