ErrorModel

The EAST-ADL sub-package for error modeling provides support for safety engineering by representing possible incorrect behaviors of a system in its operation (e.g., component errors and their propagations).<br/><br/>Abnormal behaviors of architectural elements as well as their instantiations in a particular product context can be represented. This forms a basis for safety analysis through external techniques and tools. Through the integration with other language constructs, definitions of error behaviors and hazards can be traced to the specifications of safety requirements, and further to the subsequent functional and non-functional requirements on error handling and hazard mitigations as well as to the necessary V&V efforts.<br/><br/>Error behaviors are treated as a separated view, orthogonal to the nominal architecture model. This separation of concern in modeling is considered necessary in order to avoid the undesired effects of error modeling, such as the risk of mixing nominal and erroneous behavior in regards to comprehension, reuse, and system synthesis (e.g., code generation).<br/><br/>A key element of the Error Model is the distinction between Fault and Failure. The terms are stated from the perspective of the component: An incoming flaw represent a Fault for the component that may or may not result in a component failure. An internal flaw is Fault that may or may not result in a component failure. A flaw that is propagated out of the component is a Failure. <br/>