Contact

You can contact the organisers for information with the following email address: This email address is being protected from spambots. You need JavaScript enabled to view it.

Session 1: MBSA

 Session chair: David Parker

10:30 - 12:30 Wednesday 4th September 2013
10:30 Towards a unified definition of Minimal Cut Sequences
Authors: Pierre-Yves Chaux, Jean-Marc Roussel, Jean-Jacques Lesage, Gilles Deleuze, Marc Bouissou
Abstract: The growing complexity of systems makes the complexity of reliability model growing, implying the need to model both the dynamics of systems and the reparability of components. The qualitative reliability analyses aim at finding the minimal representation of all the scenarios of failures and repairs of the components, leading to the system failure. This minimal representation is the set of Minimal Cut Sequences. In order to provide a formal definition of these specific scenarios, whatever the risk analysis model used, this paper proposes coherency rules for dynamic and repairable systems  those dysfunctional scenarios are modeled by a finite automaton.
11:00 Introducing Temporal Behaviour into Binary Decision Diagrams
Authors: Ernest Edem Edifor, Martin Walker, Neil Gordon
Abstract: Binary Decision Diagrams (BDDs) are an alternative technique used in the analyses of safety-critical system fault trees. BDDs have been found to produce the exact top-event probability more efficiently by reducing computing resources drastically. Unfortunately, this efficient technique is not used in the analysis of fault trees featuring sequential ordering of events. However, in the real world, the sequential ordering of  events cannot be overlooked because it produces a more accurate evaluation of systems. We introduce a new technique, Temporal BDD (TBDD), that incorporates temporal behaviour – via Priority-AND gates – into BDDs. TBDD provides the exact results for both qualitative and quantitative analyses. However, unlike BDD, quantitative analyses cannot be performed on 'unminimised' cut sequences yet. It is hoped that this work will form the foundation for the full qualitative and quantitative analyses of Dynamic Fault Trees and Temporal Fault Trees in the near future. 
11:30 Preliminary System Safety Analysis with Limited Markov Chain Generation
Authors: Pierre-Antoine Brameret, Jean-Marc Roussel, Antoine Rauzy
Abstract: Markov chains are powerful and versatile tool to calculate reliability indicators.However, their use is limited for two reasons: the exponential blowup of the size of the model, and the difficulty to design models. To overcome this second difficulty, a solution consists in generating automatically the Markov chain from a higher level description, e.g. a stochastic Petri net or an AltaRica model. These higher level models describe the Markov chain implicitely.

In this article, we propose an algorithm to generate partial Markov chains. The idea is to accept a little loss of accuracy in order to reduce the size of the generated chain. The cornerstone of this method is a Relevance Factor associated to each state of the chain. This factor enables the selection of the most representative states. We show on an already published test case, that our method provides very accurate results while reducing dramatically the complexity of the assessment. It is worth noticing that the proposed method does not depend on any particular high-level modeling formalism. 

12:00 Using Coloured Petri Nets for integrated reliability and safety evaluations
Authors: Bruno Pinna, Genia Babykina, Nicolae Brinzei, Jean-Francois Petin
Abstract: Integrated Deterministic and Probabilistic Dependability Analysis (IDPDA) is respectively required for safety properties veri cation and reliability & availability assessment of critical systems. This paper presents an approach towards IDPDA using Coloured Petri Nets (CPN). Contributions are related to: (a) hierarchical modelling guidelines that cover deterministic and probabilistic features of a physical system under control, (b) coupling Monte-Carlo simulation with CPN model checking that requires a previous determinisation of the CPN stochastic model. Our approach is illustrated using a toy case study. 

