The Applications of Inductive Method in the Construction of Fault Trees MENG Qinghe 1,a, SUN Qin 2,b

Similar documents
Safety and Reliability of Embedded Systems. (Sicherheit und Zuverlässigkeit eingebetteter Systeme) Fault Tree Analysis Obscurities and Open Issues

Risk Analysis of Highly-integrated Systems

12 - The Tie Set Method

of an algorithm for automated cause-consequence diagram construction.

Causal & Frequency Analysis

6.1 Dependability Modeling. General Rules. Analysis

RELIABILITY ANALYSIS OF PISTON MANUFACTURING SYSTEM

Reasoning Under Uncertainty: Belief Network Inference

Safety and Reliability of Embedded Systems

Safety analysis and standards Analyse de sécurité et normes Sicherheitsanalyse und Normen

Reliability Analysis of Hydraulic Steering System with DICLFL Considering Shutdown Correlation Based on GO Methodology

Failures in Process Industries

A binary decision diagram method for phased mission analysis of non-repairable systems

Module No. # 03 Lecture No. # 11 Probabilistic risk analysis

Direct-Current Circuits. Physics 231 Lecture 6-1

Chapter 18 Section 8.5 Fault Trees Analysis (FTA) Don t get caught out on a limb of your fault tree.

Assessing system reliability through binary decision diagrams using bayesian techniques.

Chapter 5. System Reliability and Reliability Prediction.

B.H. Far

Intermediate Algebra Section 9.1 Composite Functions and Inverse Functions

PROBABILISTIC AND POSSIBILISTIC FAULT TREE ANALYSIS

Reliability Analysis of Electronic Systems using Markov Models

Overview. Discrete Event Systems Verification of Finite Automata. What can finite automata be used for? What can finite automata be used for?

Quantitative Reliability Analysis

On Qualitative Analysis of Fault Trees Using Structurally Persistent Nets

Combinational Techniques for Reliability Modeling

Concept 1.3: Scientists use two main forms of inquiry in their study of nature

Failure Diagnosis of Discrete Event Systems With Linear-Time Temporal Logic Specifications

A New Reliability Allocation Method Based on FTA and AHP for Nuclear Power Plant!

B.H. Far

Keywords- Metal Oxide Surge Arrester, Model, Transient, Laboratory Experiment, Simulation.

A new FMECA model for reliability computations in electrical distribution systems

Quantitative Safety Analysis of Non-Deterministic System Architectures

The Influence of Abnormal Data on Relay Protection

BOOLEAN ALGEBRA INTRODUCTION SUBSETS

Algebra 1. Standard 1: Operations With Real Numbers Students simplify and compare expressions. They use rational exponents and simplify square roots.

ETS-Ⅷ Ion Engine and its Operation on Orbit

Fuzzy Matrix Theory and its Application for Recognizing the Qualities of Effective Teacher

Boolean Algebra & Digital Logic

Reliability of Technical Systems

Simple Neural Nets for Pattern Classification: McCulloch-Pitts Threshold Logic CS 5870

SAFETY GUIDED DESIGN OF CREW RETURN VEHICLE IN CONCEPT DESIGN PHASE USING STAMP/STPA

A New 3-CNF Transformation by Parallel-Serial Graphs 1

Reliability Analysis of Power Substation with Common Cause Failure

Windchill Quality Solutions 2011 (formerly Relex 2011) Curriculum Guide

Electricity Test Review

BSA Electricity Merit Badge. Electricity Merit Badge Basic Electricity

Reliability of sequential systems using the causeconsequence diagram method

20. Combinational Circuits

Research on the Effect of Substation Main Wiring on the Power System Reliability Yuxin Zhao 1, a, Tao Liu 2,b and Yanxin Shi 3,c

Software Testing Lecture 5. Justin Pearson

A Reliability Simulation of Warm-fund and Redundancy Repairable System

Department of Electrical and Computer Engineering University of Wisconsin Madison. Fall Final Examination

