Formal Dependability Modeling and Analysis: A Survey
Waqar Ahmed and Osman Hasan
School of Electrical Engineering and Computer Science National University of Sciences and Technology (NUST) Islamabad, Pakistan
CICM 2016 Bailystock, Poland
July 27, 2016 Outline
1 Introduction and Motivation
2 Dependability Modeling Techniques
3 Formal Techniques for Dependability Analysis
4 Conclusions
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 2 / 48 Dependability
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 3 / 48 Safety-critical Systems
More stringent dependability requirements Main motivation for Formal Dependabiltiy Modeling and Analysis
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 4 / 48 Dependability
Dependabililty
Reliability Availability Maintainability
The ability of system to The ability of system to The ability of a system deliver services as deliver services when to restore to operational specified within a given required status after a failure time occurs
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 5 / 48 Dependability
Dependabililty
Reliability Availability Maintainability
The ability of system to The ability of system to The ability of a system deliver services as deliver services when to restore to operational specified within a given required status after a failure time occurs
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 6 / 48 Dependability
Dependabililty
Reliability Availability Maintainability
The ability of system to The ability of system to The ability of a system deliver services as deliver services when to restore to operational specified within a given required status after a failure time occurs
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 7 / 48 Availability is typically derived from reliability and maintainability measures MTBF A(t) = MTBF + MTTR where MTBF = MTTF + MTTR MTBF = Mean time between failures (Reliability Metric) MTTF = Mean time to failure (Reliability Metric) MTTR = Mean time to repair (Maintainability Metric)
Formal Definitions
Reliability= P(no failure occurs before certain time)
R(t) = Pr(X > t) = 1 − Pr(X ≤ t)
= 1 − FX (t)
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 8 / 48 Formal Definitions
Reliability= P(no failure occurs before certain time)
R(t) = Pr(X > t) = 1 − Pr(X ≤ t)
= 1 − FX (t)
Availability is typically derived from reliability and maintainability measures MTBF A(t) = MTBF + MTTR where MTBF = MTTF + MTTR MTBF = Mean time between failures (Reliability Metric) MTTF = Mean time to failure (Reliability Metric) MTTR = Mean time to repair (Maintainability Metric)
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 8 / 48 Traditional Dependability Analysis Steps
Start
Conceptual Behavioural Model of the System
Mean Time To Failure (MTTF) Component Reliability and Availability Mean Time Between Failure Level Metric Calculation (MTBF) Mean Time To Repair (MTTR)
Selection of Reliability Reliability Block Diagram (RBD) Fault Tree (FT) Modeling Technique System Markov Chain (MC) Level Selection of Reliability Analytical Simulation Analysis Technique Formal Methods
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 9 / 48 Traditional Dependability Analysis Steps
Start
Conceptual Behavioural Model of the System
Mean Time To Failure (MTTF) Component Reliability and Availability Mean Time Between Failure Level Metric Calculation (MTBF) Mean Time To Repair (MTTR)
Selection of Reliability Reliability Block Diagram (RBD) Fault Tree (FT) Modeling Technique System Markov Chain (MC) Level Selection of Reliability Analytical Simulation Analysis Technique Formal Methods
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 10 / 48 Traditional Dependability Analysis Steps
Start
Conceptual Behavioural Model of the System
Mean Time To Failure (MTTF) Component Reliability and Availability Mean Time Between Failure Level Metric Calculation (MTBF) Mean Time To Repair (MTTR)
Selection of Reliability Reliability Block Diagram (RBD) Fault Tree (FT) Modeling Technique System Markov Chain (MC) Level Selection of Reliability Analytical Simulation Analysis Technique Formal Methods
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 11 / 48 Traditional Dependability Analysis Steps
