Fault-tolerant system dependability-explicit modeling of hardware and software component-interactions

This paper presents a framework for modeling the dependability of hardware and software fault-tolerant systems, taking into account explicitly the dependence among the components. These dependencies can result from: (a) functional or structural interactions between the components or (b) interactions due to global system reconfiguration and maintenance strategies. Modeling is based on GSPN (generalized stochastic Petri net). The modeling approach is modular: the behavior of each component and each interaction is represented by its own GSPN, while the system model is obtained by composition of these GSPN. Composition rules are defined and formalized through clear identification of the interfaces between the component and interaction nets. In addition to modularity, the formalism brings flexibility and re-usability, thereby allowing easy sensitivity analysis with respect to the assumptions that could be made about the behavior of the components and the resulting interactions. This approach has been successfully applied to select new architectures for the French Air Traffic Control system, based among other things, on availability evaluation. This paper illustrates it on a simple representative example, including all the types of the identified dependencies: the duplex system. Modeling of this system showed the strong dependence between components