Safety and Reliability of Embedded Systems

Similar documents
Safety and Reliability of Embedded Systems. (Sicherheit und Zuverlässigkeit eingebetteter Systeme) Fault Tree Analysis Obscurities and Open Issues

Improving the Efficiency of Dynamic Fault Tree Analysis by Considering Gate FDEP as Static

Risk Analysis of Highly-integrated Systems

ASTRA 3.0: LOGICAL AND PROBABILISTIC ANALYSIS METHODS

Assessing system reliability through binary decision diagrams using bayesian techniques.

Decision Procedures for Satisfiability and Validity in Propositional Logic

Application of the Cause-Consequence Diagram Method to Static Systems

1 Algebraic Methods. 1.1 Gröbner Bases Applied to SAT

Quantitative evaluation of Dependability

Application of Common Cause Failure Methodology to Aviation Safety Assessment Model

of an algorithm for automated cause-consequence diagram construction.

Binary Decision Diagrams Boolean Functions

A ternary decision diagram method to calculate the component contributions to the failure of systems undergoing phased missions

Development of Multi-Unit Dependency Evaluation Model Using Markov Process and Monte Carlo Method

Quantitative evaluation of Dependability

Terminology and Concepts

9. Reliability theory

Evaluation and Validation

6.1 Dependability Modeling. General Rules. Analysis

Introduction Phased mission system (PMS) consists of consecutive, non-overlapping time periods, called phases during which the system conguration, suc

12 - The Tie Set Method

Quantification of Temporal Fault Trees Based on Fuzzy Set Theory

Systems reliability for phased missions

Quantitative Reliability Analysis

Lecture 5 Probability

Dynamic Fault Tree Analysis Based On The Structure Function

On Qualitative Analysis of Fault Trees Using Structurally Persistent Nets

EECS 219C: Computer-Aided Verification Boolean Satisfiability Solving III & Binary Decision Diagrams. Sanjit A. Seshia EECS, UC Berkeley

UNAVAILABILITY CALCULATIONS WITHIN THE LIMITS OF COMPUTER ACCURACY ABSTRACT

Binary Decision Diagrams

Module No. # 03 Lecture No. # 11 Probabilistic risk analysis

Overview. Discrete Event Systems Verification of Finite Automata. What can finite automata be used for? What can finite automata be used for?

Binary Decision Diagrams. Graphs. Boolean Functions

Reduced Ordered Binary Decision Diagrams

A New Reliability Allocation Method Based on FTA and AHP for Nuclear Power Plant!

Safety Analysis Using Petri Nets

Chapter 5. System Reliability and Reliability Prediction.

Reliability of Technical Systems

Boolean decision diagrams and SAT-based representations

COMPRESSED STATE SPACE REPRESENTATIONS - BINARY DECISION DIAGRAMS

Improving the analysis of dependable systems by mapping fault trees into Bayesian networks

Reliable Computing I

Binary Decision Diagrams

Combinational Equivalence Checking using Boolean Satisfiability and Binary Decision Diagrams

RISK-INFORMED OPERATIONAL DECISION MANAGEMENT (RIODM): RISK, EVENT TREES AND FAULT TREES

Reduced Ordered Binary Decision Diagrams

Packet #1: Logic & Proofs. Applied Discrete Mathematics

A brief introduction to Logic. (slides from

Fault-Tolerant Computing

An Efficient Calculation Algorithm in Continuous-Time Markov Analysis Using Large-Scale Numerical Calculation

Binary Decision Diagrams

Binary Decision Diagrams

Symbolic Model Checking with ROBDDs

EE 445 / 850: Final Examination

Evaluation and Validation

Basing Decisions on Sentences in Decision Diagrams

Binary decision diagrams for security protocols

Binary Decision Diagrams

Reliability of sequential systems using the causeconsequence diagram method

Binary Decision Diagrams and Symbolic Model Checking

Introduction. Foundations of Computing Science. Pallab Dasgupta Professor, Dept. of Computer Sc & Engg INDIAN INSTITUTE OF TECHNOLOGY KHARAGPUR

DVClub Europe Formal fault analysis for ISO fault metrics on real world designs. Jörg Große Product Manager Functional Safety November 2016

Risk-informed Maintenance for Non-coherent Systems

A Logically Complete Reasoning Maintenance System Based on a Logical Constraint Solver

A Reliability Simulation of Warm-fund and Redundancy Repairable System

PSA Quantification. Analysis of Results. Workshop Information IAEA Workshop

Failures in Process Industries

Combinational Techniques for Reliability Modeling

A binary decision diagram method for phased mission analysis of non-repairable systems

Safety analysis and standards Analyse de sécurité et normes Sicherheitsanalyse und Normen

RELIABILITY ANALYSIS OF PISTON MANUFACTURING SYSTEM

Analyzing system changes with importance measure pairs: Risk increase factor and Fussell-Vesely compared to Birnbaum and failure probability

Modeling Common Cause Failures in Diverse Components with Fault Tree Applications

Probabilistic Algebraic Analysis of Fault Trees With Priority Dynamic Gates and Repeated Events

Computational Logic. Davide Martinenghi. Spring Free University of Bozen-Bolzano. Computational Logic Davide Martinenghi (1/30)

DEPTH-FIRST EVENT ORDERING IN BDD-BASED FAULT TREE ANALYSIS. Yuchang Mo, Farong Zhong, Huawen Liu. Quansheng Yang. Gang Cui

Modeling and Simulation of Communication Systems and Networks Chapter 1. Reliability

Introduction to Artificial Intelligence Propositional Logic & SAT Solving. UIUC CS 440 / ECE 448 Professor: Eyal Amir Spring Semester 2010

Mean fault time for estimation of average probability of failure on demand.

Dependable Computer Systems

Bayesian Reliability Analysis: Statistical Challenges from Science-Based Stockpile Stewardship

Nuclear reliability: system reliabilty

WHAT IS AN SMT SOLVER? Jaeheon Yi - April 17, 2008

BOOLEAN ALGEBRA INTRODUCTION SUBSETS

On the Sizes of Decision Diagrams Representing the Set of All Parse Trees of a Context-free Grammar

System Reliability Modeling Considering Correlated Probabilistic Competing Failures

System Reliability Analysis. CS6323 Networks and Systems

QuIDD-Optimised Quantum Algorithms

Polynomial Methods for Component Matching and Verification

Propositional Logic: Models and Proofs

Markov Models for Reliability Modeling

Chapter 5 Component Importance

CHAPTER 3 ANALYSIS OF RELIABILITY AND PROBABILITY MEASURES

A SYSTEMATIC INCLUSION OF DIAGNOSIS PERFORMANCE IN FAULT TREE ANALYSIS

A new FMECA model for reliability computations in electrical distribution systems

Common Cause Failures: Extended Alpha Factor method and its Implementation

Model Checking for Propositions CS477 Formal Software Dev Methods

Reliability of Technical Systems

Sequence Algebra, Sequence Decision Diagrams and Dynamic Fault Trees

Uncertainty and Bayesian Networks

Transcription:

(Sicherheit und Zuverlässigkeit eingebetteter Systeme) Fault Tree Analysis Mathematical Background and Algorithms Prof. Dr. Liggesmeyer, 0 Content Definitions of Terms Introduction to Combinatorics General Formulas for AND-, OR-, NOT-, XOR-Gates Calculation of Top-Event Probability Results beyond Top-Event Probability Importance Measures Other Issues in Quantitative Analysis Prof. Dr. Liggesmeyer, 1 1

