## State-Based Dependability Modeling

- Recap
- Hypothetic Example Computer System
- Event Tree Analysis
- State-Based Dependability Modeling
- Markov Chains
- Petri Nets
- Reliability Tools

Lecture Structure

- Boolean Reduction Example (00:00:03)
- Quantitative Analysis of Fault Trees (00:01:51)
- basic events to compute probability (00:01:51)
- - Utilize probability of independent (00:01:51)
- - Assuming independence of basic events (00:01:51)
- - Determine probability of TOP event by (00:01:51)
- Method for Obtaining Cut Sets ( MOCUS ) [ Rausand ] (00:02:24)
- Quantitative Analysis of Cut Sets (00:04:39)
- - Finding the dominant minimal out set : Calculate the probability of each minimal (00:04:39)
- Fixing Cut Sets (00:07:45)
- - providing fault tolerance for G 4 (00:07:45)
- - preventing failure of both A 1 and A 2 (00:07:45)
- - preventing failure of A 3 (00:07:45)
- - Protect G 3 by preventing failure of A 4 (00:07:45)
- ‘ OR gates can be protected by disallowing all inputs or by providing error recovery (00:07:45)
- - Test for failure condition and recovery routine (00:07:45)
- Exhaustive testing or formal proof to show that the component cannot fail (00:07:45)
- ‘ AND gates can be protected by disallowing one of the inputs (00:07:45)
- Dynamic Fault Trees ( Dl - T ) (00:08:06)
- - What is the probability of (00:08:06)
- and dynamic probability changes (00:08:06)
- Dynamic Fault Trees (00:10:42)
- FDEP for lnlerdependency Modeling (00:12:42)
- Dynamic Fault Trees (00:13:36)
- HECS Example (00:19:00)
- HECS Example (00:19:36)
- - Importance analysis with (00:20:48)
- Fault Tree Construction [ NASA ] (00:21:36)
- Fault Tree Construction [ Misrall (00:23:09)
- - Step 4 : Complete the gates (00:23:09)
- ‘ Level of resolution — How detailed should be the analysis for potential reasons ’ (00:23:09)
- ‘ Step 1 : Define the undesired event to be analyzed — what . where . when (00:23:09)
- Fault Tree Construction (00:23:15)
- - Logic can be tested in success domain by inverting all statements and gates (00:23:15)
- ~ Statistically independent . immediate contributors to an event (00:23:15)
- - Proper and consistent naming is very important ( what failed and how ) (00:23:15)
- I - ‘FA Report ( Clemens & Sverdrup ) (00:26:00)
- TOP Probability ( Give Con?dence Limits (00:26:00)
- Trade Studies ( I ! done ) (00:26:00)
- Path Sets ( I 1 analyze (00:26:00)
- EXECUTIVE SUMMARY ( A : : s 1 raw 0 ’ wmptehs (00:26:00)
- l - TTA—based Decision Making (00:26:15)
- ‘ and optimize resources — identify what is unimportant (00:26:15)
- ‘ monitor the performance of the system by F re—eva A re - evalutation , (00:26:15)
- proactively prevent the TOP event by applying targeted upgrades (00:26:15)
- the contributors leading to the top event ( typically 10 % — 20 % ) (00:26:15)
- REED vs . F (00:26:21)
- REED vs . l - TA (00:27:51)
- Representing Structures By Paths / Cut Sets [ Rausarid ] (00:29:42)
- its minimal cut (00:29:54)
- very Compute‘ intense ( alternatives : ERAC‘ ea?y early term cancellation , . . . ) (00:29:54)
- - Allows exact system calculation . but principle is (00:29:54)
- —A - System can be computed by determining the probability (00:29:54)
- - The Q of the system is : Q In pr U [ EJ 1 (00:29:54)
- - Let E , denote the event that the minimal cut set structure K failed (00:29:54)
- - System fails as soon as one of (00:29:54)
- Event Tree Analysis (00:31:21)
- Event Tree Analysis - Accident scenario : Series of events that result in an accident (00:32:18)
- Event Tree Analysis (00:33:33)
- damage (00:33:33)
- - Death / Imuryexlenswe n ) ury , ex ensive o (00:33:33)
- damage (00:33:33)
- - beam onoooe Injury n extensive ury , exxenaive (00:33:33)
- - Limited damage . we u . (00:33:33)
- — Limited damage 0 00504 (00:33:33)
- Fire Sprinkler (00:33:33)
- tn (00:34:21)
- ‘ tame (00:34:21)
- ‘ damage . mission mum (00:34:21)
- car ml started gamma 0 084 (00:34:21)
- NO 19 : 0 2 (00:34:21)
- Indtaxinsl (00:34:21)
- Tool Support (00:36:33)
- - Throughput analysis (00:36:33)
- - Based on modeling fundamentals . existing tools support : (00:36:33)
- State—Based Dependability Modeling (00:37:51)
- Dependability Modeling (00:38:18)
- - System understanding evolved from hardware to software to IT (00:38:18)
- Component - based models block 3 gi fault trees (00:38:18)
- Use a formalism to model system dependability (00:38:18)
- Structural vs State—Based Dependability Models (00:38:48)
- 9 State based Markov models : (00:38:48)
- Gsrnzcrmc > N . — _ CTMC c rMc snnz (00:38:48)
- Structural / combinatorial models : (00:38:48)
- State models (00:39:54)
- ° Solution through simulation (00:39:54)
- Analytical solution (00:39:54)
- - Component models based models work well if failure events are stochastically (00:39:54)
- State Transition Diagrams : Application (00:43:27)
- State Transition Diagrams : Analysis (00:44:51)
- Markov Chains (00:46:00)
- Markov Chains : Time Model (00:48:57)
- Markov Chains : DTMC (00:50:39)
- Dependability Modelling with CTMCs (00:52:33)
- Stationary : the probability to which the (00:52:33)
- ° Transition : assigned with component failure rate (00:52:33)
- State : represents a particular error state ( ) — - _ (00:52:33)
- Example : Analysis (00:55:27)
- ° ”Static” Static computable if computable if are in (00:55:27)
- - Derived from probability vector : steady for state for the system (00:55:27)
- ° Interested in steady - state of the system (00:55:27)
- Markov Chains : Complexity (00:58:18)
- - Structural decomposition : consider a system as set of independent (00:58:18)
- Petri Nets (01:02:15)
- - Conflict : When two transitions need the same token , only one can fire (01:02:15)
- - Bipartite graph (01:02:15)
- Petri Nets — Conceptual Mapping (01:04:03)
- Stochastic Petri Nets : Transitions (01:06:15)
- Stochastic Petri Nets — Properties (01:07:54)
- Example : 2 —of— 3 System (01:09:36)
- Stochastic Petri Nets vs Markov Chains (01:11:09)
- Example : K—of - N with Standby and Repairmen (01:12:03)
- Example : Priority AND 9 Stochastic Petri Net (01:13:24)
- Example : System with Input Buffer (01:14:39)
- Petri Net Simulation vs Analysis (01:15:45)
- Rare Event Simulation : Importance Sampling (01:18:45)
- Tools (01:20:18)
- Runtime Dependability Evaluation (01:24:58)

