Aubry Jean-François - Systems Dependability Assessment

1. 6 Petri Net Modeling of the Accidental Process
2. 13 Application in Dynamic Reliability
3. 14 Classical Dependability Assessment
4. 15 Impact of Failures on System Performances

1. 1 Autonomous Petri Nets
2. 2 Petri Nets and Event Languages
3. 3 Comparison Petri Nets Finite State Automaton
4. 4 Some Extensions of Petri Nets
5. 6 Petri Net Modeling of the Accidental Process
6. 7 Illustrative Example
7. 8 Design and Safety Assessment Cycle
8. 9 Basic Concept
9. 10 Semantics, Properties and Evolution Rules of an SPN
10. 11 Simplification of Complex Models
11. 12 Extensions of SPN
12. 13 Application in Dynamic Reliability
13. 14 Classical Dependability Assessment
14. 15 Impact of Failures on System Performances
15. Appendix

Systems Dependability Assessment Set

coordinated by

Jean-Franois Aubry

First published 2016 in Great Britain and the United States by ISTE Ltd and John Wiley & Sons, Inc.

Apart from any fair dealing for the purposes of research or private study, or criticism or review, as permitted under the Copyright, Designs and Patents Act 1988, this publication may only be reproduced, stored or transmitted, in any form or by any means, with the prior permission in writing of the publishers, or in the case of reprographic reproduction in accordance with the terms and licenses issued by the CLA. Enquiries concerning reproduction outside these terms should be sent to the publishers at the undermentioned address:

ISTE Ltd

27-37 St Georges Road

London SW19 4EU

UK

www.iste.co.uk

John Wiley & Sons, Inc.

111 River Street

Hoboken, NJ 07030

USA

www.wiley.com

ISTE Ltd 2016

The rights of Jean-Franois Aubry, Nicolae Brinzei and Mohammed-Habib Mazouni to be identified as the authors of this work have been asserted by them in accordance with the Copyright, Designs and Patents Act 1988.

Library of Congress Control Number: 2015960014

British Library Cataloguing-in-Publication Data

A CIP record for this book is available from the British Library

ISBN 978-1-84821-991-5

In the rst book of this series [AUB 15], nite state automata were introduced as an efcient model for the study of reliability and dependability of systems as well in static as in dynamic context. We saw that this type of model requires either an a priori exhaustive knowledge of the possible states of the system or its formal construction by operations starting from the models of its components. This is unfortunately sometimes not possible. For example, during the design of a system these states are not known in advance. It is however useful to make a predictive dependability assessment in order to select the best solution among some propositions. Petri nets may be an interesting way to answer such problems. Widespread in the eld of automatic control, especially for the modeling of discrete event systems, Petri nets were introduced in the eld of dependability studies with a noticeable success. The objective of this book is not to present all of the forms of Petri nets used in dependability assessment but instead to focus on the most interesting ones. Before their description, we give a preliminary formal description of the different successive models of Petri nets which led to the advent of their use in the dependability eld. Of course, it is not just a matter of exhaustively describing the existing variants of the basic models which are today hardly countable. In the same way, we will not demonstrate all the mathematical properties of these models and we will refer the reader to the essential basic works on the subject. After the introduction of the basic models called autonomous Petri nets and the comparison with the nite state automata especially in terms of event language expression, we will present the fundamental models of non-autonomous Petri nets to take account of the time and of an external environment, such models giving an opening to the study of hybrid systems. Relying on these timed and synchronized Petri nets, we will describe a systematic method of risk analysis based on an ontological approach whose elements are entities (supplier or target of hazard), their successive states and the events corresponding to these state changes. From the proposed model, a risk assessment may be deduced by simulation thanks to the introduction of random event generators. This approach is illustrated by an example from the railway transportation eld. The need of models, integrating the stochastic character of elements (in this case, events) and allowing an analytical solution instead of simulation, leads to the introduction of stochastic Petri nets modeling and its equivalence conditions with Markov or some extensions of Markov models. We then show how, under some conditions, complex models may be simplied by a distribution of the global model on the two formalisms: stochastic Petri nets and Markov processes. Numerous extensions of Petri nets have been proposed; we recall the most signicant ones and the conditions of their Markov process equivalence. To complete the book, we present some modeling examples using different available software tools. These examples are issued from different application domains.

Writing this book would not have been possible without the contribution of colleagues and of PhD and Master students who investigated some related aspects. All of these contributions have been the subject of publications and are referenced in the text. We would like to extend our thanks to G. Babykina, P. Barger, G. Deleuze, L. Grard, R. Ghostine, D. Jampi, J. Lalouette, R. Schoenig, J-M. Thiriet and N. Villaume.

Jean-Franois AUBRY

Nicolae BRINZEI

Mohammed-Habib MAZOUNI

December 2015

Petri nets (denoted as PN in this book) were introduced by Carl Adam Petri in 1962 [PET 62]. As nite state automata (FSA) described in Volume 1 of this book series [AUB 15], PNs are intended to describe discrete event systems but contrary to FSAs, the transition function is explicitly described in PNs. Adding the suggestive and intuitive graphic representation, we can say that PN is a more powerful model than FSA to describe discrete event systems, due to the fact that an FSA may always be transposed into PN whereas PNs, for example, do not always have a nite state number. We will show here that the notion of language, set of all the possible event sequences in a system, may also be associated with a PN and that the class of these languages is wider than regular languages associated with FSAs.

Like for FSAs, PNs were the subject of multiple extensions at rst to move them from the abstraction level, where only event sequencing is considered, to the level taking time into account. Timed PNs were dened to describe behavior of deterministic time systems. Following extensions, called non-autonomous PNs, associated with a PN, an external environment is needed in order to consider synchronization events, continuous variables, especially to describe controlled systems. All these models at various levels have an interest to model problems in the dependability assessment of systems.