This paper describes the dependability modelling and evaluation of a real complex system, made of redundant replicated hardware and redundant diverse software. It takes into account all aspects of their interactions (including correlation between the diverse software variants) and of the criticality of the several components. Our approach has been to realise the system model in a structured way. This allows to cope with complexity and to focus, where interesting, on specific behaviour for a more detailed analysis. Furthermore each level may be modelled using different methodologies and its evaluation performed with different tools without the need of modifying the general structure of the model. In order to validate the most complex sub-models, we built alternatives using different tools and methodologies; this proved to be very useful since it allowed to find small bugs and imperfections and to gain more confidence that the models represented the real system behaviour. With respect to the real system taken as the example, our analyses, which could not be reported here, allowed to establish the dependability bottlenecks of the current version and to state targets for the several subcomponents such that the system targets could be reached, thus providing hints for next releases or modifications of the system and information to assign targets to the various components of the system.
Dependability modeling and analysis of complex control systems: An application to railway interlocking / M. Nelli;A. Bondavalli;L. Simoncini. - ELETTRONICO. - 1150:(1996), pp. 93-110. (Intervento presentato al convegno 2nd European Dependable Computing Conference, EDCC 1996 tenutosi a Taormina, Italy nel 1996) [10.1007/3-540-61772-8_32].
Dependability modeling and analysis of complex control systems: An application to railway interlocking
BONDAVALLI, ANDREA;
1996
Abstract
This paper describes the dependability modelling and evaluation of a real complex system, made of redundant replicated hardware and redundant diverse software. It takes into account all aspects of their interactions (including correlation between the diverse software variants) and of the criticality of the several components. Our approach has been to realise the system model in a structured way. This allows to cope with complexity and to focus, where interesting, on specific behaviour for a more detailed analysis. Furthermore each level may be modelled using different methodologies and its evaluation performed with different tools without the need of modifying the general structure of the model. In order to validate the most complex sub-models, we built alternatives using different tools and methodologies; this proved to be very useful since it allowed to find small bugs and imperfections and to gain more confidence that the models represented the real system behaviour. With respect to the real system taken as the example, our analyses, which could not be reported here, allowed to establish the dependability bottlenecks of the current version and to state targets for the several subcomponents such that the system targets could be reached, thus providing hints for next releases or modifications of the system and information to assign targets to the various components of the system.
| File | Dimensione | Formato | |
|---|---|---|---|
|
NBS96-EDCC2-120.pdf
Accesso chiuso
Tipologia:
Altro
Licenza:
Tutti i diritti riservati
Dimensione
106.61 kB
Formato
Adobe PDF
|
106.61 kB | Adobe PDF | Richiedi una copia |
I documenti in FLORE sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