Start
Conceptual Behavioural Model of the System
Mean Time To Failure (MTTF) Component Reliability and Availability Mean Time Between Failure Level Metric Calculation (MTBF) Mean Time To Repair (MTTR)
Selection of Reliability Reliability Block Diagram (RBD) Fault Tree (FT) Modeling Technique System Markov Chain (MC) Level Selection of Reliability Analytical Simulation Analysis Technique Formal Methods
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 12 / 48 Outline
1 Introduction and Motivation
2 Dependability Modeling Techniques
3 Formal Techniques for Dependability Analysis
4 Conclusions
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 13 / 48 Dependability Modeling Techniques
Some widely used modeling techniques are: Reliability Block Diagram Fault Tree Markov Chain
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 14 / 48 The overall system failure happens if all the paths for successful execution fail Add more parallelism to meet the dependability goals
Reliability Block Diagrams
Model the failure relationship of system components as a diagram of sub-blocks and connectors (RBD) Judge the failure characteristics of the overall system based on the failure rates of sub-blocks
1 N
I O
M
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 15 / 48 Reliability Block Diagrams
Model the failure relationship of system components as a diagram of sub-blocks and connectors (RBD) Judge the failure characteristics of the overall system based on the failure rates of sub-blocks
1 N
I O
M
The overall system failure happens if all the paths for successful execution fail Add more parallelism to meet the dependability goals
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 15 / 48 Types of RBD
RBDs Mathematical Expressions N N \ Y I 1 N O Rseries (t) = Pr( Ei (t)) = Ri (t) i=1 i=1
1
M M [ Y I O Rparallel (t) = Pr( Ei ) = 1 − (1 − Ri (t)) i=1 i=1
M
1 N M N M N [ \ Y Y I O Rparallel−series (t)= Pr( Eij (t))= 1 − (1 − (Rij (t))) i=1 j=1 i=1 j=1 M
1 N N M N M \ [ Y Y I O Rseries−parallel (t)= Pr( Eij (t))= (1 − (1 − Rij (t))) i=1 j=1 i=1 j=1 M
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 16 / 48 Example: Power Supply System
Waqar requires continuous supply of power for his Lab PC The UPS can support the load during a switch from the main supply to the generator Wants to determine the reliability of power supply system
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 17 / 48 pow sys rbd = (M ∩ T) ∪ G ∪ U
Example: Power Supply System
Step 1 Construct an RBD Model
Power Supply RBD
Transformer Main (T) (M)
Generator (G)
UPS (U)
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 18 / 48 Example: Power Supply System
Step 1 Construct an RBD Model
Power Supply RBD
Transformer Main (T) (M)
Generator (G)
UPS (U)
pow sys rbd = (M ∩ T) ∪ G ∪ U
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 18 / 48 Example: Power Supply System
Step 2 Identify the RBD type
Step 3 Use the corresponding mathematical expression to evaluate the overall reliability based on the sub-components reliability
P((M ∩ T) ∪ G ∪ U) = 1 − (1 − P(M) ∗ P(T)) ∗ (1 − P(G)) ∗ (1 − P(U))
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 19 / 48 Fault Tree
A graphical method used to identify potential causes of system failure A fault tree is constructed having Events: describing the failure of system components Logic Gates: representing logical relationship between events AND, OR, NOR, NAND, NOR etc.
TOP event
First Level Contributor to TOP Event by Logic Gates
First Level Events
Second-level Contributors to TOP by Logic Gates
Second-level Contributors
Basic Failure Events
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 20 / 48 Types of FT Gates
FT Gates Failure Probability Expressions N N \ Y F (t) = Pr( Ai (t)) = Fi (t) i=2 i=2 N N [ Y F (t) = Pr( Ai (t)) = 1 − (1 − Fi (t)) i=2 i=2 N Y F (t) = 1 − FOR (t) = (1 − Fi (t)) i=2 k N k N \ \ Y Y F (t)= Pr( Ai (t) ∩ Ai (t))= (1 − Fi (t)) ∗ (Fj (t)) i=2 j=k i=2 j=k F (t)= Pr(A¯(t)B(t) ∪ A(t)B¯(t))
= FA(t)(1 − FB (t)) + FB (t)(1 − FA(t))
F (t) = Pr(A¯(t)) = (1 − FA(t))
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 21 / 48 Example: Power Supply System
Determine the overall failure probability?
