Failure Propagation Modeling Based on Contracts Theory

Previous approaches to fault and failure modeling are based on adding explicit models of faults/failures, and failure propagation to behavioral and architectural modes. This adds a lot of overhead (extra work), and also, is a cause of creating inconsistencies, especially by obtaining a mismatch between failures and violation of requirements or specifications. Instead of creating separate models for failures, the idea here is to exploit the fundamental definition of failures as violation of requirement or specification. We assume that the systems functionality is specified using a set of requirements, and in particular, requirements structured according to contracts theory. Instead of creating separate models for failure propagation, we exploit the structuring of requirements obtained when the system is specified using contracts theory. The use of contracts theory establishes a formal framework for how traceability links between requirements themselves and to the architecture are specified. It is further explained how fault and failure propagation models in the form of Bayesian Networks are obtained. One particular challenge is the modeling of faults/failure and their propagation when fault management mechanisms have been implemented. Therefore this area is covered in some extra depth.