Condition-based fault tree analysis (CBFTA): A new method for improved fault tree analysis (FTA), reliability and safety calculations

Condition-based maintenance methods have changed systems reliability in general and individual systems in particular. Yet, this change does not affect system reliability analysis. System fault tree analysis (FTA) is performed during the design phase. It uses components failure rates derived from available sources as handbooks, etc. Condition-based fault tree analysis (CBFTA) starts with the known FTA. Condition monitoring (CM) methods applied to systems (e.g. vibration analysis, oil analysis, electric current analysis, bearing CM, electric motor CM, and so forth) are used to determine updated failure rate values of sensitive components. The CBFTA method accepts updated failure rates and applies them to the FTA. The CBFTA recalculates periodically the top event (TE) failure rate (λ_TE) thus determining the probability of system failure and the probability of successful system operation—i.e. the system's reliability.FTA is a tool for enhancing system reliability during the design stages. But, it has disadvantages, mainly it does not relate to a specific system undergoing maintenance.CBFTA is tool for updating reliability values of a specific system and for calculating the residual life according to the system's monitored conditions. Using CBFTA, the original FTA is ameliorated to a practical tool for use during the system's field life phase, not just during system design phase.This paper describes the CBFTA method and its advantages are demonstrated by an example.     

System Failure Analysis Through Counters of Petri Net Models

Petri nets are a powerful technique widely used in the modeling and analysis of complex manufacturing systems and processes. Due to their capability in modeling the dynamics of the systems, Petri nets have been combined with fault tree analysis techniques to determine the average rate of occurrence of system failures. Current methods in combining Petri nets with fault trees for system failure analysis compute the average rate of occurrence of system failures by tracking the markings of the Petri net models. The limitations of these methods are that tracking the markings of a Petri net represented by a reachability tree can be very complicated as the size of the system grows. Therefore, these methods offer less flexibility in analyzing sequential failures in the system. To overcome the limitations of the current methods in applying Petri nets for system failure assessment, this paper expands and extends the concept of counters used in Petri net simulation to perform the failure and reliability analysis of complex systems. The presented method allows the system failures to be modeled using general Petri nets with inhibitor arcs and loops, which employs fewer variables than existing marking‐based methods and substantially accelerates the computations. It can be applied to real system failure analysis where basic events can have different failure rates. Copyright © 2003 John Wiley & Sons, Ltd.     

How dependent basic events with interval-valued probabilities affect fault tree analysis

This paper studies the effect of the dependence state between basic events (BEs) on fault tree analysis (FTA) when the probabilities of events are characterized by interval values. The well-known Frèchent bounds are extended for modeling six different types of dependence states between BEs. Three indices, called average dependence effect (ADE), location effect (LE) and size effect (SE), are defined for evaluating the effect of the dependence states between BEs on the probability of top event (TE) and identifying influential and non-influential dependence states. Then, the proposed method is applied to fault tree (FT) examples, thereby explaining the dependence problem in FTA. To further verify the practicability of the method, FTA of the unilateral asymmetric movement failure of an aircraft flap mechanism is performed. The results show that: (i) the opposite and negative dependence contribute to the reliability of a parallel system while the perfect and positive dependence reduce it, (ii) the perfect and positive dependence contribute to the reliability of a series system while the opposite and negative dependence reduce it, and (iii) parallel systems are more reliable than series systems regardless of the dependence between BEs.     

Posbist fault tree analysis of coherent systems

When the failure probability of a system is extremely small or necessary statistical data from the system is scarce, it is very difficult or impossible to evaluate its reliability and safety with conventional fault tree analysis (FTA) techniques. New techniques are needed to predict and diagnose such a system's failures and evaluate its reliability and safety. In this paper, we first provide a concise overview of FTA. Then, based on the posbist reliability theory, event failure behavior is characterized in the context of possibility measures and the structure function of the posbist fault tree of a coherent system is defined. In addition, we define the AND operator and the OR operator based on the minimal cut of a posbist fault tree. Finally, a model of posbist fault tree analysis (posbist FTA) of coherent systems is presented. The use of the model for quantitative analysis is demonstrated with a real-life safety system.     

基于模糊故障树的军用气象物资包装可靠性分析

应用模糊故障树分析方法对军用气象物资包装可靠性进行了系统分析,简要介绍了模糊故障树分析方法的基本理论,利用专家判断和模糊集理论相结合的方法,评估了故障树底事件发生的模糊失效概率。并以"TFS-1通风干湿表包装"为例,建立了包装系统的故障树,采用下行法求解了引起顶事件发生的最小割集,定量分析计算,得出模糊失效率为0.0705,同时计算了各底事件的重要度。模糊故障树分析方法对于提高军用气象物资包装防护能力,确保物资装备质量,具有非常重要的意义。     

基于梯形模糊数的数控磨床砂轮架系统故障树分析

数控磨床砂轮架系统故障树分析中的一大难点是确定基本事件的发生概率,基本事件的发生情况存在模糊性且由于时间和成本的限制往往无法通过实验获得足够的可靠性数据。为了解决这一问题,引入模糊集合论,用梯形模糊数来描述故障树分析中的基本事件和顶事件的发生概率。首先对数控磨床砂轮架系统的结构层次进行分析,建立砂轮架系统的故障树。然后以砂轮架系统主轴振动异响为例进行模糊故障树分析,求解顶事件发生概率的梯形模糊数;并类比传统故障树分析中"临界重要度"的概念,定义适用于模糊故障树分析的"模糊临界重要度"。最后根据求解的模糊临界重要度对基本事件进行排序,确定危害程度较高的基本事件,结果与企业的实际情况相符合。结果表明该方法能够有效解决数控磨床故障树分析中基本事件难于准确赋值的问题,为企业提高机械系统的可靠性提供了一种定量依据。     

An efficient real‐time method of analysis for non‐coherent fault trees

Fault tree analysis is commonly used to assess the reliability of potentially hazardous industrial systems. The type of logic is usually restricted to AND and OR gates, which makes the fault tree structure coherent. In non‐coherent structures not only components' failures but also components' working states contribute to the failure of the system. The qualitative and quantitative analyses of such fault trees can present additional difficulties when compared with the coherent versions. It is shown that the binary decision diagram (BDD) method can overcome some of the difficulties in the analysis of non‐coherent fault trees. This paper presents the conversion process of non‐coherent fault trees to BDDs. A fault tree is converted to a BDD that represents the system structure function (SFBDD). An SFBDD can then be used to quantify the system failure parameters but is not suitable for the qualitative analysis. Established methods, such as the meta‐products BDD method, the zero‐suppressed BDD (ZBDD) method and the labelled BDD (L‐BDD) method, require an additional BDD that contains all prime implicant sets. The process using some of the methods can be time consuming and is not very efficient. In addition, in real‐time applications the conversion process is less important and the requirement is to provide an efficient analysis. Recent uses of the BDD method are for real‐time system prognosis. In such situations as events happen, or failures occur, the prediction of mission success is updated and used in the decision‐making process. Both qualitative and quantitative assessments are required for the decision making. Under these conditions fast processing and small storage requirements are essential. Fast processing is a feature of the BDD method. It would be advantageous if a single BDD structure could be used for both the qualitative and quantitative analyses. Therefore, a new method, the ternary decision diagram (TDD) method, is presented in this paper, where a fault tree is converted to a TDD that allows both qualitative and quantitative analyses and no additional BDDs are required. The efficiency of the four methods is compared using an example fault tree library. Copyright © 2008 John Wiley & Sons, Ltd.     

Improved accuracy in quantitative fault tree analysis

The fault tree diagram defines the causes of the system failure mode or ‘top event’ in terms of the component failures and human errors, represented by basic events. By providing information which enables the basic event probability to be calculated, the fault tree can then be quantified to yield reliability parameters for the system. Fault tree quantification enables the probability of the top event to be calculated and in addition its failure rate and expected number of occurrences. Importance measures which signify the contribution each basic event makes to system failure can also be determined. Owing to the large number of failure combinations (minimal cut sets) which generally result from a fault tree study, it is not possible using conventional techniques to calculate these parameters exactly and approximations are required. The approximations usually rely on the basic events having a small likelihood of occurrence. When this condition is not met, it can result in large inaccuracies. These problems can be overcome by employing the binary decision diagram (BDD) approach. This method converts the fault tree diagram into a format which encodes Shannon's decomposition and allows the exact failure probability to be determined in a very efficient calculation procedure. This paper describes how the BDD method can be employed in fault tree quantification. © 1997 John Wiley & Sons, Ltd.     

Footprint of knowledge acquisition improvement in failure diagnosis analysis

Fault tree analysis (FTA) as an effective and efficient risk assessment tool are widely used to analyze the reliability of a complex system. In this context, FTA can properly improve the safety performance of the system by preventing an event which may lead to occurrence of a catastrophic accident. However, traditional FTA is still suffering from dynamic structure demonstration and importantly epistemic uncertainty processing. In this study, a novel methodology is introduced using Bayesian updating mechanism to deal with dynamic structure and 2‐tuple fuzzy set named as intuitionistic fuzzy numbers are employed to cope with subjectivity of uncertainty processing. Accordingly, the most critical system components which affect the system reliability are recognized by using an appropriate sensitivity analysis method. The proposed methodology is then applied on a real case study application (a brake fluid filling system) in order to examine the effectiveness and feasibility of the approach. The results illustrated that the new methodology can have enough benefits for diagnosing the systems' faults compared with listing approaches of safety and reliability analysis. In terms of empirical case study, “electromotor failure” was evaluated as the second most critical basic event in conventional‐based approaches, whereas in the novel methodology “high pressure liquefied material” was recognized as the second one.     

Fault tree developed by an object-based method improves requirements specification for safety-related systems

Fault tree analysis is frequently used to improve system reliability and safety. To be suitable for analysis of software in computerised safety-related systems, it has to be modified accordingly. This paper presents a new application: the fault trees developed by an object-based method. The object-based method integrates structural and behavioural models of a system. The developed fault tree includes information on structure and the failure behaviours of classes of the system. Away from traditional use of the fault tree, which for traditional systems emphasises qualitative and quantitative results, the result of the new application emphasises the process of fault tree development and its qualitative results. Such fault tree application reduces the probability of failures in the requirements specification phase within the software life cycle, which increases the reliability of its product; however, it does not confirm this in a quantitative manner.     

Enhancing software safety by fault trees: experiences from an application to flight critical software

The fault tree analysis is a well-established method in system safety and reliability assessment. We transferred the principles of this technique to an assembler code analysis, regarding any incorrect output of the software as the undesired top-level event. Starting from the instructions providing the outputs and tracking back to all instructions contributing to these outputs a hierarchical system of references is generated that may graphically be represented as a fault tree. To cope with the large number of relations in the code, a tool suite has been developed, which automatically creates these references and checks for unfulfilled preconditions of instructions. The tool was applied to the operational software of an inertial measurement unit, which provides safety critical signals for artificial stabilization of an aircraft. The method and its implementation as a software tool is presented and the benefits, surprising results, and limitations we have experienced were discussed.     

New methods to determine the importance measures of initiating and enabling events in fault tree analysis

Components' importance measures play a very important role in system reliability analysis. They are used to identify the weakest parts of the system for design improvement, failure diagnosis and maintenance. This paper deals with the problem of determining the importance measures of basic events in case of unreliability analysis of binary coherent and non-coherent fault trees. This type of analysis is typical of catastrophic top events, characterised by unacceptable consequences. Since the unreliability of systems with repairable components cannot be exactly calculated via fault tree, the Expected Number of Failures - which is obtained by integrating the unconditional failure frequency - is considered as it represents a good upper bound. In these cases it is important to classify events as initiators or enablers since their roles in the system are different, their sequence of occurrence is different and consequently they must be treated differently. New equations based on system failure frequency are described in this paper for determining the exact importance measures of initiating and enabling events. Simple examples are provided to clarify the application of the proposed calculation methods. Compared with the exact methods available in the literature, those proposed in this paper are easier to apply by hand and are simpler to implement in a fault tree analyser.     

An enhanced component connection method for conversion of fault trees to binary decision diagrams

Fault tree analysis (FTA) is widely applied to assess the failure probability of industrial systems. Many computer packages are available, which are based on conventional kinetic tree theory methods. When dealing with large (possibly non-coherent) fault trees, the limitations of the technique in terms of accuracy of the solutions and the efficiency of the processing time become apparent. Over recent years, the binary decision diagram (BDD) method has been developed that solves fault trees and overcomes the disadvantages of the conventional FTA approach. First of all, a fault tree for a particular system failure mode is constructed and then converted to a BDD for analysis. This paper analyses alternative methods for the fault tree to BDD conversion process.For most fault tree to BDD conversion approaches, the basic events of the fault tree are placed in an ordering. This can dramatically affect the size of the final BDD and the success of qualitative and quantitative analyses of the system. A set of rules is then applied to each gate in the fault tree to generate the BDD. An alternative approach can also be used, where BDD constructs for each of the gate types are first built and then merged to represent a parent gate. A powerful and efficient property, sub-node sharing, is also incorporated in the enhanced method proposed in this paper. Finally, a combined approach is developed taking the best features of the alternative methods. The efficiency of the techniques is analysed and discussed.     

Quality risk analysis in a cGMP environment: multiple models for comprehensive failure mode identification during the computer system lifecycle

Pharmaceutical quality systems use various inputs to ensure product quality and prevent failures that might have patient consequences. These inputs are generally data from failures that have already occurred, for example process deviations or customer complaints. Risk analysis techniques are well-established in certain other industries and have become of interest to pharmaceutical manufacturers because they allow potential quality failures to be predicted and mitigating action taken in advance of their occurring. Failure mode and effects analysis (FMEA) is one such technique, and in this study it was applied to implement a computerized manufacturing execution system in a pharmaceutical manufacturing environment. After introduction, the system was monitored to detect failures that did occur and these were analyzed to determine why the risk analysis method failed to predict them. Application of FMEA in other industries has identified weaknesses in predicting certain error types, specifically its dependence on other techniques to model risk situations and its poor analysis of non-hardware risks, such as human error, and this was confirmed in this study. Hierarchical holographic modeling (HHM), a technique for identifying risk scenarios in wide-scope analyses, was applied subsequently and identified additional potential failure modes. The technique for human error rate prediction (THERP) has previously been used for the quantitative analysis of human error risk and the event tree from this technique was adapted and identified further human error scenarios. These were input to the FMEA for prioritization and mitigation, thereby strengthening the risk analysis in terms of failure modes considered.     

Criteria for evaluating protection from single points of failure for partially expanded fault trees

Fault tree analysis (FTA) is a technique that describes the combinations of events in a system which result in an undesirable outcome. FTA is used as a tool to quantitatively assess a system's probability for an undesirable outcome. Time constraints from concept to production in modern engineering often limit the opportunity for a thorough statistical analysis of a system. Furthermore, when undesirable outcomes are considered such as hazard to human(s), it becomes difficult to identify strict statistical targets for what is acceptable. Consequently, when hazard to human(s) is concerned a common design target is to protect the system from single points of failure (SPOF) which means that no failure mode caused by a single event, concern, or error has a critical consequence on the system. Such a design target is common with “by-wire” systems. FTA can be used to verify if a system is protected from SPOF. In this paper, sufficient criteria for evaluating protection from SPOF for partially expanded fault trees are proposed along with proof. The proposed criteria consider potential interactions between the lowest drawn events of a partial fault tree expansion which otherwise easily leads to an overly optimistic analysis of protection from SPOF. The analysis is limited to fault trees that are coherent and static.     

Reliability analysis of standby systems with multi‐state elements subject to constant transition rates

Standby redundancy has been extensively applied to critical engineering systems to enhance system reliability. Researches on reliability evaluation for standby systems focus more on systems with binary‐state elements. However, multi‐state elements with different performances have played a significant role in engineering systems. This paper presents an approach for reliability analysis of standby systems composed of multi‐state elements with constant state transition rates and absorbing failure states. The approach allows modelling different standby systems beyond cold, warm and hot ones by taking into account differences in possible maintenance of elements in standby and operation modes and dependence of elements' operational behavior on their initial state at the time of activation. An iterative algorithm for reliability evaluation based on element state probabilities is suggested. Illustrating examples of evaluating reliability of different types of homogeneous and heterogeneous standby systems are demonstrated.     

Mission reliability evaluation based on operational quality data for multistate manufacturing systems

Modern and intelligent manufacturing systems have a prominent multistate feature. However, previous studies of reliability analysis of multistate manufacturing systems mostly focused on the basic reliability of manufacturing systems but disregarded their operating characteristics, which has hindered the development of Prognostics and Health Management technique for intelligent manufacturing systems. Therefore, an evaluation approach of mission reliability for multistate manufacturing systems based on operational quality data is proposed in this paper. First, from the systematic viewpoint of the composition and operational principle of the manufacturing system, the relationship among production task execution state, production equipment degradation state, and produced product quality state is expounded, and the connotation of the mission reliability of multistate manufacturing systems is defined. Second, an extended state task network (ESTN) is presented to organise operational quality data by considering the quality state of work in process (WIP). Third, a fusion model of operational quality data for manufacturing systems is established with the aid of the ESTN, and an operational quality data-oriented evaluation method of mission reliability is been put forward. Finally, a case study of a manufacturing system for a cylinder head is conducted to verify the proposed approach.     

Application of the cause–consequence diagram method to static systems

In the last 30 years, various mathematical models have been used to identify the effect of component failures on the performance of a system. The most frequently used technique for system reliability assessment is Fault Tree Analysis (FTA) and a large proportion of its popularity can be attributed to the fact that it provides a very good documentation of the way that the system failure logic was developed. Exact quantification of the fault tree, however, can be problematic for very large systems and in such situations, approximations can be used. Alternatively, an exact result can be obtained via the conversion of the fault tree into a binary decision diagram (BDD). The BDD, however, loses all failure logic documentation during the conversion process.This paper outlines the use of the cause–consequence diagram method as a tool for system risk and reliability analysis. As with the FTA method, the cause–consequence diagram documents the failure logic of the system. In addition to this the cause–consequence diagram produces the exact failure probability in a very efficient calculation procedure. The cause–consequence diagram technique has been applied to a static system and shown to yield the same result as those produced by the solution of the equivalent fault tree and BDD. On the basis of this general rules have been devised for the correct construction of the cause–consequence diagram given a static system. The use of the cause–consequence method in this manner has significant implications in terms of efficiency of the reliability analysis and can be shown to have benefits for static systems.     

Application of the fault tree analysis for assessment of power system reliability

A new method for power system reliability analysis using the fault tree analysis approach is developed. The method is based on fault trees generated for each load point of the power system. The fault trees are related to disruption of energy delivery from generators to the specific load points. Quantitative evaluation of the fault trees, which represents a standpoint for assessment of reliability of power delivery, enables identification of the most important elements in the power system. The algorithm of the computer code, which facilitates the application of the method, has been applied to the IEEE test system. The power system reliability was assessed and the main contributors to power system reliability have been identified, both qualitatively and quantitatively.