Skip to main content

Validating Safety Models with Fault Trees


In verifying a safety-critical system, one usually begins by building a model of the basic system and of its safety mechanisms. If the basic system model does not reflect reality, the verification results are misleading. We show how a model of a system can be compared with the system’s fault trees to help validate the failure behaviour of the model. To do this, the meaning of fault trees are formalised in temporal logic and a consistency relation between models and fault trees is defined. An important practical feature of the technique is that it allows models and fault trees to be compared even if some events in the fault tree are not found in the system model.


  • System Fault
  • Temporal Logic
  • Fault Tree
  • Atomic Proposition
  • Component Failure

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-1-4471-2061-2_3
  • Chapter length: 10 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
USD   84.99
Price excludes VAT (USA)
  • ISBN: 978-1-4471-2061-2
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   109.00
Price excludes VAT (USA)


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. R.E. Bloomfield, J.H. Cheng, and J. Gorski. Towards a common safety description model. In J.F. Lindeberg, editor, SAFECOMP ’91, 1991.

    CrossRef  Google Scholar 

  2. J.C. Bradfield. A proof assistand for symbolic model checking. In Proceedings of CAV ’92, 1992.

    Google Scholar 

  3. Rance Cleaveland, Joachim Parrow, and Bernhard Steffen. The concurrency workbench: A semantics based tool for the verification of concurrent systems. Technical Report ECS-LFCS-89-83, Laboratory for Foundations of Computer Science, University of Edinburgh, 1989.

    Google Scholar 

  4. D. Kozen. Results on the propositional mu-calculus. Theoretical Computer Science, 27:333–354, 1983.

    MathSciNet  CrossRef  Google Scholar 

  5. N.H. Roberts, W.E. Vesely, D.F. Haasl, and F.F. Goldberg. Fault Tree Handbook. U.S. Nuclear Regulatory Commission, 1981.

    Google Scholar 

  6. C. Stirling. Temporal logics for CCS. In J.W. de Bakker, W.-P. de Roever, and G. Rozenberg, editors, Linear Time, Branching Time and Partial Order in Logics and Models. Springer Verlag, 1989. Lecture Notes in Computer Science, 354.

    Google Scholar 

Download references

Author information

Authors and Affiliations


Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 1993 Springer-Verlag London Limited

About this paper

Cite this paper

Bruns, G., Anderson, S. (1993). Validating Safety Models with Fault Trees. In: Górski, J. (eds) SAFECOMP ’93. SAFECOMP 1993. Springer, London.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, London

  • Print ISBN: 978-3-540-19838-3

  • Online ISBN: 978-1-4471-2061-2

  • eBook Packages: Springer Book Archive