Using Machine Learning to Minimize User Intervention in Theorem Proving based Dynamic Fault Tree Analysis Yassmeen Elderhalli, Osman Hasan and Sofiène Tahar Concordia University Montreal, QC, Canada AITP 2019 Obergurgl, Austria April 9, 2019
Outline • Introduction • Dynamic Fault Trees • Proposed Methodology • Preliminary Results • Conclusion and Future Work
Failure Analysis Analyze the effect of components faults on the system failure Preliminary Conclusion and Introduction DFT Methodology 1 Results Future Work
Fault Trees • Graphical representation of faults in the system • Critical top event which will cause system failure • The conditions are modeled using fault tree gates Preliminary Conclusion and Introduction DFT Methodology 2 Results Future Work
Fault Trees Fault Trees Dynamic Fault Trees Static Fault Trees DFTs SFTs Failure dependencies in real systems Preliminary Conclusion and Introduction DFT Methodology 3 Results Future Work
Dynamic Fault Trees • Critical top event which will cause system failure • The conditions are modeled using DFT and SFT gates • DFTs capture the failure dependency using DFT gates (e.g. Priority-And gate) Preliminary Conclusion and Introduction DFT Methodology 4 Results Future Work
Dynamic Fault Trees Gates PAND gate OR gate AND gate Q Q Q A B A B A B FDEP gate Spare gate Q T FDEP Spare A A B Preliminary Conclusion and Introduction Methodology DFT Results Future Work 5
Ultimate Goal (HOL4) DFT Theories HOL Theories DFT Conjecture Measure DFT Gates Lemmas Lebesgue Integral Simplification Theorems Probability DFT-based Helper Theorems Probabilistic Behavior Features Extraction Probabilistic PIE Build ML Model Premise TacticToe Training set Test set Selection Proof Steps Verified Conjecture Preliminary Conclusion and Introduction DFT Methodology Results Future Work 6
Work done • Formalization of DFT in HOL4 Theorem Prover • Y. Elderhalli, O. Hasan, W. Ahmad and S. Tahar. “ Formal Dynamic Fault Trees Analysis using an Integration of Theorem Proving and Model Checking ” . In NASA Formal Methods (NFM-2018). • Y. Elderhalli, W. Ahmad, O. Hasan and S. Tahar “ Probabilistic Analysis of Dynamic Fault Trees using HOL Theorem Proving ”, In Journal of Applied Logic, 2019 [to appear] The current libraries only support Sound the analysis of Dynamic Fault Trees interactively Interactive ( not Automated) Preliminary Conclusion and Introduction DFT Methodology Results Future Work 7
Dynamic Fault Trees • Visualization of the cause of failure of the top event based on the basic events • Dynamic gates in addition to the static gates • AND gate • OR gate • Priority AND gate • Functional Dependency gate • Spare gate • Algebraic representation used in the DFT analysis Preliminary Conclusion and Introduction DFT Methodology Results Future Work 8
