Information Technology Reference
In-Depth Information
Existing work in fault diagnosis (e.g., [6,21,8,5,23,17] to name only a few)
aims to study (1) the discovery of existence of faults in the system, and (2) the
identification of the types and locations of the faults. A main assumption implic-
itly used in the work of fault diagnosis is that, the computed fault propagation
chain is the actual cause-effect chain [17].
We in this work consider systems whose components are black-boxes, where
only events on component interfaces are observable, and assume that causal
dependencies between component interface events within components are not
known. The presence of uncertainty in computing fault propagation chain in-
side components leads to an over-approximation of the fault propagation chain.
We have shown in our preliminary study [26] that, the precision of this over-
approximation can be improved by
causality analysis
, i.e., reasoning about
whether a fault inside a component is the cause for system failure.
Causality is commonly defined by the use of counterfactual reasoning [13,16,19].
Some recent work in the engineering domain has discussed several versions of
causality definitions for finite state automata [11] and temporal logics [4,14,15].
In this work, we extend our previous result in [26] to consider the case of real-time
systems where a system execution trace is a sequence of timestamped events,
and the system/component specifications are based on the timing of events.
Contributions.
We present a framework for the causality analysis for compo-
nent-based systems. We identify the steps of the analysis and the input and
output for each step. We show with a case study from the medical device domain
how to use the proposed framework to establish the causal relationship between
component failures and the system failure. In particular, we extend our approach
presented in [26] to handle the causality analysis for real-time systems.
Paper Organization.
We first use a simple example as an illustration to define
the causality analysis problem in Section 2. We then present a proposed causality
analysis framework for component-based systems in Section 3. In Section 4, we
present the main technique used for causality analysis. We show how to apply
the causality analysis to our case study in Section 5. We discuss some of the
assumptions of our approach in Section 6 and related work in Section 7, and
conclude in Section 8.
2 Motivating Example and Problem Statement
2.1 The Generic Patient-Controlled Analgesia Pump Case Study
The Generic Patient Controlled Analgesic (GPCA) infusion pump project [10]
aims at developing a reference software model for PCA infusion pump systems
with which formal techniques can be performed to ensure the GPCA safety
requirements [12]. We focus on the core safety requirements in this case study
to demonstrate our causality analysis framework:
A bolus dose shall be given when requested by the patient, and when
the drug reservoir is empty and an infusion session is in progress, an
alarm shall be issued and the pump motor should be stopped.