Session 3: DES Control

Session chair: Klaus Schmidt 

16:30 - 18:00 Wednesday 4th September 2013
16:30 Fault-Hiding Control Reconfiguration for a Class of Discrete Event Systems
Authors: Thomas Wittmann, Jan Richter, Thomas Moor
Abstract: Fault-hiding control reconfiguration aims at hiding a fault from the nominal controller, so that the closed-loop system subject to faults complies as well as possible with the nominal design requirements. This is achieved by suitably influencing the signals between nominal controller and faulty plant using a reconfiguration block. In discrete event systems, the reconfiguration block needs to convert plant events to controller events, and vice versa, such that the self-reconfiguring closed-loop system is non-conflicting, complete, controllable and conforms with the design specifications. In this paper, we discuss the resulting control architecture, state our reconfiguration problem and address the synthesis of discrete event dynamic reconfiguration blocks. To illustrate our results, we provide a running example.
17:00 Synthesizing bounded-delay communication protocols for decentralized discrete-event systems
Authors: John Daniel Maguire, Laurie Ricker
Abstract: A strategy for synthesizing communication protocols for a given upper-bounded delay d is proposed. Although the strategy is illustrated for the decentralized control domain, it is straightforward to adapt this strategy to decentralized diagnosis and prognosis. Previous work in the control domain has examined circumstances when all observations are communicated, under conditions of bounded delay, as well as determining whether or not a synchronous communication protocol is robust w.r.t. a given bounded delay. We are interested, without resorting to fully timed models, in the direct synthesis of communication protocols for a given upper-bounded delay [0,d]. 
17:30 Algebraic Synthesis for Online Adaptation of Dependable Discrete Control Systems
Authors: Christian Hillmann, Olaf Stursberg
Abstract: Common practice in industrial design of discrete controllers as well as in most synthesis procedures advocated for discrete control in academia is to create the control logic and to transfer it into a PLC language before start-up. Changes in the operational constraints of the controlled process (e.g. of available resources, nominal set-points, occurrences of failures) have to be accounted for by dedicated alternative routines, i.e. dependability is restricted to variations which are envisaged during design. In contrast, the approach proposed in this paper operates online on an uncontrolled model process model to compute a control strategy that is adapted to the current set of constraints. By using algebraic computations largely resembling techniques for discrete-time continuous-valued controllers, a perceived process variation (including newly defined control-goals) are first assessed with respect to the existence of a feasible successful control strategy, before such a dependable strategy is computed.

Session 2: MBSA (Optimisation)

Session chair: Frank Ortmeier 

14:00 - 16:00 Wednesday 4th September 2013
14:00 Combined Optimisation of System Architecture and Maintenance
Authors: Shawulu Hunira Nggada, Yiannis Papadopoulos, David J. Parker
Abstract: The dependability analysis of safety-critical engineering systems during the early stages of design helps ensure that requirements are met and also reduces cost that may be incurred due to modifications later in the process. One attribute that can be analysed during the infancy of design is scheduled preventive maintenance (PM) through optimisation. PM is normally optimised in isolation to other system design improvement mechanisms. It is however helpful if PM could be optimised in combination with other mechanisms such improving the system's architecture. By combining these optimization objectives more design possibilities can be simultaneously explored, therefore helping to make better design decisions. In this paper we explore this type of optimization by using HiP-HOPS a scalable dependability analysis and optimisation tool.
14:30 Multi-objective Architecture Optimisation Modelling for Dependable Systems
Authors: Zhibao Mian, Leonardo Bottaci
Abstract: The design of dependable systems must address both cost and dependability (i.e. safety, reliability, availability and maintainability) concerns. For large systems, the design space of alternatives with respect to both dependability and cost is very large and automation is essential to explore this space. The model-based approach to the development and analysis of complex dependable systems is increasingly popular and recently, the Architecture Analysis and Design Language (AADL) has emerged as a potential future standard for model-based development of dependability-critical systems. The paper tackles the problem of describing, within an AADL model, the design space of alternatives. A new AADL property set is proposed for modelling component and system variability for cost and dependability optimisation. The proposed method is illustrated with an example of an AADL model of a safety critical embedded system. 
15:00 Implementing the functional requirements for determining the optimal arrangement of a distributed charging infrastructure
Authors: Tamás Kurczveil, Eckehard Schnieder
Abstract: The optimized operation of future traffic by intelligent control systems will need to take into account boundary conditions that arise from alternative drive concepts. New challenges will need to be mastered when it comes to corresponding energy systems, control of operations, and communication interfaces, such as needed for the sufficient energy supply of traffic participants. However, they will need to be conformed to existing systems, technologies, and infrastructure to allow the common operation and positioning of charging elements with minimum interference between different modes of transport. Funded by the German Federal Ministry of Transport, Building and Urban Development (Bundesministerium für Verkehr, Bau und Stadtentwicklung) the project emil (Elektromobilität mittels induktiver Ladung - electric mobility via inductive charging) will integrate an inductive vehicle charging system and a compatible prototype bus fleet into Braunschweig's traffic infrastructure. This paper describes the methodic approach and the implementation of functional requirements in a traffic simulation tool that are required for an evaluation of future urban road traffic with an increased rate of electric vehicles. The modifications can subsequently be used to determine the optimal placement of the corresponding charging infrastructure with consideration of conventional traffic demand.
15:30 Integrated Monitoring Tasks for the Safety of Critical Systems
Authors: Amer Dheedan, Ajith Kumar Parlikad
Abstract: Nuclear power plants, chemical processes and means of transportation are seen as critical systems, the failure of which may hazard lives and assets. Thus, the safety of such systems is rigorously considered and established during the design and operational stages. In the design stage, an off-line safety analysis investigates, retrofits and affixes whenever necessary fault-tolerant means and reliable components. In the operational stage, the functionality of systems is monitored through the delivery of three safety tasks: fault detection and diagnosis, alarm annunciation and fault controlling. However, systems still showing malfunctions and hazardous failures continue to be recorded. To address this issue, this paper develops a distributed on-line safety monitor. The monitor aims to achieve an effective integration among the delivery of the three safety tasks through the exploitation of the thorough and cost-effective abstraction of the off-line safety analysis and the distributed reasoning of a multi-agent system. 

