Blaming in component-based real-time systems

Author

Gossier, Gregor ; Astefanoaei, Lacramioara

Author_Institution

INRIA, Montbonnot St. Ismier, France

fYear

2014

fDate

12-17 Oct. 2014

Firstpage

1

Lastpage

10

Abstract

In component-based safety-critical real-time systems it is crucial to determine which component(s) caused the violation of a required system-level safety property, be it to issue a precise alert, or to determine liability of component providers. In this paper we present an approach for blaming in real-time systems whose component specifications are given as timed automata. The analysis is based on a single execution trace violating a safety property P. We formalize blaming using counterfactual reasoning (“what would have been the outcome if component C had behaved correctly?”) to distinguish component failures that actually contributed to the outcome from failures that had no impact on the violation of P. We then show how to effectively implement blaming by reducing it to a model-checking problem for timed automata, and demonstrate the feasibility of our approach on the models of a pacemaker and of a chemical reactor.

Keywords

automata theory; formal verification; object-oriented programming; real-time systems; safety-critical software; blaming; chemical reactor model; component failures; component provider liability; component specifications; component-based safety-critical real-time systems; counterfactual reasoning; execution trace; model-checking problem; pacemaker model; safety property violation; system-level safety property violation; timed automata; Automata; Clocks; Delays; Indexes; Real-time systems; Safety; Semantics; Logical causality; blaming; failure; model-checking; timed automata;

fLanguage

English

Publisher

ieee

Conference_Titel

Embedded Software (EMSOFT), 2014 International Conference on

Conference_Location

Jaypee Greens

Type

conf

DOI

10.1145/2656045.2656048

Filename

6986115