Failure logic modelling: a pragmatic approach

The research discipline of model-based system safety assessment, which has emerged in the last two decades, has attracted a significant amount of interest from academia, industry and government agencies. However, the discipline remains largely unorganised with various individual, often conceptually dissimilar, techniques being only categorised and related in an ad hoc fashion.

This Thesis identifies a coherent family of model-based safety assessment methods – failure logic modelling – and unifies existing techniques through a single well-defined Metamodel. This Failure Logic Metamodel (FLMM) identifies the key safety engineering concepts captured by failure logic modelling techniques, together with their inter-relationships. Whilst maintaining independence from any individual technique, notation or specification language, the abstract Metamodel has been shown to be instantiable in a third party-specification language (AltaRica Dataflow).

The Thesis demonstrates that existing failure logic modelling techniques cannot, without modification, adequately address key pragmatic challenges posed by extant characteristics of modern large-scale and complex safety-critical systems. To address such challenges two key contributions are made through extensions to the metamodel. Firstly, these extensions enable the modelling of reconfigurable systems (including those employing fault accommodation). Secondly, they enable the composition of independently defined models in a variety of settings, such as the composition of models of the same system defined from different viewpoints and composition of models of different systems with un-harmonised interfaces. In addition to these contributions, the general metamodel-based approach adopted by the thesis and proposed has helped identify some significant ‘emergent’ characteristics and limitations of failure logic modelling that, to date, have not been reported.

The overall contributions of the Thesis have been evaluated through case studies, peer reviews and direct metamodelling experiments. The findings of these evaluations are presented.