Deductive Cause-Consequence Analysis (DCCA)
Authors: | Ortmeier Frank, University of Augsburg, Germany Reif Wolfgang, University of Augsburg, Germany Schellhorn Gerhard, University of Augsburg, Germany |
---|
Topic: | 5.1 Manufacturing Plant Control |
---|
Session: | Dependable Manufacturing Systems Control I |
---|
Keywords: | formal methods, safety critical system, safety analysis, failure modes and effects analysis (FMEA),fault tree analysis(FTA), dependability |
---|
Abstract
In this paper we present a new form of formal safety analysis: deductivecause-consequence analysis (DCCA). Deductive Cause-Consequence Analysis is a way to use formal methods for safety analysis.It substitutes error-prone informal reasoning by mathematical proofs. DCCAallows to rigorously prove whether a failure on component level is the cause for systemfailure or not. DCCA is a formal generalization of the two most common safety analysistechniques: failure modes and effects analysis (FMEA) and fault tree analysis (FTA). We apply the method to a real world case study: the height control in the Elbe-tunnel inHamburg. This shows how formal safety analysis with DCCA helps identifying design flawsand weaknesses in a real-world industrial system.