Binary Decision Diagrams and Symbolic Model Checking

Analysis and Optimization of Discrete Event Systems using Petri Nets

Consistent Fixed Points and Negative Gain

Efficient Simulation of Hybrid Systems: A Hybrid Bond Graph Approach

MODULE- 07 : FLUIDICS AND FLUID LOGIC

Bob Brown, CCBC Essex Math 163 College Algebra, Chapter 1 Section 7 COMPLETED 1 Linear, Compound, and Absolute Value Inequalities

Lecture 4: Proposition, Connectives and Truth Tables

Lecture 16: Computation Tree Logic (CTL)

EPISTEMOLOGY, COMPUTATION AND THE LAWS OF PHYSICS

Terminology and Concepts

Mathematical Logic Propositional Logic - Tableaux*

RISK-INFORMED OPERATIONAL DECISION MANAGEMENT (RIODM): RISK, EVENT TREES AND FAULT TREES

Ohm s Law Book page Syllabus 2.10

1. A solenoid is a powerful magnet that is created by looping a conductor and passing a current through the conductor.

Part I. C. M. Bishop PATTERN RECOGNITION AND MACHINE LEARNING CHAPTER 8: GRAPHICAL MODELS

r. Matthias Bretschneider amburg - Dept. Safety Fehleranalyse mit Hilfe von Model Checkern

Requirements Validation. Content. What the standards say (*) ?? Validation, Verification, Accreditation!! Correctness and completeness

Algebra Exam. Solutions and Grading Guide

Glossary of Technical Terms and Concepts

EXPERT SYSTEM FOR POWER TRANSFORMER DIAGNOSIS

Vibration characteristics analysis of a centrifugal impeller

Artificial Neural Network and Fuzzy Logic

Method for Recognizing Mechanical Status of Container Crane Motor Based on SOM Neural Network

Distributed Algorithms (CAS 769) Dr. Borzoo Bonakdarpour

Fault Tree Analysis and Reliability Assessment of Auxiliary Power Supply system for an HVDC Plant

THe use of mixed data-type expressions, although not

Modal and Temporal Logics

R u t c o r Research R e p o r t. Relations of Threshold and k-interval Boolean Functions. David Kronus a. RRR , April 2008

MODELLING DYNAMIC RELIABILITY VIA FLUID PETRI NETS

Inference of A Minimum Size Boolean Function by Using A New Efficient Branch-and-Bound Approach From Examples

A Brief Introduction to Proofs

Improving the analysis of dependable systems by mapping fault trees into Bayesian networks

CE1911 LECTURE FSM DESIGN PRACTICE DAY 1

Consequence Reasoning in Multilevel Flow Modelling

Design Engineering MEng EXAMINATIONS 2016

FAULT diagnosis is crucial for ensuring the safe operation

STRUCTURAL DESIGN OF SYSTEMS WITH SAFE BEHAVIOR UNDER SINGLE AND MULTIPLE FAULTS. and Marcel Staroswiecki

COMPRESSED STATE SPACE REPRESENTATIONS - BINARY DECISION DIAGRAMS

Industrial Technology: Intro to Industrial Technology Crosswalk to AZ Math Standards

Section 1 The Nature of Science

Finite Automata Theory and Formal Languages TMV027/DIT321 LP Recap: Logic, Sets, Relations, Functions

Introduction to Intuitionistic Logic

Application of the Cause-Consequence Diagram Method to Static Systems

Physics 152 V 1 + V 2 = V. Parallel & Series Circuits Electric Power. Announcements. Wednesday, April 4, 2007

Methods for Performing Human Reliability and Error Analysis in Engineering Maintenance

Improving the Efficiency of Dynamic Fault Tree Analysis by Considering Gate FDEP as Static

Applications. Smartphone, tablet, game controller, antilock brakes, microprocessor, Wires

Transcription:

