The aggregation of hardware components to add recovery capabilities to a system function may result in high costs. Instead of adding redundancies with homogeneous nature aimed at providing recovery capabilities to a predefined system function, there is room in some scenarios to take advantage of over-dimensioning design decisions and overlapping structural functions using heterogeneous redundancies: components that, besides performing their primary intended design function, restore compatible functions of other components. In this work, we present a methodology to evaluate systematically the effect of failures of alternative redundancy and reconfiguration strategies, fault detection, and communication implementations on system dependability. To this end, a modeling approach called Generic Dependability Evaluation Model and its probabilistic analysis paradigm using Component Dynamic Fault Trees are presented. Application to a railway example is presented showing tradeoffs between dependability and cost when deciding to implement possible redundancy and reconfiguration strategies. Finally, details of the experiment prototype implemented using real railway communication elements are described so as to validate the design concepts treated throughout the paper.
File in questo prodotto:
Non ci sono file associati a questo prodotto.