Dynamic Fault Trees Operators • DFT temporal operators based on the time of failure: • AND 𝑒(𝐵 . 𝐶) = max(𝑒(𝐵), 𝑒(𝐶)) • OR 𝑒(𝐵 + 𝐶) = min(𝑒(𝐵), 𝑒(𝐶)) • Simultaneous 𝑒(𝐵 Δ 𝐶) = ቊ 𝑒 𝐵 𝑗𝑔 𝑒 𝐵 = 𝑒(𝐶) +∞ 𝑗𝑔 𝑒 𝐵 ≠ 𝑒(𝐶) Preliminary Conclusion and Introduction DFT Methodology Results Future Work 9
Dynamic Fault Trees Operators • Before 𝑒(𝐵 ⊲ 𝐶) = ቊ𝑒 𝐵 𝑗𝑔 𝑒 𝐵 < 𝑒(𝐶) +∞ 𝑗𝑔 𝑒 𝐵 ≥ 𝑒(𝐶) • Inclusive Before 𝑒(𝐵 ⊲ 𝐶) = ቊ𝑒 𝐵 𝑗𝑔 𝑒 𝐵 ≤ 𝑒(𝐶) +∞ 𝑗𝑔 𝑒 𝐵 > 𝑒(𝐶) Preliminary Conclusion and Introduction DFT Methodology Results Future Work 10
Probabilistic Behavior of Gates Preliminary Conclusion and Introduction DFT Methodology Results Future Work 11
Quantitative Analysis • The probability of the top event can be expressed using the probabilistic Principle of Inclusion Exclusion (PIE) Preliminary Conclusion and Introduction DFT Methodology Results Future Work 12
Verification of Probabilistic Behavior of PAND • The probabilistic failure behavior of the PAND Theorem . Prob PAND ˫ ∀ X Y p f Y t . rv_gt 0 _ninfty [X;Y] ∧ 0 ≤ 𝑢 ∧ prob_space p ∧ indep_var p lborel X lborel Y ∧ distributed p lborel Y f Y ∧ 0 ≤ 𝑔 𝑍 ∧ measurable_CDF (real o (CDF p (real o X) t)) ∧ cont_CDF (real o (CDF p (real o X) t)) ⟹ 𝑢 𝑔 (prob p (DFT_event p (Y . (X ⊲ Y) t) = 𝑍 𝑧 × 𝐺 𝑌 𝑧 𝑒𝑧 ) 0 Defines a density function for Y Preliminary Conclusion and Introduction DFT Methodology Results Future Work 13
Algebraic Simplification Theorems • Theorems needed to reduce the expression of the top event of the DFT (structure function) • Many simplification theorems exist 1 : • Commutativity 𝐵 ∆ 𝐶 = 𝐶 ∆ 𝐵 • Associativity 𝐵 + 𝐶 + 𝐷 = 𝐵 + 𝐶 + 𝐷 • Distributivity 𝐵. 𝐶 + 𝐷 = 𝐵. 𝐶 + 𝐵. 𝐷 1- [G. Merle , “Algebraic modelling of Dynamic Fault Trees, Contribution to Qualitative and Quantitative Analysis”, PhD thesis, ENS, France, 2010]. Preliminary Conclusion and Introduction DFT Methodology Results Future Work 14
The Cardiac Assist System • It consists of: • Pumps system • Motors system • CPUs Preliminary Conclusion and Introduction DFT Methodology Results Future Work 15
The Cardiac Assist System • A reduced structure function is obtained to conduct both qualitative and quantitative analyses. Theorem . Reduced cardiac assist system ˫ ∀CS SS MA MS MB P B PA PB PS . ( ∀ s. ALL_DISTINCT [MA s; MS s; PA s; PB s; PS s]) ⟹ ((shared_spare PA PB PS PS) . (shared_spare PB PA PS PS) + (PAND MS MA) + (HSP MA MB ) + (HSP (FDEP ((CS + SS) P) (FDEP ((CS + SS) B)) = CS + SS + (MA . (MS ⊲ MA)) + MA . MB + P.B + PA . PB. PS) Preliminary Conclusion and Introduction DFT Methodology Results Future Work 16