The Applications of Inductive Method in the Construction of Fault Trees MENG Qinghe 1,a, SUN Qin 2,b 1 School of Aeronautics, Northwestern Polytechnical University, Xi an 710072, China 2 School of Aeronautics, Northwestern Polytechnical University, Xi an 710072, China a email: mengqh77@hotmail.com, b email: sunqin@ nwpu.edu.cn Keywords: function flow, inductive method, fault tree, system Abstract. Fault tree analysis is a method for both reliability assessment and fault diagnosis. Generally, the deductive method is adopted in the construction of fault tree model. In this way, some of the undesired events may be omitted. This paper provides an inductive method. It is based on the working principle and system theory. Other than the deduction method, the method starts from the study of the failure modes of parts and then works up to analyze their influences on the subsystems. The relationships between the events and subsystems are illustrated by a nested structure. The induction sequence and process are also demonstrated. This method proved to be an effective way for the construction of fault tree. Introduction Fault tree analysis was first adopted in 1962 for the U.S. Air Force by Bell Telephone Laboratories for use with the Minuteman system. Then it was later extensively applied by the Boeing Company. [1, 2, 3, 5, 6] It s considered an effective method for both quantitative assessment and qualitative analysis. As a quantitative assessment method, the fault tree provides a mathematical model that is suitable for determining system safety and reliability. As a direct acyclic graph, it provides a logical and diagrammatic description of the causes of system fault in terms of component failures. It is a logic diagram based on statements which are either true or false, on or off, open or closed, good or bad, etc. In fact, as a logical variable, every node has only two values that are either true or false, but never partially true or false. Hence the Boolean algebra is a fitting companion for the fault tree. [1] Generally, the construction of a fault tree starts from the top event that is identified the most undesired and then works down through the various branches. [7] Eventually the fault tree should end at the bottom events. The bottom events should be statistical independent each other. This method is named the deductive method. However, this method focus on the most undesirable events and some of the consequences or causes that are not the most undesirable but occur frequently may be omitted. This paper presents an inductive method to construct the fault trees. The method manages to induce the consequences from the bottom events on basis of the clear understanding of the whole system. It focuses on the influence of the part failure on the subsystem. Analyzing the parts from in the upstream to the system in the downstream, repeating and continuing, the causal relationships between events are constructed gradually. The inductive method and function flow theory In order to construct a fault tree model that agrees well with the actual situation, the working principle must be understood very clearly and extensively. For this purpose, the functional diagram is essential to be read in detail on basis of working principle both in depth and in breadth. By means of the functional diagram, the working process of the system that composed of subsystems and the parts, the inner boundary and the outer boundary of the system and the working flow charts of the parts are shown. It provides an overview of the system. The relationships and interactions between parts or systems are also shown. 2296

2nd International Conference on Electronic & Mechanical Engineering and Information Technology (EMEIT-2012) For example, Fig. 1 is a functional diagram of a lighting system and it illustrates the working principle of the system. From the diagram, it can be seen that the system is composed of seven parts that are the bulb A,battery E1,E2,inductor J1,J2,circuit breaker K2, relay K1 and switch K3. There are three sets of circuits: circuit Ⅰ,circuit Ⅱand circuit Ⅲ.Either circuit Ⅰor circuit Ⅱcan provide the power supply to bulb A. They have a common battery E1. [5] Fig.1 the functional diagram of a lighting system Fig.2 the system, subsystem and parts As is shown in Fig.2, circuit Ⅰis controlled by K1 and K1 will be turned on if there is current in circuit Ⅲ.Circuit Ⅱis controlled by K2 and K2 will be turned on if there is no current in circuit Ⅲ. Circuit Ⅲ is controlled by K3. Generally, the function is actually fulfilled by a system that is composed of a chain of parts and not only the one part. Thus if some fault phenomenon occurs at some part, the real cause may not only lie in the last downstream part, but also attribute to its upstream parts that provide command, energy or feedback signal. [2] For example, if some fault occurs in circuit Ⅲ,the real cause may lie in any part of circuit Ⅲ that is relevant to some function. In other words, E2, J1, J2 and K3 should all be taken into account. Thus in constructing the fault tree, it s important to divide the system into several subsystems that are independent of each other and find the failure modes of every component. And then analyze the influences of the part failure on the subsystem. On the other hand, the fault of subsystem is a component of another subsystem. Repeating the process in the others and continuing, all the intermediate events and top event can be found out. Fig. 3 the differences between the deductive method and inductive method For this purpose, the function flow theory should be taken as guidance. The function flow means the energy, signal, information, quality and so on. If the function flow is input from the left side of the function system, there is some desirable function flow output from the right side, then the system works in normal. This is the main idea of the function flow theory. [2] In fact, the system is not a real body but an event and so are the subsystems and components. The relationships are not the real structure in space but in logic and function. [4] Therefore in the fault tree, all the relevant elements should be taken into account such as the environmental factors, human factors, the failure of software and so on.[2]these elements are essential to the system. 2297

These events are all called the components in general. Fig.4 the function flow model of circuit Ⅲ The relationships of the components are determined by their functions and logics. For all the events has only two states, they can be compared to switches. So long as the state of every component is 0, that means any of the failure modes doesn t happen, the function flow can pass through the model successfully. For example, if the switch K 3 is turned on,there will be current in circuit Ⅲ and if the switch K 3 is turned off there will be no current in circuit Ⅲ. Therefore, for circuit Ⅲ, the function flow model should be shown as in Fig.4. In fact, every subsystem is a union of sufficient and necessary conditions for the function. If the state of some component is 1, that means true, the function flow may be cut off and various undesirable events may occur. In fact, most of the parts work independently, therefore their failure modes are independent of each other, but have an influence on the subsystem. Besides, according to No Magic Rule, if some part fails, the consequence will be transmitted to the downstream parts, assuming that the other parts are normal. Under the wrong consequences, the downstream parts may be forced to work abnormally, though the parts themselves are well. [5] Hence the consequences of the system Ⅲ should be shown as Fig. 5. Fig.5 the different consequences the events in circuit Ⅲ bring about Fig.6 the nested structure of the fault tree system Application to an example According to the function diagram in Fig. 1, a fault tree can be constructed step by step. The working principle and control flow chart has been discussed above. It can be seen that the fault tree 2298

2nd International Conference on Electronic & Mechanical Engineering and Information Technology (EMEIT-2012) is in fact a nested structure as is shown in Fig. 6. The units in the fault tree are undesirable events. The subsystems and the system is a nested structure. Thus the analysis should start from the inner part to the exterior subsystem and then analyze from one subsystem to another and end at the top event. The consequence of a subsystem is a cause of another subsystem and one fault of a subsystem may lead to a chain reaction in another subsystem. Hence the analysis should start from one subsystem to another and the consequence of the subsystem is in fact an intermediate event in the fault tree. The process of induction is shown in Fig. 7. It s in fact a demonstration of causal induction flow chart. The induction process and steps can be seen clearly and it s easy to be understood and needless to be explained. Fig.7 the flow chart of causal induction Tracing back in inverse order, the fault tree can be achieved, as is shown in Fig. 8. Fig.8 the fault tree achieved 2299

Summary Compared with the example in the books, the fault tree is almost identical. This proves that this method is right and effective. In spite of the difference between the forms of the fault trees, their Boolean logic expressions are identical after simplified. The fault tree is just the graphic presentation of the Boolean algebra expression, so the form is not important. In fact, after simplified, the Boolean expression is just a top event expression in terms of the bottom events and no intermediate events. This method focuses on the influence of component failure modes on the subsystem. It s in fact an induction to the direct consequence so it can also be named the direct consequence method. No matter how complex the relationships are among the events, the most important is to divide the system into subsystems by their functions correctly and make a study on their causal relationships. The subsystems should be independent of each other. Finally, the function flow theory and system idea must be understood clearly and applied to the fault tree construction. References [1] WALDEMAR F. LARSEN: Fault Tree Analysis, Technical report 4556, New Jersey, January 1974, p.2 [2] Shiomi hiroshi, Shimaoka atsushi, Ishiyama takayuki, XU Fengzhang, GAO Jinzhong: the application of FMEA and FTA, China Machine Press ( 1987 ) [3] ZHU Jizhou: the Principle and Application of FTA, Xi an Jiaotong University Press (1989) [4] W. E. Vizili, SHU Songgui, TANG Xinqing: Handbook of FTA, Atomic Energy Press (1987), chapter 5 [5] MAO Tiancheng: the application of FTA in Diagnosis of the Automatic Control System of Ships, Dalian Maritime University Press (2000) [6] P. L. Clemens: Fault Tree Analysis, JACOBS SVERDRUP (2002) [7] Joanne Bechta Dugan: Fault Tree Analysis and Computer-Based Systems, RELIABILITY and MAINTAINABILITY Symposium 2300

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback