V. Open, V. Close, V. Close, V. Failure, and P. , failure, ccf; transition V1.open : V1.isClosed and V1.s == WORKING -> V1.isClosed := FALSE; V2.open : V2.isClosed and V2.s == WORKING -> V2.isClosed := FALSE; V3.open : V3.isClosed and V3.s == WORKING -> V3.isClosed := FALSE; V1.close : not V1.isClosed and V1.s == WORKING -> V1.isClosed := TRUE; V2.close : not V2.isClosed and V2.s == WORKING -> V2.isClosed := TRUE; V3.close : not V3.isClosed and V3.s == WORKING -> V3.isClosed := TRUE; V1.failure : V1.s == WORKING -> V1.s := FAILED; V2.failure : V2.s == WORKING -> V2.s := FAILED; V3.failure : V3.s == WORKING -> V3.s := FAILED; P1.failure : P1.s == WORKING -> P1.s := FAILED; P2.failure : P2.s == WORKING -> P2.s := FAILED; ccf: P1.s==WORKING or P2.s==WORKING -> {if P1.s==WORKING then P1.s := FAILED; if P2.s==WORKING then P2.s := FAILED;} assertion if P1.s==WORKING and P1.upStream then P1.downStream := TRUE; if P2.s==WORKING and P2.upStream then P2.downStream := TRUE; if not V1.isClosed then V1.leftStream := V1.rightStream; if not V1, rightStream := V2.leftStream; if not V3.isClosed then V3.leftStream := V3.rightStream; if not V3.isClosed then V3.rightStream := V3.leftStream

G. Repair, CBD2.repair; event Line1, Line1.TR1.repair, Line1.CBU1.failure; event Line1.CBD1.failure, Line1.CBD1.repair, Line2.TR2.failure; event Line2.CBU2.failure, Line2.CBU2.repair, Line2.CBD2.failure; event Line1.CBU1.repair, Line2.TR2.repair; transition Line1.TR1.failure: Line1.TR1.s==WORKING -> Line1.TR1.s := FAILED

. Line1, failure: Line1.CBD1.s==WORKING -> Line1.CBD1.s := FAILED

. Line1, failure: Line1.CBU1.s==WORKING -> Line1.CBU1.s := FAILED

. Line2, failure: Line2.TR2.s==WORKING -> Line2.TR2.s := FAILED

. Line2, failure: Line2.CBD2.s==WORKING -> Line2.CBD2.s := FAILED

. Line2, failure: Line2.CBU2.s==WORKING -> Line2.CBU2.s := FAILED

. Line2, outFlow := (Line2.TR2.s==WORKING) and Line2

R. Adeline, J. Cardoso, P. Darfeuil, S. Humbert, and C. Seguin, Toward a methodology for the altarica modelling of multi-physical systems, Proceedings of European Safety and Reliability Conference, 2010.

M. Ajmonemarsan, G. Balbo, G. Conte, S. Donatelli, and G. Franceschinis, Modelling with Generalized Stochastic Petri Nets. Wiley Series in Parallel Computing, 1994.

J. Andrews and T. Moss, Reliability and Risk Assessment, 1993.

A. Arnold, A. Griffault, G. Point, and A. Rauzy, The altarica language and its semantics, Fundamenta Informaticae, vol.34, pp.109-124, 2000.

P. Bieber, J. Blanquart, G. Durrieu, D. Lesens, J. Lucotte et al., Integration of formal fault analysis in assert: Case studies and lessons learnt, Proceedings of 4th European Congress Embedded Real Time Software, 2008.

M. Boiteau, Y. Dutuit, A. Rauzy, and J. Signoret, The AltaRica data-flow language in use: modeling of production availability of a multi-state system, Reliability Engineering & System Safety, vol.91, issue.7, pp.747-755, 2006.
DOI : 10.1016/j.ress.2004.12.004
URL : https://hal.archives-ouvertes.fr/hal-00182500

J. Bowles and L. Kloul, Synthesising PEPA nets from IODs for performance analysis, Proceedings of the first joint WOSP/SIPEW international conference on Performance engineering, WOSP/SIPEW '10, 2010.
DOI : 10.1145/1712605.1712635

P. Brameret, A. Rauzy, and J. Roussel, Assessing the dependability of systems with repairable and spare components, Actes du Congrès Lambda-Mu 18, 2012.

S. Donatelli, Superposed generalised stochastic petri nets: Definition and efficient solution, Proceedings of 15th International Conference on Application and Theory of Petri Nets, 1994.
DOI : 10.1007/3-540-58152-9_15

J. Gilmore, L. Hillston, and . Kloul, PEPA Nets, Performance Tools and Applications to Networked Systems, pp.311-335, 2004.
DOI : 10.1007/978-3-540-24663-3_15
URL : https://hal.archives-ouvertes.fr/hal-00139716

J. Gilmore, L. Hillston, M. Kloul, and . Ribaudo, PEPA Nets, pp.79-104, 2003.
DOI : 10.1007/978-3-540-24663-3_15
URL : https://hal.archives-ouvertes.fr/hal-00139716

J. Gilmore, L. Hillston, M. Kloul, and . Ribaudo, Software performance modelling using pepa nets, Proceedings of the 4th ACM SIGSOFT International Workshop on Software and Performance, 2004.
DOI : 10.1145/974043.974047
URL : https://hal.archives-ouvertes.fr/hal-00139912

J. Hillston, The nature of synchronisation, Proceedings of 2nd Process Algebra and Performance Modelling Workshop, 1994.

J. Hillston, Tuning Systems: From Composition to Performance, The Computer Journal, vol.48, issue.4, pp.385-400, 2005.
DOI : 10.1093/comjnl/bxh097

K. Jensen, Coloured Petri Nets, 1992.
DOI : 10.1007/bfb0046842

R. Milner, Communicating and mobile systems: The pi-calculus, 1999.

T. Prosvirnova and A. Rauzy, Système de transitions gardées : formalisme pivot de modélisation pour la sûreté de fonctionnement, Actes du Congrès Lambda-Mu 18, 2012.

A. Rauzy, BDD for Reliability Studies Handbook of Performability Engineering, pp.381-396, 2008.

A. Rauzy, Guarded transition systems: a new states/events formalism for reliability studies, Proceedings of the Institution of Mechanical Engineers, Part O: Journal of Risk and Reliability, vol.222, issue.4, pp.495-505, 2008.
DOI : 10.1243/1748006XJRR177

A. Rauzy, Anatomy of an efficient fault tree assessment engine, Proceedings of International Joint Conference PSAM'11, 2012.

W. Sanders and J. Meyer, Reduced base model construction methods for stochastic activity networks, IEEE Journal on Selected Areas in Communications, vol.9, issue.1, pp.25-36, 1991.
DOI : 10.1109/49.64901
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.16.3447

R. Valk, Petri nets as token objects-an introduction to elementary object nets, Proc. of the 19th International Conference on Application and Theory of Petri Nets, pp.1-25, 1998.

M. Ajmonemarsan, G. Balbo, G. Conte, S. Donatelli, and G. , Franceschinis, Modelling with Generalized Stochastic Petri Nets, Wiley Series in Parallel Computing, 1994.

A. Arnold, A. Griffault, G. Point, and A. Rauzy, The altarica language and its semantics, Fundamenta Informaticae, vol.34, pp.109-124, 2000.

M. Güdemann and F. Ortmeier, A Framework for Qualitative and Quantitative Formal Model-Based Safety Analysis, 2010 IEEE 12th International Symposium on High Assurance Systems Engineering, pp.132-141, 2010.
DOI : 10.1109/HASE.2010.24

L. De-alfaro, M. Faella, T. A. Henzinger, R. Majumdar, and M. Stoelinga, Model checking discounted temporal properties, Theoretical Computer Science, vol.345, issue.1, pp.139-170, 2005.
DOI : 10.1016/j.tcs.2005.07.033

A. Cimatti, E. Clarke, E. Giunchiglia, F. Giunchiglia, M. Pistore et al., NuSMV Version 2: An Open- Source Tool for Symbolic Model Checking, Proceedings of the 14 th International Conference on Computer Aided Verification, 2002.

M. Kwiatkowska, G. Norman, and D. Parker, Probabilistic symbolic model checking with PRISM: A hybrid approach, Proceedings of the 8 th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, 2002.
DOI : 10.1007/3-540-46002-0_5
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.10.5908

J. Katoen, M. Khattri, and I. Zapreev, A Markov reward model checker, Second International Conference on the Quantitative Evaluation of Systems (QEST'05), 2005.
DOI : 10.1109/QEST.2005.2
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.99.1168

E. Clarke, O. Grumberg, and D. , Peled, Model Checking, 2000.

M. Güdemann, F. Ortmeier, and W. Reif, Computing ordered minimal critical sets, Proceedings of the 7 th Symposium on Formal Methods for Automation and Safety in Railway and Automotive Systems, 2008.

G. Point and A. Rauzy, AltaRica: Constraint automata as a description language, Journal Européen des Systèmes Automatisés, vol.33, pp.8-9, 1999.

R. Bernard, J. Aubert, P. Bieber, C. Merlini, and S. Metge, EXPERIMENTS IN MODEL BASED SAFETY ANALYSIS: FLIGHT CONTROLS, Proceedings of IFAC workshop on Dependable Control of Discrete Systems, 2007.
DOI : 10.3182/20070613-3-FR-4909.00010

R. Bernard, S. Metge, F. Pouzolz, P. Bieber, A. Griffault et al., Altarica refinement for heterogeneous granularity model analysis, Actes du congrs Lambda-Mu16, 2008.

T. Prosvirnova and A. Rauzy, Guarded transition systems: Pivot modelling formalism for safety analysis, Actes du Congrès Lambda-Mu 18, 2012. [17] A. Rauzy, Modes automata and their compilation into fault trees, Reliability Engineering and System Safety, pp.78-79, 2002.

A. Rauzy, Anatomy of an efficient fault tree assessment engine, Proceedings of International Joint Conference PSAM'11, 2012.

B. Perrot, T. Prosvirnova, A. Rauzy, J. S. Izarn, and R. Schoening, Expériences de couplages de modèles AltaRica avec des interfaces métiers, Actes du congrès LambdaMu'17 (actesélectroniques actes´actesélectroniques IMdR, 2010.

P. Feiler and A. Rugina, Dependability modeling with the architecture analysis & design language (aadl), Tech. rep, 2007.

A. Pasquini, Y. Papadopoulos, and J. Mcdermid, Hierarchically performed hazard origin and propagation studies, Computer Safety, Reliability and Security, LNCS, pp.688-688, 1698.

M. Walker and Y. Papadopoulos, Qualitative temporal analysis: Towards a full implementation of the Fault Tree Handbook, Control Engineering Practice, vol.17, issue.10, pp.1115-1125, 2009.
DOI : 10.1016/j.conengprac.2008.10.003

Y. Papadopoulos, M. Walker, D. Parker, E. Rüde, R. Hamann et al., Engineering failure analysis and design optimisation with HiP-HOPS, the Fourth International Conference on Engineering Failure Analysis Part 1, pp.590-608, 2011.
DOI : 10.1016/j.engfailanal.2010.09.025

Y. Papadopoulos, M. Walker, M. Reiser, M. Weber, D. Chen et al., Automatic allocation of safety integrity levels, Proceedings of the 1st Workshop on Critical Automotive applications Robustness & Safety, CARS '10, pp.7-10, 2010.
DOI : 10.1145/1772643.1772646

J. Xiang, K. Yanoo, Y. Maeno, and K. Tadano, Automatic Synthesis of Static Fault Trees from System Models, 2011 Fifth International Conference on Secure Software Integration and Reliability Improvement, p.127136, 2011.
DOI : 10.1109/SSIRI.2011.32

S. Bernardi, S. Donatelli, and J. Merseguer, From uml sequence diagrams and statecharts to analyzable petri net models, Proceedings of the Third International Workshop on Software on Performance, 2002.
DOI : 10.1145/584374.584376
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.133.2609

P. David, V. Idasiak, and F. Kratz, Reliability study of complex physical systems using SysML, Reliability Engineering & System Safety, vol.95, issue.4, pp.431-450, 2010.
DOI : 10.1016/j.ress.2009.11.015
URL : https://hal.archives-ouvertes.fr/hal-00528802

M. Bouissou, H. Bouhadana, M. Bannelier, and N. Villatte, Knowledge modelling and reliability processing: presentation of the figaro modelling language and associated tools, Proceedings of Safecomp'91, 1991.

M. Bouissou, Automated dependability analysis of complex systems with the kb3 workbench: the experience of edf r&d, Proceedings of the International Conference on Energy and Environment, 2005.

M. Bouissou and J. Bon, A new formalism that combines advantages of fault-trees and Markov models: Boolean logic driven Markov processes, Reliability Engineering & System Safety, vol.82, issue.2, pp.149-163, 2003.
DOI : 10.1016/S0951-8320(03)00143-1

M. Güdemann, A Framework for Qualitative and Quantitative Formal Model-Based Safety Analysis, 2010 IEEE 12th International Symposium on High Assurance Systems Engineering, 2011.
DOI : 10.1109/HASE.2010.24

L. Kloul, T. Prosvirnova, and A. Rauzy, Modeling systems with mobile components: a comparison between AltaRica and PEPA nets, Proceedings of the Institution of Mechanical Engineers, Part O: Journal of Risk and Reliability, vol.227, issue.6, pp.599-613, 2013.
DOI : 10.1177/1748006X13490497

M. Lipaczewski, S. Struck, and F. Ortmeier, SAML goes eclipse — Combining model-based safety analysis and high-level editor support, 2012 Second International Workshop on Developing Tools as Plug-Ins (TOPI), pp.2012-67
DOI : 10.1109/TOPI.2012.6229813

R. Bernard, J. Aubert, P. Bieber, C. Merlini, and &. S. Metge, EXPERIMENTS IN MODEL BASED SAFETY ANALYSIS: FLIGHT CONTROLS, Proceedings of IFAC workshop on Dependable Control of Discrete Systems, 2007.
DOI : 10.3182/20070613-3-FR-4909.00010

P. Fritzson, Principles of Object-Oriented Modeling and Simulation with Modelica 2.1, 2004.
DOI : 10.1109/9780470545669

V. Karavirta, Xaal -extensible algorithm animation language. Master's thesis, 2005.

T. Naps, J. Eagan, and &. L. Norton, JHAVÉJHAV´JHAVÉ: An environment to actively engage students in web-based algorithm visualizations, 31st ACM SIGCSE Technical Symposium on Computer Science Education, pp.109-113, 2000.

J. Noble, A. Taivalsaari, and &. I. Moore, Prototype- Based Programming: Concepts, Languages and Applications, 1999.

T. A. Prosvirnova and . Rauzy, Octobre) Guarded transition systems: Pivot modelling formalism for safety analysis, Actes du Congrès Lambda- Mu 18, 2012.

A. Rauzy, Mode automata and their compilation into fault trees, Reliability Engineering & System Safety, vol.78, issue.1, pp.1-12, 2002.
DOI : 10.1016/S0951-8320(02)00042-X

S. Rodger, Using hands-on visualizations to teach computer science from beginning curses to advanced courses, Proceeding of the Second Program Visualization Workshop, 2002.

G. B. Rößling and . Freisleben, Animalscript: An extensible scripting language for algorithm animation, 2001.

J. Stasko, Smooth continuous animation for portraying algorithms and processes, Software Visualization, pp.103-118, 1998.

R. 1. Arnold, A. Griffault, A. Point, G. Rauzy, and A. , The altarica formalism for describing concurrent systems, Fundamenta Informaticae, vol.34, pp.109-124, 2000.

A. Rauzy, Mode automata and their compilation into fault trees, Reliability Engineering & System Safety, vol.78, issue.1, 2002.
DOI : 10.1016/S0951-8320(02)00042-X

A. Griffault and A. Vincent, The Mec??5 Model-Checker, Proceedings of the 16th International Conference on Computed Aided Verification, pp.488-491, 2004.
DOI : 10.1007/978-3-540-27813-9_43
URL : https://hal.archives-ouvertes.fr/hal-00351697

M. Khuu, ContributionàContributionà l'accélération de la simulation stochastique sur des modèles AltaRica Data Flow, 2008.

S. Humbert, C. Seguin, C. Castel, and J. M. Bosc, Deriving Safety Software Requirements from an AltaRica System Model, Proceedings SAFECOMP2008. Volume, pp.320-331, 2008.
DOI : 10.1007/978-3-540-87698-4_27

X. Quayzin and E. Arbaretier, Performance modeling of a surveillance mission, 2009 Annual Reliability and Maintainability Symposium, pp.206-211, 2009.
DOI : 10.1109/RAMS.2009.4914676

M. Sghairi, A. De-bonneval, Y. Crouzet, J. J. Aubert, P. Brot et al., Distributed and reconfigurable architecture for flight control system, 2009 IEEE/AIAA 28th Digital Avionics Systems Conference, 2009.
DOI : 10.1109/DASC.2009.5347447

J. C. Chaudemar, E. Bensana, C. Castel, and C. Seguin, Altarica and event-b models for operational safety analysis: Unmanned aerial vehicle case study, Proceedings Formal Methods and Tools, FMT'09, 2009.

T. Prosvirnova, M. Batteux, P. A. Brameret, A. Cherfi, T. Friedlhuber et al., The altarica 3.0 project for model-based safety assessment, Proceedings of 4th IFAC Workshop on Dependable Control of Discrete Systems, DCDS'2013, pp.127-132, 2013.

J. Noble, A. Taivalsaari, and I. Moore, Prototype-Based Programming: Concepts, Languages and Applications, pp.978-9814021258, 1999.

M. Bouissou and J. L. Bon, A new formalism that combines advantages of fault-trees and Markov models: Boolean logic driven Markov processes, Reliability Engineering & System Safety, vol.82, issue.2, pp.149-163, 2003.
DOI : 10.1016/S0951-8320(03)00143-1

B. Meyer, Object-Oriented Software Construction, pp.978-0136290490, 1988.

M. Abadi and L. Cardelli, A Theory of Objects. Monographs in Computer Science, pp.978-0387947754, 1998.

A. Hatchuel and B. Weil, C-K design theory: an advanced formulation, Research in Engineering Design, vol.15, issue.4, pp.181-192, 2009.
DOI : 10.1007/s00163-008-0043-4

A. Dubi, Monte Carlo application in Systems Engineering, 2000.

M. Abadi and L. Cardelli, A theory of Objects, 1996.
DOI : 10.1007/978-1-4419-8598-9

R. Adeline, J. Cardoso, P. Darfeuil, S. Humbert, and C. Seguin, Toward a methodology for the AltaRica modelling of multi-physical systems, Proceedings of European Safety and Reliability Conference, 2010.

O. Akerlund, P. Bieber, E. Boede, M. Bozzano, M. Bretschneider et al., ISAAC, a framework for integrated safety analysis of functional, geometrical and human aspects, Proceedings of 3rd European Congress Embedded Real Time Software, 2006.

J. D. Andrews and T. R. Moss, Reliability and Risk Assessment, 1993.

A. Arnold, A. Griffault, G. Point, and A. Rauzy, The AltaRica language for Describing Concurrent Systems, Fundamenta Informaticae, vol.34, issue.23, pp.109-124, 2000.

A. Avizienis, J. Laprie, and B. Randell, Dependability and Its Threats: A Taxonomy, IFIP Congress Topical Sessions, pp.91-120, 2004.
DOI : 10.1007/978-1-4020-8157-6_13

M. Batteux and A. Rauzy, Stochastic simulation of AltaRica 3.0 models, Proceedings of the European Safety and Reliability Conference, 2013.
DOI : 10.1201/b15938-165

R. Bernard, S. Metge, F. Pouzolz, P. Bieber, A. Griffault et al., AltaRica Refinement for Heterogeneous Granularity Model Analysis, Actes du congrès Lambda-Mu'16, p.2, 2008.

S. A. Bernardi, S. Donatelli, and J. Merseguer, From UML Sequence Diagrams and StateCharts to analyzable Petri Net models, Proceedings of the Third International Workshop on Software on Performance, 2002.
DOI : 10.1145/584374.584376
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.133.2609

P. Bieber, J. Blanquart, G. Durrieu, D. Lesens, J. Lucotte et al., Integration of formal fault analysis in ASSERT: Case studies and lessons learnt SIA (electronic proceedings), Proceedings of 4th European Congress Embedded Real Time Software, 2008.

M. Boiteau, Y. Dutuit, A. Rauzy, and J. Signoret, The AltaRica Data-Flow Language in Use: Assessment of Production Availability of a MultiStates System, Reliability Engineering and System Safety, issue.7, pp.91747-755, 2006.

M. Bouissou, Automated Dependability Analysis of Complex Systems with the KB3 Workbench: the Experience of EDF R&D, Proceedings of the International Conference on Energy and Environment, 2005.

M. Bouissou, H. Bouhadana, M. Bannelier, and N. Villatte, Knowledge modelling and reliability processing: presentation of the Figaro modelling language and associated tools, Proceedings of Safecomp'91, 1991.

M. Bouissou and C. Seguin, Comparaison des langages de modélisation AltaRica et Figaro, 15me colloque de fiabilit et maintenabilit, 2006.

M. Bozzano, A. Cimatti, O. Lisagor, C. Mattarei, S. Mover et al., Safety assessment of AltaRica models via symbolic model checking, Proceedings of the 11th International Workshop on Automated Verification of Critical Systems, 2011.
DOI : 10.1016/j.scico.2014.06.003

M. Bozzano, A. Cimatti, and F. Tapparo, Symbolic Fault Tree Analysis for Reactive Systems, Proceedings of the 5th international conference on Automated technology for verification and analysis, pp.162-176, 2007.
DOI : 10.1007/978-3-540-75596-8_13

P. Brameret, A. Rauzy, and J. Roussel, Preliminary System Safety Analysis with Limited Markov Chain Generation, Proceedings of 4th IFAC Workshop on Dependable Control of Discrete Systems, DCDS'2013, pp.13-18, 2013.
DOI : 10.3182/20130904-3-UK-4041.00032
URL : https://hal.archives-ouvertes.fr/hal-00859173

R. E. Bryant, Graph-based algorithms for Boolean function manipulation. Computers, IEEE Transactions, issue.8, pp.35677-691, 1986.
DOI : 10.1109/tc.1986.1676819
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.208.4027

J. Chaudemar, E. Bensana, C. Castel, and C. Seguin, AltaRica and Event-B Models for Operational Safety Analysis: Unmanned Aerial Vehicle Case Study, Proceedings of Workshop on Integration of Model-Based Formal Methods and Tools, 2009.

J. Colaço, A. Girault, G. Hamon, and M. Pouzet, Towards a higher-order synchronous data-flow language, Proceedings of the fourth ACM international conference on Embedded software , EMSOFT '04, 2004.
DOI : 10.1145/1017753.1017792

M. Corsini and A. Rauzy, Toupie: The µ-calculus over finite domains as a constraint language, Journal of Automated Reasoning, vol.19, issue.2, pp.143-171, 1997.
DOI : 10.1023/A:1005732517165

P. David, ContributionàContributionà l'analyse de sûreté de fonctionnement des systèmes complexes en phase de conception : application l'´ evaluation des missions d'un réseau de capteurs de présence humaine, Thèse de doctorat, 2009.

P. David, V. Idasiak, and F. Kratz, Reliability study of complex physical systems using SysML. Reliability Engineering and System Safety, pp.431-450, 2010.
URL : https://hal.archives-ouvertes.fr/hal-00528802

J. De and K. , An assumption based TMS, Artificial Intelligence, vol.278, issue.2, pp.127-162, 1986.

F. William, J. H. Dowling, and . Gallier, Linear-time algorithms for testing the satisfiability of propositional Horn formulae, Journal of Logic Programming, vol.1, issue.3, pp.267-284, 1984.

J. B. Dugan, K. J. Sullivan, and D. Coppit, Developing a high-quality software tool for fault tree analysis, Proceedings 10th International Symposium on Software Reliability Engineering (Cat. No.PR00443), pp.222-231, 1999.
DOI : 10.1109/ISSRE.1999.809327

Y. Dutuit, F. Innal, A. Rauzy, and J. Signoret, Probabilistic assessments in relationship with safety integrity levels by using Fault Trees, Reliability Engineering & System Safety, vol.93, issue.12, pp.931867-1876, 2008.
DOI : 10.1016/j.ress.2008.03.024
URL : https://hal.archives-ouvertes.fr/hal-00182508

Y. Dutuit and A. Rauzy, Efficient algorithms to assess component and gate importance in fault tree analysis, Reliability Engineering & System Safety, vol.72, issue.2, pp.213-222, 2001.
DOI : 10.1016/S0951-8320(01)00004-7

S. Epstein and A. Rauzy, Open-PSA Model Exchange Format The Open-PSA Initiative, 2008.

P. Feiler, D. Gluch, and J. Hudak, The Architecture Analysis & Design Language (AADL): An Introduction, 2006.

P. Feiler and A. E. Rugina, Dependability Modeling with the Architecture Analysis & Design Language (AADL), 2007.

S. Friedenthal, A. Moore, and R. Steiner, A Practical Guide to SysML: The Systems Modeling Language, The MK, 2011.

P. Fritzson, Principles of Object-Oriented Modeling and Simulation with Modelica 2.1, 2004.
DOI : 10.1109/9780470545669

P. Fritzson and P. Bunus, Modelica - a general object-oriented language for continuous and discrete-event system modeling and simulation, Proceedings 35th Annual Simulation Symposium. SS 2002, pp.365-380, 2002.
DOI : 10.1109/SIMSYM.2002.1000174

A. L. Hauke and . Fuhrmann, On the Pragmatics of Graphical Modeling. Number 2011-1 in Kiel Computer Science Series, Dissertation, Faculty of Engineering, 2011.

E. Gamma, R. Helm, R. Johnson, and J. Vlissides, Design Patterns ? Elements of Reusable Object-Oriented Software, 1995.

S. Gilmore, J. Hillston, L. Kloul, and M. Ribaudo, PEPA Nets, pp.79-104, 2003.
DOI : 10.1007/978-3-540-24663-3_15
URL : https://hal.archives-ouvertes.fr/hal-00139716

G. Gössler and J. Sifakis, Composition for component-based modeling, Science of Computer Programming, vol.55, issue.1-3, pp.161-183, 2005.
DOI : 10.1016/j.scico.2004.05.014

A. Griffault, G. Point, F. Kuntz, and A. Vincent, Symbolic computation of minimal cuts for AltaRica models, 2011.
URL : https://hal.archives-ouvertes.fr/hal-00634022

N. Halbwachs, P. Caspi, P. Raymond, and D. Pilaud, Methods and Tools for Constraint System Architectering, Proceedings of the IEEE, pp.1305-1320, 1991.

A. Hatchuel and B. Weil, La théorie C-K : Fondements et usages d'une théorie unifiée de la conception, Actes du Colloque " Sciences de la conception, 2002.

A. Hatchuel and B. Weil, A new approach of innovative design: an introduction to C-K theory, Proceedings of the International Conference on Engineering Design (ICED'03), 2003.

M. Hibti, T. Friedlhuber, and A. Rauzy, Overview of The Open PSA Platform, Proceedings of International Joint Conference PSAM'11, 2012.

S. Humbert, C. Seguin, C. Castel, and J. Bosc, Deriving Safety Software Requirements from an AltaRica System Model, Proceedings of 27th International Conference on Computer Safety, Reliability, and Security, pp.320-331, 2008.
DOI : 10.1007/978-3-540-87698-4_27

K. Jensen, Coloured Petri Nets, 1992.
DOI : 10.1007/bfb0046842

A. Joshi, P. Binns, and S. Vestal, Automatic generation of Fault Trees from AADL Models, Proceedings of the ICSE Workshop on Aerospace Software Engineering, 2007.

A. Joshi, S. P. Miller, M. Whalen, and M. P. Heimdahl, A PROPOSAL FOR MODEL-BASED SAFETY ANALYSIS, 24th Digital Avionics Systems Conference, 2005.
DOI : 10.1109/DASC.2005.1563469

C. Kehren, Motifs formels d'architectures de systèmes pour la sûreté de fonctionnement, Thèse de doctorat, Ecole Nationale Supérieure de l'Aéronautique et de l'Espace (SUPAERO), 2005.

C. Kehren, C. Seguin, P. Bieber, C. Castel, C. Bougnol et al., Architecture Patterns for Safe Design, AAAF 1st Complex and Safe Systems Engineering Conference, 2004.

M. Thang and K. , ContributionàContributionà l'accélération de la simulation stochastique sur des modèles AltaRica Data-Flow, Thèse de doctorat, 2008.

O. Lisagor, T. Kelly, and R. Niu, Model-based safety assessment: Review of the discipline and its challenges, The Proceedings of 2011 9th International Conference on Reliability, Maintainability and Safety, pp.625-632, 2011.
DOI : 10.1109/ICRMS.2011.5979344

J. Lopez-grao, J. Merseguer, and J. Campos, From UML Activity Diagrams to Stochastic Petri Nets: Application to software performance engineering, Proceedings of the Fourth International Workshop on Software and Performance, 2004.

A. Majdara and T. Wakabayashi, Component-based modeling of systems for automated fault tree generation, Reliability Engineering & System Safety, vol.94, issue.6, pp.1076-1086, 2009.
DOI : 10.1016/j.ress.2008.12.003

M. Malhotra and K. S. Trivedi, Dependability modeling using Petri-nets. Reliability, IEEE Transactions on, vol.44, issue.3, pp.428-440, 1995.
DOI : 10.1109/24.406578
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.324.2408

R. Manian, J. Bechta-dugan, D. Coppit, and K. J. Sullivan, Combining various solution techniques for dynamic fault tree analysis of computer systems, Proceedings Third IEEE International High-Assurance Systems Engineering Symposium (Cat. No.98EX231), pp.21-28, 1998.
DOI : 10.1109/HASE.1998.731591

M. A. Marsan, M. Balbo, G. Conte, S. Donatelli, and G. Franceschinis, Modelling with Generalized Stochastic Petri Nets, ACM SIGMETRICS Performance Evaluation Review, vol.26, issue.2, 1995.
DOI : 10.1145/288197.581193

T. Matsuoka and M. Kobayashi, New reliability analysis methodology, Nuclear Engineering and Design, vol.98, pp.64-78, 1988.

T. Matsuoka and M. Kobayashi, The GO-FLOW reliability analysis methodology???analysis of common cause failures with uncertainty, Nuclear Engineering and Design, vol.175, issue.3, pp.205-214, 1997.
DOI : 10.1016/S0029-5493(97)00038-1

T. Matsuoka, N. Mitomo, and T. Hoshi, An application of the GO-FLOW methodology ? evaluation of component cooling water system for a new type of marine reactor, Proceedings of the 4th International Conference on Probabilistic Safety Assessment and Management (PSAM), pp.221-226, 1998.

T. Matsuoka and K. Nakagawa, An application of the GO-FLOW Methodology ? a reliability analysis of automatic train control system of Shinkansen in Japan, Proceedings of the 4th International Conference on Probabilistic Safety Assessment and Management (PSAM), pp.233-238, 1998.

J. Merseguer, J. Campos, S. Bernardi, and S. A. Donatelli, A compositional semantics for UML state machines aimed at performance evaluation, Sixth International Workshop on Discrete Event Systems, 2002. Proceedings., 2002.
DOI : 10.1109/WODES.2002.1167702

F. Milcent, T. Prosvirnova, and A. Rauzy, Modeling network systems with AltaRica 3.0, Actes du congrès LambdaMu'19 (actesélectroniquesactesélectroniques), 2014.

R. Milner, Communicating and Mobile Systems: The pi-calculus, 1999.

J. Noble, A. Taivalsaari, and I. Moore, Prototype-Based Programming: Concepts, Languages and Applications, 1999.

C. Pagetti, Extension temps réel du langage AltaRica, Thèse de doctorat, 2004.

Y. Papadopoulos and M. Maruhn, Model-based synthesis of fault trees from Matlab-Simulink models, Proceedings International Conference on Dependable Systems and Networks, pp.77-82, 2001.
DOI : 10.1109/DSN.2001.941393

Y. Papadopoulos, M. Walker, D. Parker, E. Rude, R. Hamann et al., Engineering failure analysis and design optimisation with HiP-HOPS, Engineering Failure Analysis, vol.18, issue.2, pp.590-608, 2011.
DOI : 10.1016/j.engfailanal.2010.09.025

A. Pasquini, Y. Papadopoulos, and J. Mcdermid, Hierarchically performed hazard origin and propagation studies, Computer Safety, Reliability and Security LNCS, pp.688-688, 1698.

B. Perrot, T. Prosvirnova, A. Rauzy, J. Sahut-d-'izarn, and R. Schoening, Expériences de couplages de modèles AltaRica avec des interfaces métiers, Actes du congrès LambdaMu'17 (actesélectroniquesactesélectroniques). IMdR, 2010.

G. Point and A. Rauzy, AltaRica: Constraint automata as a description language, Journal Européen des Systèmes Automatisés, vol.33, pp.8-91033, 1999.

A. Pop and P. Fritzson, The Modelica Standard Library as an Ontology for Modeling and Simulation of Physical Systems, 2004.

T. Prosvirnova, M. Batteux, P. Brameret, A. Cherfi, T. Friedlhuber et al., The AltaRica 3.0 project for Model-Based Safety Assessment, Proceedings of 4th IFAC Workshop on Dependable Control of Discrete Systems, 2013.

T. Prosvirnova, M. Batteux, A. Maarouf, and A. Rauzy, GraphXica, Proceedings of the European Safety and Reliability conference, 2013.
DOI : 10.1201/b15938-171

T. Prosvirnova and A. Rauzy, Guarded Transition Systems: Pivot Modelling Formalism For Safety Analysis, Actes du Congrès Lambda-Mu 18, 2012.

X. Quayzin and E. Arbaretier, Performance modeling of a surveillance mission, 2009 Annual Reliability and Maintainability Symposium, pp.206-211, 2009.
DOI : 10.1109/RAMS.2009.4914676

A. Rauzy, New algorithms for fault trees analysis, Reliability Engineering & System Safety, vol.40, issue.3, pp.5203-211, 1993.
DOI : 10.1016/0951-8320(93)90060-C

A. Rauzy, Mathematical foundations of minimal cutsets, IEEE Transactions on Reliability, vol.50, issue.4, pp.389-396, 2001.
DOI : 10.1109/24.983400

A. Rauzy, Mode automata and their compilation into fault trees, Reliability Engineering & System Safety, vol.78, issue.1, pp.1-12, 2002.
DOI : 10.1016/S0951-8320(02)00042-X

A. Rauzy, An experimental study on iterative methods to compute transient solutions of large Markov models, Reliability Engineering & System Safety, vol.86, issue.1, pp.105-115, 2004.
DOI : 10.1016/j.ress.2004.01.007

A. Rauzy, Anatomy of an Efficient Fault Tree Assessment Engine, Proceedings of International Joint Conference PSAM'11/ESREL'12, 2012.

A. Rauzy, AltaRica Data-Flow language specification

A. Rauzy, BDD for Reliability Studies, Handbook of Performability Engineering, pp.381-396, 2008.

D. Riera, F. Milcent, J. Parisot, and E. Clement, Dynamic modeling for dependability and safety evaluation: an advance for the analysis of complex systems, 2012.

A. E. Rugina, K. Kanoun, and M. Kaaniche, The ADAPT Tool: From AADL Architectural Models to Stochastic Petri Nets through Model Transformation, 2008 Seventh European Dependable Computing Conference, 2008.
DOI : 10.1109/EDCC-7.2008.14
URL : https://hal.archives-ouvertes.fr/hal-00323969

L. Sagaspe, Allocation sûre dans les systèmes aéronautiques : Modélisation, Vérification et Génération, Thèse de doctorat, 2008.

L. Sagaspe and P. Bieber, Constraint-based design and allocation of shared avionics resources, 2007 IEEE/AIAA 26th Digital Avionics Systems Conference, pp.2-5, 2007.
DOI : 10.1109/DASC.2007.4391846

M. Sghairi, A. De-bonneval, Y. Crouzet, Y. Aubert, P. Brot et al., Distributed and reconfigurable architecture for flight control system, 2009 IEEE/AIAA 28th Digital Avionics Systems Conference, pp.6-8, 2009.
DOI : 10.1109/DASC.2009.5347447

M. L. Shooman, The Equivalence of Reliability Diagrams and Fault-Tree Analysis, IEEE Transactions on Reliability, vol.19, issue.2, pp.1974-75, 1970.
DOI : 10.1109/TR.1970.5216396

J. Signoret, Dependability & safety modeling and calculation: Petri nets, Proceeding of the 2nd IFAC Workshop on Dependable Control of Descrete Systems, 2009.
DOI : 10.3182/20090610-3-IT-4004.00040

W. J. Stewart, Introduction to the Numerical Solution of Markov Chains, 1994.

K. J. Sullivan, J. B. Dugan, and D. Coppit, The Galileo fault tree analysis tool, Digest of Papers. Twenty-Ninth Annual International Symposium on Fault-Tolerant Computing (Cat. No.99CB36352), 1999.
DOI : 10.1109/FTCS.1999.781056

. Robert-endre-tarjan, Data Structures and Network Algorithms, Society for Industrial and Applied Mathematics, 1983.

G. Leslie and . Valiant, The Complexity of Enumeration and Reliability Problems, SIAM Journal of Computing, vol.8, issue.3, pp.410-421, 1979.

J. Voirin, Methods and Tools for Constraint System Architectering, Proceedings of the 18th International Symposium of the International Council on System Engineering, pp.775-789, 2008.

X. John, M. L. Wang, and . Roush, What Every Engineer Should Know About Risk Engineering and Management, 2000.

S. White and D. Miers, BPMN Modeling and Reference Guide: Understanding and Using BPMN, Future Strategies Inc, 2008.