THE DYNAMIC FLOWGRAPH METHODOLOGY FOR ASSESSING THE DEPENDABILITY OF EMBEDDED SOFTWARE SYSTEMS

The Dynamic Flowgraph Methodology (DFM) is an integrated methodologica l approach to modeling and analyzing the behavior of software-driven e mbedded systems for the purpose of reliability/safety assessment and v erification, The methodology has two fundamental goals: 1) to identify how certain postulated events may occur in a system; and 2) to identi fy an appropriate testing strategy based on an analysis of system func tional behavior, To achieve these goals, the methodology employs a mod eling framework in which system models are developed in terms of causa l relationships between physical variables and temporal characteristic s of the execution of software modules, These models are then analyzed to determine how a certain state (desirable or undesirable) can be re ached, This is done by developing timed fault trees which take the for m of logical combinations of static trees relating system parameters a t different points in time. The prime implicants (multi-state analogue of minimal cut sets) of the fault trees can be used to identify and e liminate system faults resulting from unanticipated combinations of so ftware logic errors, hardware failures and adverse environmental condi tions, and to direct testing activity to more efficiently eliminate im plementation errors by focusing on the neighborhood of potential failu re modes arising from these combinations of system conditions.