|
CMU-ISRI-03-101
Institute for Software Research International
School of Computer Science, Carnegie Mellon University
CMU-ISRI-03-101
Modeling Techniques for a Risk Analysis Methodology
for Software Systems
Jim Wang
June 2003
Project Practicum
Master of Science in Information Technology in Software Engineering
CMU-ISRI-03-101.pdf
Keywords: System specification, system modeling, UML, Z, EVES,
Fault Trees
The U.S. Nuclear Regulatory Commission (NRC) Office of Nuclear
Regulatory Research is interested in developing approaches towards
analyzing digital instrumentation and control (I&C) systems for
nuclear power plant system upgrades (Arndt 2002). These approaches are
directed towards analyzing the changes in risk involved with using
digital systems, which include software and hardware concerns. The
purpose of this document is to outline possible techniques to use
in a possible analysis methodology and to briefly describe how these
techniques are used. This document suggests that a descriptive visual
model be created using many of Unified Modeling Language's (UML)
numerous artifacts. UML's widespread acceptance and comprehension,
along with the possibility that UML documents have already been written
for the system in question, make it an obvious choice for this
application. In addition, a formal specification should be written
in Z and analyzed with the help of the Z/EVES software package.
Formal specification and analysis of that specification would
ensure that the system is complete and that predetermined conditions
hold throughout the operation of the software system. Finally,
dynamic fault tree analysis should be performed on the system to
analyze each hazard or failure event. Fault tree analysis is a
technique that the NRC is very familiar with and adept at performing.
42 pages
|