OpenErrorPro: A New Tool for Stochastic Model-Based Reliability and Resilience Analysis

Increasing complexity and heterogeneity of modern safety-critical systems require advanced tools for quantitative reliability analysis. Most of the available analytical software exploits classical methods such as event trees, static and dynamic fault trees, reliability block diagrams, simple Bayesian networks, and Markov chains. First, these methods fail to adequately model complex interaction of software, hardware, physical components, dynamic feedback loops, propagation of data errors, nontrivial failure scenarios, sophisticated fault tolerance, and resilience mechanisms. Second, these methods are limited to the evaluation of the fixed set of traditional reliability metrics such as the probability of generic system failure, failure rate, MTTF, MTBF, and MTTR. More flexible models, such as the Dual-graph Error Propagation Model (DEPM) can overcome these limitations but have no available tools. This paper introduces the first open-source DEPM-based analytical software tool OpenErrorPro. The DEPM is a formal stochastic model that captures control and data flow structures and reliability-related properties of executable system components. The numerical analysis in OpenErrorPro is based on the automatic generation of Markov chain models and the utilization of modern Probabilistic Model Checking (PMC) techniques. The PMC enables the analysis of highly-customizable resilience metrics, e.g. "the probability of system recovery after a specified system failure during the defined time interval", in addition to the traditional reliability metrics. DEPMs can be automatically generated from Simulink/Stateflow, UML/SysML, and AADL models, as well as source code of software components using LLVM. This allows not only the automated model-based evaluation but also the analysis of systems developed using the combination of several modeling paradigms. The key purpose of the tool is to close the gap between the conventional system design models and advanced analytical methods in order to give system reliability engineers easy and automated access to the full potential of PMC techniques. Finally, OpenErrorPro enables the application of several effective optimizations against the state space explosion of underlying Markov models already in the DEPM level where the system semantics such as control and data flow structures are accessible.