ANTI-CRASH: automating safety analysis

Safety-critical systems are characterized by a failure causing grave danger to human life or property: as such their reliability is evidently more critical than is required for conventional real time systems. The ANTI-CRASH project focused particularly on complex embedded safety-critical systems and has now developed a systematic and automated Safety Analysis Methodology (SAM) for analysing safety-critical real time applications. SAM uses the well-established fault tree analysis (FTA) technique, where a fault tree structure is used to represent the systematic propagation of failures or combinations of failures throughout the target safety-critical software. As a result, SAM helps safety analysts to determine critical failures and hazards systematically, reducing the time and cost of certification.

SAM presents a systematic method for handling fault trees. FTA uses a top-down approach, so is particularly suitable as developers usually already have a list of well-known hazards as the basis for analysing safety-critical application behaviour. It has also been proved to have a lower cost than conventional formal verification methods. SAM has four modules which systematically guide the analysis. First, the Parser module parses source code to produce an intermediate format, used by the Fault Tree Constructor to produce a complex fault tree template based on simpler templates. The Mitigator simplifies the fault tree using Boolean algebra rules. Then, the Fault Tree is combined with user-defined hazardous conditions and the Hazard Analyser produces a safety report, showing the relationship between the specified events and the code under test. SAM is designed for applications written in ANSI C and is presented via an intuitive graphical user interface (GUI) module. Documentation and a user manual are provided.

