Automatic Reliability Analysis of Electronic Designs using Fault Trees

In embedded systems development safety and reliability are important quality characteristics. Fault tree analysis is often used to determine these characteristics. Generalized fault trees improve the readability and thus prevent the insertion of bugs, e.g., during manual modification. Fault tree analyses are usually performed manually. Taking into account the high complexity of large, technical systems this is often not possible with respect to the existing time and budget constraints. Furthermore, completeness and precision of the results are neither guaranteed nor systematically provable. The automatic generation of generalized fault trees permits to save time and effort and it increases the quality of the results. Completeness, correctness, and consistency of the generated fault trees are guaranteed. We developed a fault tree generation tool for electronic circuits that generates fault trees based on the standardized EDIF 300 interchange format. This tool has already been used to analyze failure situations in industrial automation applications. 1 Motivation The development of embedded systems faces an ever growing demand for quantified reliability and safety. Dependable results are required. Safety integrity of a system in quantifiable terms is more often required by customers, assessors, and licensing bodies. Fault tree analysis (FTA), Markov models, and failure modes and effects analysis (FMEA) are commonly used methods to analyze potential hazards, and their potential influence on system reliability and safety [1, 11]. These methods are proven and accepted in reliability and safety engineering. By means of Boolean logic, fault trees represent the relationship between causes and undesired or hazardous events. Fault tree analysis can be started early in the design process. Typical questions are: Does the chosen design meet the reliability and safety requirements? What are the most critical components? Design options can be judged reasonably. Fault trees are usually generated manually. Highly skilled, experienced engineers analyze the system based on existing documents that describe the system. Considerable knowledge, system insight and overview are necessary to consider many failure modes and their consequences at a time. This manual work is error-prone, costly, and usually incomplete. Furthermore, there is usually no single person that is capable to analyze software as well as hardware. Our approach is the automatic generation of fault trees. It is required to answer the following questions: • How reliable is a system including hardware and software with respect to particular failures, that may cause certain safety critical situations? • What are appropriate means to reduce the risks, e.g., software test cases, hardware design modifications? 2 Fault Tree Analysis 2.