This paper presents a new theory of fault trees for complex systems. The theory treats faults as behaviours, andfault-tree gates as operations on those behaviours.Fault tree analysis is an important and widely used technique for understanding safety critical systems. Traditionalfault tree methodologies typically view faults in terms of failure events or conditions of the system being analysed.This paper proposes that a wider view of faults is possible and useful, by considering faults as unusual behaviours ofcomponents and unusual component interactions. This wider view is becoming increasingly important due to thedevelopment of new technologies (such as software) which depend on sophisticated interactions betweencomponents.We argue that it is feasible and effective to automate the generation of fault trees by describing systems usinghierarchically structured models, with components, component failures and component interactions described interms of behaviours. A detailed methodology for generating fault trees is presented. The methodology includesconsideration of design faults, hardware failures, and operator errors.
展开▼