Risk-Based Testing of Safety-Critical Embedded Systems Driven by Fault Tree Analysis

One important aspect of the quality assurance process of safety-critical embedded systems is verifying the appropriateness, correctness of the implementation and effectiveness of safety functions. Due to the rapid growth in complexity, manual verification activities are no longer feasible. This holds especially for testing. A popular method for testing such complex systems is model-based testing. Recent techniques for model-based testing do not sufficiently take into consideration the information derived from the safety analyses like Failure Mode and Effect Analysis and Fault Tree Analyses (FTA). In this paper, we describe an approach to use the results of FTA during the construction of test models, such that test cases can be derived, selected and prioritized according to the severity of the identified risks and the number of basic events that cause it. This approach is demonstrated on an example from the automation domain, namely a modular production system. We find that the method provides a significant increase in coverage of safety functions, compared to regular model based testing.