The Eclipse Safety Framework (ESF) project provides a set of tools that enable both modelling and analysis of safety concerns in the context of modelling standards such as SysML and MARTE.
ESF allows a first-class interactivity between design and safety assessment activities. A dysfunctional model is built from the system model denoted using SysML. It is used to specify possible failure-modes, mitigation barriers, and propagation behaviour at components level. This is the manual local analysis. From the specification of feared events (expressed in safety requirements), an automatic global analysis can then produce propagation paths and corresponding fault trees. The dysfunctional model can be improved in an iterative way, until the safety requirements are fully satisfied. Finally, reports can be exported in different formats (e.g., HTML and PDF) to document the analyses hypothesis and results.
Moreover, as this approach is based on models, each time the system model evolves, a new safety analysis can be done on the modified parts, and keeps the previous analysis on each unchanged component. This represents an important time-saving.