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 22 / 48 pow sys fail = (M ∪ T ) ∩ G ∩ U
Fault Tree Analysis
Step 1 Construct a FT and represent Top Event in terms of basic events
F(PS)
M T G U
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 23 / 48 Fault Tree Analysis
Step 1 Construct a FT and represent Top Event in terms of basic events
F(PS)
M T G U
pow sys fail = (M ∪ T ) ∩ G ∩ U
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 23 / 48 Fault Tree Analysis
Step 2 Evaluate probability of failure using the Probabilistic Inclusion-Exclusion principle
n [ X |J|−1 \ P( Ai ) = (−1) P( Aj ) i=1 J6=∅,J⊆{1,2,...,n} j∈J
P(pow sys fail) = P((M ∪ T ) ∩ G ∩ U) = P(M ∩ G ∩ U) + P(T ∩ G ∩ U) − P(M ∩ T ∩ G ∩ U)
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 24 / 48 Fault Tree Analysis
Step 3 Using Mutual Independence property
P(pow sys fail) = P(M) ∗ P(G) ∗ P(U) + P(T ) ∗ P(G) ∗ P(U)− P(M) ∗ P(T ) ∗ P(G) ∗ P(U)
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 25 / 48 A sequence of states Determining the next state is random
The probability of the next state is only dependent on the current state
Pr{Xtn+1 = fn+1|Xtn = fn,..., Xt0 = f0} = Pr{Xtn+1 = fn+1|Xtn = fn}
Markov Chain
Stochastic Process
Markov Property
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 26 / 48 The probability of the next state is only dependent on the current state
Pr{Xtn+1 = fn+1|Xtn = fn,..., Xt0 = f0} = Pr{Xtn+1 = fn+1|Xtn = fn}
A A A
C C C
Markov Chain G G G 0.25 0.05 0.4 0.25 0 0.1 T T T 0.25 0.95 0.1 0.25 0 0.4 Stochastic Process Start 1.0 E 0.1 5 1.0 I 0.1 End A sequence of states
Determining the next0.9 state is random 0.9
Start 1.0 E 0.1 5 1.0 I 0.1 End
0.9 0.9
Markov Property
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 26 / 48 A A A
C C C
Markov Chain G G G 0.25 0.05 0.4 0.25 0 0.1 T T T 0.25 0.95 0.1 0.25 0 0.4 Stochastic Process Start 1.0 E 0.1 5 1.0 I 0.1 End A sequence of states
Determining the next0.9 state is random 0.9
Start 1.0 E 0.1 5 1.0 I 0.1 End
0.9 0.9
Markov Property The probability of the next state is only dependent on the current state
Pr{Xtn+1 = fn+1|Xtn = fn,..., Xt0 = f0} = Pr{Xtn+1 = fn+1|Xtn = fn}
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 26 / 48 Markov Chains - Types
Discrete-time Markov Chain Continuous-time Markov Chain
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 27 / 48 Waqar records the weather conditions (sunny or rainy/snowy) daily
Based on this collected data he wants to obtain the probability of a specific weather pattern
Markov Chain - Example
Weather Prediction Problem
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 28 / 48 Based on this collected data he wants to obtain the probability of a specific weather pattern
Markov Chain - Example
Weather Prediction Problem Waqar records the weather conditions (sunny or rainy/snowy) daily
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 28 / 48 Markov Chain - Example
Weather Prediction Problem Waqar records the weather conditions (sunny or rainy/snowy) daily
Based on this collected data he wants to obtain the probability of a specific weather pattern
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 28 / 48 Markov Chain - Example
Solution: Discrete Time Markov Chains Set of States = {Sunny, Rainy} State Transition Probabilities can be obtained from the observed data Example: P{“Tomorrow is sunny” given that “Today is sunny”}
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 29 / 48 Success Paths between input X X and output
Failure Paths between input X X and output
Combinatorial Problems (Ef- X X X fect of sub-components on the failure of the whole system)
Non-combinatorial Problems X (System is either inactive, fail- ure or in standby state)
Large and Complex Systems X X
Comparison between Dependability Modeling Techniques
Features Reliability Fault Markov Block Diagram Tree Chain
