A Comparison of Fault Trees and the Dynamic Flowgraph Methodology for the Analysis of FPGA-Based Safety Systems Part 2: Theoretical Investigations

Abstract of the journal article published in Reliability Engineering and System Safety

Date of publication: TBD

Phillip McNelles, Zhao Chang Zeng, Guna Renganathan and Marius Chirila
Canadian Nuclear Safety Commission

Lixuan Lu
University of Ontario Institute of Technology


The use of field programmable gate arrays (FPGAs) in safety-critical systems means that these systems must undergo a detailed reliability and safety analysis. Fault tree analysis (FTA) is a well-known method of reliability analysis, while the dynamic flowgraph methodology (DFM), is a modern analysis method that includes time-dependent dynamic properties and was created to model and analyze digital control systems. This paper expands on previous work to examine the fundamental theoretical differences between common FTA methods such as: MOCUS, binary decision diagrams (BDDs), and the method of generalized consensus employed by DFM for multiple-valued logic (MVL) systems. This research was accomplished by using a simplified feedwater system. It was found that common FTA methods will not apply the necessary logical reduction operations to reduce MVL systems, resulting in many implicants being returned, and several prime implicants being missed. Dynamic tests were performed showing that, unlike DFM, FTA could not explicitly include sink states and dynamic consistency rules in the model. Lastly, the original test system was modified and run for multiple time steps.

Differences in dynamic top event probabilities, performance indicators, and the Fussell-Vesely importance measures are discussed, as are the potential advantages of DFM regarding FPGA-based systems.

To obtain a copy of the abstract’s document, please contact us at cnsc.info.ccsn@cnsc-ccsn.gc.ca or call 613-995-5894 or 1-800-668-5284 (in Canada). When contacting us, please provide the title and date of the abstract.

Date modified: