With our increasing dependency on computer-based systems, ensuring their dependability becomes one the most important concerns during system development. This is especially true for safety-critical systems. Critical systems typically use fault tolerance mechanisms to mitigate runtime errors. However, fault tolerance modelling and, in particular, rigorous definitions of fault tolerance requirements, fault assumptions and system recovery have not been given enough attention during formal system development. This paper proposes a development method for stepwise modelling of high-level system fault tolerant behaviour. The method provides an environment for explicit modelling of fault tolerance and modal aspects of system behaviour and is supported by tools that are smoothly integrated into an industry-strength development environment. A case study is used to demonstrate the proposed method.
展开▼