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 30 / 48 Failure Paths between input X X and output
Combinatorial Problems (Ef- X X X fect of sub-components on the failure of the whole system)
Non-combinatorial Problems X (System is either inactive, fail- ure or in standby state)
Large and Complex Systems X X
Comparison between Dependability Modeling Techniques
Features Reliability Fault Markov Block Diagram Tree Chain
Success Paths between input X X and output
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 30 / 48 Combinatorial Problems (Ef- X X X fect of sub-components on the failure of the whole system)
Non-combinatorial Problems X (System is either inactive, fail- ure or in standby state)
Large and Complex Systems X X
Comparison between Dependability Modeling Techniques
Features Reliability Fault Markov Block Diagram Tree Chain
Success Paths between input X X and output
Failure Paths between input X X and output
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 30 / 48 Non-combinatorial Problems X (System is either inactive, fail- ure or in standby state)
Large and Complex Systems X X
Comparison between Dependability Modeling Techniques
Features Reliability Fault Markov Block Diagram Tree Chain
Success Paths between input X X and output
Failure Paths between input X X and output
Combinatorial Problems (Ef- X X X fect of sub-components on the failure of the whole system)
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 30 / 48 Large and Complex Systems X X
Comparison between Dependability Modeling Techniques
Features Reliability Fault Markov Block Diagram Tree Chain
Success Paths between input X X and output
Failure Paths between input X X and output
Combinatorial Problems (Ef- X X X fect of sub-components on the failure of the whole system)
Non-combinatorial Problems X (System is either inactive, fail- ure or in standby state)
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 30 / 48 Comparison between Dependability Modeling Techniques
Features Reliability Fault Markov Block Diagram Tree Chain
Success Paths between input X X and output
Failure Paths between input X X and output
Combinatorial Problems (Ef- X X X fect of sub-components on the failure of the whole system)
Non-combinatorial Problems X (System is either inactive, fail- ure or in standby state)
Large and Complex Systems X X
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 30 / 48 Outline
1 Introduction and Motivation
2 Dependability Modeling Techniques
3 Formal Techniques for Dependability Analysis
4 Conclusions
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 31 / 48 Formal Dependability Analysis Techniques
Dependability models have been analyzed extensively using the following formal techniques: Petri Nets Model Checking Higher-order-Logic Theorem Proving
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 32 / 48 Petri Nets
A Petri Net is a bipartite graph consisiting of:
Places Transitions Tokens Transitions consume tokens from the input places and produce tokens in the output places
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 33 / 48 Example: Chemical Reaction
2H2 + O2 ⇒ 2H2O
H2
2 2
O2 H2O
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 34 / 48 Example: Chemical Reaction
2H2 + O2 ⇒ 2H2O
H2
2 2
O2 H2O
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 35 / 48 Analyzing RBDs and FTs with Petri Nets Broadband Integrated Service Network (Balakrishnan et al. RESS-1996) Internet voting System (Omidi et al. Computer & Comm. Eng., 2012) High-speed Trains (Lijie et al. RESS-2012) Logistic Supply Chain (Li et al. IJUNESST-2014)
Analyzing Markov chains with PNs Client Server Queuing system (Ibe et al. TPDS-1993) Fibre Distributed Data Interface (FDDI) (Christodoulou et al. ETFA-1994) Low Earth Orbit (LEO) satellite (Zeng et al. JMLC-2011)
Dependability Analysis using Petri Nets:
Colored PN (CPN) and Stochastic PN (SPN) have been extensively used for dependability analysis
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 36 / 48 Analyzing Markov chains with PNs Client Server Queuing system (Ibe et al. TPDS-1993) Fibre Distributed Data Interface (FDDI) (Christodoulou et al. ETFA-1994) Low Earth Orbit (LEO) satellite (Zeng et al. JMLC-2011)
Dependability Analysis using Petri Nets:
Colored PN (CPN) and Stochastic PN (SPN) have been extensively used for dependability analysis
Analyzing RBDs and FTs with Petri Nets Broadband Integrated Service Network (Balakrishnan et al. RESS-1996) Internet voting System (Omidi et al. Computer & Comm. Eng., 2012) High-speed Trains (Lijie et al. RESS-2012) Logistic Supply Chain (Li et al. IJUNESST-2014)
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 36 / 48 Dependability Analysis using Petri Nets:
Colored PN (CPN) and Stochastic PN (SPN) have been extensively used for dependability analysis
Analyzing RBDs and FTs with Petri Nets Broadband Integrated Service Network (Balakrishnan et al. RESS-1996) Internet voting System (Omidi et al. Computer & Comm. Eng., 2012) High-speed Trains (Lijie et al. RESS-2012) Logistic Supply Chain (Li et al. IJUNESST-2014)
Analyzing Markov chains with PNs Client Server Queuing system (Ibe et al. TPDS-1993) Fibre Distributed Data Interface (FDDI) (Christodoulou et al. ETFA-1994) Low Earth Orbit (LEO) satellite (Zeng et al. JMLC-2011)
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 36 / 48 Model Checking
Model (System Requirements) True, if Model satisfies Model the given specifications Checker Otherwise a M |= ɸ Specification counterexample (System Properties)
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 37 / 48 Probability of reaching State E from the State A: 0.4x0.3 + 0.6x0.4x0.3 = 0.192 Probabilities associated with the validity of Temporal logic properties can be verified
Probabilistic Model Checking - Example
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 38 / 48 Probabilities associated with the validity of Temporal logic properties can be verified
Probabilistic Model Checking - Example
Probability of reaching State E from the State A: 0.4x0.3 + 0.6x0.4x0.3 = 0.192
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 38 / 48 Probabilistic Model Checking - Example
Probability of reaching State E from the State A: 0.4x0.3 + 0.6x0.4x0.3 = 0.192 Probabilities associated with the validity of Temporal logic properties can be verified
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 38 / 48 Analysis of Real-world systems Aerospace systems (Bozanno et al. SAFECOMP-2009) RAID disk protocol (Gopinath et al. Tech report 2009) Herschel-Planck satellite system (Pend et al. Modeling Symp. 2013) Airbag system (Pend et al. Modeling Symp. 2013) e-health systems used in hospitals (Pervez et al. e-HEALTHCOMM-2014)
Dependability Analysis using Model Checking
Several Probabilistic and Statistical model checking tools have been used for reliability/availability assesment Probabilistic model checker (PRISM) (Baier et al. MIT Press 2008) COMPASS: Based on the NuSMV and Markov Chain model checker (MRMC) (Bozanno et al. SAFECOMP-2009) Erlangen-Twente Markov Chain Checker (ETMCC) (Hermanns et al. DSN-2013)
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 39 / 48 Dependability Analysis using Model Checking
Several Probabilistic and Statistical model checking tools have been used for reliability/availability assesment Probabilistic model checker (PRISM) (Baier et al. MIT Press 2008) COMPASS: Based on the NuSMV and Markov Chain model checker (MRMC) (Bozanno et al. SAFECOMP-2009) Erlangen-Twente Markov Chain Checker (ETMCC) (Hermanns et al. DSN-2013)
Analysis of Real-world systems Aerospace systems (Bozanno et al. SAFECOMP-2009) RAID disk protocol (Gopinath et al. Tech report 2009) Herschel-Planck satellite system (Pend et al. Modeling Symp. 2013) Airbag system (Pend et al. Modeling Symp. 2013) e-health systems used in hospitals (Pervez et al. e-HEALTHCOMM-2014)
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 39 / 48 Higher-order-Logic Theorem Proving
System Properties
Logical Model in HOL
Proof Goal
Proof Assistant (HOL4, Isabelle/HOL)
Mechanized Proofs of System Properties
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 40 / 48 Definition: Series RBD ` ∀ p L. series struct p L = inter list p L
Theorem: Series RBD Reliability ` ∀ p L. prob space p ∧ vNULL L ∧ mutual indep p L ∧ in events p L =⇒ (prob p (series struct p (rel event list p L t)) = list prod (list prob p (rel event list p L t)))
HOL Theorem Proving - Example: Series RBD
I 1 N O
TN QN Rseries (t) = Pr( i=1 Ai (t)) = i=1 Ri (t)
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 41 / 48 Theorem: Series RBD Reliability ` ∀ p L. prob space p ∧ vNULL L ∧ mutual indep p L ∧ in events p L =⇒ (prob p (series struct p (rel event list p L t)) = list prod (list prob p (rel event list p L t)))
HOL Theorem Proving - Example: Series RBD
I 1 N O
TN QN Rseries (t) = Pr( i=1 Ai (t)) = i=1 Ri (t) Definition: Series RBD ` ∀ p L. series struct p L = inter list p L
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 41 / 48 HOL Theorem Proving - Example: Series RBD
I 1 N O
TN QN Rseries (t) = Pr( i=1 Ai (t)) = i=1 Ri (t) Definition: Series RBD ` ∀ p L. series struct p L = inter list p L
Theorem: Series RBD Reliability ` ∀ p L. prob space p ∧ vNULL L ∧ mutual indep p L ∧ in events p L =⇒ (prob p (series struct p (rel event list p L t)) = list prod (list prob p (rel event list p L t)))
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 41 / 48 Dependability Analysis using HOL Theorem Proving
Probability Theory J. Hurd (2002), PhD Thesis, University of Cambridge Formal Verification of Probabilistic Algorithms. O. Hasan (2008), PhD Thesis, Concordia University Formal Probabilistic Analysis using Theorem Proving. T. Mhamdi (2011), PhD Thesis, Concorida University Information-Theoretic Analysis using Theorem Proving. J. H¨olzl (2012), PhD thesis, Technical University of Munich Construction and Stochastic Applications of Measure Spaces in Higher-Order Logic.
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 42 / 48 Dependability Analysis using RBDs and FTs Oil and Gas Pipelines (Waqar et al. CICM-2014) WSN Transport Protocols (Waqar et al. WiMob-2015) Logistic Supply Chain (Waqar et al. IWIL-2015) Satellite Solar Array (Waqar et al. CICM-2015)
Dependability Analysis using HOL Theorem Proving
Dependability Analysis of a Component Reconfigurable Memory Arrays (Hasan et al. TC-2010) Combinational Circuits (Hasan et al. JAL-2011) Electronic System Components (Abbasi et al. WoLLIC-2014
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 43 / 48 Dependability Analysis using HOL Theorem Proving
Dependability Analysis of a Component Reconfigurable Memory Arrays (Hasan et al. TC-2010) Combinational Circuits (Hasan et al. JAL-2011) Electronic System Components (Abbasi et al. WoLLIC-2014
Dependability Analysis using RBDs and FTs Oil and Gas Pipelines (Waqar et al. CICM-2014) WSN Transport Protocols (Waqar et al. WiMob-2015) Logistic Supply Chain (Waqar et al. IWIL-2015) Satellite Solar Array (Waqar et al. CICM-2015)
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 43 / 48 Expressiveness X X X Accuracy X (?) X X X Automation X X X
Comparison between Dependability Analysis Techniques
Feature Paper-and- Simulation Petri Nets Theorem Model pencil Proof Tools Proving Checking
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 44 / 48 Accuracy X (?) X X X Automation X X X
Comparison between Dependability Analysis Techniques
Feature Paper-and- Simulation Petri Nets Theorem Model pencil Proof Tools Proving Checking
Expressiveness X X X
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 44 / 48 Automation X X X