Session 4: DES Diagnosis

 Session chair: Jose Cury

10:30 - 12:30 Thursday 5th September 2013
10:30 Conjunctive Decentralized Diagnosis of Discrete Event Systems
Authors: Takashi Yamamoto, Shigemasa Takai
Abstract: In this paper, we study conjunctive decentralized diagnosis of discrete event systems. A notion of conjunctive codiagnosability which guarantees that any failure is detected by a conjunctive decentralized diagnoser within a uniformly bounded number of steps has been defined in literature. However, the existing condition for the system not to be conjunctively codiagnosable is sufficient but not necessary. Motivated by this fact, we propose a new algorithm for verifying conjunctive codiagnosability based on a necessary and sufficient condition for the system not to be conjunctively codiagnosable. To construct a conjunctive decentralized diagnoser for a conjunctively codiagnosable system, we need to compute the delay bound. We show how to compute the delay bound.
11:00 Supervision Patterns: Formal Diagnosability Checking by Petri Net Unfolding
Authors: Houssam-Eddine Gougam, Audine Subias, Y. Pencolé
Abstract: This paper addresses the problem of checking diagnosability of supervision patterns in discrete-event systems. With a supervision pattern, it is possible to represent a complex behavior of the system, and especially a faulty behavior. As opposed to classical diagnosability analyzers that check by exploring the marking graph of the underlying net, the proposed method relies on Petri net unfoldings and thus avoids the combinatorial explosion induced by the use of marking graphs. The method is an adaptation of the twin-plant method to net unfolding: a pattern is diagnosable if the unfolding representing the twin-plant does not implicitly contain infinite sequences of events that are ambiguous. 
11:30 Active Diagnosis of Deterministic I/O Automata
Authors: Melanie Schmidt, Jan Lunze
Abstract: A method for the active fault diagnosis of systems modeled by sets of deterministic input/output automata is presented, where each automaton describes the behavior of the system subject to a different fault. It is shown that the system is diagnosable if and only if there are no equivalent states in different automata. An active diagnostic algorithm is presented, which generates adequate input sequences for the system and evaluates the outputs of the system in order to identify the present fault. The applicability of the developed method is demonstrated by means of an example. 
12:00 A Discrete Time Consensus Approach for Fault Detection and Recovery in Unreliable Networks
Authors: Maria Pia Fanti, Agostino Marcello Mangini, Walter Ukovich
Abstract: In this paper we address the problem of the fault detection and recovery in networks of agents with discrete time dynamics. In particular, we apply a fault detection and recovery approach, proposed for the standard linear consensus protocol, to a consensus algorithm that has been previously presented by the authors and is based on a triangular splitting of the iteration matrix of the standard consensus algorithm. Moreover, we show that for a particular topology of the communication graph the fault recovery strategy can be implemented by the agents in a fully decentralized and autonomous approach. An example describes how in the considered framework the fault recovery is implemented by each agent.