February 10, 2005

1
M. McKelvin G. Eirea A. Sangiovanni- Vincentelli
Automatic Fault Tree Generationfor
Hardware/Software Mappings with Redundancy
http//chess.eecs.berkeley.edu
Fault Tree Generation Algorithm

• Recursive algorithm traverses FTDF graph from
  outputs to inputs
• At each actor instance inserts template of
  subtree as shown below

CreateFaultTree(G) Create SystemFault Event
(root event) Add AND gate with actuatorCount
inputs For each actuator instance A(i)
DevelopTree(A(i)) End For End DevelopTree(Ai) //
Ai is an instance of an actor Add ActorFault(Ai)
Event Switch Ai.type Case Sensor Add OR
gate with two inputs Add ECUFault(Ai.ecu)
Basic Event Add SensorHWFault(Ai) Basic
Event Return // END OF RECURSION Case
Actuator Add OR gate with three inputs
Add ActuatorHWFault(Ai) Basic Event Default
Add OR gate with two inputs End Case Add
ECUFault(Ai.ecu) Basic Event Add
SomeInputFault(Ai) Event Add OR gate with
Ai.inCount inputs For i0 to Ai.inCount-1 Add
InputFault(Ai.in(i)) Event Add AND gate with
Ai.in(i).instanceCount inputs For j0 to
Ai.in(i).instanceCount-1 If
sourceActorInstance.ecu Ai.ecu
DevelopTree(sourceActorInstance) Else
Add RemoteInputFault(Ai.in(i)) Event
Add OR gate with two inputs Add
ChannelFault(channel) Basic Event
DevelopTree(sourceActorInstance) End If
End For End For Return
Acknowledgements
The authors gratefully acknowledge valuable
feedback and efforts by the GM Berkeley Labs
team, CHESS, and affiliated sponsors.
C. Pinello, L. P. Carloni, and A. L.
Sangiovanni-Vincentelli. Fault tolerant
deployment of embedded software for
cost-sensitive real-time feedback control
applications, Proc. Conf. Design, Automation,
and Test in Europe (DATE), 2004.
February 10, 2005