The Cardiac Assist System Theorem . Reduced cardiac assist system ˫ ∀CS SS MA MS MB P B PA PB PS . ( ∀ s. ALL_DISTINCT [MA s; MS s; PA s; PB s; PS s]) ⟹ ((shared_spare PA PB PS PS) . (shared_spare PB PA PS PS) + (PAND MS MA) + (HSP MA MB ) + (HSP (FDEP ((CS + SS) P) (FDEP ((CS + SS) B)) = CS + SS + (MA . (MS ⊲ MA)) + MA . MB + P.B + PA . PB. PS) 17
The Cardiac Assist System Lemma . Cardiac assist system union_list • The quantitative analysis is performed by encapsulating ˫ ∀PA PB PS MS MA MB CS SS P B p t. the top event into a DFT_event then expressing it as DFT_event p (CS + SS + (MA . (MS ⊲ MA)) + MA . MB + P.B + PA . PB. PS) t = the union of events as: union_list [DFT_event p CS t; DFT_event p SS t; DFT_event p (MA . (MS ⊲ MA)) t; DFT_event p (MA. MB) t; DFT_event p (P. B) t; DFT_event p (PA. PB. PS) t] Preliminary Conclusion and Introduction DFT Methodology Results Future Work 18
The Cardiac Assist System • The probability of failure of the top event is verified for Theorem . Prob Cardiac assist system F MS is continuous generic expressions of distribution and density ˫ ∀𝐷𝑇 𝑇𝑇 𝑁𝐵 𝑁𝑇 𝑁𝐶 𝑄 𝐶 𝑄𝐵 𝑄𝐶 𝑄𝑇 p t f MA . and measurable functions as: 0 ≤ t ∧ prob_space p ∧ ALL_DISTINCT_RV [CS; SS; MA; MS; MB; P; B; PA; PB; PS] p t ∧ indep_vars_sets [CS; SS; MA; MS; MB; P; B; PA; PB; PS] p t ∧ distributed p lborel MA f MA ∧ 0 ≤ 𝑔 𝑁𝐵 ∧ cont_CDF F MS ∧ measurable_CDF F MS ⟹ Preliminary Conclusion and Introduction DFT Methodology Results Future Work 19
The Cardiac Assist System (prob p (DFT_event p (CS + SS + (MA . (MS ⊲ MA)) + MA . MB + P.B + PA . PB. PS) t) = 𝑢 𝑔 𝐺 𝐷𝑇 𝑢 + 𝐺 𝑇𝑇 𝑢 + 𝑁𝐵 𝑧 × 𝐺 𝑁𝑇 𝑧 𝑒𝑧 + 𝐺 𝑁𝐵 𝑢 × 𝐺 𝑁𝐶 𝑢 + 𝐺 𝑄 𝑢 × 𝐺 𝐶 𝑢 + 0 𝐺 𝑄𝐵 𝑢 × 𝐺 𝑄𝐶 𝑢 × 𝐺 𝑄𝑇 𝑢 − ⋯ + ⋯ − 𝑢 𝑔 𝐺 𝐷𝑇 𝑢 × 𝐺 𝑇𝑇 𝑢 × ( 𝑁𝐵 𝑧 × 𝐺 𝑁𝑇 𝑧 𝑒𝑧) × 𝐺 𝑁𝐵 𝑢 × 𝐺 𝑁𝐶 𝑢 × 𝐺 𝑄 𝑢 × 𝐺 𝐶 𝑢 × 0 𝐺 𝑄𝐵 𝑢 × 𝐺 𝑄𝐶 𝑢 × 𝐺 𝑄𝑇 𝑢 Probability of intersection The result of applying PIE is 63 (2 6 -1) elements of 6 events Preliminary Conclusion and Introduction DFT Methodology Results Future Work 20
Formalization Summary • DFT gates and simplification theorems • Probabilistic behavior of DFT gates • Utilizing the probabilistic PIE in the quantitative analysis leads to having many subgoals • Intermediate lemmas are verified that follow the same pattern Preliminary Conclusion and Introduction DFT Methodology Results Future Work 21
Proposed Methodology DFT Theories HOL Theories DFT Conjecture Measure DFT Gates Lemmas Lebesgue Integral Simplification Theorems Probability DFT-based Helper Theorems Probabilistic Behavior Features Extraction Probabilistic PIE Build ML Model Premise TacticToe Training set Test set Selection Proof Steps Verified Conjecture Preliminary Conclusion and Introduction DFT Methodology Results Future Work 22
Recommend
More recommend
