ABSTRACT
Performing Failure Mode and Effects Analysis (FMEA) during software architecture design is becoming a basic requirement in an increasing number of domains. However, due to lack of standardized early design-phase model execution, classic Software-FMEA (SW-FMEA) approaches carry significant risks and are human effort-intensive even in processes that use Model-Driven Engineering. However, historically, software architecture specifications in most widely used modelling languages either do not represent behaviour, only structure, or the behavioural models do not have standardized operational semantics. This is a major problem for SW-FMEA; in contrast to hardware, relatively small changes of “internals” of a software component can lead to wide variations in the response of executed software components to various external and internal faults. This means that in addition to computing error propagation from component to component, the sensitivity of each component for internal and external faults has to be explored on a case by case basis, and this can be done only by using specifications of behaviour.
