One embodiment of the invention provides a method for simulating the operation of a system. The method includes providing a fault tree representation of the system. The fault tree defines a set of problems that may occur in the system, and specifies propagations in the system whereby a problem may create one or more errors that may in turn be detected by error detectors to produce corresponding error reports. The fault tree representation allows the presence of a problem in the system to be simulated, and the set of error reports resulting from the simulated problem to be determined. This simulation can be repeated for different problems to compare the sets of error reports potentially produced by the different problems.