Summary

Description

Fault Management (FM) is one of the key components of system autonomy. In order to guarantee FM effectiveness and control the cost, tools are required to automate fault-tree generation and updates based on design models specified in standardized design languages such as AADL. Accordingly, we propose a fault tree generation and augmentation environment (FTGA). Equipped by a fault class model and an FM method catalog, FTGA evaluates not only failure behavior in the application under analysis but also FM's capability and adequacy for failure mitigation. Moreover, when an inadequacy in FM is revealed during fault tree generation or analysis, the fault tree will be allowed for augmentation through FM method insertion and be followed by a quantitative evaluation for FM effectiveness validation. Therefore, unlike traditional fault tree analysis which plays a passive role in FM, the automated FTGA environment actively and explicitly influence system design and updates, enabling "fault-tree-in-the-loop" for a system's life cycle. Further, by separating its generic functions (which we collectively call "shared package") from design-language-specific functions (which we collectively call "interface package"), FTGA will be an extensible modeling environment. The anticipated results from the Phase I project will be a preliminary prototype of FTGA and a demonstration for concept validation.