Linked e-resources
Details
Table of Contents
Intro
Foreword
Preface
Acknowledgements
Contents
About the Authors
1 Introduction
1.1 Computer-Based Systems for Safety Applications
1.1.1 What Is a Safety-Critical System?
1.1.2 What Are the Advantages and Challenges?
1.2 Steps Towards the Development
1.3 Safety System and Its Architecture
1.4 Software in Safety Systems
1.4.1 The Software Development Process
1.5 Functional Safety and the Guiding Standards
1.5.1 Functional Safety: What and Why?
1.5.2 The Safety Standards
1.5.2.1 General: IEC 61508
1.5.2.2 Nuclear: IEC 60880 and IEC 62138
1.5.2.3 Avionics: DO-178-C and ARINC 653
1.5.2.4 Automotive: ISO 26262
1.5.2.5 The Common Ground
1.6 Qualification of Safety System Software
1.7 Automated Development and Formal Verification
1.8 Qualified Platform
2 System Architecture and Dependability
2.1 Redundancy, Reliability and Availability
2.1.1 Redundancy and Reliability
2.1.1.1 Components in Series
2.1.1.2 Components in Parallel
2.1.2 Redundancy and Availability
2.1.2.1 1oo2 System
2.1.2.2 2oo3 System
2.1.3 Availability
2.1.4 Plant Safety and Safety System
2.2 Redundancy: How Far We Should Go and Why
2.2.1 Failure Modes and Dependability Parameters
2.2.1.1 Failure Modes
2.2.2 Comparison Between 2oo3 and 2oo4 Architectures
2.2.2.1 Two-out-of-Three (2oo3) Architecture
2.2.2.2 Two-out-of-Four (2oo4) Architecture
2.2.2.3 Markov Model for Comparative Analysis
2.2.3 Markov Analysis: Implementation Technique
2.2.4 Analysis for Safety and Availability
2.2.4.1 Results in a Nutshell
2.3 Architecture Model-Driven Dependability Analysis
2.3.1 The Background
2.3.2 Architecture-Driven Dependability: A Formal Approach
2.3.2.1 Compositional Analysis
2.3.3 System Architecture Modeling in AADL
2.3.4 AADL Fault Model
2.3.5 AADL Fault Model for Dependability Analysis
2.3.6 Model-Based Dependability Analysis: Safety and Availability
2.3.7 Compositional Analysis Methodology
2.3.7.1 Analysis of the Algorithm
2.3.8 Automatic Translation of AADL Fault Model to a PRISM DTMC Model
2.3.8.1 Translation of Atomic Component
2.3.8.2 Translation of Composite Component
2.4 Case Studies
2.4.1 Case Study 1: Reactor Trip System (RTS) of a PWR
2.4.1.1 The Architecture
2.4.1.2 Architectural Model
2.4.1.3 Compositional Dependability Analysis of the Reactor Trip System
2.4.1.4 Results
2.4.2 Case Study 2: Engineered Safety Feature Actuation System (ESFAS) of a PWR
2.4.2.1 Experimental Results
2.4.2.2 Comparative Study of Different Architectural Options
2.5 Summary and Takeaways
3 Software Development Process
3.1 Development Plan
3.1.1 Software Project Management Plan (SPMP)
3.1.2 Software Quality Assurance Plan (SQAP)
3.1.3 Software Verification and Validation Plan (SVVP)
3.1.4 Software Configuration Management Plan
Foreword
Preface
Acknowledgements
Contents
About the Authors
1 Introduction
1.1 Computer-Based Systems for Safety Applications
1.1.1 What Is a Safety-Critical System?
1.1.2 What Are the Advantages and Challenges?
1.2 Steps Towards the Development
1.3 Safety System and Its Architecture
1.4 Software in Safety Systems
1.4.1 The Software Development Process
1.5 Functional Safety and the Guiding Standards
1.5.1 Functional Safety: What and Why?
1.5.2 The Safety Standards
1.5.2.1 General: IEC 61508
1.5.2.2 Nuclear: IEC 60880 and IEC 62138
1.5.2.3 Avionics: DO-178-C and ARINC 653
1.5.2.4 Automotive: ISO 26262
1.5.2.5 The Common Ground
1.6 Qualification of Safety System Software
1.7 Automated Development and Formal Verification
1.8 Qualified Platform
2 System Architecture and Dependability
2.1 Redundancy, Reliability and Availability
2.1.1 Redundancy and Reliability
2.1.1.1 Components in Series
2.1.1.2 Components in Parallel
2.1.2 Redundancy and Availability
2.1.2.1 1oo2 System
2.1.2.2 2oo3 System
2.1.3 Availability
2.1.4 Plant Safety and Safety System
2.2 Redundancy: How Far We Should Go and Why
2.2.1 Failure Modes and Dependability Parameters
2.2.1.1 Failure Modes
2.2.2 Comparison Between 2oo3 and 2oo4 Architectures
2.2.2.1 Two-out-of-Three (2oo3) Architecture
2.2.2.2 Two-out-of-Four (2oo4) Architecture
2.2.2.3 Markov Model for Comparative Analysis
2.2.3 Markov Analysis: Implementation Technique
2.2.4 Analysis for Safety and Availability
2.2.4.1 Results in a Nutshell
2.3 Architecture Model-Driven Dependability Analysis
2.3.1 The Background
2.3.2 Architecture-Driven Dependability: A Formal Approach
2.3.2.1 Compositional Analysis
2.3.3 System Architecture Modeling in AADL
2.3.4 AADL Fault Model
2.3.5 AADL Fault Model for Dependability Analysis
2.3.6 Model-Based Dependability Analysis: Safety and Availability
2.3.7 Compositional Analysis Methodology
2.3.7.1 Analysis of the Algorithm
2.3.8 Automatic Translation of AADL Fault Model to a PRISM DTMC Model
2.3.8.1 Translation of Atomic Component
2.3.8.2 Translation of Composite Component
2.4 Case Studies
2.4.1 Case Study 1: Reactor Trip System (RTS) of a PWR
2.4.1.1 The Architecture
2.4.1.2 Architectural Model
2.4.1.3 Compositional Dependability Analysis of the Reactor Trip System
2.4.1.4 Results
2.4.2 Case Study 2: Engineered Safety Feature Actuation System (ESFAS) of a PWR
2.4.2.1 Experimental Results
2.4.2.2 Comparative Study of Different Architectural Options
2.5 Summary and Takeaways
3 Software Development Process
3.1 Development Plan
3.1.1 Software Project Management Plan (SPMP)
3.1.2 Software Quality Assurance Plan (SQAP)
3.1.3 Software Verification and Validation Plan (SVVP)
3.1.4 Software Configuration Management Plan