Formal verification of fault tolerance in safety-critical reconfigurable modules

Cyber-physical systems (CPSs) are co-engineered integrating with physical and computational components networks. Additionally, a CPS is a mechanism controlled or monitored by computer-based algorithms, tightly interacting with the internet and its users. This chapter presents the definitions relating to dependability, safety-critical and fault-tolerance of CPSs. These definitions are supplemented by other definitions like reliability, availability, safety, maintainability, integrity. Threats to dependability and security like faults, errors, failures are also discussed. Taxonomy of different faults and attacks in CPSs are also presented in this chapter. The main objective of this chapter is to give the general information about secure CPS to the learners for the further enhancement in the field of CPSs.

Download Full-text

A Formal Verification Methodology for DDD Mode Pacemaker Control Programs

Journal of Electrical and Computer Engineering ◽

10.1155/2015/939028 ◽

2015 ◽

Vol 2015 ◽

pp. 1-10 ◽

Cited By ~ 5

Author(s):

Sana Shuja ◽

Sudarshan K. Srinivasan ◽

Shaista Jabeen ◽

Dharmakeerthi Nawarathna

Keyword(s):

Formal Verification ◽

Control Program ◽

Formal Specifications ◽

Object Code ◽

Correctness Proof ◽

Safety Critical ◽

Control Programs ◽

Control Functions ◽

Verification Process ◽

Verification Methodology

Pacemakers are safety-critical devices whose faulty behaviors can cause harm or even death. Often these faulty behaviors are caused due to bugs in programs used for digital control of pacemakers. We present a formal verification methodology that can be used to check the correctness of object code programs that implement the safety-critical control functions of DDD mode pacemakers. Our methodology is based on the theory of Well-Founded Equivalence Bisimulation (WEB) refinement, where both formal specifications and implementation are treated as transition systems. We develop a simple and general formal specification for DDD mode pacemakers. We also develop correctness proof obligations that can be applied to validate object code programs used for pacemaker control. Using our methodology, we were able to verify a control program with millions of transitions against the simple specification with only 10 transitions. Our method also found several bugs during the verification process.

Download Full-text

Power/Area-Optimized Fault Tolerance for Safety Critical Applications

2018 IEEE 24th International Symposium on On-Line Testing And Robust System Design (IOLTS) ◽

10.1109/iolts.2018.8474178 ◽

2018 ◽

Cited By ~ 1

Author(s):

Milos Krstic ◽

Aleksandar Simevski ◽

Markus Ulbricht ◽

Stefan Weidling

Keyword(s):

Fault Tolerance ◽

Safety Critical

Download Full-text

Model Checking for SpaceWire Error Detection Module

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.241-244.3020 ◽

2012 ◽

Vol 241-244 ◽

pp. 3020-3025

Author(s):

Ling Ling Dong ◽

Yong Guan ◽

Xiao Juan Li ◽

Zhi Ping Shi ◽

Jie Zhang ◽

...

Keyword(s):

Model Checking ◽

Formal Verification ◽

Temporal Logic ◽

Error Detection ◽

System Model ◽

Linear Search ◽

Kripke Structure ◽

Mathematical Methods ◽

Safety Critical ◽

Correctness Of Programs

Considerable attention has been devoted to prove the correctness of programs. Formal verification overcomes the incompleteness by applying mathematical methods to verify a design. SpaceWire is a well known communication standard. For safety-critical applications an approach is needed to validate the completeness of SpareWire design. This paper addresses formal verification of SpareWire error detection module. The system model was constructed by Kripke structure, and the properties were presented by linear temporal logic (LTL). Compared the verification of LTL with CTL (branch temporal logic), LTL properties could improve the verification efficiency due to its linear search. The error priority was checked using simulation guided by model checking. After some properties were modified, all possible behaviors of the module satisfied the specification. This method realizes complete validation of the error detection module.

Download Full-text

Formal verification of safety-critical systems

Software Practice and Experience ◽

10.1002/spe.4380200804 ◽

1990 ◽

Vol 20 (8) ◽

pp. 799-821 ◽

Cited By ~ 18

Author(s):

Louise E. Moser ◽

P. M. Melliar-Smith

Keyword(s):

Formal Verification ◽

Critical Systems ◽

Safety Critical ◽

Safety Critical Systems

Download Full-text

Optimizing Fault Tolerance for Multi-Processor System-on-Chip

Design and Test Technology for Dependable Systems-on-Chip - Advances in Computer and Electrical Engineering ◽

10.4018/978-1-60960-212-3.ch003 ◽

2011 ◽

pp. 66-91 ◽

Cited By ~ 4

Author(s):

Dimitar Nikolov ◽

Mikael Väyrynen ◽

Urban Ingelsson ◽

Virendra Singh ◽

Erik Larsson

Keyword(s):

Fault Tolerance ◽

Error Probability ◽

Fault Tolerant ◽

General Purpose ◽

System On Chip ◽

Probability Estimation ◽

Communication Overhead ◽

Mathematical Framework ◽

Safety Critical ◽

On Chip

While the rapid development in semiconductor technologies makes it possible to manufacture integrated circuits (ICs) with multiple processors, so called Multi-Processor System-on-Chip (MPSoC), ICs manufactured in recent semiconductor technologies are becoming increasingly susceptible to transient faults, which enforces fault tolerance. Work on fault tolerance has mainly focused on safety-critical applications; however, the development of semiconductor technologies makes fault tolerance also needed for general-purpose systems. Different from safety-critical systems where meeting hard deadlines is the main requirement, it is for general-purpose systems more important to minimize the average execution time (AET). The contribution of this chapter is two-fold. First, the authors present a mathematical framework for the analysis of AET. Their analysis of AET is performed for voting, rollback recovery with checkpointing (RRC), and the combination of RRC and voting (CRV) where for a given job and soft (transient) error probability, the authors define mathematical formulas for each of the fault-tolerant techniques with the objective to minimize AET while taking bus communication overhead into account. And, for a given number of processors and jobs, the authors define integer linear programming models that minimize AET including communication overhead. Second, as error probability is not known at design time and it can change during operation, they present two techniques, periodic probability estimation (PPE) and aperiodic probability estimation (APE), to estimate the error probability and adjust the fault tolerant scheme while the IC is in operation.

Download Full-text

Development of Safety-Critical Control Systems in Event-B Using FMEA

Dependability and Computer Engineering - Advances in Computer and Electrical Engineering ◽

10.4018/978-1-60960-747-0.ch005 ◽

2012 ◽

pp. 75-91

Author(s):

Yuliya Prokhorova ◽

Elena Troubitsyna ◽

Linas Laibinis ◽

Vyacheslav Kharchenko

Keyword(s):

Fault Tolerance ◽

Control Systems ◽

Failure Mode ◽

System Development ◽

Formal System ◽

System Specification ◽

Effect Analysis ◽

Safety Critical ◽

Intensive Control

Application of formal methods, in particular Event-B, helps us to verify the correctness of controlling software. However, to guarantee the dependability of software-intensive control systems, we also need to ensure that safety and fault tolerance requirements are adequately represented in a system specification. In this chapter we demonstrate how to integrate the results of safety analysis, in particular failure mode and effect analysis (FMEA), into formal system development in Event-B. The proposed methodology is exemplified by a case study.

Download Full-text