Definitions of Terms Failure is any behavior of a component or system that deviates from the specification Fault is an abnormal state or condition within a component that can lead to a failure Accident is an undesired event that causes death or injury of persons or harm to goods or to the environment Hazard is a state of a system and its environment where the occurrence of an accident depends only on influences that are not controllable by the system Risk is the combination of hazard probability and severity of the resulting accident Acceptable Risk is a level of risk that authorities or other bodies have defined as acceptable according to acceptance criteria Prof. Dr. Liggesmeyer, 2 Definitions of Terms Other definitions exist, but many of them are unpractical Safety is freedom from unacceptable risks Safety analysis aims at proving that the actual risk is below the acceptable risk Availability is the property of a system to fulfill its purpose at a given point in time / is the probability that the system fulfills its purpose at a given point in time The focus is on uninterrupted service Reliability is the property of an entity to fulfill its reliability requirements during or after a given time span under given application conditions Reliability is related to the probability of a failure event over the mission time Prof. Dr. Liggesmeyer, 3 2

Modeling of Reliability Reliability Function R(t): F(t) gives the probability that at time t the (non-repairable) system has failed Thus R(t) = 1 - F(t) is the probability that at time t no failure has occurred yet Probability Density f(t): The probability density f(t) describes the modification of the probability that a system fails over time: ƒ(t) = Failure Rate: d F(t) dt The failure rate is the relative boundary value of failed entities at time t in a time interval that approximates zero, referring to the entities still functional at the beginning of the time interval: ƒ(t) df(t) / dt λ(t) = = = R(t) R(t) - dr(t) / dt R(t) States have a probability. Events have a probability density and an (occurrence) rate Prof. Dr. Liggesmeyer, 4 Cut Sets, Minimal Cut Sets, Path Sets A Cut Set is a set of basic events, which in conjunction cause the top event A Minimal Cut Set (MCS) is a cut set that no longer is a cut set if any of its basic events is removed A Path Set is a set of basic events that, if they are false, inhibit the top event from occurring A Minimal Path Set (MPS) is a path set that no longer is a cut set if any of its basic events is removed Prof. Dr. Liggesmeyer, 5 3

Introduction to Combinatorics: Truth Values AND: A B OR: A B Proposition A Proposition B and are often represented by 0 and 1 The propositions are usually of the type "Component X is in a failed state" Prof. Dr. Liggesmeyer, 6 Introduction to Combinatorics: Probabilities A is true with probability P1, B with probability P2 Proposition A 1-P1 P1 Proposition B 1-P2 (1-P1) * (1-P2) P1 * (1-P2) P2 (1 P1) * P2 P1 * P2 AND: OR: P(A B)= P1 * P2 P(A B) = P1 * (1-P2) + (1 P1) * P2 + P1 * P2 = 1- [(1-P1)*(1-P2)] = P1 + P2 P1*P2 Prof. Dr. Liggesmeyer, 7 4

General Formulas for AND / OR with n Inputs, NOT, XOR AND-Gate: OR-Gate: n P out = P i i= 1 ( 1 ) P out = 1 P i n i= 1 Precondition for these formulas: Stochastically independent events! NOT-Gate: P = 1 (only one input) out P in XOR-Gate: P out = n i = 1 P i n j = 1 j i (1 P ) j XOR is normally defined for 2 inputs only The n-out-of-m Voter can be replaced by a combination of AND / OR gates The Inhibit-Gate can be replaced by an AND and a NOT gate The Priority-AND has no static combinatorial formula Prof. Dr. Liggesmeyer, 8 Calculation of Top-Event Probability Laptop unavailable 0.154 Apply gate formulas in a bottom-up fashion Stop if top-event is reached >=1 0.06 Bottom-up calculation is not efficient for large FTs & There are two practical algorithms... 0.2 0.3 0.1 Battery empty No socket around Hardware defective Prof. Dr. Liggesmeyer, 9 5

Calculation Method 1: Minimal Cut Sets The top-event is the union of all intersection-free minimal cut sets If cut-set probabilities are small (below 0.1), then intersection probabilities are even smaller The top-event probability is the sum of all MCS probabilities P top = P MCS all MCS The probability of each MCS is the product of the probabilities of the included basic events P MCS = P i all events MCS i This algorithm leads to an approximation. It does not work for NOT gates Prof. Dr. Liggesmeyer, 10 Finding Minimal Cut Sets Decompose the tree recursively For each OR gate Generate as many entries as there are inputs {(i1), (i2), (i3)...} For each AND gate Generate one entry containing all inputs {(i1, i2, i3,...)} Repeat until all gates are resolved Cancel cut sets that are not minimal (redundant) Prof. Dr. Liggesmeyer, 11 6

