Qualitative evaluation of fault hypotheses with non-intrusive fault injection.

This paper presents a new approach for demonstrating whether safety-critical, hard real-time systems implement fault hypotheses correctly and timely. In the forefront are tests which non-intrusively and deterministically stimulate and monitor the system under test. The tests use a domain-specific language which can formalize logical truths on system properties derived from fault hypotheses. Test results are strong arguments in safety cases. In this way the tests support both development and certification of safety-critical systems. Advantages over existing approaches to evaluating safety properties of complex and diverse safety-critical systems are discussed briefly, and fundamental work is referenced.