February 10, 2005

1. M. McKelvin G. Eirea A. Sangiovanni- Vincentelli Automatic Fault Tree Generationfor Hardware/Software Mappings with Redundancy http://chess.eecs.berkeley.edu Fault Tree Generation Algorithm • Recursive algorithm traverses FTDF graph from outputs to inputs • At each actor instance inserts template of subtree as shown below CreateFaultTree(G) { Create SystemFault Event (root event) Add AND gate with actuatorCount inputs For each actuator instance A(i) DevelopTree(A(i)) End For End DevelopTree(Ai) // Ai is an instance of an actor Add ActorFault(Ai) Event Switch Ai.type Case Sensor: Add OR gate with two inputs Add ECUFault(Ai.ecu) Basic Event Add SensorHWFault(Ai) Basic Event Return // END OF RECURSION Case Actuator: Add OR gate with three inputs Add ActuatorHWFault(Ai) Basic Event Default: Add OR gate with two inputs End Case Add ECUFault(Ai.ecu) Basic Event Add SomeInputFault(Ai) Event Add OR gate with Ai.inCount inputs For i=0 to Ai.inCount-1 Add InputFault(Ai.in(i)) Event Add AND gate with Ai.in(i).instanceCount inputs For j=0 to Ai.in(i).instanceCount-1 If sourceActorInstance.ecu == Ai.ecu DevelopTree(sourceActorInstance) Else Add RemoteInputFault(Ai.in(i)) Event Add OR gate with two inputs Add ChannelFault(channel) Basic Event DevelopTree(sourceActorInstance) End If End For End For Return } Acknowledgements: The authors gratefully acknowledge valuable feedback and efforts by the GM Berkeley Labs team, CHESS, and affiliated sponsors. * C. Pinello, L. P. Carloni, and A. L. Sangiovanni-Vincentelli. “Fault tolerant deployment of embedded software for cost-sensitive real-time feedback control applications,” Proc. Conf. Design, Automation, and Test in Europe (DATE), 2004. February 10, 2005