Calculation Method 2: Using BDDs BDD = Binary Decision Diagram OBDD = Ordered BDD (defined variable order) ROBBD = Reduced Ordered BDD (after elimination of redundancies) ROBDDs are an efficient representation of Boolean formulas dashed = false solid = true f = (x1 x2) x3 Prof. Dr. Liggesmeyer, 12 BDD Reduction Removal of redundant nodes (terminal and non-terminal) and tests: Prof. Dr. Liggesmeyer, 13 7

Impact of Variable Order The variable order may have considerable influence on the size of the OBDDs Same function, different variable order: Finding the best variable order is NP-complete (= unachievable for large FTs) Prof. Dr. Liggesmeyer, 14 Calculation of Top-Event Probability via BDDs Annotate probabilities from FT to true branches 0.9 0.1 Annotate 1-P to false branches 0.8 0.7 0.2 0.3 For each path multiply branch probabilities Sum up all paths that lead to terminal 1 P = 0.1 * 0.3 + 0.9 * 0.2 * 0.3 = 0,084 Prof. Dr. Liggesmeyer, 15 8

Results beyond Top-Event Probability Probability of cut sets with order 1 (consisting of only one event) Single points of failure should have extremely low probability Failure probabilities of (technical) sub-systems Here, redundancy can reduce failure probability of the system Equivalent failure rates Specify, which percentage of the intact systems are expected to fail within a given time span Prof. Dr. Liggesmeyer, 16 Importance Measures Importance measures quantify the significance of FT events in terms of their contribution to the top-event probability To know the importance of part of the FT is important for Robustness Estimation: How much will my result change if input values are roughly estimated or change during operation? Work planning: You should rather spend your time on system changes that have significant impact on overall failure probability Prof. Dr. Liggesmeyer, 17 9

Some Importance Measures Fussell-Vesely Importance Absolute or relative (= percentage) contribution to the top-event probability Risk Reduction Worth or Top Decrease Sensitivity Decrease of top-event probability if a given event is assured not to occur Risk Achievement Worth Increase of top-event probability if a given event occurs Binbaum's Importance Measure Rate of change of top-event probability in relation to rate of change of a given event Prof. Dr. Liggesmeyer, 18 Other Issues in Quantitative Analysis Uncertainty Quantification Event data is taken from samples or from other environment Sensitivity analysis or formal uncertainty analysis (assigning a probability distribution) Coverage Factors Take into account that some failures do not lead to catastrophic results Time or Phase Dependent Analysis Use different models or rates for different time intervals according to mission phases Prof. Dr. Liggesmeyer, 19 10

Literature FTA and Probabilistic Risk Assessment Birolini A., Reliability engineering: theory and practice (third ed.), New York, Springer, 1999 Kececioglu, D.: Reliability Engineering Handbook, Vol. 1 & 2, PTR Prentice Hall, 1991. Minimal Cut Sets Fussel JB, Vesely WE, A new methodology for obtaining cut sets for fault trees, in Trans. American Nuclear Society, 15, 262, 1972 T. Kohda & EJ Henley, On Digraphs, Fault Trees,and Cut Sets, Reliability Engineering and System Safety, 20 (1), 1988, p. 35-61 BDD Algorithm Bryant, R.E.: Graph-based algorithms for boolean function manipulation. IEEE Transactions on Computers, C-35(8):677--691, Aug. 1986. O. Coudert and J. C. Madre. Fault tree analysis: 10^20 prime implicants and beyond. In Proceedings of the Annual Reliability and Maintainability Symposium, pages 240-5, Atlanta, GA, 26-28 January 1993 A. Rauzy. An Brief Introduction to Binary Decision Diagrams. RAIRO-APII-JESA, 30(8):1033-1051, 1996 Prof. Dr. Liggesmeyer, 20 11

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback