Concepts definitions
General
In Eclipse Safety Framework, the user may have to manage all the functionnal datas of his system in addition of the dysfunctionnal datas related to the system analysis. It is important to define concepts used in order to understand the different features available. In a general manner, the functional concepts are used during the design step of the system, the dysfunctional concepts are used during the local analysis of each elementary component.
Functional Concepts
Block 
A block is considered as the lowest level componant of the system. It is not possible to change his internal structure but it is possible to add input and output ports.
By default , a block is created with an input (Default In ? in green) and an output (Default Out ? in red) ports. The behaviour can be modified through the preferences of the application : Window > Preferences > Repositories > Default Ports.

Input Port
and Output Port
A port can be added to a block or to a container. It represents the
functionnal interface of the parent element. The direction (in or out)
defines the direction of the data flows linked to it.
Note that the direction of the port has specific colors to be identified
easily: Input in green and output in red.

Data Link 
The Data links are used in order to link ports between blocks or even containers. A data link symbolises a simple flow between two elements, and there are not typified.

Container 
A container represents a more complex part of the system. It can be considered has a sub-system and can manage input and output ports as an elementary block does, but its behaviour is like a white box. A container can content several blocks or containers, and allows the hierarchical management of the system modelling.

Inner Block 
Inner block is not a specitif concept. This term refers to all blocks belonging to a parent container and being at a lower level than the current one.
Inner Container 
As for the inner block, inner container is not a specific concept. In fact this term refers to all containers belonging to a parent container and being at a lower level than the current one.
Dysfunctional Concepts
System Failure 
Eclipse Safety Framework allows to configure dysfunctional mode impacting all the blocks of the model. Those events can be - for example - electromagnetic interferences or an increase in the temperature,... Those events are then usable in the dysfunctional equation of each block during the local analysis.
By default, a "System failure" is created for each new model. this behaviour can be modified in the preferences of Eclipse Safety Framework through the menu Window > Preferences > Repositories. In addition, the creation of new system events can be done at the model level, not at the elementary blocks level.
Local Events 
In parallel of system failure, Eclipse Safety Framework allows to design internal failure into a block. These local events cannot be reused for other blocks analysis.
By default, a local event "Internal failure" is created within each new block. This behaviour can be modified in the preferences of Eclipse Safety Framework through the menu Window > Preferences > Repositories.
Failure Mode 
A failure mode specifies how the related element ( Port or Barrier) fails. By default, three failure modes are available :
: Absent, an expected data flow is missing
: Erroneous, a data flow is in error
: Untimely, an unexpected data flow appears
The several default failure modes can be modified in the preferences of Eclipse Safety Framework through the menu Window > Preferences > Repositories.
It is also possbile to add specific failure modes considered as sub-group of Erroneous failure mode. The nature of these failure modes is important because it has an impact on the propagation. (Cf. § Propagation Rules).
In addition, a failure mode No effect is available. It can be used as a "stub" to indicate that an analysis is volontary partial. This failure mode doesn't propagate on any others. (Cf. § Propagation Rules).
Barriers 
When a barrier is used in the local analysis of a block, it correponds to an implicit barrier. Therefore, a barrier symbolises an inner system that allows to reduce the failure probability at the current block's outputs. (Inner controls, defensive programming...).
In order to design the barrier failures, each one has his own failure modes. Therefore, when a barrier is created, the default failure modes defined in the SA Preferences are created as well.
Propagation Link 
Propagation link aims to link several elements of the local analysis and indicates how a failure is propagated within a block. Propagation link is oriented and allows only certain types of element as source and target.
The source of a propagation link can be:
- a Failure Mode of an input or output port, or of a barrier
- a System Event or Local Event
- a Logic Gate
The target of a propagation link can be:
- a Failure Mode of an input or output port
- a Logic Gate
Logic Gates: And
and Or 
Logic gates factor the failure propagation within a block by combining propagation link with a boolean logic.
The AND-Gate allows to combine several failure to indicate that the failure propagation can be done only if all the entries of the AND-gate are failing.
The OR-gate is more limited, it indicates that the failure propagates if at least one of the entries is failing. Nevertherles, this factorization can be usefull to simplify the representation of a complex set of flows in the current block.
Feared Event
A feared event can be triggered by a failure of the system under study. The feared event is not the failure itself but the consequence of this failure.
Feared events are grouped inside a feared event Library.
Family of Feared event
Feared events can be grouped by family. This group represents a set but not a composition. Therefore, a single feared event can be part of several families.