Automatic synthesis of fault trees for computer-based systems

This paper introduces a graphical design language, RIDL (the Reliability Im bedded Design Language) for modeling digital systems. In RIDL, redundancy a nd failure information are imbedded within block diagram schematics without appreciably altering the physical block-diagram models typically used by d esign engineers. A system schematic in RIDL has all of the information need ed for reliability analysis, thus obviating the need for additional textual descriptions. A dynamic fault-tree model can be automatically synthesized from a RIDL system model. The synthesis procedure for a fault-tree of the s ystem is described. Designers can use the synthesized fault-trees to perfor m reliability land thus tradeoff) analyses at an early conceptual design st age. The potential of this approach is demonstrated by two example systems. Evaluation of RIDL is necessarily anecdotal at this stage in our work. Exam ple #1 is fairly simple, with little redundancy. The design diagram in RIDL is virtually identical to the original block-diagram schematic, with the a dded benefit that the RIDL schematic clearly establishes the redundancy and the success criteria. Example #2 uses a complex redundancy management sche me which takes several paragraphs (at minimum) to describe. The RIDL diagra m is necessarily more complex than, and bears only slight resemblance to, t he original. However, the RIDL schematic includes the complete description of the redundancy in the diagram itself. Further, a dynamic fault-tree mode l can be synthesized automatically from the RIDL design. The question remains: Does the use of a more complete (yet complex) graphic al design language make the task of design documentation more or less diffi cult? If the designer must declare at the outset whether a component is red undant, and if so, declare the redundancy type, does this constitute an und ue burden or a documentation aid? We have discussed these issues with sever al industry colleagues, with encouraging feedback. Once a usable supporting toolset is developed, these issues can be addressed more completely.