In: Safety Science 42, Elsevier, pages 457-480. 2004.
Abstract: The purpose of this paper is to present a framework for comparing different candidate architectures for the same system. To this end, we propose a rigorous approach for homogeneously modelling different architectures. Starting with the functional specifications of the system, we derive a functional-level model that is used to construct a high-level dependability model for each architecture, using well-defined, formal construction rules. Our modelling approach is then applied to three possible architectures of an instrumentation and control system, and an example of a comparative analysis of these systems is provided.