Comparison between Dependability Analysis Techniques
Feature Paper-and- Simulation Petri Nets Theorem Model pencil Proof Tools Proving Checking
Expressiveness X X X Accuracy X (?) X X X
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 44 / 48 Comparison between Dependability Analysis Techniques
Feature Paper-and- Simulation Petri Nets Theorem Model pencil Proof Tools Proving Checking
Expressiveness X X X Accuracy X (?) X X X Automation X X X
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 44 / 48 Outline
1 Introduction and Motivation
2 Dependability Modeling Techniques
3 Formal Techniques for Dependability Analysis
4 Conclusions
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 45 / 48 Dependability Modeling Techniques Reliability Block Diagram Fault Tree Markov Chains
Formal Dependability Analysis Techniques Petri Nets Model Checkng Interactive Theorem Proving
Conclusion
Dependability Reliability Availability Maintainability
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 46 / 48 Formal Dependability Analysis Techniques Petri Nets Model Checkng Interactive Theorem Proving
Conclusion
Dependability Reliability Availability Maintainability
Dependability Modeling Techniques Reliability Block Diagram Fault Tree Markov Chains
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 46 / 48 Conclusion
Dependability Reliability Availability Maintainability
Dependability Modeling Techniques Reliability Block Diagram Fault Tree Markov Chains
Formal Dependability Analysis Techniques Petri Nets Model Checkng Interactive Theorem Proving
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 46 / 48 Introduction of RBDs and FTs Markov Chains Dynamic RBDs Models and FTs Introduction of Petri Nets Model Checking Theorem Prov- Analysis Tech- ing niques
Future Directions: Analysis of Dynamic RBDs and FTs Using Theorem Proving to conduct Markov Chains based dependability analysis Foundational Support is available in HOL4 (L. Liu et al., ATVA-2011) and Isabelle/HOL (J. H¨olzl et al., TACAS 2012)
Timeline of Surveyed Papers
Before 1990s 1990-99 2000-09 2010-16
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 47 / 48 Introduction of Petri Nets Model Checking Theorem Prov- Analysis Tech- ing niques
Future Directions: Analysis of Dynamic RBDs and FTs Using Theorem Proving to conduct Markov Chains based dependability analysis Foundational Support is available in HOL4 (L. Liu et al., ATVA-2011) and Isabelle/HOL (J. H¨olzl et al., TACAS 2012)
Timeline of Surveyed Papers
Before 1990s 1990-99 2000-09 2010-16
Introduction of RBDs and FTs Markov Chains Dynamic RBDs Models and FTs
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 47 / 48 Future Directions: Analysis of Dynamic RBDs and FTs Using Theorem Proving to conduct Markov Chains based dependability analysis Foundational Support is available in HOL4 (L. Liu et al., ATVA-2011) and Isabelle/HOL (J. H¨olzl et al., TACAS 2012)
Timeline of Surveyed Papers
Before 1990s 1990-99 2000-09 2010-16
Introduction of RBDs and FTs Markov Chains Dynamic RBDs Models and FTs Introduction of Petri Nets Model Checking Theorem Prov- Analysis Tech- ing niques
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 47 / 48 Timeline of Surveyed Papers
Before 1990s 1990-99 2000-09 2010-16
Introduction of RBDs and FTs Markov Chains Dynamic RBDs Models and FTs Introduction of Petri Nets Model Checking Theorem Prov- Analysis Tech- ing niques
Future Directions: Analysis of Dynamic RBDs and FTs Using Theorem Proving to conduct Markov Chains based dependability analysis Foundational Support is available in HOL4 (L. Liu et al., ATVA-2011) and Isabelle/HOL (J. H¨olzl et al., TACAS 2012)
W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 47 / 48 Thanks!
save.seecs.nust.edu.pk W. Ahmed and O. Hasan (NUST) Formal Dependability Modeling and Analysis July 27, 2016 48 / 48