Architecture-level hazard analysis using AADL

Software systems are becoming increasingly important in safety-critical areas. Designing safe software requires a significant emphasis on hazards in the early design phase of software development. In this paper, we propose a hazard analysis approach based on Architecture Analysis and Design Language (AADL). First, to make up the deficiencies of Error Model Annex (EMV2), we create Hazard Model Annex (HMA) to specify the hazard sources, hazards, hazard trigger mechanisms, and mishaps. By using HMA, a safety model can be built by annotating an architecture model with the error model and hazard model. Then, an architecture-level hazard analysis approach is proposed to automatically generate the hazard analysis table. The approach contains the model transformation from a safety model to a Deterministic Stochastic Petri Nets (DSPNs) model for calculating the occurrence probability of hazards and mishaps. In addition, we present the formal semantics for each constituent part of the safety model, define the model mapping rules, and verify the semantic preservation of the transformation. Finally, HMA is implemented to build safety models and two Eclipse plug-ins of our methodology are also implemented. A case study on a flight control software system has been employed to demonstrate the feasibility of our proposed technique.