Event and fault tree model for reliability analysis of the greek research reactor

Energy Technology Data Exchange (ETDEWEB)

Albuquerque, Tob R.; Guimaraes, Antonio C.F.; Moreira, Maria de Lourdes, E-mail: atalbuquerque@ien.gov.br, E-mail: btony@ien.gov.br, E-mail: malu@ien.gov.br [Instituto de Engenharia Nuclear (IEN/CNEN-RJ), Rio de Janeiro, RJ (Brazil)

2013-07-01

Fault trees and event trees are widely used in industry to model and to evaluate the reliability of safety systems. Detailed analyzes in nuclear installations require the combination of these two techniques. This work uses the methods of fault tree (FT) and event tree (ET) to perform the Probabilistic Safety Assessment (PSA) in research reactors. The PSA according to IAEA (International Atomic Energy Agency) is divided into Level 1, Level 2 and level 3. At Level 1, conceptually safety systems act to prevent the accident, at Level 2, the accident occurred and seeks to minimize the consequences, known as stage management of the accident, and at Level 3 are determined consequences. This paper focuses on Level 1 studies, and searches through the acquisition of knowledge consolidation of methodologies for future reliability studies. The Greek Research Reactor, GRR - 1, was used as a case example. The LOCA (Loss of Coolant Accident) was chosen as the initiating event and from there were developed the possible accident sequences, using event tree, which could lead damage to the core. Furthermore, for each of the affected systems, the possible accidents sequences were made fault tree and evaluated the probability of each event top of the FT. The studies were conducted using a commercial computational tool SAPHIRE. The results thus obtained, performance or failure to act of the systems analyzed were considered satisfactory. This work is directed to the Greek Research Reactor due to data availability. (author)

Uncertainties related to the fault tree reliability data

International Nuclear Information System (INIS)

Apostol, Minodora; Nitoi, Mirela; Farcasiu, M.

2003-01-01

Uncertainty analyses related to the fault trees evaluate the system variability which appears from the uncertainties of the basic events probabilities. Having a logical model which describes a system, to obtain outcomes means to evaluate it, using estimations for each basic event of the model. If the model has basic events that incorporate uncertainties, then the results of the model should incorporate the uncertainties of the events. Uncertainties estimation in the final result of the fault tree means first the uncertainties evaluation for the basic event probabilities and then combination of these uncertainties, to calculate the top event uncertainty. To calculate the propagating uncertainty, a knowledge of the probability density function as well as the range of possible values of the basic event probabilities is required. The following data are defined, using suitable probability density function: the components failure rates; the human error probabilities; the initiating event frequencies. It was supposed that the possible value distribution of the basic event probabilities is given by the lognormal probability density function. To know the range of possible value of the basic event probabilities, the error factor or the uncertainty factor is required. The aim of this paper is to estimate the error factor for the failure rates and for the human errors probabilities from the reliability data base used in Cernavoda Probabilistic Safety Evaluation. The top event chosen as an example is FEED3, from the Pressure and Inventory Control System. The quantitative evaluation of this top event was made by using EDFT code, developed in Institute for Nuclear Research Pitesti (INR). It was supposed that the error factors for the component failures are the same as for the failure rates. Uncertainty analysis was made with INCERT application, which uses the moment method and Monte Carlo method. The reliability data base used at INR Pitesti does not contain the error factors (ef

Application of fault tree analysis for customer reliability assessment of a distribution power system

International Nuclear Information System (INIS)

Abdul Rahman, Fariz; Varuttamaseni, Athi; Kintner-Meyer, Michael; Lee, John C.

2013-01-01

A new method is developed for predicting customer reliability of a distribution power system using the fault tree approach with customer weighted values of component failure frequencies and downtimes. Conventional customer reliability prediction of the electric grid employs the system average (SA) component failure frequency and downtime that are weighted by only the quantity of the components in the system. These SA parameters are then used to calculate the reliability and availability of components in the system, and eventually to find the effect on customer reliability. Although this approach is intuitive, information is lost regarding customer disturbance experiences when customer information is not utilized in the SA parameter calculations, contributing to inaccuracies when predicting customer reliability indices in our study. Hence our new approach directly incorporates customer disturbance information in component failure frequency and downtime calculations by weighting these parameters with information of customer interruptions. This customer weighted (CW) approach significantly improves the prediction of customer reliability indices when applied to our reliability model with fault tree and two-state Markov chain formulations. Our method has been successfully applied to an actual distribution power system that serves over 2.1 million customers. Our results show an improved benchmarking performance on the system average interruption frequency index (SAIFI) by 26% between the SA-based and CW-based reliability calculations. - Highlights: ► We model the reliability of a power system with fault tree and two-state Markov chain. ► We propose using customer weighted component failure frequencies and downtimes. ► Results show customer weighted values perform superior to component average values. ► This method successfully incorporates customer disturbance information into the model.

Computer aided construction of fault tree

International Nuclear Information System (INIS)

Kovacs, Z.

1982-01-01

Computer code CAT for the automatic construction of the fault tree is briefly described. Code CAT makes possible simple modelling of components using decision tables, it accelerates the fault tree construction process, constructs fault trees of different complexity, and is capable of harmonized co-operation with programs PREPandKITT 1,2 for fault tree analysis. The efficiency of program CAT and thus the accuracy and completeness of fault trees constructed significantly depends on the compilation and sophistication of decision tables. Currently, program CAT is used in co-operation with programs PREPandKITT 1,2 in reliability analyses of nuclear power plant systems. (B.S.)

Human Factors Reliability Analysis for Assuring Nuclear Safety Using Fuzzy Fault Tree

International Nuclear Information System (INIS)

Eisawy, E.A.-F. I.; Sallam, H.

2016-01-01

In order to ensure effective prevention of harmful events, the risk assessment process cannot ignore the role of humans in the dynamics of accidental events and thus the seriousness of the consequences that may derive from them. Human reliability analysis (HRA) involves the use of qualitative and quantitative methods to assess the human contribution to risk. HRA techniques have been developed in order to provide human error probability values associated with operators’ tasks to be included within the broader context of system risk assessment, and are aimed at reducing the probability of accidental events. Fault tree analysis (FTA) is a graphical model that displays the various combinations of equipment failures and human errors that can result in the main system failure of interest. FTA is a risk analysis technique to assess likelihood (in a probabilistic context) of an event. The objective data available to estimate the likelihood is often missing, and even if available, is subject to incompleteness and imprecision or vagueness. Without addressing incompleteness and imprecision in the available data, FTA and subsequent risk analysis give a false impression of precision and correctness that undermines the overall credibility of the process. To solve this problem, qualitative justification in the context of failure possibilities can be used as alternative for quantitative justification. In this paper, we introduce the approach of fuzzy reliability as solution for fault tree analysis drawbacks. A new fuzzy fault tree method is proposed for the analysis of human reliability based on fuzzy sets and fuzzy operations t-norms, co-norms, defuzzification, and fuzzy failure probability. (author)

Integrating cyber attacks within fault trees

International Nuclear Information System (INIS)

Nai Fovino, Igor; Masera, Marcelo; De Cian, Alessio

2009-01-01

In this paper, a new method for quantitative security risk assessment of complex systems is presented, combining fault-tree analysis, traditionally used in reliability analysis, with the recently introduced Attack-tree analysis, proposed for the study of malicious attack patterns. The combined use of fault trees and attack trees helps the analyst to effectively face the security challenges posed by the introduction of modern ICT technologies in the control systems of critical infrastructures. The proposed approach allows considering the interaction of malicious deliberate acts with random failures. Formal definitions of fault tree and attack tree are provided and a mathematical model for the calculation of system fault probabilities is presented.

Integrating cyber attacks within fault trees

Energy Technology Data Exchange (ETDEWEB)

Nai Fovino, Igor [Joint Research Centre - EC, Institute for the Protection and Security of the Citizen, Ispra, VA (Italy)], E-mail: igor.nai@jrc.it; Masera, Marcelo [Joint Research Centre - EC, Institute for the Protection and Security of the Citizen, Ispra, VA (Italy); De Cian, Alessio [Department of Electrical Engineering, University di Genova, Genoa (Italy)

2009-09-15

In this paper, a new method for quantitative security risk assessment of complex systems is presented, combining fault-tree analysis, traditionally used in reliability analysis, with the recently introduced Attack-tree analysis, proposed for the study of malicious attack patterns. The combined use of fault trees and attack trees helps the analyst to effectively face the security challenges posed by the introduction of modern ICT technologies in the control systems of critical infrastructures. The proposed approach allows considering the interaction of malicious deliberate acts with random failures. Formal definitions of fault tree and attack tree are provided and a mathematical model for the calculation of system fault probabilities is presented.

Approximate estimation of system reliability via fault trees

International Nuclear Information System (INIS)

Dutuit, Y.; Rauzy, A.

2005-01-01

In this article, we show how fault tree analysis, carried out by means of binary decision diagrams (BDD), is able to approximate reliability of systems made of independent repairable components with a good accuracy and a good efficiency. We consider four algorithms: the Murchland lower bound, the Barlow-Proschan lower bound, the Vesely full approximation and the Vesely asymptotic approximation. For each of these algorithms, we consider an implementation based on the classical minimal cut sets/rare events approach and another one relying on the BDD technology. We present numerical results obtained with both approaches on various examples

A compendium of computer codes in fault tree analysis

International Nuclear Information System (INIS)

Lydell, B.

1981-03-01

In the past ten years principles and methods for a unified system reliability and safety analysis have been developed. Fault tree techniques serve as a central feature of unified system analysis, and there exists a specific discipline within system reliability concerned with the theoretical aspects of fault tree evaluation. Ever since the fault tree concept was established, computer codes have been developed for qualitative and quantitative analyses. In particular the presentation of the kinetic tree theory and the PREP-KITT code package has influenced the present use of fault trees and the development of new computer codes. This report is a compilation of some of the better known fault tree codes in use in system reliability. Numerous codes are available and new codes are continuously being developed. The report is designed to address the specific characteristics of each code listed. A review of the theoretical aspects of fault tree evaluation is presented in an introductory chapter, the purpose of which is to give a framework for the validity of the different codes. (Auth.)

Object-oriented fault tree evaluation program for quantitative analyses

Science.gov (United States)

Patterson-Hine, F. A.; Koen, B. V.

1988-01-01

Object-oriented programming can be combined with fault free techniques to give a significantly improved environment for evaluating the safety and reliability of large complex systems for space missions. Deep knowledge about system components and interactions, available from reliability studies and other sources, can be described using objects that make up a knowledge base. This knowledge base can be interrogated throughout the design process, during system testing, and during operation, and can be easily modified to reflect design changes in order to maintain a consistent information source. An object-oriented environment for reliability assessment has been developed on a Texas Instrument (TI) Explorer LISP workstation. The program, which directly evaluates system fault trees, utilizes the object-oriented extension to LISP called Flavors that is available on the Explorer. The object representation of a fault tree facilitates the storage and retrieval of information associated with each event in the tree, including tree structural information and intermediate results obtained during the tree reduction process. Reliability data associated with each basic event are stored in the fault tree objects. The object-oriented environment on the Explorer also includes a graphical tree editor which was modified to display and edit the fault trees.

Posbist fault tree analysis of coherent systems

International Nuclear Information System (INIS)

Huang, H.-Z.; Tong Xin; Zuo, Ming J.

2004-01-01

When the failure probability of a system is extremely small or necessary statistical data from the system is scarce, it is very difficult or impossible to evaluate its reliability and safety with conventional fault tree analysis (FTA) techniques. New techniques are needed to predict and diagnose such a system's failures and evaluate its reliability and safety. In this paper, we first provide a concise overview of FTA. Then, based on the posbist reliability theory, event failure behavior is characterized in the context of possibility measures and the structure function of the posbist fault tree of a coherent system is defined. In addition, we define the AND operator and the OR operator based on the minimal cut of a posbist fault tree. Finally, a model of posbist fault tree analysis (posbist FTA) of coherent systems is presented. The use of the model for quantitative analysis is demonstrated with a real-life safety system

Fault tree analysis

International Nuclear Information System (INIS)

1981-09-01

Suggestion are made concerning the method of the fault tree analysis, the use of certain symbols in the examination of system failures. This purpose of the fault free analysis is to find logical connections of component or subsystem failures leading to undesirable occurrances. The results of these examinations are part of the system assessment concerning operation and safety. The objectives of the analysis are: systematical identification of all possible failure combinations (causes) leading to a specific undesirable occurrance, finding of reliability parameters such as frequency of failure combinations, frequency of the undesirable occurrance or non-availability of the system when required. The fault tree analysis provides a near and reconstructable documentation of the examination. (orig./HP) [de

A fuzzy-based reliability approach to evaluate basic events of fault tree analysis for nuclear power plant probabilistic safety assessment

International Nuclear Information System (INIS)

Purba, Julwan Hendry

2014-01-01

Highlights: • We propose a fuzzy-based reliability approach to evaluate basic event reliabilities. • It implements the concepts of failure possibilities and fuzzy sets. • Experts evaluate basic event failure possibilities using qualitative words. • Triangular fuzzy numbers mathematically represent qualitative failure possibilities. • It is a very good alternative for conventional reliability approach. - Abstract: Fault tree analysis has been widely utilized as a tool for nuclear power plant probabilistic safety assessment. This analysis can be completed only if all basic events of the system fault tree have their quantitative failure rates or failure probabilities. However, it is difficult to obtain those failure data due to insufficient data, environment changing or new components. This study proposes a fuzzy-based reliability approach to evaluate basic events of system fault trees whose failure precise probability distributions of their lifetime to failures are not available. It applies the concept of failure possibilities to qualitatively evaluate basic events and the concept of fuzzy sets to quantitatively represent the corresponding failure possibilities. To demonstrate the feasibility and the effectiveness of the proposed approach, the actual basic event failure probabilities collected from the operational experiences of the David–Besse design of the Babcock and Wilcox reactor protection system fault tree are used to benchmark the failure probabilities generated by the proposed approach. The results confirm that the proposed fuzzy-based reliability approach arises as a suitable alternative for the conventional probabilistic reliability approach when basic events do not have the corresponding quantitative historical failure data for determining their reliability characteristics. Hence, it overcomes the limitation of the conventional fault tree analysis for nuclear power plant probabilistic safety assessment

Fault tree and reliability relationships for analyzing noncoherent two-state systems

International Nuclear Information System (INIS)

Alesso, H.P.; Benson, H.J.

1980-01-01

Recently, there has been interest in analyzing the noncoherent interactions that result from adversary theft of special nuclear material from reprocessing facilities. The actions of the adversary, acting in conflict with the reprocessing facility's material control and accounting system, may be viewed as a single noncoherent structure. This paper develops a basis for analyzing noncoherent structures by decomposing them into coherent subsystems. Both reliability and fault tree structure functions are used for this analysis. In addition, a bounding criterion is established for the reliability of statistically dependent noncoherent structures. (orig.)

Systems analysis programs for hands-on integrated reliability evaluations (SAPHIRE) Version 5.0. Fault tree, event tree, and piping ampersand instrumentation diagram (FEP) editors reference manual: Volume 7

International Nuclear Information System (INIS)

McKay, M.K.; Skinner, N.L.; Wood, S.T.

1994-07-01

The Systems Analysis Programs for Hands-on Integrated Reliability Evaluations (SAPHIRE) refers to a set of several microcomputer programs that were developed to create and analyze probabilistic risk assessments (PRAs), primarily for nuclear power plants. The Fault Tree, Event Tree, and Piping and Instrumentation Diagram (FEP) editors allow the user to graphically build and edit fault trees, and event trees, and piping and instrumentation diagrams (P and IDs). The software is designed to enable the independent use of the graphical-based editors found in the Integrated Reliability and Risk Assessment System (IRRAS). FEP is comprised of three separate editors (Fault Tree, Event Tree, and Piping and Instrumentation Diagram) and a utility module. This reference manual provides a screen-by-screen guide of the entire FEP System

RADYBAN: A tool for reliability analysis of dynamic fault trees through conversion into dynamic Bayesian networks

International Nuclear Information System (INIS)

Montani, S.; Portinale, L.; Bobbio, A.; Codetta-Raiteri, D.

2008-01-01

In this paper, we present RADYBAN (Reliability Analysis with DYnamic BAyesian Networks), a software tool which allows to analyze a dynamic fault tree relying on its conversion into a dynamic Bayesian network. The tool implements a modular algorithm for automatically translating a dynamic fault tree into the corresponding dynamic Bayesian network and exploits classical algorithms for the inference on dynamic Bayesian networks, in order to compute reliability measures. After having described the basic features of the tool, we show how it operates on a real world example and we compare the unreliability results it generates with those returned by other methodologies, in order to verify the correctness and the consistency of the results obtained

Software development to assist in fault tree construction

International Nuclear Information System (INIS)

Simic, Z.; Mikulicic, V.

1992-01-01

This paper reviews and classifies fault tree construction methods developed for system safety and reliability. We have outlined two generally different approaches: automatic and interactive fault tree construction. Automatic fault tree approach is no jet enough developed to covering various uses in practice. Interactive approach is intending to be support to the analyst (not vice verse like in automatic approach). The aim is not so high as automatic one but it is accessible. We have favored interactive approach as well because to our opinion the process of fault tree construction is very important for better system understanding. We have described our example of interactive fault tree construction approach. Computer code GIFFT (Graphical Interactive Fault Tree Tool) is in phase of intensive testing and final developing. (author) [hr

Study of fault diagnosis software design for complex system based on fault tree

International Nuclear Information System (INIS)

Yuan Run; Li Yazhou; Wang Jianye; Hu Liqin; Wang Jiaqun; Wu Yican

2012-01-01

Complex systems always have high-level reliability and safety requirements, and same does their diagnosis work. As a great deal of fault tree models have been acquired during the design and operation phases, a fault diagnosis method which combines fault tree analysis with knowledge-based technology has been proposed. The prototype of fault diagnosis software has been realized and applied to mobile LIDAR system. (authors)

AFTC Code for Automatic Fault Tree Construction: Users Manual

International Nuclear Information System (INIS)

Gopika Vinod; Saraf, R.K.; Babar, A.K.

1999-04-01

Fault Trees perform a predominant role in reliability and safety analysis of system. Manual construction of fault tree is a very time consuming task and moreover, it won't give a formalized result, since it relies highly on analysts experience and heuristics. This necessitates a computerised fault tree construction, which is still attracting interest of reliability analysts. AFTC software is a user friendly software model for constructing fault trees based on decision tables. Software is equipped with libraries of decision tables for components commonly used in various Nuclear Power Plant (NPP) systems. User is expected to make a nodal diagram of the system, for which fault tree is to be constructed, from the flow sheets available. The text nodal diagram goes as the sole input defining the system flow chart. AFTC software is a rule based expert system which draws the fault tree from the system flow chart and component decision tables. AFTC software gives fault tree in both text and graphic format. Help is provided as how to enter system flow chart and component decision tables. The software is developed in 'C' language. Software is verified with simplified version of the fire water system of an Indian PHWR. Code conversion will be undertaken to create a window based version. (author)

Efficient reduction and modularization for large fault trees stored by pages

International Nuclear Information System (INIS)

Chen, Shanqi; Wang, Jin; Wang, Jiaqun; Wang, Fang; Hu, Liqin

2016-01-01

Highlights: • New fault tree pre-processing methods used in RiskA are presented. • Including the fault tree paging storage, simplification and modularization. • For getting MCS for fault trees containing more than 10,000 gates and events. • Reduce computer resources needs (RAM) and improve computation speed. - Abstract: Fault Tree Analysis (FTA), an indispensable tool used in Probabilistic Risk Assessment (PRA), has been used throughout the commercial nuclear power industry for safety and reliability analyses. However, large fault tree analysis, such as those used in nuclear power plant requires significant computer resources, which makes the analysis of PRA model inefficient and time consuming. This paper describes a fault tree pre-processing method used in the reliability and probabilistic safety assessment program RiskA that is capable of generating minimal cutsets for fault trees containing more than 10,000 gates and basic events. The novel feature of this method is not only that Boolean reduction rules are used but also that a new objective of simplification is proposed. Moreover, since the method aims to find more fault tree modules by the linear-time algorithm, it can optimize fault tree modularization, which further reduces the computational time of large fault tree analysis.

Modeling and Analysis of Component Faults and Reliability

DEFF Research Database (Denmark)

Le Guilly, Thibaut; Olsen, Petur; Ravn, Anders Peter

2016-01-01

This chapter presents a process to design and validate models of reactive systems in the form of communicating timed automata. The models are extended with faults associated with probabilities of occurrence. This enables a fault tree analysis of the system using minimal cut sets that are automati......This chapter presents a process to design and validate models of reactive systems in the form of communicating timed automata. The models are extended with faults associated with probabilities of occurrence. This enables a fault tree analysis of the system using minimal cut sets...... that are automatically generated. The stochastic information on the faults is used to estimate the reliability of the fault affected system. The reliability is given with respect to properties of the system state space. We illustrate the process on a concrete example using the Uppaal model checker for validating...... the ideal system model and the fault modeling. Then the statistical version of the tool, UppaalSMC, is used to find reliability estimates....

FTREX Testing Report (Fault Tree Reliability Evaluation eXpert) Version 1.5

International Nuclear Information System (INIS)

Jung, Woo Sik

2009-07-01

In order to verify FTREX functions and to confirm the correctness of FTREX 1.5, various tests were performed 1.fault trees with negates 2.fault trees with house events 3.fault trees with multiple tops 4.fault trees with logical loops 5.fault trees with initiators, house events, negates, logical loops, and flag events By using the automated cutest propagation test, the FTREX 1.5 functions are verified. FTREX version 1.3 and later versions have capability to perform bottom-up cutset-propagation test in order check cutest status. FTREX 1.5 always generates the proper minimal cut sets. All the output cutsets of the tested problems are MCSs (Minimal Cut Sets) and have no non-minimal cutsets and improper cutsets. The improper cutsets are those that have no effect to top, have multiple initiators, or have disjoint events A * -A

Verification of Fault Tree Models with RBDGG Methodology

International Nuclear Information System (INIS)

Kim, Man Cheol

2010-01-01

Currently, fault tree analysis is widely used in the field of probabilistic safety assessment (PSA) of nuclear power plants (NPPs). To guarantee the correctness of fault tree models, which are usually manually constructed by analysts, a review by other analysts is widely used for verifying constructed fault tree models. Recently, an extension of the reliability block diagram was developed, which is named as RBDGG (reliability block diagram with general gates). The advantage of the RBDGG methodology is that the structure of a RBDGG model is very similar to the actual structure of the analyzed system and, therefore, the modeling of a system for a system reliability and unavailability analysis becomes very intuitive and easy. The main idea of the development of the RBDGG methodology is similar to that of the development of the RGGG (Reliability Graph with General Gates) methodology. The difference between the RBDGG methodology and RGGG methodology is that the RBDGG methodology focuses on the block failures while the RGGG methodology focuses on the connection line failures. But, it is also known that an RGGG model can be converted to an RBDGG model and vice versa. In this paper, a new method for the verification of the constructed fault tree models using the RBDGG methodology is proposed and demonstrated

Cafts: computer aided fault tree analysis

International Nuclear Information System (INIS)

Poucet, A.

1985-01-01

The fault tree technique has become a standard tool for the analysis of safety and reliability of complex system. In spite of the costs, which may be high for a complete and detailed analysis of a complex plant, the fault tree technique is popular and its benefits are fully recognized. Due to this applications of these codes have mostly been restricted to simple academic examples and rarely concern complex, real world systems. In this paper an interactive approach to fault tree construction is presented. The aim is not to replace the analyst, but to offer him an intelligent tool which can assist him in modeling complex systems. Using the CAFTS-method, the analyst interactively constructs a fault tree in two phases: (1) In a first phase he generates an overall failure logic structure of the system; the macrofault tree. In this phase, CAFTS features an expert system approach to assist the analyst. It makes use of a knowledge base containing generic rules on the behavior of subsystems and components; (2) In a second phase the macrofault tree is further refined and transformed in a fully detailed and quantified fault tree. In this phase a library of plant-specific component failure models is used

Fault tree technique: advances in probabilistic and logical analysis

International Nuclear Information System (INIS)

Clarotti, C.A.; Amendola, A.; Contini, S.; Squellati, G.

1982-01-01

Fault tree reliability analysis is used for assessing the risk associated to systems of increasing complexity (phased mission systems, systems with multistate components, systems with non-monotonic structure functions). Much care must be taken to make sure that fault tree technique is not used beyond its correct validity range. To this end a critical review of mathematical foundations of reliability fault tree analysis is carried out. Limitations are enlightened and potential solutions to open problems are suggested. Moreover an overview is given on the most recent developments in the implementation of an integrated software (SALP-MP, SALP-NOT, SALP-CAFT Codes) for the analysis of a wide class of systems

Failure diagnosis and fault tree analysis

International Nuclear Information System (INIS)

Weber, G.

1982-07-01

In this report a methodology of failure diagnosis for complex systems is presented. Systems which can be represented by fault trees are considered. This methodology is based on switching algebra, failure diagnosis of digital circuits and fault tree analysis. Relations between these disciplines are shown. These relations are due to Boolean algebra and Boolean functions used throughout. It will be shown on this basis that techniques of failure diagnosis and fault tree analysis are useful to solve the following problems: 1. describe an efficient search of all failed components if the system is failed. 2. Describe an efficient search of all states which are close to a system failure if the system is still operating. The first technique will improve the availability, the second the reliability and safety. For these problems, the relation to methods of failure diagnosis for combinational circuits is required. Moreover, the techniques are demonstrated for a number of systems which can be represented by fault trees. (orig./RW) [de

Summary: beyond fault trees to fault graphs

International Nuclear Information System (INIS)

Alesso, H.P.; Prassinos, P.; Smith, C.F.

1984-09-01

Fault Graphs are the natural evolutionary step over a traditional fault-tree model. A Fault Graph is a failure-oriented directed graph with logic connectives that allows cycles. We intentionally construct the Fault Graph to trace the piping and instrumentation drawing (P and ID) of the system, but with logical AND and OR conditions added. Then we evaluate the Fault Graph with computer codes based on graph-theoretic methods. Fault Graph computer codes are based on graph concepts, such as path set (a set of nodes traveled on a path from one node to another) and reachability (the complete set of all possible paths between any two nodes). These codes are used to find the cut-sets (any minimal set of component failures that will fail the system) and to evaluate the system reliability

Advanced features of the fault tree solver FTREX

International Nuclear Information System (INIS)

Jung, Woo Sik; Han, Sang Hoon; Ha, Jae Joo

2005-01-01

This paper presents advanced features of a fault tree solver FTREX (Fault Tree Reliability Evaluation eXpert). Fault tree analysis is one of the most commonly used methods for the safety analysis of industrial systems especially for the probabilistic safety analysis (PSA) of nuclear power plants. Fault trees are solved by the classical Boolean algebra, conventional Binary Decision Diagram (BDD) algorithm, coherent BDD algorithm, and Bayesian networks. FTREX could optionally solve fault trees by the conventional BDD algorithm or the coherent BDD algorithm and could convert the fault trees into the form of the Bayesian networks. The algorithm based on the classical Boolean algebra solves a fault tree and generates MCSs. The conventional BDD algorithm generates a BDD structure of the top event and calculates the exact top event probability. The BDD structure is a factorized form of the prime implicants. The MCSs of the top event could be extracted by reducing the prime implicants in the BDD structure. The coherent BDD algorithm is developed to overcome the shortcomings of the conventional BDD algorithm such as the huge memory requirements and a long run time

A computer code for fault tree calculations: PATREC

International Nuclear Information System (INIS)

Blin, A.; Carnino, A.; Koen, B.V.; Duchemin, B.; Lanore, J.M.; Kalli, H.

1978-01-01

A computer code for evaluating the reliability of complex system by fault tree is described in this paper. It uses pattern recognition approach and programming techniques from IBM PL1 language. It can take account of many of the present day problems: multi-dependencies treatment, dispersion in the reliability data parameters, influence of common mode failures. The code is running currently since two years now in Commissariat a l'Energie Atomique Saclay center and shall be used in a future extension for automatic fault trees construction

Application Research of Fault Tree Analysis in Grid Communication System Corrective Maintenance

Science.gov (United States)

Wang, Jian; Yang, Zhenwei; Kang, Mei

2018-01-01

This paper attempts to apply the fault tree analysis method to the corrective maintenance field of grid communication system. Through the establishment of the fault tree model of typical system and the engineering experience, the fault tree analysis theory is used to analyze the fault tree model, which contains the field of structural function, probability importance and so on. The results show that the fault tree analysis can realize fast positioning and well repairing of the system. Meanwhile, it finds that the analysis method of fault tree has some guiding significance to the reliability researching and upgrading f the system.

Improving reliability of state estimation programming and computing suite based on analyzing a fault tree

Directory of Open Access Journals (Sweden)

Kolosok Irina

2017-01-01

Full Text Available Reliable information on the current state parameters obtained as a result of processing the measurements from systems of the SCADA and WAMS data acquisition and processing through methods of state estimation (SE is a condition that enables to successfully manage an energy power system (EPS. SCADA and WAMS systems themselves, as any technical systems, are subject to failures and faults that lead to distortion and loss of information. The SE procedure enables to find erroneous measurements, therefore, it is a barrier for the distorted information to penetrate into control problems. At the same time, the programming and computing suite (PCS implementing the SE functions may itself provide a wrong decision due to imperfection of the software algorithms and errors. In this study, we propose to use a fault tree to analyze consequences of failures and faults in SCADA and WAMS and in the very SE procedure. Based on the analysis of the obtained measurement information and on the SE results, we determine the state estimation PCS fault tolerance level featuring its reliability.

Fault trees for decision making in systems analysis

International Nuclear Information System (INIS)

Lambert, H.E.

1975-01-01

The application of fault tree analysis (FTA) to system safety and reliability is presented within the framework of system safety analysis. The concepts and techniques involved in manual and automated fault tree construction are described and their differences noted. The theory of mathematical reliability pertinent to FTA is presented with emphasis on engineering applications. An outline of the quantitative reliability techniques of the Reactor Safety Study is given. Concepts of probabilistic importance are presented within the fault tree framework and applied to the areas of system design, diagnosis and simulation. The computer code IMPORTANCE ranks basic events and cut sets according to a sensitivity analysis. A useful feature of the IMPORTANCE code is that it can accept relative failure data as input. The output of the IMPORTANCE code can assist an analyst in finding weaknesses in system design and operation, suggest the most optimal course of system upgrade, and determine the optimal location of sensors within a system. A general simulation model of system failure in terms of fault tree logic is described. The model is intended for efficient diagnosis of the causes of system failure in the event of a system breakdown. It can also be used to assist an operator in making decisions under a time constraint regarding the future course of operations. The model is well suited for computer implementation. New results incorporated in the simulation model include an algorithm to generate repair checklists on the basis of fault tree logic and a one-step-ahead optimization procedure that minimizes the expected time to diagnose system failure. (80 figures, 20 tables)

Two Trees: Migrating Fault Trees to Decision Trees for Real Time Fault Detection on International Space Station

Science.gov (United States)

Lee, Charles; Alena, Richard L.; Robinson, Peter

2004-01-01

We started from ISS fault trees example to migrate to decision trees, presented a method to convert fault trees to decision trees. The method shows that the visualizations of root cause of fault are easier and the tree manipulating becomes more programmatic via available decision tree programs. The visualization of decision trees for the diagnostic shows a format of straight forward and easy understands. For ISS real time fault diagnostic, the status of the systems could be shown by mining the signals through the trees and see where it stops at. The other advantage to use decision trees is that the trees can learn the fault patterns and predict the future fault from the historic data. The learning is not only on the static data sets but also can be online, through accumulating the real time data sets, the decision trees can gain and store faults patterns in the trees and recognize them when they come.

An application of the fault tree analysis for the power system reliability estimation

International Nuclear Information System (INIS)

Volkanovski, A.; Cepin, M.; Mavko, B.

2007-01-01

The power system is a complex system with its main function to produce, transfer and provide consumers with electrical energy. Combinations of failures of components in the system can result in a failure of power delivery to certain load points and in some cases in a full blackout of power system. The power system reliability directly affects safe and reliable operation of nuclear power plants because the loss of offsite power is a significant contributor to the core damage frequency in probabilistic safety assessments of nuclear power plants. The method, which is based on the integration of the fault tree analysis with the analysis of the power flows in the power system, was developed and implemented for power system reliability assessment. The main contributors to the power system reliability are identified, both quantitatively and qualitatively. (author)

Commercial application of fault tree analysis

International Nuclear Information System (INIS)

Crosetti, P.A.; Bruce, R.A.

1970-01-01

The potential for general application of Fault Tree Analysis to commercial products appears attractive based not only on the successful extension from the aerospace safety technology to the nuclear reactor reliability and availability technology, but also because combinatorial hazards are common to commercial operations and therefore lend themselves readily to evaluation by Fault Tree Analysis. It appears reasonable to conclude that the technique has application within the commercial industrial community where the occurrence of a specified consequence or final event would be of sufficient concern to management to justify such a rigorous analysis as an aid to decision making. (U.S.)

Rare event simulation for dynamic fault trees

NARCIS (Netherlands)

Ruijters, Enno Jozef Johannes; Reijsbergen, D.P.; de Boer, Pieter-Tjerk; Stoelinga, Mariëlle Ida Antoinette

2017-01-01

Fault trees (FT) are a popular industrial method for reliability engineering, for which Monte Carlo simulation is an important technique to estimate common dependability metrics, such as the system reliability and availability. A severe drawback of Monte Carlo simulation is that the number of

Rare Event Simulation for Dynamic Fault Trees

NARCIS (Netherlands)

Ruijters, Enno Jozef Johannes; Reijsbergen, D.P.; de Boer, Pieter-Tjerk; Stoelinga, Mariëlle Ida Antoinette; Tonetta, Stefano; Schoitsch, Erwin; Bitsch, Friedemann

2017-01-01

Fault trees (FT) are a popular industrial method for reliability engineering, for which Monte Carlo simulation is an important technique to estimate common dependability metrics, such as the system reliability and availability. A severe drawback of Monte Carlo simulation is that the number of

FTAP, Minimal Cut Sets of Arbitrary Fault Trees. FRTPLT, Fault Tree Structure and Logical Gates Plot for Program FTAP. FRTGEN, Fault Trees by Sub-tree Generator from Parent Tree for Program FTAP

International Nuclear Information System (INIS)

Willie, Randall R.; Rabien, U.

1997-01-01

1 - Description of problem or function: FTAP is a general-purpose program for deriving minimal reliability cut and path set families from the fault tree for a complex system. The program has a number of useful features that make it well-suited to nearly all fault tree applications. An input fault tree may specify the system state as any logical function of subsystem or component state variables or complements of these variables; thus, for instance, 'exclusive-or' type relations may be formed. When fault tree logical relations involve complements of state variables, the analyst may instruct FTAP to produce a family of prime implicants, a generalization of the minimal cut set concept. The program offers the flexibility of several distinct methods of generating cut set families. FTAP can also identify certain subsystems as system modules and provide a collection of minimal cut set families that essentially expresses the system state as a function of these module state variables. Another feature allows a useful subfamily to be obtained when the family of minimal cut sets or prime implicants is too large to be found in its entirety; this subfamily may consist of only those sets not containing more than some fixed number of elements or only those sets 'interesting' to the analyst in some special sense. Finally, the analyst can modify the input fault tree in various ways by declaring state variables identically true or false. 2 - Method of solution: Fault tree methods are based on the observation that the system state, either working or failed, can usually be expressed as a Boolean relation between states of several large, readily identifiable subsystems. The state of each subsystem in turn depends on states of simpler subsystems and components which compose it, so that the state of the system itself is determined by a hierarchy of logical relationships between states of subsystems. A fault tree is a graphical representation of these relationships. 3 - Restrictions on the

Plotting and analysis of fault trees in safety evaluation of nuclear power plants

International Nuclear Information System (INIS)

Wild, A.

1979-12-01

Fault tree analysis is a useful tool in determining the safety and reliability of nuclear power plants. The main strength of the fault tree method, its ability to detect cross-links between systems, can be used only if fault trees are constructed for complete nuclear generating stations. Such trees are large and have to be handled by computers. A system is described for handling fault trees using small computers such as the HP-1000 with disc drive, graphics terminal and x-y plotter

Study on the scope of fault tree method applicability

International Nuclear Information System (INIS)

Ito, Taiju

1980-03-01

In fault tree analysis of the reliability of nuclear safety system, including reliability analysis of nuclear protection system, there seem to be some documents in which application of the fault tree method is unreasonable. In fault tree method, the addition rule and the multiplication rule are usually used. The addition rule and the multiplication rule must hold exactly or at least practically. The addition rule has no problem but the multiplication rule has occasionally some problem. For unreliability, mean unavailability and instantaneous unavailability of the elements, holding or not of the multiplication rule has been studied comprehensively. Between the unreliability of each element without maintenance, the multiplication rule holds. Between the instantaneous unavailability of each element, with maintenance or not, the multiplication rule also holds. Between the unreliability of each subsystem with maintenance, however, the multiplication rule does not hold, because the product value is larger than the value of unreliability for a parallel system consisting of the two subsystems with maintenance. Between the mean unavailability of each element without maintenance, the multiplication rule also does not hold, because the product value is smaller than the value of mean unavailability for a parallel system consisting of the two elements without maintenance. In these cases, therefore, the fault tree method may not be applied by rote for reliability analysis of the system. (author)

Reliability Evaluation Methodologies of Fault Tolerant Techniques of Digital I and C Systems in Nuclear Power Plants

International Nuclear Information System (INIS)

Kim, Bo Gyung; Kang, Hyun Gook; Seong, Poong Hyun; Lee, Seung Jun

2011-01-01

Since the reactor protection system was replaced from analog to digital, digital reactor protection system has 4 redundant channels and each channel has several modules. It is necessary for various fault tolerant techniques to improve availability and reliability due to using complex components in DPPS. To use the digital system, it is necessary to improve the reliability and availability of a system through fault-tolerant techniques. Several researches make an effort to effects of fault tolerant techniques. However, the effects of fault tolerant techniques have not been properly considered yet in most fault tree models. Various fault-tolerant techniques, which used in digital system in NPPs, should reflect in fault tree analysis for getting lower system unavailability and more reliable PSA. When fault-tolerant techniques are modeled in fault tree, categorizing the module to detect by each fault tolerant techniques, fault coverage, detection period and the fault recovery should be considered. Further work will concentrate on various aspects for fault tree modeling. We will find other important factors, and found a new theory to construct the fault tree model

Fault diagnosis of power transformer based on fault-tree analysis (FTA)

Science.gov (United States)

Wang, Yongliang; Li, Xiaoqiang; Ma, Jianwei; Li, SuoYu

2017-05-01

Power transformers is an important equipment in power plants and substations, power distribution transmission link is made an important hub of power systems. Its performance directly affects the quality and health of the power system reliability and stability. This paper summarizes the five parts according to the fault type power transformers, then from the time dimension divided into three stages of power transformer fault, use DGA routine analysis and infrared diagnostics criterion set power transformer running state, finally, according to the needs of power transformer fault diagnosis, by the general to the section by stepwise refinement of dendritic tree constructed power transformer fault

Probabilistic risk assessment course documentation. Volume 4. System reliability and analysis techniques sessions B/C - event trees/fault trees

International Nuclear Information System (INIS)

Haasl, D.; Young, J.

1985-08-01

This course will employ a combination of lecture material and practical problem solving in order to develop competence and understanding of th principles and techniques of event tree and fault tree analysis. The role of these techniques in the overall context of PRA will be described. The emphasis of this course will be on the basic, traditional methods of event tree and fault tree analysis

A computer-oriented approach to fault-tree construction. Topical report No. 1

International Nuclear Information System (INIS)

Chu, B.B.

1976-11-01

Fault Tree Analysis is one of the major tools for the safety and reliability analysis of large systems. A methodology for systematically constructing fault trees for general complex systems is developed and applied, via the computer program CAT, to several systems. First, a means of representing component behavior by decision tables is presented. In order to use these tables, a procedure for constructing and editing fault trees, either manually or by computer, is described. In order to verify the methodology the computer program CAT has been developed and used to construct fault trees for two systems

Fault tree analysis. Implementation of the WAM-codes

International Nuclear Information System (INIS)

Bento, J.P.; Poern, K.

1979-07-01

The report describes work going on at Studsvik at the implementation of the WAM code package for fault tree analysis. These codes originally developed under EPRI contract by Sciences Applications Inc, allow, in contrast with other fault tree codes, all Boolean operations, thus allowing modeling of ''NOT'' conditions and dependent components. To concretize the implementation of these codes, the auxiliary feed-water system of the Swedish BWR Oskarshamn 2 was chosen for the reliability analysis. For this system, both the mean unavailability and the probability density function of the top event - undesired event - of the system fault tree were calculated, the latter using a Monte-Carlo simulation technique. The present study is the first part of a work performed under contract with the Swedish Nuclear Power Inspectorate. (author)

Fuzzy probability based fault tree analysis to propagate and quantify epistemic uncertainty

International Nuclear Information System (INIS)

Purba, Julwan Hendry; Sony Tjahyani, D.T.; Ekariansyah, Andi Sofrany; Tjahjono, Hendro

2015-01-01

Highlights: • Fuzzy probability based fault tree analysis is to evaluate epistemic uncertainty in fuzzy fault tree analysis. • Fuzzy probabilities represent likelihood occurrences of all events in a fault tree. • A fuzzy multiplication rule quantifies epistemic uncertainty of minimal cut sets. • A fuzzy complement rule estimate epistemic uncertainty of the top event. • The proposed FPFTA has successfully evaluated the U.S. Combustion Engineering RPS. - Abstract: A number of fuzzy fault tree analysis approaches, which integrate fuzzy concepts into the quantitative phase of conventional fault tree analysis, have been proposed to study reliabilities of engineering systems. Those new approaches apply expert judgments to overcome the limitation of the conventional fault tree analysis when basic events do not have probability distributions. Since expert judgments might come with epistemic uncertainty, it is important to quantify the overall uncertainties of the fuzzy fault tree analysis. Monte Carlo simulation is commonly used to quantify the overall uncertainties of conventional fault tree analysis. However, since Monte Carlo simulation is based on probability distribution, this technique is not appropriate for fuzzy fault tree analysis, which is based on fuzzy probabilities. The objective of this study is to develop a fuzzy probability based fault tree analysis to overcome the limitation of fuzzy fault tree analysis. To demonstrate the applicability of the proposed approach, a case study is performed and its results are then compared to the results analyzed by a conventional fault tree analysis. The results confirm that the proposed fuzzy probability based fault tree analysis is feasible to propagate and quantify epistemic uncertainties in fault tree analysis

Guideliness for system modeling: fault tree [analysis

Energy Technology Data Exchange (ETDEWEB)

Lee, Yoon Hwan; Yang, Joon Eon; Kang, Dae Il; Hwang, Mee Jeong

2004-07-01

This document, the guidelines for system modeling related to Fault Tree Analysis(FTA), is intended to provide the guidelines with the analyzer to construct the fault trees in the level of the capability category II of ASME PRA standard. Especially, they are to provide the essential and basic guidelines and the related contents to be used in support of revising the Ulchin 3 and 4 PSA model for risk monitor within the capability category II of ASME PRA standard. Normally the main objective of system analysis is to assess the reliability of system modeled by Event Tree Analysis (ETA). A variety of analytical techniques can be used for the system analysis, however, FTA method is used in this procedures guide. FTA is the method used for representing the failure logic of plant systems deductively using AND, OR or NOT gates. The fault tree should reflect all possible failure modes that may contribute to the system unavailability. This should include contributions due to the mechanical failures of the components, Common Cause Failures (CCFs), human errors and outages for testing and maintenance. This document identifies and describes the definitions and the general procedures of FTA and the essential and basic guidelines for reving the fault trees. Accordingly, the guidelines for FTA will be capable to guide the FTA to the level of the capability category II of ASME PRA standard.

Guideliness for system modeling: fault tree [analysis

International Nuclear Information System (INIS)

Lee, Yoon Hwan; Yang, Joon Eon; Kang, Dae Il; Hwang, Mee Jeong

2004-07-01

This document, the guidelines for system modeling related to Fault Tree Analysis(FTA), is intended to provide the guidelines with the analyzer to construct the fault trees in the level of the capability category II of ASME PRA standard. Especially, they are to provide the essential and basic guidelines and the related contents to be used in support of revising the Ulchin 3 and 4 PSA model for risk monitor within the capability category II of ASME PRA standard. Normally the main objective of system analysis is to assess the reliability of system modeled by Event Tree Analysis (ETA). A variety of analytical techniques can be used for the system analysis, however, FTA method is used in this procedures guide. FTA is the method used for representing the failure logic of plant systems deductively using AND, OR or NOT gates. The fault tree should reflect all possible failure modes that may contribute to the system unavailability. This should include contributions due to the mechanical failures of the components, Common Cause Failures (CCFs), human errors and outages for testing and maintenance. This document identifies and describes the definitions and the general procedures of FTA and the essential and basic guidelines for reving the fault trees. Accordingly, the guidelines for FTA will be capable to guide the FTA to the level of the capability category II of ASME PRA standard

Introduction to fault tree analysis

International Nuclear Information System (INIS)

Barlow, R.E.; Lambert, H.E.

1975-01-01

An elementary, engineering oriented introduction to fault tree analysis is presented. The basic concepts, techniques and applications of fault tree analysis, FTA, are described. The two major steps of FTA are identified as (1) the construction of the fault tree and (2) its evaluation. The evaluation of the fault tree can be qualitative or quantitative depending upon the scope, extensiveness and use of the analysis. The advantages, limitations and usefulness of FTA are discussed

Fault Tree Analysis for an Inspection Robot in a Nuclear Power Plant

Science.gov (United States)

Ferguson, Thomas A.; Lu, Lixuan

2017-09-01

The life extension of current nuclear reactors has led to an increasing demand on inspection and maintenance of critical reactor components that are too expensive to replace. To reduce the exposure dosage to workers, robotics have become an attractive alternative as a preventative safety tool in nuclear power plants. It is crucial to understand the reliability of these robots in order to increase the veracity and confidence of their results. This study presents the Fault Tree (FT) analysis to a coolant outlet piper snake-arm inspection robot in a nuclear power plant. Fault trees were constructed for a qualitative analysis to determine the reliability of the robot. Insight on the applicability of fault tree methods for inspection robotics in the nuclear industry is gained through this investigation.

Identification of independent modules in fault trees which contain dependent basic events

International Nuclear Information System (INIS)

Sun, H.; Andrews, J.D.

2004-01-01

The reliability performance of a system is frequently a function of component failures of which some are independent whilst others are interdependent. It is possible to represent the system failure logic in a fault tree diagram, however only the sections containing independent events can be assessed using the conventional fault tree analysis methodology. The analysis of the dependent sections will require a Markov analysis. Since the efficiency of the Markov analysis largely depends on the size of the established Markov model, the key is to extract from the fault tree the smallest sections which contain dependencies. This paper proposes a method aimed at establishing the smallest Markov model for the dependencies contained within the fault tree

System Analysis by Mapping a Fault-tree into a Bayesian-network

Science.gov (United States)

Sheng, B.; Deng, C.; Wang, Y. H.; Tang, L. H.

2018-05-01

In view of the limitations of fault tree analysis in reliability assessment, Bayesian Network (BN) has been studied as an alternative technology. After a brief introduction to the method for mapping a Fault Tree (FT) into an equivalent BN, equations used to calculate the structure importance degree, the probability importance degree and the critical importance degree are presented. Furthermore, the correctness of these equations is proved mathematically. Combining with an aircraft landing gear’s FT, an equivalent BN is developed and analysed. The results show that richer and more accurate information have been achieved through the BN method than the FT, which demonstrates that the BN is a superior technique in both reliability assessment and fault diagnosis.

Reliability study of the auxiliary feed-water system of a pressurized water reactor by faults tree and Bayesian Network

International Nuclear Information System (INIS)

Lava, Deise Diana; Borges, Diogo da Silva; Guimarães, Antonio Cesar Ferreira; Moreira, Maria de Lourdes

2017-01-01

This paper aims to present a study of the reliability of the Auxiliary Feed-water System (AFWS) through the methods of Fault Tree and Bayesian Network. Therefore, the paper consists of a literature review of the history of nuclear energy and the methodologies used. The AFWS is responsible for providing water system to cool the secondary circuit of nuclear reactors of the PWR type when normal feeding water system failure. How this system operates only when the primary system fails, it is expected that the AFWS failure probability is very low. The AFWS failure probability is divided into two cases: the first is the probability of failure in the first eight hours of operation and the second is the probability of failure after eight hours of operation, considering that the system has not failed within the first eight hours. The calculation of the probability of failure of the second case was made through the use of Fault Tree and Bayesian Network, that it was constructed from the Fault Tree. The results of the failure probability obtained were very close, on the order of 10 -3 . (author)

Reliability study of the auxiliary feed-water system of a pressurized water reactor by faults tree and Bayesian Network

Energy Technology Data Exchange (ETDEWEB)

Lava, Deise Diana; Borges, Diogo da Silva; Guimarães, Antonio Cesar Ferreira; Moreira, Maria de Lourdes, E-mail: deise_dy@hotmail.com, E-mail: diogosb@outlook.com, E-mail: tony@ien.gov.br [Instituto de Engenharia Nuclear (IEN/CNEN-RJ), Rio de Janeiro, RJ (Brazil)

2017-07-01

This paper aims to present a study of the reliability of the Auxiliary Feed-water System (AFWS) through the methods of Fault Tree and Bayesian Network. Therefore, the paper consists of a literature review of the history of nuclear energy and the methodologies used. The AFWS is responsible for providing water system to cool the secondary circuit of nuclear reactors of the PWR type when normal feeding water system failure. How this system operates only when the primary system fails, it is expected that the AFWS failure probability is very low. The AFWS failure probability is divided into two cases: the first is the probability of failure in the first eight hours of operation and the second is the probability of failure after eight hours of operation, considering that the system has not failed within the first eight hours. The calculation of the probability of failure of the second case was made through the use of Fault Tree and Bayesian Network, that it was constructed from the Fault Tree. The results of the failure probability obtained were very close, on the order of 10{sup -3}. (author)

A Weibull-based compositional approach for hierarchical dynamic fault trees

International Nuclear Information System (INIS)

Chiacchio, F.; Cacioppo, M.; D'Urso, D.; Manno, G.; Trapani, N.; Compagno, L.

2013-01-01

The solution of a dynamic fault tree (DFT) for the reliability assessment can be achieved using a wide variety of techniques. These techniques have a strong theoretical foundation as both the analytical and the simulation methods have been extensively developed. Nevertheless, they all present the same limits that appear with the increasing of the size of the fault trees (i.e., state space explosion, time-consuming simulations), compromising the resolution. We have tested the feasibility of a composition algorithm based on a Weibull distribution, addressed to the resolution of a general class of dynamic fault trees characterized by non-repairable basic events and generally distributed failure times. The proposed composition algorithm is used to generalize the traditional hierarchical technique that, as previous literature have extensively confirmed, is able to reduce the computational effort of a large DFT through the modularization of independent parts of the tree. The results of this study are achieved both through simulation and analytical techniques, thus confirming the capability to solve a quite general class of dynamic fault trees and overcome the limits of traditional techniques.

Lognormal Approximations of Fault Tree Uncertainty Distributions.

Science.gov (United States)

El-Shanawany, Ashraf Ben; Ardron, Keith H; Walker, Simon P

2018-01-26

Fault trees are used in reliability modeling to create logical models of fault combinations that can lead to undesirable events. The output of a fault tree analysis (the top event probability) is expressed in terms of the failure probabilities of basic events that are input to the model. Typically, the basic event probabilities are not known exactly, but are modeled as probability distributions: therefore, the top event probability is also represented as an uncertainty distribution. Monte Carlo methods are generally used for evaluating the uncertainty distribution, but such calculations are computationally intensive and do not readily reveal the dominant contributors to the uncertainty. In this article, a closed-form approximation for the fault tree top event uncertainty distribution is developed, which is applicable when the uncertainties in the basic events of the model are lognormally distributed. The results of the approximate method are compared with results from two sampling-based methods: namely, the Monte Carlo method and the Wilks method based on order statistics. It is shown that the closed-form expression can provide a reasonable approximation to results obtained by Monte Carlo sampling, without incurring the computational expense. The Wilks method is found to be a useful means of providing an upper bound for the percentiles of the uncertainty distribution while being computationally inexpensive compared with full Monte Carlo sampling. The lognormal approximation method and Wilks's method appear attractive, practical alternatives for the evaluation of uncertainty in the output of fault trees and similar multilinear models. © 2018 Society for Risk Analysis.

Algorithms and programs for consequence diagram and fault tree construction

International Nuclear Information System (INIS)

Hollo, E.; Taylor, J.R.

1976-12-01

A presentation of algorithms and programs for consequence diagram and sequential fault tree construction that are intended for reliability and disturbance analysis of large systems. The system to be analyzed must be given as a block diagram formed by mini fault trees of individual system components. The programs were written in LISP programming language and run on a PDP8 computer with 8k words of storage. A description is given of the methods used and of the program construction and working. (author)

NuFTA: A CASE Tool for Automatic Software Fault Tree Analysis

International Nuclear Information System (INIS)

Yun, Sang Hyun; Lee, Dong Ah; Yoo, Jun Beom

2010-01-01

Software fault tree analysis (SFTA) is widely used for analyzing software requiring high-reliability. In SFTA, experts predict failures of system through HA-ZOP (Hazard and Operability study) or FMEA (Failure Mode and Effects Analysis) and draw software fault trees about the failures. Quality and cost of the software fault tree, therefore, depend on knowledge and experience of the experts. This paper proposes a CASE tool NuFTA in order to assist experts of safety analysis. The NuFTA automatically generate software fault trees from NuSCR formal requirements specification. NuSCR is a formal specification language used for specifying software requirements of KNICS RPS (Reactor Protection System) in Korea. We used the SFTA templates proposed by in order to generate SFTA automatically. The NuFTA also generates logical formulae summarizing the failure's cause, and we have a plan to use the formulae usefully through formal verification techniques

Human reliability analysis using event trees

International Nuclear Information System (INIS)

Heslinga, G.

1983-01-01

The shut-down procedure of a technologically complex installation as a nuclear power plant consists of a lot of human actions, some of which have to be performed several times. The procedure is regarded as a chain of modules of specific actions, some of which are analyzed separately. The analysis is carried out by making a Human Reliability Analysis event tree (HRA event tree) of each action, breaking down each action into small elementary steps. The application of event trees in human reliability analysis implies more difficulties than in the case of technical systems where event trees were mainly used until now. The most important reason is that the operator is able to recover a wrong performance; memory influences play a significant role. In this study these difficulties are dealt with theoretically. The following conclusions can be drawn: (1) in principle event trees may be used in human reliability analysis; (2) although in practice the operator will recover his fault partly, theoretically this can be described as starting the whole event tree again; (3) compact formulas have been derived, by which the probability of reaching a specific failure consequence on passing through the HRA event tree after several times of recovery is to be calculated. (orig.)

Using Fault Trees to Advance Understanding of Diagnostic Errors.

Science.gov (United States)

Rogith, Deevakar; Iyengar, M Sriram; Singh, Hardeep

2017-11-01

Diagnostic errors annually affect at least 5% of adults in the outpatient setting in the United States. Formal analytic techniques are only infrequently used to understand them, in part because of the complexity of diagnostic processes and clinical work flows involved. In this article, diagnostic errors were modeled using fault tree analysis (FTA), a form of root cause analysis that has been successfully used in other high-complexity, high-risk contexts. How factors contributing to diagnostic errors can be systematically modeled by FTA to inform error understanding and error prevention is demonstrated. A team of three experts reviewed 10 published cases of diagnostic error and constructed fault trees. The fault trees were modeled according to currently available conceptual frameworks characterizing diagnostic error. The 10 trees were then synthesized into a single fault tree to identify common contributing factors and pathways leading to diagnostic error. FTA is a visual, structured, deductive approach that depicts the temporal sequence of events and their interactions in a formal logical hierarchy. The visual FTA enables easier understanding of causative processes and cognitive and system factors, as well as rapid identification of common pathways and interactions in a unified fashion. In addition, it enables calculation of empirical estimates for causative pathways. Thus, fault trees might provide a useful framework for both quantitative and qualitative analysis of diagnostic errors. Future directions include establishing validity and reliability by modeling a wider range of error cases, conducting quantitative evaluations, and undertaking deeper exploration of other FTA capabilities. Copyright © 2017 The Joint Commission. Published by Elsevier Inc. All rights reserved.

Rich Interfaces for Dependability: Compositional Methods for Dynamic Fault Trees and Arcade models

NARCIS (Netherlands)

Boudali, H.; Crouzen, Pepijn; Haverkort, Boudewijn R.H.M.; Kuntz, G.W.M.; Stoelinga, Mariëlle Ida Antoinette

This paper discusses two behavioural interfaces for reliability analysis: dynamic fault trees, which model the system reliability in terms of the reliability of its components and Arcade, which models the system reliability at an architectural level. For both formalisms, the reliability is analyzed

Computer aided fault tree synthesis

International Nuclear Information System (INIS)

Poucet, A.

1983-01-01

Nuclear as well as non-nuclear organisations are showing during the past few years a growing interest in the field of reliability analysis. This urges for the development of powerful, state of the art methods and computer codes for performing such analysis on complex systems. In this report an interactive, computer aided approach is discussed, based on the well known fault tree technique. The time consuming and difficut task of manually constructing a system model (one or more fault trees) is replaced by an efficient interactive procedure in which the flexibility and the learning process inherent to the manual approach are combined with the accuracy in the modelling and the speed of the fully automatical approach. The method presented is based upon the use of a library containing component models. The possibility of setting up a standard library of models of general use and the link with a data collection system are discussed. The method has been implemented in the CAFTS-SALP software package which is described shortly in the report

Fault tree analysis for reactor systems

International Nuclear Information System (INIS)

Crosetti, P.A.

1971-01-01

Reliability analysis is playing an increasingly important role in quantitative assessment of system performance for assuring nuclear safety, improving plant performance and plant life, and reducing plant operating costs. The complexity of today's nuclear plants warrant the use of techniques which will provide a comprehensive evaluation of systems in their total context. In particular, fault tree analysis with probability evaluation can play a key role in assuring nuclear safety, in improving plant performance and plant life, and in reducing plant operating costs. The technique provides an all inclusive, versatile mathematical tool for analyzing complex systems. Its application can include a complete plant as well as any of the systems and subsystems. Fault tree analysis provides an objective basis for analyzing system design, performing trade-off studies, analyzing common mode failures, demonstrating compliance with AEC requirements, and justifying system changes or additions. The logic of the approach makes it readily understandable and, therefore, it serves as an effective visibility tool for both engineering and management. (U.S.)

TREDRA, Minimal Cut Sets Fault Tree Plot Program

International Nuclear Information System (INIS)

Fussell, J.B.

1983-01-01

1 - Description of problem or function: TREDRA is a computer program for drafting report-quality fault trees. The input to TREDRA is similar to input for standard computer programs that find minimal cut sets from fault trees. Output includes fault tree plots containing all standard fault tree logic and event symbols, gate and event labels, and an output description for each event in the fault tree. TREDRA contains the following features: a variety of program options that allow flexibility in the program output; capability for automatic pagination of the output fault tree, when necessary; input groups which allow labeling of gates, events, and their output descriptions; a symbol library which includes standard fault tree symbols plus several less frequently used symbols; user control of character size and overall plot size; and extensive input error checking and diagnostic oriented output. 2 - Method of solution: Fault trees are generated by user-supplied control parameters and a coded description of the fault tree structure consisting of the name of each gate, the gate type, the number of inputs to the gate, and the names of these inputs. 3 - Restrictions on the complexity of the problem: TREDRA can produce fault trees with a minimum of 3 and a maximum of 56 levels. The width of each level may range from 3 to 37. A total of 50 transfers is allowed during pagination

Modular representation and analysis of fault trees

Energy Technology Data Exchange (ETDEWEB)

Olmos, J; Wolf, L [Massachusetts Inst. of Tech., Cambridge (USA). Dept. of Nuclear Engineering

1978-08-01

An analytical method to describe fault tree diagrams in terms of their modular compositions is developed. Fault tree structures are characterized by recursively relating the top tree event to all its basic component inputs through a set of equations defining each of the modulus for the fault tree. It is shown that such a modular description is an extremely valuable tool for making a quantitative analysis of fault trees. The modularization methodology has been implemented into the PL-MOD computer code, written in PL/1 language, which is capable of modularizing fault trees containing replicated components and replicated modular gates. PL-MOD in addition can handle mutually exclusive inputs and explicit higher order symmetric (k-out-of-n) gates. The step-by-step modularization of fault trees performed by PL-MOD is demonstrated and it is shown how this procedure is only made possible through an extensive use of the list processing tools available in PL/1. A number of nuclear reactor safety system fault trees were analyzed. PL-MOD performed the modularization and evaluation of the modular occurrence probabilities and Vesely-Fussell importance measures for these systems very efficiently. In particular its execution time for the modularization of a PWR High Pressure Injection System reduced fault tree was 25 times faster than that necessary to generate its equivalent minimal cut-set description using MOCUS, a code considered to be fast by present standards.

Computer-aided Fault Tree Analysis

International Nuclear Information System (INIS)

Willie, R.R.

1978-08-01

A computer-oriented methodology for deriving minimal cut and path set families associated with arbitrary fault trees is discussed first. Then the use of the Fault Tree Analysis Program (FTAP), an extensive FORTRAN computer package that implements the methodology is described. An input fault tree to FTAP may specify the system state as any logical function of subsystem or component state variables or complements of these variables. When fault tree logical relations involve complements of state variables, the analyst may instruct FTAP to produce a family of prime implicants, a generalization of the minimal cut set concept. FTAP can also identify certain subsystems associated with the tree as system modules and provide a collection of minimal cut set families that essentially expresses the state of the system as a function of these module state variables. Another FTAP feature allows a subfamily to be obtained when the family of minimal cut sets or prime implicants is too large to be found in its entirety; this subfamily consists only of sets that are interesting to the analyst in a special sense

Users' manual for the FTDRAW (Fault Tree Draw) code

International Nuclear Information System (INIS)

Oikawa, Tetsukuni; Hikawa, Michihiro; Tanabe, Syuichi; Nakamura, Norihiro

1985-02-01

This report provides the information needed to use the FTDRAW (Fault Tree Draw) code, which is designed for drawing a fault tree. The FTDRAW code has several optional functions, such as the overview of a fault tree output, fault tree output in English description, fault tree output in Japanese description and summary tree output. Inputs for the FTDRAW code are component failure rate information and gate information which are filed out by a execution of the FTA-J (Fault Tree Analysis-JAERI) code system and option control data. Using the FTDRAW code, we can get drawings of fault trees which is easy to see, efficiently. (author)

Study of the reliability of the Auxiliary Feedwater System of a LWR nuclear power plant through the Fault Tree and Bayesian Network

International Nuclear Information System (INIS)

Lava, Deise Diana

2016-01-01

This paper aims to present a study of the reliability of the Auxiliary Feedwater System (AFWS) through the methods of Fault Tree and Bayesian Network. Therefore, the paper consists of a literature review of the history of nuclear energy and the methodologies used. The AFWS is responsible for providing water system to cool the secondary circuit of nuclear reactors of the PWR type when normal feeding water system failure. How this system operates only when the primary system fails, it is expected that the AFWS failure probability is very low. The AFWS failure probability is divided into two cases: the first is the probability of failure in the first eight hours of operation and the second is the probability of failure after eight hours of operation, considering that the system has not failed within the first eight hours. The calculation of the probability of failure of the second case was made through the use of Fault Tree and Bayesian Network, that it was constructed from the Fault Tree. The results of the failure probability obtained were very close, on the order of 10 -3 . (author)

Efficient fault tree handling - the Asea-Atom approach

International Nuclear Information System (INIS)

Ericsson, G.; Knochenhauer, M.; Mills, R.

1985-01-01

In recent years there has been a trend in Swedish Probabilistic Safety Analysis (PSA) work towards coordination of the tools and methods used, in order to facilitate exchange of information and review. Thus, standardized methods for fault tree drawing and basic event coding have been developed as well as a number of computer codes for fault tree handling. The computer code used by Asea-Atom is called SUPER-TREE. As indicated by the name, the key feature is the concept of one super tree containing all the information necessary in the fault tree analysis, i.e. system fault trees, sequence fault trees and component data base. The code has proved to allow great flexibility in the choice of level of detail in the analysis

Improving software requirements specification for safety-related systems using the fault tree developed by an object-based method

International Nuclear Information System (INIS)

Cepin, M.; Mavko, B.

1998-01-01

A modification of the fault tree analysis is presented. The new fault tree integrates structural and behavioral models of a system. Information on the system structure is captured in the name of each gate and basic event of the fault tree. Information on the system behavior is captured in their description. Behavior is expressed using the axiomatic notation based on first order predicate logic. The new fault tree is a useful model for analysis and improvement of software requirements specification. The benefit of such improvements is reduced probability of failures in specification, which in turn results in increased reliability of the software.(author)

Fuzzy set theoretic approach to fault tree analysis | Tyagi ...

African Journals Online (AJOL)

This approach can be widely used to improve the reliability and to reduce the operating cost of a system. The proposed techniques are discussed and illustrated by taking an example of a nuclear power plant. Keywords: Fault tree, Triangular and Trapezoidal fuzzy number, Fuzzy importance, Ranking of fuzzy numbers ...

Mode automata and their compilation into fault trees

International Nuclear Information System (INIS)

Rauzy, Antoine

2002-01-01

In this article, we advocate the use of mode automata as a high level representation language for reliability studies. Mode automata are states/transitions based representations with the additional notion of flow. They can be seen as a generalization of both finite capacity Petri nets and block diagrams. They can be assembled into hierarchies by means of composition operations. The contribution of this article is twofold. First, we introduce mode automata and we discuss their relationship with other formalisms. Second, we propose an algorithm to compile mode automata into Boolean equations (fault trees). Such a compilation is of interest for two reasons. First, assessment tools for Boolean models are much more efficient than those for states/transitions models. Second, the automated generation of fault trees from higher level representations makes easier their maintenance through the life cycle of systems under study

Integrated fault tree development environment

International Nuclear Information System (INIS)

Dixon, B.W.

1986-01-01

Probabilistic Risk Assessment (PRA) techniques are utilized in the nuclear industry to perform safety analyses of complex defense-in-depth systems. A major effort in PRA development is fault tree construction. The Integrated Fault Tree Environment (IFTREE) is an interactive, graphics-based tool for fault tree design. IFTREE provides integrated building, editing, and analysis features on a personal workstation. The design philosophy of IFTREE is presented, and the interface is described. IFTREE utilizes a unique rule-based solution algorithm founded in artificial intelligence (AI) techniques. The impact of the AI approach on the program design is stressed. IFTREE has been developed to handle the design and maintenance of full-size living PRAs and is currently in use

Time-dependent methodology for fault tree evaluation

International Nuclear Information System (INIS)

Vesely, W.B.

1976-01-01

Any fault tree may be evaluated applying the method called the kinetic theory of fault trees. The basic feature of this method as presented here is in that any information on primary failure, type failure or peak failure is derived from three characteristics: probability of existence, failure intensity and failure density. The determination of the said three characteristics for a given phenomenon yields the remaining probabilistic information on the individual aspects of the failure and on their totality for the whole observed period. The probabilistic characteristics are determined by applying the analysis of phenomenon probability. The total time dependent information on the peak failure is obtained by using the type failures (critical paths) of the fault tree. By applying the said process the total time dependent information is obtained for every primary failure and type failure of the fault tree. In the application of the method of the kinetic theory of fault trees represented by the PREP and KITT programmes, the type failures are first obtained using the deterministic testing method or using the Monte Carlo simulation (PREP programme). The respective characteristics are then determined using the kinetic theory of fault trees (KITT programmes). (Oy)

Integrated system fault diagnostics utilising digraph and fault tree-based approaches

International Nuclear Information System (INIS)

Bartlett, L.M.; Hurdle, E.E.; Kelly, E.M.

2009-01-01

With the growing intolerance to failures within systems, the issue of fault diagnosis has become ever prevalent. Information concerning these possible failures can help to minimise the disruption to the functionality of the system by allowing quick rectification. Traditional approaches to fault diagnosis within engineering systems have focused on sequential testing procedures and real-time mechanisms. Both methods have been predominantly limited to single fault causes. Latest approaches also consider the issue of multiple faults in reflection to the characteristics of modern day systems designed for high reliability. In addition, a diagnostic capability is required in real time and for changeable system functionality. This paper focuses on two approaches which have been developed to cater for the demands of diagnosis within current engineering systems, namely application of the fault tree analysis technique and the method of digraphs. Both use a comparative approach to consider differences between actual system behaviour and that expected. The procedural guidelines are discussed for each method, with an experimental aircraft fuel system used to test and demonstrate the features of the techniques. The effectiveness of the approaches is compared and their future potential highlighted

Bayesian updating of reliability of civil infrastructure facilities based on condition-state data and fault-tree model

International Nuclear Information System (INIS)

Ching Jianye; Leu, S.-S.

2009-01-01

This paper considers a difficult but practical circumstance of civil infrastructure management-deterioration/failure data of the infrastructure system are absent while only condition-state data of its components are available. The goal is to develop a framework for estimating time-varying reliabilities of civil infrastructure facilities under such a circumstance. A novel method of analyzing time-varying condition-state data that only reports operational/non-operational status of the components is proposed to update the reliabilities of civil infrastructure facilities. The proposed method assumes that the degradation arrivals can be modeled as a Poisson process with unknown time-varying arrival rate and damage impact and that the target system can be represented as a fault-tree model. To accommodate large uncertainties, a Bayesian algorithm is proposed, and the reliability of the infrastructure system can be quickly updated based on the condition-state data. Use of the new method is demonstrated with a real-world example of hydraulic spillway gate system.

An integrated model for reliability estimation of digital nuclear protection system based on fault tree and software control flow methodologies

International Nuclear Information System (INIS)

Kim, Man Cheol; Seong, Poong Hyun

2000-01-01

In the nuclear industry, the difficulty of proving the reliabilities of digital systems prohibits the widespread use of digital systems in various nuclear application such as plant protection system. Even though there exist a few models which are used to estimate the reliabilities of digital systems, we develop a new integrated model which is more realistic than the existing models. We divide the process of estimating the reliability of a digital system into two phases, a high-level phase and a low-level phase, and the boundary of two phases is the reliabilities of subsystems. We apply software control flow method to the low-level phase and fault tree analysis to the high-level phase. The application of the model to Dynamic Safety System(DDS) shows that the estimated reliability of the system is quite reasonable and realistic

An integrated model for reliability estimation of digital nuclear protection system based on fault tree and software control flow methodologies

International Nuclear Information System (INIS)

Kim, Man Cheol; Seong, Poong Hyun

2000-01-01

In nuclear industry, the difficulty of proving the reliabilities of digital systems prohibits the widespread use of digital systems in various nuclear application such as plant protection system. Even though there exist a few models which are used to estimate the reliabilities of digital systems, we develop a new integrated model which is more realistic than the existing models. We divide the process of estimating the reliability of a digital system into two phases, a high-level phase and a low-level phase, and the boundary of two phases is the reliabilities of subsystems. We apply software control flow method to the low-level phase and fault tree analysis to the high-level phase. The application of the model of dynamic safety system (DSS) shows that the estimated reliability of the system is quite reasonable and realistic. (author)

An Integrated Approach of Model checking and Temporal Fault Tree for System Safety Analysis

Energy Technology Data Exchange (ETDEWEB)

Koh, Kwang Yong; Seong, Poong Hyun [Korea Advanced Institute of Science and Technology, Daejeon (Korea, Republic of)

2009-10-15

Digitalization of instruments and control systems in nuclear power plants offers the potential to improve plant safety and reliability through features such as increased hardware reliability and stability, and improved failure detection capability. It however makes the systems and their safety analysis more complex. Originally, safety analysis was applied to hardware system components and formal methods mainly to software. For software-controlled or digitalized systems, it is necessary to integrate both. Fault tree analysis (FTA) which has been one of the most widely used safety analysis technique in nuclear industry suffers from several drawbacks as described in. In this work, to resolve the problems, FTA and model checking are integrated to provide formal, automated and qualitative assistance to informal and/or quantitative safety analysis. Our approach proposes to build a formal model of the system together with fault trees. We introduce several temporal gates based on timed computational tree logic (TCTL) to capture absolute time behaviors of the system and to give concrete semantics to fault tree gates to reduce errors during the analysis, and use model checking technique to automate the reasoning process of FTA.

Fault tree analysis of loss of cooling to a HALW storage tank

International Nuclear Information System (INIS)

Nomura, Yasushi

1992-01-01

Results of a scenario identification, a fault tree construction and an analysis for a loss of cooling accident in a High Activity Liquid Waste (HALW) tank of a typical model of reprocessing facility, is rendered together with considerations of the system reliability improvement by changing the model design. Model plant data, basic failure frequency data and a fault tree analysis named FTL have been introduced from NUKEM GmbH, Germany. They are throughly reviewed and reevaluated at JAERI, and improved to apply to Japanese facilities. A general systematic method for constructing fault trees is used to avoid missing scenarios, thus all of the 10 conceivable accident scenarios for 'HALW storage tank without cooling, HALW boiling' are identified, and a total failure frequency are calculated to be in the 90 % confidence interval of (1.1 ∼ 5.8) x 10 -6 /yr for the German model plant. (author)

Computer aided fault tree construction for electrical systems

International Nuclear Information System (INIS)

Fussell, J.B.

1975-01-01

A technique is presented for automated construction of the Boolean failure logic diagram, called the fault tree, for electrical systems. The method is a technique for synthesizing a fault tree from system-independent component characteristics. Terminology is defined and heuristic examples are given for all phases of the model. The computer constructed fault trees are in conventional format, use conventional symbols, and are deductively constructed from the main failure of interest to the individual component failures. The synthesis technique is generally applicable to automated fault tree construction for other types of systems

A Rigorous, Compositional, and Extensible Framework for Dynamic Fault Tree Analysis

NARCIS (Netherlands)

Boudali, H.; Sandhu, R.; Crouzen, Pepijn; Stoelinga, Mariëlle Ida Antoinette

Fault trees (FT) are among the most prominent formalisms for reliability analysis of technical systems. Dynamic FTs extend FTs with support for expressing dynamic dependencies among components. The standard analysis vehicle for DFTs is state-based, and treats the model as a CTMC, a continuous-time

Analysis of large fault trees based on functional decomposition

International Nuclear Information System (INIS)

Contini, Sergio; Matuzas, Vaidas

2011-01-01

With the advent of the Binary Decision Diagrams (BDD) approach in fault tree analysis, a significant enhancement has been achieved with respect to previous approaches, both in terms of efficiency and accuracy of the overall outcome of the analysis. However, the exponential increase of the number of nodes with the complexity of the fault tree may prevent the construction of the BDD. In these cases, the only way to complete the analysis is to reduce the complexity of the BDD by applying the truncation technique, which nevertheless implies the problem of estimating the truncation error or upper and lower bounds of the top-event unavailability. This paper describes a new method to analyze large coherent fault trees which can be advantageously applied when the working memory is not sufficient to construct the BDD. It is based on the decomposition of the fault tree into simpler disjoint fault trees containing a lower number of variables. The analysis of each simple fault tree is performed by using all the computational resources. The results from the analysis of all simpler fault trees are re-combined to obtain the results for the original fault tree. Two decomposition methods are herewith described: the first aims at determining the minimal cut sets (MCS) and the upper and lower bounds of the top-event unavailability; the second can be applied to determine the exact value of the top-event unavailability. Potentialities, limitations and possible variations of these methods will be discussed with reference to the results of their application to some complex fault trees.

Analysis of large fault trees based on functional decomposition

Energy Technology Data Exchange (ETDEWEB)

Contini, Sergio, E-mail: sergio.contini@jrc.i [European Commission, Joint Research Centre, Institute for the Protection and Security of the Citizen, 21020 Ispra (Italy); Matuzas, Vaidas [European Commission, Joint Research Centre, Institute for the Protection and Security of the Citizen, 21020 Ispra (Italy)

2011-03-15

With the advent of the Binary Decision Diagrams (BDD) approach in fault tree analysis, a significant enhancement has been achieved with respect to previous approaches, both in terms of efficiency and accuracy of the overall outcome of the analysis. However, the exponential increase of the number of nodes with the complexity of the fault tree may prevent the construction of the BDD. In these cases, the only way to complete the analysis is to reduce the complexity of the BDD by applying the truncation technique, which nevertheless implies the problem of estimating the truncation error or upper and lower bounds of the top-event unavailability. This paper describes a new method to analyze large coherent fault trees which can be advantageously applied when the working memory is not sufficient to construct the BDD. It is based on the decomposition of the fault tree into simpler disjoint fault trees containing a lower number of variables. The analysis of each simple fault tree is performed by using all the computational resources. The results from the analysis of all simpler fault trees are re-combined to obtain the results for the original fault tree. Two decomposition methods are herewith described: the first aims at determining the minimal cut sets (MCS) and the upper and lower bounds of the top-event unavailability; the second can be applied to determine the exact value of the top-event unavailability. Potentialities, limitations and possible variations of these methods will be discussed with reference to the results of their application to some complex fault trees.

Fault trees based on past accidents. Factorial analysis of events

International Nuclear Information System (INIS)

Vaillant, M.

1977-01-01

The method of the fault tree is already useful in the qualitative step before any reliability calculation. The construction of the tree becomes even simpler when we just want to describe how the events happened. Differently from screenplays that introduce several possibilities by means of the conjunction OR, you only have here the conjunction AND, which will not be written at all. This method is presented by INRS (1) for the study of industrial injuries; it may also be applied to material damages. (orig.) [de

Algorithmic fault tree construction by component-based system modeling

International Nuclear Information System (INIS)

Majdara, Aref; Wakabayashi, Toshio

2008-01-01

Computer-aided fault tree generation can be easier, faster and less vulnerable to errors than the conventional manual fault tree construction. In this paper, a new approach for algorithmic fault tree generation is presented. The method mainly consists of a component-based system modeling procedure an a trace-back algorithm for fault tree synthesis. Components, as the building blocks of systems, are modeled using function tables and state transition tables. The proposed method can be used for a wide range of systems with various kinds of components, if an inclusive component database is developed. (author)

Fault tree analysis: concepts and techniques

International Nuclear Information System (INIS)

Fussell, J.B.

1976-01-01

Concepts and techniques of fault tree analysis have been developed over the past decade and now predictions from this type analysis are important considerations in the design of many systems such as aircraft, ships and their electronic systems, missiles, and nuclear reactor systems. Routine, hardware-oriented fault tree construction can be automated; however, considerable effort is needed in this area to get the methodology into production status. When this status is achieved, the entire analysis of hardware systems will be automated except for the system definition step. Automated analysis is not undesirable; to the contrary, when verified on adequately complex systems, automated analysis could well become a routine analysis. It could also provide an excellent start for a more in-depth fault tree analysis that includes environmental effects, common mode failure, and human errors. The automated analysis is extremely fast and frees the analyst from the routine hardware-oriented fault tree construction, as well as eliminates logic errors and errors of oversight in this part of the analysis. Automated analysis then affords the analyst a powerful tool to allow his prime efforts to be devoted to unearthing more subtle aspects of the modes of failure of the system

Breaking the fault tree circular logic

International Nuclear Information System (INIS)

Lankin, M.

2000-01-01

Event tree - fault tree approach to model failures of nuclear plants as well as of other complex facilities is noticeably dominant now. This approach implies modeling an object in form of unidirectional logical graph - tree, i.e. graph without circular logic. However, genuine nuclear plants intrinsically demonstrate quite a few logical loops (circular logic), especially where electrical systems are involved. This paper shows the incorrectness of existing practice of circular logic breaking by elimination of part of logical dependencies and puts forward a formal algorithm, which enables the analyst to correctly model the failure of complex object, which involves logical dependencies between system and components, in form of fault tree. (author)

[The Application of the Fault Tree Analysis Method in Medical Equipment Maintenance].

Science.gov (United States)

Liu, Hongbin

2015-11-01

In this paper, the traditional fault tree analysis method is presented, detailed instructions for its application characteristics in medical instrument maintenance is made. It is made significant changes when the traditional fault tree analysis method is introduced into the medical instrument maintenance: gave up the logic symbolic, logic analysis and calculation, gave up its complicated programs, and only keep its image and practical fault tree diagram, and the fault tree diagram there are also differences: the fault tree is no longer a logical tree but the thinking tree in troubleshooting, the definition of the fault tree's nodes is different, the composition of the fault tree's branches is also different.

A fault tree analysis strategy using binary decision diagrams

International Nuclear Information System (INIS)

Reay, Karen A.; Andrews, John D.

2002-01-01

The use of binary decision diagrams (BDDs) in fault tree analysis provides both an accurate and efficient means of analysing a system. There is a problem, however, with the conversion process of the fault tree to the BDD. The variable ordering scheme chosen for the construction of the BDD has a crucial effect on its resulting size and previous research has failed to identify any scheme that is capable of producing BDDs for all fault trees. This paper proposes an analysis strategy aimed at increasing the likelihood of obtaining a BDD for any given fault tree, by ensuring the associated calculations are as efficient as possible. The method implements simplification techniques, which are applied to the fault tree to obtain a set of 'minimal' subtrees, equivalent to the original fault tree structure. BDDs are constructed for each, using ordering schemes most suited to their particular characteristics. Quantitative analysis is performed simultaneously on the set of BDDs to obtain the top event probability, the system unconditional failure intensity and the criticality of the basic events

Fault tree analysis for vital area identification

International Nuclear Information System (INIS)

Varnado, G.B.; Ortiz, N.R.

1978-01-01

This paper discusses the use of fault tree analysis to identify those areas of nuclear fuel cycle facilities which must be protected to prevent acts of sabotage that could lead to sifnificant release of radioactive material. By proper manipulation of the fault trees for a plant, an analyst can identify vital areas in a manner consistent with regulatory definitions. This paper discusses the general procedures used in the analysis of any nuclear facility. In addition, a structured, generic approach to the development of the fault trees for nuclear power reactors is presented along with selected results of the application of the generic approach to several plants

A new methodology for the computer-aided construction of fault trees

International Nuclear Information System (INIS)

Salem, S.L.; Apostolakis, G.E.; Okrent, D.

1977-01-01

A methodology for systematically constructing fault trees for general complex systems is developed. A means of modeling component behaviour via decision tables is presented, and a procedure, and a procedure for constructing and editing fault trees, either manually or by computer, is developed. The techniques employed result in a complete fault tree in standard form. In order to demonstrate the methodology, the computer program CAT was developed and is used to construct trees for a nuclear system. By analyzing and comparing these fault trees, several conclusions are reached. First, such an approach can be used to produce fault trees that accurately describe system behaviour. Second, multiple trees can be rapidly produced by defining various TOP events, including system success. Finally, the accuracy and utility of such trees is shown to depend upon the careful development of the decision table models by the analyst, and of the overall system definition itself. Thus the method is seen to be a tool for assisting in the work of fault tree construction rather than a replacement for the careful work of the fault tree analyst. (author)

Fault tree analysis of a research reactor

International Nuclear Information System (INIS)

Hall, J.A.; O'Dacre, D.F.; Chenier, R.J.; Arbique, G.M.

1986-08-01

Fault Tree Analysis Techniques have been used to assess the safety system of the ZED-2 Research Reactor at the Chalk River Nuclear Laboratories. This turned out to be a strong test of the techniques involved. The resulting fault tree was large and because of inter-links in the system structure the tree was not modularized. In addition, comprehensive documentation was required. After a brief overview of the reactor and the analysis, this paper concentrates on the computer tools that made the job work. Two types of tools were needed; text editing and forms management capability for large volumes of component and system data, and the fault tree codes themselves. The solutions (and failures) are discussed along with the tools we are already developing for the next analysis

Computer-oriented approach to fault-tree construction

International Nuclear Information System (INIS)

Salem, S.L.; Apostolakis, G.E.; Okrent, D.

1976-11-01

A methodology for systematically constructing fault trees for general complex systems is developed and applied, via the Computer Automated Tree (CAT) program, to several systems. A means of representing component behavior by decision tables is presented. The method developed allows the modeling of components with various combinations of electrical, fluid and mechanical inputs and outputs. Each component can have multiple internal failure mechanisms which combine with the states of the inputs to produce the appropriate output states. The generality of this approach allows not only the modeling of hardware, but human actions and interactions as well. A procedure for constructing and editing fault trees, either manually or by computer, is described. The techniques employed result in a complete fault tree, in standard form, suitable for analysis by current computer codes. Methods of describing the system, defining boundary conditions and specifying complex TOP events are developed in order to set up the initial configuration for which the fault tree is to be constructed. The approach used allows rapid modifications of the decision tables and systems to facilitate the analysis and comparison of various refinements and changes in the system configuration and component modeling

Interactive system design using the complementarity of axiomatic design and fault tree analysis

International Nuclear Information System (INIS)

Heo, Gyun Young; Do, Sung Hee; Lee, Tae Sik

2007-01-01

To efficiently design safety-critical systems such as nuclear power plants, with requirement of high reliability, methodologies allowing for rigorous interactions between the synthesis and analysis processes have been proposed. This paper attempts to develop a reliability-centered design framework through an interactive process between Axiomatic Design (AD) and Fault Tree Analysis (FTA). Integrating AD and FTA into a single framework appears to be a viable solution, as they compliment each other with their unique advantages. AD provides a systematic synthesis tool while FTA is commonly used as a safety analysis tool. These methodologies build a design process that is less subjective, and they enable designers to develop insights that lead to solutions with improved reliability. Due to the nature of the two methodologies, the information involved in each process is complementary: a success tree versus a fault tree. Thus, at each step a system using AD is synthesized, and its reliability is then quantified using the FT derived from the AD synthesis process. The converted FT provides an opportunity to examine the completeness of the outcome from the synthesis process. This study presents an example of the design of a Containment Heat Removal System (CHRS). A case study illustrates the process of designing the CHRS with an interactive design framework focusing on the conversion of the AD process to FTA

Naive Fault Tree : formulation of the approach

NARCIS (Netherlands)

Rajabalinejad, M

2017-01-01

Naive Fault Tree (NFT) accepts a single value or a range of values for each basic event and returns values for the top event. This accommodates the need of commonly used Fault Trees (FT) for precise data making them prone to data concerns and limiting their area of application. This paper extends

A knowledge-based approach to the evaluation of fault trees

International Nuclear Information System (INIS)

Hwang, Yann-Jong; Chow, Louis R.; Huang, Henry C.

1996-01-01

A list of critical components is useful for determining the potential problems of a complex system. However, to find this list through evaluating the fault trees is expensive and time consuming. This paper intends to propose an integrated software program which consists of a fault tree constructor, a knowledge base, and an efficient algorithm for evaluating minimal cut sets of a large fault tree. The proposed algorithm uses the approaches of top-down heuristic searching and the probability-based truncation. That makes the evaluation of fault trees obviously efficient and provides critical components for solving the potential problems in complex systems. Finally, some practical fault trees are included to illustrate the results

Automatic fault tree generation in the EPR PSA project

International Nuclear Information System (INIS)

Villatte, N; Nonclercq, P.; Taupy, S.

2012-01-01

Tools (KB3 and Atelier EPS) have been developed at EDF to assist the analysts in building fault trees for PSA (Probabilistic Safety Assessment) and importing them into RiskSpectrum (RiskSpectrum is a Swedish code used at EDF for PSA). System modelling is performed using KB3 software with a knowledge base describing generic classes of components with their behaviour and failure modes. Using these classes of components, the analyst can describe (using a graphical system editor): a simplified system diagram from the mechanical system drawings and functional descriptions, the missions of the studied system (in a form of high level fault trees) and its different configurations for the missions. He can also add specific knowledge about the system. Then, the analyst chooses missions and configurations to specify and launch fault trees generations. From the system description, KB3 produces by backward-chaining on rules, detailed system fault trees. These fault trees are finally imported into RiskSpectrum (they are converted by Atelier EPS into a format readable by RiskSpectrum). KB3 and Atelier EPS have been used to create the majority of the fault trees for the EDF EPR Probabilistic Safety Analysis conducted from November 2009 to March 2010. 25 systems were modelled, and 127 fault trees were automatically generated in a rather short time by different analysts with the help of these tools. A feedback shows a lot of advantages to use KB3 and Atelier EPS: homogeneity and consistency between the different generated fault trees, traceability of modelling, control of modelling and last but not least: the automation of detailed fault tree creation relieves the human analyst of this tedious task so that he can focus his attention on more important tasks: modelling the failure of a function. This industrial application has also helped us gather an interesting feedback from the analysts that should help us improve the handling of the tools. We propose in this paper indeed some

The fault tree as a tool in safety analysis in nuclear power plants

International Nuclear Information System (INIS)

Waddington, J.G.; Wild, A.

1981-01-01

Modern safety analysis must be able to identify realistic failure modes based on realistic operation and system malfunction, demonstrate rigorously that adequate independence exists between a malfunctioning system and those other systems required to mitigate the effects of the malfunction, design adequate reliability into systems important to plant safety and to demonstrate rigorously that the design reliability is met in operation, and identify the realistic actions expected of the operator. Fault trees, which have proved to be a powerful tool to achieve these objectives, are inevitably large and must be computerized. However, the computerized system must be simple, must allow merging of branches developed independently, must provide for easy modification and the processing must be economical and easily accessible. A new system for displaying, plotting and analysing fault trees has been developed and implemented on a small computer at AECB to demonstrate the viability of the approach to designers, and to provide a tool to assess licensee's submissions on failure modes of support systems such as electrical, service water and air, and to assess reliability predictions for special safety systems. (author)

Accident Fault Trees for Defense Waste Processing Facility

Energy Technology Data Exchange (ETDEWEB)

Sarrack, A.G.

1999-06-22

The purpose of this report is to document fault tree analyses which have been completed for the Defense Waste Processing Facility (DWPF) safety analysis. Logic models for equipment failures and human error combinations that could lead to flammable gas explosions in various process tanks, or failure of critical support systems were developed for internal initiating events and for earthquakes. These fault trees provide frequency estimates for support systems failures and accidents that could lead to radioactive and hazardous chemical releases both on-site and off-site. Top event frequency results from these fault trees will be used in further APET analyses to calculate accident risk associated with DWPF facility operations. This report lists and explains important underlying assumptions, provides references for failure data sources, and briefly describes the fault tree method used. Specific commitments from DWPF to provide new procedural/administrative controls or system design changes are listed in the ''Facility Commitments'' section. The purpose of the ''Assumptions'' section is to clarify the basis for fault tree modeling, and is not necessarily a list of items required to be protected by Technical Safety Requirements (TSRs).

A practical method for accurate quantification of large fault trees

International Nuclear Information System (INIS)

Choi, Jong Soo; Cho, Nam Zin

2007-01-01

This paper describes a practical method to accurately quantify top event probability and importance measures from incomplete minimal cut sets (MCS) of a large fault tree. The MCS-based fault tree method is extensively used in probabilistic safety assessments. Several sources of uncertainties exist in MCS-based fault tree analysis. The paper is focused on quantification of the following two sources of uncertainties: (1) the truncation neglecting low-probability cut sets and (2) the approximation in quantifying MCSs. The method proposed in this paper is based on a Monte Carlo simulation technique to estimate probability of the discarded MCSs and the sum of disjoint products (SDP) approach complemented by the correction factor approach (CFA). The method provides capability to accurately quantify the two uncertainties and estimate the top event probability and importance measures of large coherent fault trees. The proposed fault tree quantification method has been implemented in the CUTREE code package and is tested on the two example fault trees

New algorithm to detect modules in a fault tree for a PSA

International Nuclear Information System (INIS)

Jung, Woo Sik

2015-01-01

A module or independent subtree is a part of a fault tree whose child gates or basic events are not repeated in the remaining part of the fault tree. Modules are necessarily employed in order to reduce the computational costs of fault tree quantification. This paper presents a new linear time algorithm to detect modules of large fault trees. The size of cut sets can be substantially reduced by replacing independent subtrees in a fault tree with super-components. Chatterjee and Birnbaum developed properties of modules, and demonstrated their use in the fault tree analysis. Locks expanded the concept of modules to non-coherent fault trees. Independent subtrees were manually identified while coding a fault tree for computer analysis. However, nowadays, the independent subtrees are automatically identified by the fault tree solver. A Dutuit and Rauzy (DR) algorithm to detect modules of a fault tree for coherent or non-coherent fault tree was proposed in 1996. It has been well known that this algorithm quickly detects modules since it is a linear time algorithm. The new algorithm minimizes computational memory and quickly detects modules. Furthermore, it can be easily implemented into industry fault tree solvers that are based on traditional Boolean algebra, binary decision diagrams (BDDs), or Zero-suppressed BDDs. The new algorithm employs only two scalar variables in Eqs. to that are volatile information. After finishing the traversal and module detection of each node, the volatile information is destroyed. Thus, the new algorithm does not employ any other additional computational memory and operations. It is recommended that this method be implemented into fault tree solvers for efficient probabilistic safety assessment (PSA) of nuclear power plants

New algorithm to detect modules in a fault tree for a PSA

Energy Technology Data Exchange (ETDEWEB)

Jung, Woo Sik [Sejong University, Seoul (Korea, Republic of)

2015-05-15

A module or independent subtree is a part of a fault tree whose child gates or basic events are not repeated in the remaining part of the fault tree. Modules are necessarily employed in order to reduce the computational costs of fault tree quantification. This paper presents a new linear time algorithm to detect modules of large fault trees. The size of cut sets can be substantially reduced by replacing independent subtrees in a fault tree with super-components. Chatterjee and Birnbaum developed properties of modules, and demonstrated their use in the fault tree analysis. Locks expanded the concept of modules to non-coherent fault trees. Independent subtrees were manually identified while coding a fault tree for computer analysis. However, nowadays, the independent subtrees are automatically identified by the fault tree solver. A Dutuit and Rauzy (DR) algorithm to detect modules of a fault tree for coherent or non-coherent fault tree was proposed in 1996. It has been well known that this algorithm quickly detects modules since it is a linear time algorithm. The new algorithm minimizes computational memory and quickly detects modules. Furthermore, it can be easily implemented into industry fault tree solvers that are based on traditional Boolean algebra, binary decision diagrams (BDDs), or Zero-suppressed BDDs. The new algorithm employs only two scalar variables in Eqs. to that are volatile information. After finishing the traversal and module detection of each node, the volatile information is destroyed. Thus, the new algorithm does not employ any other additional computational memory and operations. It is recommended that this method be implemented into fault tree solvers for efficient probabilistic safety assessment (PSA) of nuclear power plants.

KCUT, code to generate minimal cut sets for fault trees

International Nuclear Information System (INIS)

Han, Sang Hoon

2008-01-01

1 - Description of program or function: KCUT is a software to generate minimal cut sets for fault trees. 2 - Methods: Expand a fault tree into cut sets and delete non minimal cut sets. 3 - Restrictions on the complexity of the problem: Size and complexity of the fault tree

Selection the Optimum Suppliers Compound Using a Mixed Model of MADM and Fault Tree Analysis

Directory of Open Access Journals (Sweden)

Meysam Azimian

2017-03-01

Full Text Available In this paper, an integrated approach of MADM and fault tree analysis (FTA is provided for determining the most reliable combination of suppliers for a strategic product in IUT University. At first, risks of suppliers is estimated by defining the indices for evaluating them, determining their relative status indices and using satisfying and SAW methods. Then, intrinsic risks of utilized equipments in the products are qualified and the final integrated risk for equipments is determined. Finally, through all the different scenarios, the best composition of equipment suppliers is selected by defining the palpable top events and fault tree analysis. The contribution of this paper is about proposing an integrated method of MADM and FTA to determine the most reliable suppliers in order to minimize the final risk of providing a product.

Methods of fault tree analysis and their limits

International Nuclear Information System (INIS)

Weber, G.G.

1984-12-01

Some recent methodological developments of fault tree analysis are discussed and limits of fault tree analysis and a criterion for admissibility of structure functions are given. It is shown that there are interesting relations to switching theory and to stochastic processes. (orig./HP) [de

Systematic evaluation of fault trees using real-time model checker UPPAAL

International Nuclear Information System (INIS)

Cha, Sungdeok; Son, Hanseong; Yoo, Junbeom; Jee, Eunkyung; Seong, Poong Hyun

2003-01-01

Fault tree analysis, the most widely used safety analysis technique in industry, is often applied manually. Although techniques such as cutset analysis or probabilistic analysis can be applied on the fault tree to derive further insights, they are inadequate in locating flaws when failure modes in fault tree nodes are incorrectly identified or when causal relationships among failure modes are inaccurately specified. In this paper, we demonstrate that model checking technique is a powerful tool that can formally validate the accuracy of fault trees. We used a real-time model checker UPPAAL because the system we used as the case study, nuclear power emergency shutdown software named Wolsong SDS2, has real-time requirements. By translating functional requirements written in SCR-style tabular notation into timed automata, two types of properties were verified: (1) if failure mode described in a fault tree node is consistent with the system's behavioral model; and (2) whether or not a fault tree node has been accurately decomposed. A group of domain engineers with detailed technical knowledge of Wolsong SDS2 and safety analysis techniques developed fault tree used in the case study. However, model checking technique detected subtle ambiguities present in the fault tree

α-Cut method based importance measure for criticality analysis in fuzzy probability – Based fault tree analysis

International Nuclear Information System (INIS)

Purba, Julwan Hendry; Sony Tjahyani, D.T.; Widodo, Surip; Tjahjono, Hendro

2017-01-01

Highlights: •FPFTA deals with epistemic uncertainty using fuzzy probability. •Criticality analysis is important for reliability improvement. •An α-cut method based importance measure is proposed for criticality analysis in FPFTA. •The α-cut method based importance measure utilises α-cut multiplication, α-cut subtraction, and area defuzzification technique. •Benchmarking confirm that the proposed method is feasible for criticality analysis in FPFTA. -- Abstract: Fuzzy probability – based fault tree analysis (FPFTA) has been recently developed and proposed to deal with the limitations of conventional fault tree analysis. In FPFTA, reliabilities of basic events, intermediate events and top event are characterized by fuzzy probabilities. Furthermore, the quantification of the FPFTA is based on fuzzy multiplication rule and fuzzy complementation rule to propagate uncertainties from basic event to the top event. Since the objective of the fault tree analysis is to improve the reliability of the system being evaluated, it is necessary to find the weakest path in the system. For this purpose, criticality analysis can be implemented. Various importance measures, which are based on conventional probabilities, have been developed and proposed for criticality analysis in fault tree analysis. However, not one of those importance measures can be applied for criticality analysis in FPFTA, which is based on fuzzy probability. To be fully applied in nuclear power plant probabilistic safety assessment, FPFTA needs to have its corresponding importance measure. The objective of this study is to develop an α-cut method based importance measure to evaluate and rank the importance of basic events for criticality analysis in FPFTA. To demonstrate the applicability of the proposed measure, a case study is performed and its results are then benchmarked to the results generated by the four well known importance measures in conventional fault tree analysis. The results

RELOSS, Reliability of Safety System by Fault Tree Analysis

International Nuclear Information System (INIS)

Allan, R.N.; Rondiris, I.L.; Adraktas, A.

1981-01-01

1 - Description of problem or function: Program RELOSS is used in the reliability/safety assessment of any complex system with predetermined operational logic in qualitative and (if required) quantitative terms. The program calculates the possible system outcomes following an abnormal operating condition and the probability of occurrence, if required. Furthermore, the program deduces the minimal cut or tie sets of the system outcomes and identifies the potential common mode failures. 4. Method of solution: The reliability analysis performed by the program is based on the event tree methodology. Using this methodology, the program develops the event tree of a system or a module of that system and relates each path of this tree to its qualitative and/or quantitative impact on specified system or module outcomes. If the system being analysed is subdivided into modules the program assesses each module in turn as described previously and then combines the module information to obtain results for the overall system. Having developed the event tree of a module or a system, the program identifies which paths lead or do not lead to various outcomes depending on whether the cut or the tie sets of the outcomes are required and deduces the corresponding sets. Furthermore the program identifies for a specific system outcome, the potential common mode failures and the cut or tie sets containing potential dependent failures of some components. 5. Restrictions on the complexity of the problem: The present dimensions of the program are as follows. They can however be easily modified: Maximum number of modules (equivalent components): 25; Maximum number of components in a module: 15; Maximum number of levels of parentheses in a logical statement: 10 Maximum number of system outcomes: 3; Maximum number of module outcomes: 2; Maximum number of points in time for which quantitative analysis is required: 5; Maximum order of any cut or tie set: 10; Maximum order of a cut or tie of any

Use of fault and decision tree analyses to protect against industrial sabotage

International Nuclear Information System (INIS)

Fullwood, R.R.; Erdmann, R.C.

1975-01-01

Fault tree and decision tree analyses provide systematic bases for evaluation of safety systems and procedures. Heuristically, this paper shows applications of these methods for industrial sabotage analysis at a reprocessing plant. Fault trees constructed by ''leak path'' analysis for completeness through path inventory. The escape fault tree is readily developed by this method and using the reciprocal character of the trees, the attack fault tree is constructed. After construction, the events on the fault tree are corrected for their nonreciprocal character. The fault trees are algebraically solved and the protection that is afforded is ranked by the number of barriers that must be penetrated. No attempt is made to assess the barrier penetration probabilities or penetration time duration. Event trees are useful for dynamic plant protection analysis through their time-sequencing character. To illustrate their usefulness, a simple attack scenario is devised and event-tree analyzed. Two saboteur success paths and 21 failure paths are found. This example clearly shows the event tree usefulness for concisely presenting the time sequencing of key decision points. However, event trees have the disadvantage of being scenario dependent, therefore requiring a separate event tree for each scenario

Reset Tree-Based Optical Fault Detection

Directory of Open Access Journals (Sweden)

Howon Kim

2013-05-01

Full Text Available In this paper, we present a new reset tree-based scheme to protect cryptographic hardware against optical fault injection attacks. As one of the most powerful invasive attacks on cryptographic hardware, optical fault attacks cause semiconductors to misbehave by injecting high-energy light into a decapped integrated circuit. The contaminated result from the affected chip is then used to reveal secret information, such as a key, from the cryptographic hardware. Since the advent of such attacks, various countermeasures have been proposed. Although most of these countermeasures are strong, there is still the possibility of attack. In this paper, we present a novel optical fault detection scheme that utilizes the buffers on a circuit’s reset signal tree as a fault detection sensor. To evaluate our proposal, we model radiation-induced currents into circuit components and perform a SPICE simulation. The proposed scheme is expected to be used as a supplemental security tool.

MFAULT: a computer program for analyzing fault trees

International Nuclear Information System (INIS)

Pelto, P.J.; Purcell, W.L.

1977-11-01

A description and user instructions are presented for MFAULT, a FORTRAN computer program for fault tree analysis. MFAULT identifies the cut sets of a fault tree, calculates their probabilities, and screens the cut sets on the basis of specified cut-offs on probability and/or cut set length. MFAULT is based on an efficient upward-working algorithm for cut set identification. The probability calculations are based on the assumption of small probabilities and constant hazard rates (i.e., exponential failure distributions). Cut sets consisting of repairable components (basic events) only, non-repairable components only, or mixtures of both types can be evaluated. Components can be on-line or standby. Unavailability contributions from pre-existing failures, failures on demand, and testing and maintenance down-time can be handled. MFAULT can analyze fault trees with AND gates, OR gates, inhibit gates, on switches (houses) and off switches. The code is presently capable of finding up to ten event cut sets from a fault tree with up to 512 basic events and 400 gates. It is operational on the CONTROL DATA CYBER 74 computer. 11 figures

New approaches to evaluating fault trees

International Nuclear Information System (INIS)

Sinnamon, R.M.; Andrews, J.D.

1997-01-01

Fault Tree Analysis is now a widely accepted technique to assess the probability and frequency of system failure in many industries. For complex systems an analysis may produce hundreds of thousands of combinations of events which can cause system failure (minimal cut sets). The determination of these cut sets can be a very time consuming process even on modern high speed digital computers. Computerised methods, such as bottom-up or top-down approaches, to conduct this analysis are now so well developed that further refinement is unlikely to result in vast reductions in computer time. It is felt that substantial improvement in computer utilisation will only result from a completely new approach. This paper describes the use of a Binary Decision Diagram for Fault Tree Analysis and some ways in which it can be efficiently implemented on a computer. In particular, attention is given to the production of a minimum form of the Binary Decision Diagram by considering the ordering that has to be given to the basic events of the fault tree

System assessment using modular logic fault tree methodology

International Nuclear Information System (INIS)

Troncoso Fleitas, M.

1996-01-01

In the process of a Probabilistic Safety analysis (PSA) study a large number of fault trees are generated by different specialist. Modular Logic Fault Tree Methodology pave the way the way to systematize the procedures and to unify the criteria in the process of systems modulation. An example of of the application of this methodology is shown

Sequence Algebra, Sequence Decision Diagrams and Dynamic Fault Trees

International Nuclear Information System (INIS)

Rauzy, Antoine B.

2011-01-01

A large attention has been focused on the Dynamic Fault Trees in the past few years. By adding new gates to static (regular) Fault Trees, Dynamic Fault Trees aim to take into account dependencies among events. Merle et al. proposed recently an algebraic framework to give a formal interpretation to these gates. In this article, we extend Merle et al.'s work by adopting a slightly different perspective. We introduce Sequence Algebras that can be seen as Algebras of Basic Events, representing failures of non-repairable components. We show how to interpret Dynamic Fault Trees within this framework. Finally, we propose a new data structure to encode sets of sequences of Basic Events: Sequence Decision Diagrams. Sequence Decision Diagrams are very much inspired from Minato's Zero-Suppressed Binary Decision Diagrams. We show that all operations of Sequence Algebras can be performed on this data structure.

Fault tree analysis on BWR core spray system

International Nuclear Information System (INIS)

Watanabe, Norio

1982-06-01

Fault Trees which describe the failure modes for the Core Spray System function in the Browns Ferry Nuclear Plant (BWR 1065MWe) were developed qualitatively and quantitatively. The unavailability for the Core Spray System was estimated to be 1.2 x 10 - 3 /demand. It was found that the miscalibration of four reactor pressure sensors or the failure to open of the two inboard valves (FCV 75-25 and 75-53) could reduce system reliability significantly. It was recommended that the pressure sensors would be calibrated independently. The introduction of the redundant inboard valves could improve the system reliability. Thus this analysis method was verified useful for system analysis. The detailed test and maintenance manual and the informations on the control logic circuits of each active component are necessary for further analysis. (author)

Fault trees for diagnosis of system fault conditions

International Nuclear Information System (INIS)

Lambert, H.E.; Yadigaroglu, G.

1977-01-01

Methods for generating repair checklists on the basis of fault tree logic and probabilistic importance are presented. A one-step-ahead optimization procedure, based on the concept of component criticality, minimizing the expected time to diagnose system failure is outlined. Options available to the operator of a nuclear power plant when system fault conditions occur are addressed. A low-pressure emergency core cooling injection system, a standby safeguard system of a pressurized water reactor power plant, is chosen as an example illustrating the methods presented

A Study on Landslide Risk Management by Applying Fault Tree Logics

Directory of Open Access Journals (Sweden)

Kazmi Danish

2017-01-01

Full Text Available Slope stability is one of the focal areas of curiosity to geotechnical designers and also appears logical for the application of probabilistic approaches since the analysis lead to a “probability of failure”. Assessment of the existing slopes in relation with risks seems to be more meaningful when concerning with landslides. Probabilistic slope stability analysis (PSSA is the best option in covering the landslides events. The intent here is to bid a probabilistic framework for quantified risk analysis with human uncertainties. In this regard, Fault Tree Analysis is utilized and for prediction of risk levels, consequences of the failures of the reference landslides have been taken. It is concluded that logics of fault trees is best fit, to clinch additional categories of uncertainty; like human, organizational, and knowledge related. In actual, the approach has been used in bringing together engineering and management performances and personnel, to produce reliability in slope engineering practices.

PL-MOD: a computer code for modular fault tree analysis and evaluation

International Nuclear Information System (INIS)

Olmos, J.; Wolf, L.

1978-01-01

The computer code PL-MOD has been developed to implement the modular methodology to fault tree analysis. In the modular approach, fault tree structures are characterized by recursively relating the top tree event to all basic event inputs through a set of equations, each defining an independent modular event for the tree. The advantages of tree modularization lie in that it is a more compact representation than the minimal cut-set description and in that it is well suited for fault tree quantification because of its recursive form. In its present version, PL-MOD modularizes fault trees and evaluates top and intermediate event failure probabilities, as well as basic component and modular event importance measures, in a very efficient way. Thus, its execution time for the modularization and quantification of a PWR High Pressure Injection System reduced fault tree was 25 times faster than that necessary to generate its equivalent minimal cut-set description using the computer code MOCUS

Failure rate modeling using fault tree analysis and Bayesian network: DEMO pulsed operation turbine study case

International Nuclear Information System (INIS)

Dongiovanni, Danilo Nicola; Iesmantas, Tomas

2016-01-01

Highlights: • RAMI (Reliability, Availability, Maintainability and Inspectability) assessment of secondary heat transfer loop for a DEMO nuclear fusion plant. • Definition of a fault tree for a nuclear steam turbine operated in pulsed mode. • Turbine failure rate models update by mean of a Bayesian network reflecting the fault tree analysis in the considered scenario. • Sensitivity analysis on system availability performance. - Abstract: Availability will play an important role in the Demonstration Power Plant (DEMO) success from an economic and safety perspective. Availability performance is commonly assessed by Reliability Availability Maintainability Inspectability (RAMI) analysis, strongly relying on the accurate definition of system components failure modes (FM) and failure rates (FR). Little component experience is available in fusion application, therefore requiring the adaptation of literature FR to fusion plant operating conditions, which may differ in several aspects. As a possible solution to this problem, a new methodology to extrapolate/estimate components failure rate under different operating conditions is presented. The DEMO Balance of Plant nuclear steam turbine component operated in pulse mode is considered as study case. The methodology moves from the definition of a fault tree taking into account failure modes possibly enhanced by pulsed operation. The fault tree is then translated into a Bayesian network. A statistical model for the turbine system failure rate in terms of subcomponents’ FR is hence obtained, allowing for sensitivity analyses on the structured mixture of literature and unknown FR data for which plausible value intervals are investigated to assess their impact on the whole turbine system FR. Finally, the impact of resulting turbine system FR on plant availability is assessed exploiting a Reliability Block Diagram (RBD) model for a typical secondary cooling system implementing a Rankine cycle. Mean inherent availability

Failure rate modeling using fault tree analysis and Bayesian network: DEMO pulsed operation turbine study case

Energy Technology Data Exchange (ETDEWEB)

Dongiovanni, Danilo Nicola, E-mail: danilo.dongiovanni@enea.it [ENEA, Nuclear Fusion and Safety Technologies Department, via Enrico Fermi 45, Frascati 00040 (Italy); Iesmantas, Tomas [LEI, Breslaujos str. 3 Kaunas (Lithuania)

2016-11-01

Highlights: • RAMI (Reliability, Availability, Maintainability and Inspectability) assessment of secondary heat transfer loop for a DEMO nuclear fusion plant. • Definition of a fault tree for a nuclear steam turbine operated in pulsed mode. • Turbine failure rate models update by mean of a Bayesian network reflecting the fault tree analysis in the considered scenario. • Sensitivity analysis on system availability performance. - Abstract: Availability will play an important role in the Demonstration Power Plant (DEMO) success from an economic and safety perspective. Availability performance is commonly assessed by Reliability Availability Maintainability Inspectability (RAMI) analysis, strongly relying on the accurate definition of system components failure modes (FM) and failure rates (FR). Little component experience is available in fusion application, therefore requiring the adaptation of literature FR to fusion plant operating conditions, which may differ in several aspects. As a possible solution to this problem, a new methodology to extrapolate/estimate components failure rate under different operating conditions is presented. The DEMO Balance of Plant nuclear steam turbine component operated in pulse mode is considered as study case. The methodology moves from the definition of a fault tree taking into account failure modes possibly enhanced by pulsed operation. The fault tree is then translated into a Bayesian network. A statistical model for the turbine system failure rate in terms of subcomponents’ FR is hence obtained, allowing for sensitivity analyses on the structured mixture of literature and unknown FR data for which plausible value intervals are investigated to assess their impact on the whole turbine system FR. Finally, the impact of resulting turbine system FR on plant availability is assessed exploiting a Reliability Block Diagram (RBD) model for a typical secondary cooling system implementing a Rankine cycle. Mean inherent availability

Microcomputer applications of, and modifications to, the modular fault trees

International Nuclear Information System (INIS)

Zimmerman, T.L.; Graves, N.L.; Payne, A.C. Jr.; Whitehead, D.W.

1994-10-01

The LaSalle Probabilistic Risk Assessment was the first major application of the modular logic fault trees after the IREP program. In the process of performing the analysis, many errors were discovered in the fault tree modules that led to difficulties in combining the modules to form the final system fault trees. These errors are corrected in the revised modules listed in this report. In addition, the application of the modules in terms of editing them and forming them into the system fault trees was inefficient. Originally, the editing had to be done line by line and no error checking was performed by the computer. This led to many typos and other logic errors in the construction of the modular fault tree files. Two programs were written to help alleviate this problem: (1) MODEDIT - This program allows an operator to retrieve a file for editing, edit the file for the plant specific application, perform some general error checking while the file is being modified, and store the file for later use, and (2) INDEX - This program checks that the modules that are supposed to form one fault tree all link up appropriately before the files are,loaded onto the mainframe computer. Lastly, the modules were not designed for relay type logic common in BWR designs but for solid state type logic. Some additional modules were defined for modeling relay logic, and an explanation and example of their use are included in this report

Report on AECB consultative document C-70: The use of fault trees in licensing submissions

International Nuclear Information System (INIS)

1984-01-01

The Atomic Energy Control Board (AECB) has issued Consultative Document C-70, 'The Use of Fault Trees in Licensing Submissions', for public comment. The Advisory Committee on Nuclear Safety (ACNS) has examined this document and ACNS members have met with AECB staff and representatives of the nuclear industry to discuss it. The ACNS presents its comments and recommendations in this report. The consultative document defines a fault tree as a hierarchically-structured graphical representation of system failures and their potential causes. The document then states certain basic characteristics or attributes which fault trees should possess, and certain conditions affecting the use of fault trees. It defines fault tree fundamentals, sets criteria for the application of fault trees to systems and defines ground rules for a fault tree format. Finally, in two appendices, it includes specific rules for fault tree symbols and fault tree description files for computer use. The appendices are referred to in the text as 'acceptable' standards or methods

MAPLE-II. A program for plotting fault trees

International Nuclear Information System (INIS)

Poucet, A.; Van Den Muyzenberg, C.L.

1987-01-01

The MAPLE II code is an improved version of the MAPLE program for plotting fault trees. MAPLE II has added features which make it a versatile tool for drawing large and complex logic trees. The code is developed as part of a package for computer aided fault tree construction and analysis in which it is integrated and used as a documentation tool. However the MAPLE II code can be used as a separate program which uses as input a structure function of a tree and a description of the events and gates which make up the tree. This report includes a short description of the code and of its features. Moreover it contains the how-to-use and some indications for implementing the code and for adapting it to different graphics systems

Fault tree and failure mode and effects analysis of a digital safety function

International Nuclear Information System (INIS)

Maskuniitty, M.; Pulkkinen, U.

1995-01-01

The principles of fault tree and failure mode and effects analysis (FMEA) for the analysis of digital safety functions of nuclear power plants are discussed. Based on experiences from a case study, a proposal for a full scale analysis is presented. The feasibility and applicability the above mentioned reliability engineering methods are discussed. (author). 13 refs, 1 fig., 2 tabs

A Method to Quantify Plant Availability and Initiating Event Frequency Using a Large Event Tree, Small Fault Tree Model

International Nuclear Information System (INIS)

Kee, Ernest J.; Sun, Alice; Rodgers, Shawn; Popova, ElmiraV; Nelson, Paul; Moiseytseva, Vera; Wang, Eric

2006-01-01

South Texas Project uses a large fault tree to produce scenarios (minimal cut sets) used in quantification of plant availability and event frequency predictions. On the other hand, the South Texas Project probabilistic risk assessment model uses a large event tree, small fault tree for quantifying core damage and radioactive release frequency predictions. The South Texas Project is converting its availability and event frequency model to use a large event tree, small fault in an effort to streamline application support and to provide additional detail in results. The availability and event frequency model as well as the applications it supports (maintenance and operational risk management, system engineering health assessment, preventive maintenance optimization, and RIAM) are briefly described. A methodology to perform availability modeling in a large event tree, small fault tree framework is described in detail. How the methodology can be used to support South Texas Project maintenance and operations risk management is described in detail. Differences with other fault tree methods and other recently proposed methods are discussed in detail. While the methods described are novel to the South Texas Project Risk Management program and to large event tree, small fault tree models, concepts in the area of application support and availability modeling have wider applicability to the industry. (authors)

Implementation of PATREC nuclear reliability program in LISP

International Nuclear Information System (INIS)

Patterson-Hine, F.A.; Koen, B.V.

1985-01-01

The reliability of large systems can be represented by reliability fault trees that contain the failure probabilities for the individual elements in the original network and the logical connectives that describe the interdependence of those probabilities. The PATREC 1 computer code was written to demonstrate the feasibility of using list processing techniques for the resolution of a reliability fault tree by pattern recognition. PATREC 1 was written in PL/1 and is used widely in France. The fault tree is expressed as a linked data structure, oriented, mapped into an end-ordered traverse, and used to retrieve known patterns stored as a linked-tree library. The basic idea of pattern recognition is to prune the fault tree by identifying known patterns, retrieving the corresponding mathematical equation, and evaluating the replacement leaves. This process is repeated until the original tree is reduced to a single leaf - the system reliability

Using minimal spanning trees to compare the reliability of network topologies

Science.gov (United States)

Leister, Karen J.; White, Allan L.; Hayhurst, Kelly J.

1990-01-01

Graph theoretic methods are applied to compute the reliability for several types of networks of moderate size. The graph theory methods used are minimal spanning trees for networks with bi-directional links and the related concept of strongly connected directed graphs for networks with uni-directional links. A comparison is conducted of ring networks and braided networks. The case is covered where just the links fail and the case where both links and nodes fail. Two different failure modes for the links are considered. For one failure mode, the link no longer carries messages. For the other failure mode, the link delivers incorrect messages. There is a description and comparison of link-redundancy versus path-redundancy as methods to achieve reliability. All the computations are carried out by means of a fault tree program.

Application of fault tree analysis to fuel cell diagnosis

Energy Technology Data Exchange (ETDEWEB)

Yousfi Steiner, N.; Mocoteguy, P. [European Institute for Energy Research (EIFER), Karlsruhe (Germany); Hissel, D. [FEMTO-ST/ENISYS/FC LAB, UMR CNRS 6174, University of Franche-Comte, Belfort (France); Candusso, D. [IFSTTAR/FC LAB, Institute of Science and Technology for Transport, Development and Networks, Belfort (France); Marra, D.; Pianese, C.; Sorrentino, M. [Department of Industrial Engineering, University of Salerno, Fisciano (Italy)

2012-04-15

Reliability and lifetime are common issues for the development and commercialization of fuel cells technologies'. As a consequence, their improvement is a major challenge and the last decade has experienced a growing interest in activities that aims at understanding the degradation mechanisms and at developing fuel cell systems diagnosis tools. Fault Tree Analysis (FTA) is one of the deductive tools that allow ''linking'' an undesired state to a combination of lower-level events via a ''top-down'' approach which is mainly used in safety and reliability engineering. The objective of this paper is to give an overview of the use and the contribution of FTA to both SOFC and PEFC diagnosis. (Copyright copyright 2012 WILEY-VCH Verlag GmbH and Co. KGaA, Weinheim)

Component-based modeling of systems for automated fault tree generation

International Nuclear Information System (INIS)

Majdara, Aref; Wakabayashi, Toshio

2009-01-01

One of the challenges in the field of automated fault tree construction is to find an efficient modeling approach that can support modeling of different types of systems without ignoring any necessary details. In this paper, we are going to represent a new system of modeling approach for computer-aided fault tree generation. In this method, every system model is composed of some components and different types of flows propagating through them. Each component has a function table that describes its input-output relations. For the components having different operational states, there is also a state transition table. Each component can communicate with other components in the system only through its inputs and outputs. A trace-back algorithm is proposed that can be applied to the system model to generate the required fault trees. The system modeling approach and the fault tree construction algorithm are applied to a fire sprinkler system and the results are presented

Fault diagnostics of dynamic system operation using a fault tree based method

International Nuclear Information System (INIS)

Hurdle, E.E.; Bartlett, L.M.; Andrews, J.D.

2009-01-01

For conventional systems, their availability can be considerably improved by reducing the time taken to restore the system to the working state when faults occur. Fault identification can be a significant proportion of the time taken in the repair process. Having diagnosed the problem the restoration of the system back to its fully functioning condition can then take place. This paper expands the capability of previous approaches to fault detection and identification using fault trees for application to dynamically changing systems. The technique has two phases. The first phase is modelling and preparation carried out offline. This gathers information on the effects that sub-system failure will have on the system performance. Causes of the sub-system failures are developed in the form of fault trees. The second phase is application. Sensors are installed on the system to provide information about current system performance from which the potential causes can be deduced. A simple system example is used to demonstrate the features of the method. To illustrate the potential for the method to deal with additional system complexity and redundancy, a section from an aircraft fuel system is used. A discussion of the results is provided.

Treatment of complementary events in event trees in constructing linked fault trees for level 1 and level 2 PRA

International Nuclear Information System (INIS)

Jo, Y. G.

2008-01-01

Complementary events in the event trees for a PRA model should be treated properly in order to evaluate plant risk correctly. In this study, the characteristics of the following three different cut-set generation methods were investigated first in order to find the best practical way for treating complementary events: 1) exact method which treats complementary events logically, 2) no-delete term method which does not treat complementary events at all, and 3) delete term method which treats complementary events by deleting nonsense cut-sets which are generated as a result of ignoring complementary events. Then, practical methods for treating complementary events in constructing linked fault trees for level 1 and level 2 PRA in EPRI R and R workstation software environment, where CAFTA is the fault tree editor and FORTE is the cut-set engine, were suggested and demonstrated. The suggested methods deal with the following selected four typical cases: Case 1: an event tree event (E) is represented by a fault tree gate whose inputs consist of only fault tree gates, Case 2: E is represented by a single basic event, Case 3: E is represented by an OR fault tree gate which has a single basic event and a fault tree gate as inputs, and Case 4: E is represented by an AND fault tree gate which has a single basic event and a fault tree gate as inputs. In the suggested methods, first the high level logic structures of event tree events are examined and restructured, if needed. Then, the delete term method, the exact method, and the combination of the two methods are applied to Case 1, Case 2, and Cases 3 and 4, respectively. Also, it is recommended to treat complementary events, using the suggested methods, before level 1 and level 2 PRA fault trees are coupled. It should be noted that the selected four typical cases may not cover all different cases encountered in level 1 and level 2 PRA modeling. However, a process similar to the one suggested in this study may be used to find

Utilization of fault tree analysis techniques in fire protection work

International Nuclear Information System (INIS)

Crass, E.R.

1986-01-01

This paper describes the development of a fault tree model for a typical pressurized water reactor (PWR), and the subsequent use of this model to perform a safe shutdown analysis and determine conformance with Section IIIG of 10 CFR 50, Appendix R. The paper describes the rationale for choosing this analytical tool, the development of the fault tree model, the analysis of the model using the PREP code, disposition of the results, and finally, application of the results to determine the need for plant modifications. It concludes with a review of the strengths and weaknesses of the use of Fault Tree Methodology for this application

An ordering heuristic for building Binary Decision Diagrams for fault-trees

International Nuclear Information System (INIS)

Bouissou, M.

1997-01-01

Binary Decision Diagrams (BDD) have recently made a noticeable entry in the RAMS field. This kind of representation for boolean functions makes possible the assessment of complex fault-trees, both qualitatively (minimal cut-sets search) and quantitatively (exact calculation of top event probability). The object of the paper is to present a pre-processing of the fault-tree which ensures that the results given by different heuristics on the 'optimized' fault-tree are not too sensitive to the way the tree is written. This property is based on a theoretical proof. In contrast with some well known heuristics, the method proposed is not based only on intuition and practical experiments. (author)

Fault tree synthesis for software design analysis of PLC based safety-critical systems

International Nuclear Information System (INIS)

Koo, S. R.; Cho, C. H.; Seong, P. H.

2006-01-01

As a software verification and validation should be performed for the development of PLC based safety-critical systems, a software safety analysis is also considered in line with entire software life cycle. In this paper, we propose a technique of software safety analysis in the design phase. Among various software hazard analysis techniques, fault tree analysis is most widely used for the safety analysis of nuclear power plant systems. Fault tree analysis also has the most intuitive notation and makes both qualitative and quantitative analyses possible. To analyze the design phase more effectively, we propose a technique of fault tree synthesis, along with a universal fault tree template for the architecture modules of nuclear software. Consequently, we can analyze the safety of software on the basis of fault tree synthesis. (authors)

Automated fault tree analysis: the GRAFTER system

International Nuclear Information System (INIS)

Sancaktar, S.; Sharp, D.R.

1985-01-01

An inherent part of probabilistic risk assessment (PRA) is the construction and analysis of detailed fault trees. For this purpose, a fault tree computer graphics code named GRAFTER has been developed. The code system centers around the GRAFTER code. This code is used interactively to construct, store, update and print fault trees of small or large sizes. The SIMON code is used to provide data for the basic event probabilities. ENCODE is used to process the GRAFTER files to prepare input for the WAMCUT code. WAMCUT is used to quantify the top event probability and to identify the cutsets. This code system has been extensively used in various PRA projects. It has resulted in reduced manpower costs, increased QA capability, ease of documentation and it has simplified sensitivity analyses. Because of its automated nature, it is also suitable for LIVING PRA Studies which require updating and modifications during the lifetime of the plant. Brief descriptions and capabilities of the GRAFTER, SIMON and ENCODE codes are provided; an application of the GRAFTER system is outlined; and conclusions and comments on the code system are given

FTA, Fault Tree Analysis for Minimal Cut Sets, Graphics for CALCOMP

International Nuclear Information System (INIS)

Van Slyke, W.J.; Griffing, D.E.; Diven, J.

1978-01-01

1 - Description of problem or function: The FTA (Fault Tree Analysis) system was designed to predict probabilities of the modes of failure for complex systems and to graphically present the structure of systems. There are three programs in the system. Program ALLCUTS performs the calculations. Program KILMER constructs a CalComp plot file of the system fault tree. Program BRANCH builds a cross-reference list of the system fault tree. 2 - Method of solution: ALLCUTS employs a top-down set expansion algorithm to find fault tree cut-sets and then optionally calculates their probability using a currently accepted cut-set quantification method. The methodology is adapted from that in WASH-1400 (draft), August 1974. 3 - Restrictions on the complexity of the problem: Maxima of: 175 basic events, 425 rate events. ALLCUTS may be expanded to solve larger problems depending on available core memory

Review: Evaluation of Foot-and-Mouth Disease Control Using Fault Tree Analysis.

Science.gov (United States)

Isoda, N; Kadohira, M; Sekiguchi, S; Schuppers, M; Stärk, K D C

2015-06-01

An outbreak of foot-and-mouth disease (FMD) causes huge economic losses and animal welfare problems. Although much can be learnt from past FMD outbreaks, several countries are not satisfied with their degree of contingency planning and aiming at more assurance that their control measures will be effective. The purpose of the present article was to develop a generic fault tree framework for the control of an FMD outbreak as a basis for systematic improvement and refinement of control activities and general preparedness. Fault trees are typically used in engineering to document pathways that can lead to an undesired event, that is, ineffective FMD control. The fault tree method allows risk managers to identify immature parts of the control system and to analyse the events or steps that will most probably delay rapid and effective disease control during a real outbreak. The present developed fault tree is generic and can be tailored to fit the specific needs of countries. For instance, the specific fault tree for the 2001 FMD outbreak in the UK was refined based on control weaknesses discussed in peer-reviewed articles. Furthermore, the specific fault tree based on the 2001 outbreak was applied to the subsequent FMD outbreak in 2007 to assess the refinement of control measures following the earlier, major outbreak. The FMD fault tree can assist risk managers to develop more refined and adequate control activities against FMD outbreaks and to find optimum strategies for rapid control. Further application using the current tree will be one of the basic measures for FMD control worldwide. © 2013 Blackwell Verlag GmbH.

Modularization of fault trees: a method to reduce the cost of analysis

International Nuclear Information System (INIS)

Chatterjee, P.

1975-01-01

The problem of analyzing large fault trees is considered. The concept of the finest modular representation of a fault tree is introduced and an algorithm is presented for finding this representation. The algorithm will also identify trees which cannot be modularized. Applications of such modularizations are discussed

An ordering heuristic for building Binary Decision Diagrams for fault-trees

Energy Technology Data Exchange (ETDEWEB)

Bouissou, M. [Electricite de France (EDF), 75 - Paris (France)

1997-12-31

Binary Decision Diagrams (BDD) have recently made a noticeable entry in the RAMS field. This kind of representation for boolean functions makes possible the assessment of complex fault-trees, both qualitatively (minimal cut-sets search) and quantitatively (exact calculation of top event probability). The object of the paper is to present a pre-processing of the fault-tree which ensures that the results given by different heuristics on the `optimized` fault-tree are not too sensitive to the way the tree is written. This property is based on a theoretical proof. In contrast with some well known heuristics, the method proposed is not based only on intuition and practical experiments. (author) 12 refs.

An enhanced component connection method for conversion of fault trees to binary decision diagrams

International Nuclear Information System (INIS)

Remenyte-Prescott, R.; Andrews, J.D.

2008-01-01

Fault tree analysis (FTA) is widely applied to assess the failure probability of industrial systems. Many computer packages are available, which are based on conventional kinetic tree theory methods. When dealing with large (possibly non-coherent) fault trees, the limitations of the technique in terms of accuracy of the solutions and the efficiency of the processing time become apparent. Over recent years, the binary decision diagram (BDD) method has been developed that solves fault trees and overcomes the disadvantages of the conventional FTA approach. First of all, a fault tree for a particular system failure mode is constructed and then converted to a BDD for analysis. This paper analyses alternative methods for the fault tree to BDD conversion process. For most fault tree to BDD conversion approaches, the basic events of the fault tree are placed in an ordering. This can dramatically affect the size of the final BDD and the success of qualitative and quantitative analyses of the system. A set of rules is then applied to each gate in the fault tree to generate the BDD. An alternative approach can also be used, where BDD constructs for each of the gate types are first built and then merged to represent a parent gate. A powerful and efficient property, sub-node sharing, is also incorporated in the enhanced method proposed in this paper. Finally, a combined approach is developed taking the best features of the alternative methods. The efficiency of the techniques is analysed and discussed

Process plant alarm diagnosis using synthesised fault tree knowledge

International Nuclear Information System (INIS)

Trenchard, A.J.

1990-01-01

The development of computer based tools, to assist process plant operators in their task of fault/alarm diagnosis, has received much attention over the last twenty five years. More recently, with the emergence of Artificial Intelligence (AI) technology, the research activity in this subject area has heightened. As a result, there are a great variety of fault diagnosis methodologies, using many different approaches to represent the fault propagation behaviour of process plant. These range in complexity from steady state quantitative models to more abstract definitions of the relationships between process alarms. Unfortunately, very few of the techniques have been tried and tested on process plant and even fewer have been judged to be commercial successes. One of the outstanding problems still remains the time and effort required to understand and model the fault propagation behaviour of each considered process. This thesis describes the development of an experimental knowledge based system (KBS) to diagnose process plant faults, as indicated by process variable alarms. In an attempt to minimise the modelling effort, the KBS has been designed to infer diagnoses using a fault tree representation of the process behaviour, generated using an existing fault tree synthesis package (FAULTFINDER). The process is described to FAULTFINDER as a configuration of unit models, derived from a standard model library or by tailoring existing models. The resultant alarm diagnosis methodology appears to work well for hard (non-rectifying) faults, but is likely to be less robust when attempting to diagnose intermittent faults and transient behaviour. The synthesised fault trees were found to contain the bulk of the information required for the diagnostic task, however, this needed to be augmented with extra information in certain circumstances. (author)

DG TO FT - AUTOMATIC TRANSLATION OF DIGRAPH TO FAULT TREE MODELS

Science.gov (United States)

Iverson, D. L.

1994-01-01

Fault tree and digraph models are frequently used for system failure analysis. Both types of models represent a failure space view of the system using AND and OR nodes in a directed graph structure. Each model has its advantages. While digraphs can be derived in a fairly straightforward manner from system schematics and knowledge about component failure modes and system design, fault tree structure allows for fast processing using efficient techniques developed for tree data structures. The similarities between digraphs and fault trees permits the information encoded in the digraph to be translated into a logically equivalent fault tree. The DG TO FT translation tool will automatically translate digraph models, including those with loops or cycles, into fault tree models that have the same minimum cut set solutions as the input digraph. This tool could be useful, for example, if some parts of a system have been modeled using digraphs and others using fault trees. The digraphs could be translated and incorporated into the fault trees, allowing them to be analyzed using a number of powerful fault tree processing codes, such as cut set and quantitative solution codes. A cut set for a given node is a group of failure events that will cause the failure of the node. A minimum cut set for a node is any cut set that, if any of the failures in the set were to be removed, the occurrence of the other failures in the set will not cause the failure of the event represented by the node. Cut sets calculations can be used to find dependencies, weak links, and vital system components whose failures would cause serious systems failure. The DG TO FT translation system reads in a digraph with each node listed as a separate object in the input file. The user specifies a terminal node for the digraph that will be used as the top node of the resulting fault tree. A fault tree basic event node representing the failure of that digraph node is created and becomes a child of the terminal

Probabilistic risk assessment course documentation. Volume 3. System reliability and analysis techniques, Session A - reliability

International Nuclear Information System (INIS)

Lofgren, E.V.

1985-08-01

This course in System Reliability and Analysis Techniques focuses on the quantitative estimation of reliability at the systems level. Various methods are reviewed, but the structure provided by the fault tree method is used as the basis for system reliability estimates. The principles of fault tree analysis are briefly reviewed. Contributors to system unreliability and unavailability are reviewed, models are given for quantitative evaluation, and the requirements for both generic and plant-specific data are discussed. Also covered are issues of quantifying component faults that relate to the systems context in which the components are embedded. All reliability terms are carefully defined. 44 figs., 22 tabs

Decision table development and application to the construction of fault trees

International Nuclear Information System (INIS)

Salem, S.L.; Wu, J.S.; Apostolakis, G.

1979-01-01

A systematic methodology for the construction of fault trees based on the use of decision tables has been developed. These tables are used to describe each possible output state of a component as a set of combinations of states of inputs and internal operational or T states. Two methods for modeling component behavior via decision tables have been developed, one inductive and one deductive. These methods are useful for creating decision tables that realistically model the operational and failure modes of electrical, mechanical, and hydraulic components as well as human interactions inhibit conditions and common-cause events. A computer code CAT (Computer Automated Tree) has been developed to automatically produce fault trees from decision tables. A simple electrical system was chosen to illustrate the basic features of the decision table approach and to provide an example of an actual fault tree produced by this code. This example demonstrates the potential utility of such an automated approach to fault tree construction once a basic set of general decision tables has been developed

Application fo fault tree methodology in the risk analysis of complex systems

International Nuclear Information System (INIS)

Vasconcelos, V. de.

1984-01-01

This study intends to describe the fault tree methodology and apply it to risk assessment of complex facilities. In the methodology description, it has been attempted to provide all the pertinent basic information, pointing out its more important aspects like, for instance, fault tree construction, evaluation techniques and their use in risk and reliability assessment of a system. In view of their importance, topics like common mode failures, human errors, data bases used in the calculations, and uncertainty evaluation of the results, will be discussed separately, each one in a chapter. For the purpose of applying the methodology, it was necessary to implement computer codes normally used for this kind of analysis. The computer codes PREP, KITT and SAMPLE, written in FORTRAN IV, were chosen, due to their availability and to the fact that they have been used in important studies of the nuclear area, like Wash-1400. With these codes, the probability of occurence of excessive pressure in the main system of the component test loop - CTC, of CDTN, was evaluated. (Author) [pt

Fault-tolerant architecture: Evaluation methodology

International Nuclear Information System (INIS)

Battle, R.E.; Kisner, R.A.

1992-08-01

The design and reliability of four fault-tolerant architectures that may be used in nuclear power plant control systems were evaluated. Two architectures are variations of triple-modular-redundant (TMR) systems, and two are variations of dual redundant systems. The evaluation includes a review of methods of implementing fault-tolerant control, the importance of automatic recovery from failures, methods of self-testing diagnostics, block diagrams of typical fault-tolerant controllers, review of fault-tolerant controllers operating in nuclear power plants, and fault tree reliability analyses of fault-tolerant systems

Generalized fault tree analysis combined with state analysis

International Nuclear Information System (INIS)

Caldarola, L.

1980-02-01

An analytical theory has been developed which allows one to calculate the occurrence probability of the top event of a fault tree with multistate (two or more than two states) components. It is shown that, in order to correctly describe a system with multistate components, a special type of boolean algebra is required. This is called 'boolean algebra with restrictions on variables' and its basic rules are the same as those of the traditional boolean algebra with some additional restrictions on the variables. These restrictions are extensively discussed in the paper. It is also shown that the boolean algebra with restrictions on variables facilitates the task of formally combining fault tree analysis with state analysis. The computer program MUSTAFA 1 based on the above theory has been developed. It can analyse fault trees of system containing statistically independent as well as dependent components with two or more than two states. MUSTAFA 1 can handle coherent as well as non coherent boolean functions. (orig.) 891 HP/orig. 892 MB [de

Fuzzy Uncertainty Evaluation for Fault Tree Analysis

Energy Technology Data Exchange (ETDEWEB)

Kim, Ki Beom; Shim, Hyung Jin [Seoul National University, Seoul (Korea, Republic of); Jae, Moo Sung [Hanyang University, Seoul (Korea, Republic of)

2015-05-15

This traditional probabilistic approach can calculate relatively accurate results. However it requires a long time because of repetitive computation due to the MC method. In addition, when informative data for statistical analysis are not sufficient or some events are mainly caused by human error, the probabilistic approach may not be possible because uncertainties of these events are difficult to be expressed by probabilistic distributions. In order to reduce the computation time and quantify uncertainties of top events when basic events whose uncertainties are difficult to be expressed by probabilistic distributions exist, the fuzzy uncertainty propagation based on fuzzy set theory can be applied. In this paper, we develop a fuzzy uncertainty propagation code and apply the fault tree of the core damage accident after the large loss of coolant accident (LLOCA). The fuzzy uncertainty propagation code is implemented and tested for the fault tree of the radiation release accident. We apply this code to the fault tree of the core damage accident after the LLOCA in three cases and compare the results with those computed by the probabilistic uncertainty propagation using the MC method. The results obtained by the fuzzy uncertainty propagation can be calculated in relatively short time, covering the results obtained by the probabilistic uncertainty propagation.

Modular techniques for dynamic fault-tree analysis

Science.gov (United States)

Patterson-Hine, F. A.; Dugan, Joanne B.

1992-01-01

It is noted that current approaches used to assess the dependability of complex systems such as Space Station Freedom and the Air Traffic Control System are incapable of handling the size and complexity of these highly integrated designs. A novel technique for modeling such systems which is built upon current techniques in Markov theory and combinatorial analysis is described. It enables the development of a hierarchical representation of system behavior which is more flexible than either technique alone. A solution strategy which is based on an object-oriented approach to model representation and evaluation is discussed. The technique is virtually transparent to the user since the fault tree models can be built graphically and the objects defined automatically. The tree modularization procedure allows the two model types, Markov and combinatoric, to coexist and does not require that the entire fault tree be translated to a Markov chain for evaluation. This effectively reduces the size of the Markov chain required and enables solutions with less truncation, making analysis of longer mission times possible. Using the fault-tolerant parallel processor as an example, a model is built and solved for a specific mission scenario and the solution approach is illustrated in detail.

Application of Fault Tree Analysis and Fuzzy Neural Networks to Fault Diagnosis in the Internet of Things (IoT) for Aquaculture.

Science.gov (United States)

Chen, Yingyi; Zhen, Zhumi; Yu, Huihui; Xu, Jing

2017-01-14

In the Internet of Things (IoT) equipment used for aquaculture is often deployed in outdoor ponds located in remote areas. Faults occur frequently in these tough environments and the staff generally lack professional knowledge and pay a low degree of attention in these areas. Once faults happen, expert personnel must carry out maintenance outdoors. Therefore, this study presents an intelligent method for fault diagnosis based on fault tree analysis and a fuzzy neural network. In the proposed method, first, the fault tree presents a logic structure of fault symptoms and faults. Second, rules extracted from the fault trees avoid duplicate and redundancy. Third, the fuzzy neural network is applied to train the relationship mapping between fault symptoms and faults. In the aquaculture IoT, one fault can cause various fault symptoms, and one symptom can be caused by a variety of faults. Four fault relationships are obtained. Results show that one symptom-to-one fault, two symptoms-to-two faults, and two symptoms-to-one fault relationships can be rapidly diagnosed with high precision, while one symptom-to-two faults patterns perform not so well, but are still worth researching. This model implements diagnosis for most kinds of faults in the aquaculture IoT.

Application of Fault Tree Analysis and Fuzzy Neural Networks to Fault Diagnosis in the Internet of Things (IoT for Aquaculture

Directory of Open Access Journals (Sweden)

Yingyi Chen

2017-01-01

Full Text Available In the Internet of Things (IoT equipment used for aquaculture is often deployed in outdoor ponds located in remote areas. Faults occur frequently in these tough environments and the staff generally lack professional knowledge and pay a low degree of attention in these areas. Once faults happen, expert personnel must carry out maintenance outdoors. Therefore, this study presents an intelligent method for fault diagnosis based on fault tree analysis and a fuzzy neural network. In the proposed method, first, the fault tree presents a logic structure of fault symptoms and faults. Second, rules extracted from the fault trees avoid duplicate and redundancy. Third, the fuzzy neural network is applied to train the relationship mapping between fault symptoms and faults. In the aquaculture IoT, one fault can cause various fault symptoms, and one symptom can be caused by a variety of faults. Four fault relationships are obtained. Results show that one symptom-to-one fault, two symptoms-to-two faults, and two symptoms-to-one fault relationships can be rapidly diagnosed with high precision, while one symptom-to-two faults patterns perform not so well, but are still worth researching. This model implements diagnosis for most kinds of faults in the aquaculture IoT.

Research on Fault Diagnosis for Pumping Station Based on T-S Fuzzy Fault Tree and Bayesian Network

Directory of Open Access Journals (Sweden)

Zhuqing Bi

2017-01-01

Full Text Available According to the characteristics of fault diagnosis for pumping station, such as the complex structure, multiple mappings, and numerous uncertainties, a new approach combining T-S fuzzy gate fault tree and Bayesian network (BN is proposed. On the one hand, traditional fault tree method needs the logical relationship between events and probability value of events and can only represent the events with two states. T-S fuzzy gate fault tree method can solve these disadvantages but still has weaknesses in complex reasoning and only one-way reasoning. On the other hand, the BN is suitable for fault diagnosis of pumping station because of its powerful ability to deal with uncertain information. However, it is difficult to determine the structure and conditional probability tables of the BN. Therefore, the proposed method integrates the advantages of the two methods. Finally, the feasibility of the method is verified through a fault diagnosis model of the rotor in the pumping unit, the accuracy of the method is verified by comparing with the methods based on traditional Bayesian network and BP neural network, respectively, when the historical data is sufficient, and the results are more superior to the above two when the historical data is insufficient.

Approximate dynamic fault tree calculations for modelling water supply risks

International Nuclear Information System (INIS)

Lindhe, Andreas; Norberg, Tommy; Rosén, Lars

2012-01-01

Traditional fault tree analysis is not always sufficient when analysing complex systems. To overcome the limitations dynamic fault tree (DFT) analysis is suggested in the literature as well as different approaches for how to solve DFTs. For added value in fault tree analysis, approximate DFT calculations based on a Markovian approach are presented and evaluated here. The approximate DFT calculations are performed using standard Monte Carlo simulations and do not require simulations of the full Markov models, which simplifies model building and in particular calculations. It is shown how to extend the calculations of the traditional OR- and AND-gates, so that information is available on the failure probability, the failure rate and the mean downtime at all levels in the fault tree. Two additional logic gates are presented that make it possible to model a system's ability to compensate for failures. This work was initiated to enable correct analyses of water supply risks. Drinking water systems are typically complex with an inherent ability to compensate for failures that is not easily modelled using traditional logic gates. The approximate DFT calculations are compared to results from simulations of the corresponding Markov models for three water supply examples. For the traditional OR- and AND-gates, and one gate modelling compensation, the errors in the results are small. For the other gate modelling compensation, the error increases with the number of compensating components. The errors are, however, in most cases acceptable with respect to uncertainties in input data. The approximate DFT calculations improve the capabilities of fault tree analysis of drinking water systems since they provide additional and important information and are simple and practically applicable.

The boolean algebra with restricted variables as a tool for fault tree modularization

International Nuclear Information System (INIS)

Caldarola, L.; Wickenhaeuser, A.

1981-08-01

The number of minimal cut sets (m.c.s.) of very complex and highly interconnected fault trees can become extremely large (e.g. more than 10 7 ). In this case the usual analytical approach of dissecting the fault tree TOP variable into m.c.s. is not only computationally prohibitively expensive, but also meaningless because it does not offer any synthetic overview of system behavior. The method proposed in this paper overcomes the deficiencies of the analytical method. It is shown that, by applying boolean algebra with restricted variables (b.a.w.r.v.), the concept of fault tree modularization can be straightforwardly extended from a single gate to a set of gates. Thus, large fault trees are divided into smaller fault trees (modules), which are connected to each other according to a simple scheme. This scheme is represented by a block diagram in which each block is a module. The modules are analyzed separately by the m.c.s. method, and the results are combined according of the TOP event. The method allows the calculation of very large fault trees in a short time and offers a synthetic overview of systems behavior through the block diagram. Numerical examples are also included. Calculations have been carried out by using the computer code MUSTAMO, which is based on the theory developed in this paper. (orig.) [de

Treatment of complementary events in constructing the linked Level 1 and Level 2 fault trees

International Nuclear Information System (INIS)

Jo, Young G.; Ahn, Kwang-Il

2009-01-01

Complementary events in the event trees for a PRA model should be treated properly in order to evaluate plant risk correctly. In this paper, the characteristics of the following three different cutset generation methods were investigated first in order to find the best practical way for treating complementary events: (1) exact method which treats complementary events logically, (2) no-delete term method which does not treat complementary events at all, and (3) delete term method which treats complementary events by deleting nonsense cutsets which are generated as a result of ignoring complementary events. Then, practical methods for treating complementary events in constructing linked fault trees for Level 1 and Level 2 PRA were suggested and demonstrated. The suggested methods deal with the following selected four typical cases: (1) Case 1-an event tree event (E) is represented by a fault tree gate whose inputs consist of only fault tree gates, (2) Case 2-E is represented by a single basic event, (3) Case 3-E is represented by an OR fault tree gate which has a single basic event and a fault tree gate as inputs, and (4) Case 4-E is represented by an AND fault tree gate which has a single basic event and a fault tree gate as inputs. In the suggested methods, first the high level logic structures of event tree events are examined and restructured, if needed. Then, the delete term method, the exact method, and the combination of the two methods are applied to through Case 1 to Case 4, respectively. As a result, it is recommended to treat complementary events, using the suggested methods, before Level 1 and Level 2 PRA fault trees are coupled

CADRIGS--computer aided design reliability interactive graphics system

International Nuclear Information System (INIS)

Kwik, R.J.; Polizzi, L.M.; Sticco, S.; Gerrard, P.B.; Yeater, M.L.; Hockenbury, R.W.; Phillips, M.A.

1982-01-01

An integrated reliability analysis program combining graphic representation of fault trees, automated data base loadings and reference, and automated construction of reliability code input files was developed. The functional specifications for CADRIGS, the computer aided design reliability interactive graphics system, are presented. Previously developed fault tree segments used in auxiliary feedwater system safety analysis were constructed on CADRIGS and, when combined, yielded results identical to those resulting from manual input to the same reliability codes

An Algorithm for Fault-Tree Construction

DEFF Research Database (Denmark)

Taylor, J. R.

1982-01-01

An algorithm for performing certain parts of the fault tree construction process is described. Its input is a flow sheet of the plant, a piping and instrumentation diagram, or a wiring diagram of the circuits, to be analysed, together with a standard library of component functional and failure...

Post-event human decision errors: operator action tree/time reliability correlation

International Nuclear Information System (INIS)

Hall, R.E.; Fragola, J.; Wreathall, J.

1982-11-01

This report documents an interim framework for the quantification of the probability of errors of decision on the part of nuclear power plant operators after the initiation of an accident. The framework can easily be incorporated into an event tree/fault tree analysis. The method presented consists of a structure called the operator action tree and a time reliability correlation which assumes the time available for making a decision to be the dominating factor in situations requiring cognitive human response. This limited approach decreases the magnitude and complexity of the decision modeling task. Specifically, in the past, some human performance models have attempted prediction by trying to emulate sequences of human actions, or by identifying and modeling the information processing approach applicable to the task. The model developed here is directed at describing the statistical performance of a representative group of hypothetical individuals responding to generalized situations

Post-event human decision errors: operator action tree/time reliability correlation

Energy Technology Data Exchange (ETDEWEB)

Hall, R E; Fragola, J; Wreathall, J

1982-11-01

This report documents an interim framework for the quantification of the probability of errors of decision on the part of nuclear power plant operators after the initiation of an accident. The framework can easily be incorporated into an event tree/fault tree analysis. The method presented consists of a structure called the operator action tree and a time reliability correlation which assumes the time available for making a decision to be the dominating factor in situations requiring cognitive human response. This limited approach decreases the magnitude and complexity of the decision modeling task. Specifically, in the past, some human performance models have attempted prediction by trying to emulate sequences of human actions, or by identifying and modeling the information processing approach applicable to the task. The model developed here is directed at describing the statistical performance of a representative group of hypothetical individuals responding to generalized situations.

Improvement of testing and maintenance based on fault tree analysis

International Nuclear Information System (INIS)

Cepin, M.

2000-01-01

Testing and maintenance of safety equipment is an important issue, which significantly contributes to safe and efficient operation of a nuclear power plant. In this paper a method, which extends the classical fault tree with time, is presented. Its mathematical model is represented by a set of equations, which include time requirements defined in the house event matrix. House events matrix is a representation of house events switched on and off through the discrete points of time. It includes house events, which timely switch on and off parts of the fault tree in accordance with the status of the plant configuration. Time dependent top event probability is calculated by the fault tree evaluations. Arrangement of components outages is determined on base of minimization of mean system unavailability. The results show that application of the method may improve the time placement of testing and maintenance activities of safety equipment. (author)

Fault tree analysis for urban flooding

NARCIS (Netherlands)

Ten Veldhuis, J.A.E.; Clemens, F.H.L.R.; Van Gelder, P.H.A.J.M.

2008-01-01

Traditional methods to evaluate flood risk mostly focus on storm events as the main cause of flooding. Fault tree analysis is a technique that is able to model all potential causes of flooding and to quantify both the overall probability of flooding and the contributions of all causes of flooding to

Analyzing dynamic fault trees derived from model-based system architectures

International Nuclear Information System (INIS)

Dehlinger, Josh; Dugan, Joanne Bechta

2008-01-01

Dependability-critical systems, such as digital instrumentation and control systems in nuclear power plants, necessitate engineering techniques and tools to provide assurances of their safety and reliability. Determining system reliability at the architectural design phase is important since it may guide design decisions and provide crucial information for trade-off analysis and estimating system cost. Despite this, reliability and system engineering remain separate disciplines and engineering processes by which the dependability analysis results may not represent the designed system. In this article we provide an overview and application of our approach to build architecture-based, dynamic system models for dependability-critical systems and then automatically generate Dynamic Fault Trees (DFT) for comprehensive, toolsupported reliability analysis. Specifically, we use the Architectural Analysis and Design Language (AADL) to model the structural, behavioral and failure aspects of the system in a composite architecture model. From the AADL model, we seek to derive the DFT(s) and use Galileo's automated reliability analyses to estimate system reliability. This approach alleviates the dependability engineering - systems engineering knowledge expertise gap, integrates the dependability and system engineering design and development processes and enables a more formal, automated and consistent DFT construction. We illustrate this work using an example based on a dynamic digital feed-water control system for a nuclear reactor

Analyses of robot systems using fault and event trees: case studies

International Nuclear Information System (INIS)

Khodabandehloo, Koorosh

1996-01-01

Safety in the use of robotics outside factories or processing plants has become a matter of great international concern. Domestic robots and those intended to assist nurses and surgeons in hospitals are examples of cases where safety and reliability are considered critical. The safe performance of robot systems depends on many factors, including the integrity of the robot's hardware and software, the way it communicates with sensory and other production equipment, the reliable function of the safety features present and the way the robot interacts with its environment. The use of systematic techniques such as Fault and Event Tree analysis to examine the safety and reliability of a given robotic system is presented. Considerable knowledge is needed before the application of such analysis techniques can be translated into safety specifications or indeed 'fail-safe' design features of robotic systems. The skill and understanding required for the formulation of such specifications is demonstrated here based on a number of case studies

Realization of multi-parameter and multi-state in fault tree computer-aided building software

International Nuclear Information System (INIS)

Guo Xiaoli; Tong Jiejuan; Xue Dazhi

2004-01-01

More than one parameter and more than one failed state of a parameter are often involved in building fault tree, so it is necessary for fault tree computer-aided building software to deal with multi-parameter and multi-state. Fault Tree Expert System (FTES) has the target of aiding the FT-building work of hydraulic systems. This paper expatiates on how to realize multi-parameter and multi-state in FTES with focus on Knowledge Base and Illation Engine. (author)

Bypassing BDD Construction for Reliability Analysis

DEFF Research Database (Denmark)

Williams, Poul Frederick; Nikolskaia, Macha; Rauzy, Antoine

2000-01-01

In this note, we propose a Boolean Expression Diagram (BED)-based algorithm to compute the minimal p-cuts of boolean reliability models such as fault trees. BEDs make it possible to bypass the Binary Decision Diagram (BDD) construction, which is the main cost of fault tree assessment....

Seismic Margin Assessment for Research Reactor using Fragility based Fault Tree Analysis

Energy Technology Data Exchange (ETDEWEB)

Kwag, Shinyoung; Oh, Jinho; Lee, Jong-Min; Ryu, Jeong-Soo [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2016-10-15

The research reactor has been often subjected to external hazards during the design lifetime. Especially, a seismic event can be one of significant threats to the failure of structure system of the research reactor. This failure is possibly extended to the direct core damage of the reactor. For this purpose, the fault tree for structural system failure leading to the core damage under an earthquake accident is developed. The failure probabilities of basic events are evaluated as fragility curves of log-normal distributions. Finally, the plant-level seismic margin is investigated by the fault tree analysis combining with fragility data and the critical path is identified. The plant-level probabilistic seismic margin assessment using the fragility based fault tree analysis was performed for quantifying the safety of research reactor to a seismic hazard. For this, the fault tree for structural system failure leading to the core damage of the reactor under a seismic accident was developed. The failure probabilities of basic events were evaluated as fragility curves of log-normal distributions.

Reliability analysis techniques for the design engineer

International Nuclear Information System (INIS)

Corran, E.R.; Witt, H.H.

1982-01-01

This paper describes a fault tree analysis package that eliminates most of the housekeeping tasks involved in proceeding from the initial construction of a fault tree to the final stage of presenting a reliability analysis in a safety report. It is suitable for designers with relatively little training in reliability analysis and computer operation. Users can rapidly investigate the reliability implications of various options at the design stage and evolve a system which meets specified reliability objectives. Later independent review is thus unlikely to reveal major shortcomings necessitating modification and project delays. The package operates interactively, allowing the user to concentrate on the creative task of developing the system fault tree, which may be modified and displayed graphically. For preliminary analysis, system data can be derived automatically from a generic data bank. As the analysis proceeds, improved estimates of critical failure rates and test and maintenance schedules can be inserted. The technique is applied to the reliability analysis of the recently upgraded HIFAR Containment Isolation System. (author)

Fault tree analysis with multistate components

International Nuclear Information System (INIS)

Caldarola, L.

1979-02-01

A general analytical theory has been developed which allows one to calculate the occurence probability of the top event of a fault tree with multistate (more than states) components. It is shown that, in order to correctly describe a system with multistate components, a special type of Boolean algebra is required. This is called 'Boolean algebra with restrictions on varibales' and its basic rules are the same as those of the traditional Boolean algebra with some additional restrictions on the variables. These restrictions are extensively discussed in the paper. Important features of the method are the identification of the complete base and of the smallest irredundant base of a Boolean function which does not necessarily need to be coherent. It is shown that the identification of the complete base of a Boolean function requires the application of some algorithms which are not used in today's computer programmes for fault tree analysis. The problem of statistical dependence among primary components is discussed. The paper includes a small demonstrative example to illustrate the method. The example includes also statistical dependent components. (orig.) [de

Workflow Fault Tree Generation Through Model Checking

DEFF Research Database (Denmark)

Herbert, Luke Thomas; Sharp, Robin

2014-01-01

We present a framework for the automated generation of fault trees from models of realworld process workflows, expressed in a formalised subset of the popular Business Process Modelling and Notation (BPMN) language. To capture uncertainty and unreliability in workflows, we extend this formalism...

ANCON: A code for the evaluation of complex fault trees in personal computers

International Nuclear Information System (INIS)

Napoles, J.G.; Salomon, J.; Rivero, J.

1990-01-01

Performing probabilistic safety analysis has been recognized worldwide as one of the more effective ways for further enhancing safety of Nuclear Power Plants. The evaluation of fault trees plays a fundamental role in these analysis. Some existing limitations in RAM and execution speed of personal computers (PC) has restricted so far their use in the analysis of complex fault trees. Starting from new approaches in the data structure and other possibilities the ANCON code can evaluate complex fault trees in a PC, allowing the user to do a more comprehensive analysis of the considered system in reduced computing time

A taxonomy for human reliability analysis

International Nuclear Information System (INIS)

Beattie, J.D.; Iwasa-Madge, K.M.

1984-01-01

A human interaction taxonomy (classification scheme) was developed to facilitate human reliability analysis in a probabilistic safety evaluation of a nuclear power plant, being performed at Ontario Hydro. A human interaction occurs, by definition, when operators or maintainers manipulate, or respond to indication from, a plant component or system. The taxonomy aids the fault tree analyst by acting as a heuristic device. It helps define the range and type of human errors to be identified in the construction of fault trees, while keeping the identification by different analysts consistent. It decreases the workload associated with preliminary quantification of the large number of identified interactions by including a category called 'simple interactions'. Fault tree analysts quantify these according to a procedure developed by a team of human reliability specialists. The interactions which do not fit into this category are called 'complex' and are quantified by the human reliability team. The taxonomy is currently being used in fault tree construction in a probabilistic safety evaluation. As far as can be determined at this early stage, the potential benefits of consistency and completeness in identifying human interactions and streamlining the initial quantification are being realized

Efficient algorithms to assess component and gate importance in fault tree analysis

International Nuclear Information System (INIS)

Dutuit, Y.; Rauzy, A.

2001-01-01

One of the principal activities of risk assessment is either the ranking or the categorization of structures, systems and components with respect to their risk-significance or their safety-significance. Several measures, so-called importance factors, of such a significance have been proposed for the case where the support model is a fault tree. In this article, we show how binary decision diagrams can be use to assess efficiently a number of classical importance factors. This work completes the preliminary results obtained recently by Andrews and Sinnamon, and the authors. It deals also with the concept of joint reliability importance

Improvement of the reliability graph with general gates to analyze the reliability of dynamic systems that have various operation modes

Energy Technology Data Exchange (ETDEWEB)

Shin, Seung Ki [Div. of Research Reactor System Design, Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of); No, Young Gyu; Seong, Poong Hyun [Dept. of Nuclear and Quantum Engineering, Korea Advanced Institute of Science and Technology, Daejeon (Korea, Republic of)

2016-04-15

The safety of nuclear power plants is analyzed by a probabilistic risk assessment, and the fault tree analysis is the most widely used method for a risk assessment with the event tree analysis. One of the well-known disadvantages of the fault tree is that drawing a fault tree for a complex system is a very cumbersome task. Thus, several graphical modeling methods have been proposed for the convenient and intuitive modeling of complex systems. In this paper, the reliability graph with general gates (RGGG) method, one of the intuitive graphical modeling methods based on Bayesian networks, is improved for the reliability analyses of dynamic systems that have various operation modes with time. A reliability matrix is proposed and it is explained how to utilize the reliability matrix in the RGGG for various cases of operation mode changes. The proposed RGGG with a reliability matrix provides a convenient and intuitive modeling of various operation modes of complex systems, and can also be utilized with dynamic nodes that analyze the failure sequences of subcomponents. The combinatorial use of a reliability matrix with dynamic nodes is illustrated through an application to a shutdown cooling system in a nuclear power plant.

Improvement of the reliability graph with general gates to analyze the reliability of dynamic systems that have various operation modes

International Nuclear Information System (INIS)

Shin, Seung Ki; No, Young Gyu; Seong, Poong Hyun

2016-01-01

The safety of nuclear power plants is analyzed by a probabilistic risk assessment, and the fault tree analysis is the most widely used method for a risk assessment with the event tree analysis. One of the well-known disadvantages of the fault tree is that drawing a fault tree for a complex system is a very cumbersome task. Thus, several graphical modeling methods have been proposed for the convenient and intuitive modeling of complex systems. In this paper, the reliability graph with general gates (RGGG) method, one of the intuitive graphical modeling methods based on Bayesian networks, is improved for the reliability analyses of dynamic systems that have various operation modes with time. A reliability matrix is proposed and it is explained how to utilize the reliability matrix in the RGGG for various cases of operation mode changes. The proposed RGGG with a reliability matrix provides a convenient and intuitive modeling of various operation modes of complex systems, and can also be utilized with dynamic nodes that analyze the failure sequences of subcomponents. The combinatorial use of a reliability matrix with dynamic nodes is illustrated through an application to a shutdown cooling system in a nuclear power plant

Reliability analysis techniques for the design engineer

International Nuclear Information System (INIS)

Corran, E.R.; Witt, H.H.

1980-01-01

A fault tree analysis package is described that eliminates most of the housekeeping tasks involved in proceeding from the initial construction of a fault tree to the final stage of presenting a reliability analysis in a safety report. It is suitable for designers with relatively little training in reliability analysis and computer operation. Users can rapidly investigate the reliability implications of various options at the design stage, and evolve a system which meets specified reliability objectives. Later independent review is thus unlikely to reveal major shortcomings necessitating modification and projects delays. The package operates interactively allowing the user to concentrate on the creative task of developing the system fault tree, which may be modified and displayed graphically. For preliminary analysis system data can be derived automatically from a generic data bank. As the analysis procedes improved estimates of critical failure rates and test and maintenance schedules can be inserted. The computations are standard, - identification of minimal cut-sets, estimation of reliability parameters, and ranking of the effect of the individual component failure modes and system failure modes on these parameters. The user can vary the fault trees and data on-line, and print selected data for preferred systems in a form suitable for inclusion in safety reports. A case history is given - that of HIFAR containment isolation system. (author)

Designing Fault-Injection Experiments for the Reliability of Embedded Systems

Science.gov (United States)

White, Allan L.

2012-01-01

This paper considers the long-standing problem of conducting fault-injections experiments to establish the ultra-reliability of embedded systems. There have been extensive efforts in fault injection, and this paper offers a partial summary of the efforts, but these previous efforts have focused on realism and efficiency. Fault injections have been used to examine diagnostics and to test algorithms, but the literature does not contain any framework that says how to conduct fault-injection experiments to establish ultra-reliability. A solution to this problem integrates field-data, arguments-from-design, and fault-injection into a seamless whole. The solution in this paper is to derive a model reduction theorem for a class of semi-Markov models suitable for describing ultra-reliable embedded systems. The derivation shows that a tight upper bound on the probability of system failure can be obtained using only the means of system-recovery times, thus reducing the experimental effort to estimating a reasonable number of easily-observed parameters. The paper includes an example of a system subject to both permanent and transient faults. There is a discussion of integrating fault-injection with field-data and arguments-from-design.

Systems analysis approach to probabilistic modeling of fault trees

International Nuclear Information System (INIS)

Bartholomew, R.J.; Qualls, C.R.

1985-01-01

A method of probabilistic modeling of fault tree logic combined with stochastic process theory (Markov modeling) has been developed. Systems are then quantitatively analyzed probabilistically in terms of their failure mechanisms including common cause/common mode effects and time dependent failure and/or repair rate effects that include synergistic and propagational mechanisms. The modeling procedure results in a state vector set of first order, linear, inhomogeneous, differential equations describing the time dependent probabilities of failure described by the fault tree. The solutions of this Failure Mode State Variable (FMSV) model are cumulative probability distribution functions of the system. A method of appropriate synthesis of subsystems to form larger systems is developed and applied to practical nuclear power safety systems

Computer-aided reliability and risk assessment

International Nuclear Information System (INIS)

Leicht, R.; Wingender, H.J.

1989-01-01

Activities in the fields of reliability and risk analyses have led to the development of particular software tools which now are combined in the PC-based integrated CARARA system. The options available in this system cover a wide range of reliability-oriented tasks, like organizing raw failure data in the component/event data bank FDB, performing statistical analysis of those data with the program FDA, managing the resulting parameters in the reliability data bank RDB, and performing fault tree analysis with the fault tree code FTL or evaluating the risk of toxic or radioactive material release with the STAR code. (orig.)

Modeling Sensor Reliability in Fault Diagnosis Based on Evidence Theory

Directory of Open Access Journals (Sweden)

Kaijuan Yuan

2016-01-01

Full Text Available Sensor data fusion plays an important role in fault diagnosis. Dempster–Shafer (D-R evidence theory is widely used in fault diagnosis, since it is efficient to combine evidence from different sensors. However, under the situation where the evidence highly conflicts, it may obtain a counterintuitive result. To address the issue, a new method is proposed in this paper. Not only the statistic sensor reliability, but also the dynamic sensor reliability are taken into consideration. The evidence distance function and the belief entropy are combined to obtain the dynamic reliability of each sensor report. A weighted averaging method is adopted to modify the conflict evidence by assigning different weights to evidence according to sensor reliability. The proposed method has better performance in conflict management and fault diagnosis due to the fact that the information volume of each sensor report is taken into consideration. An application in fault diagnosis based on sensor fusion is illustrated to show the efficiency of the proposed method. The results show that the proposed method improves the accuracy of fault diagnosis from 81.19% to 89.48% compared to the existing methods.

Failure mode analysis using state variables derived from fault trees with application

International Nuclear Information System (INIS)

Bartholomew, R.J.

1982-01-01

Fault Tree Analysis (FTA) is used extensively to assess both the qualitative and quantitative reliability of engineered nuclear power systems employing many subsystems and components. FTA is very useful, but the method is limited by its inability to account for failure mode rate-of-change interdependencies (coupling) of statistically independent failure modes. The state variable approach (using FTA-derived failure modes as states) overcomes these difficulties and is applied to the determination of the lifetime distribution function for a heat pipe-thermoelectric nuclear power subsystem. Analyses are made using both Monte Carlo and deterministic methods and compared with a Markov model of the same subsystem

Diagnosis of Constant Faults in Read-Once Contact Networks over Finite Bases using Decision Trees

KAUST Repository

Busbait, Monther I.

2014-05-01

We study the depth of decision trees for diagnosis of constant faults in read-once contact networks over finite bases. This includes diagnosis of 0-1 faults, 0 faults and 1 faults. For any finite basis, we prove a linear upper bound on the minimum depth of decision tree for diagnosis of constant faults depending on the number of edges in a contact network over that basis. Also, we obtain asymptotic bounds on the depth of decision trees for diagnosis of each type of constant faults depending on the number of edges in contact networks in the worst case per basis. We study the set of indecomposable contact networks with up to 10 edges and obtain sharp coefficients for the linear upper bound for diagnosis of constant faults in contact networks over bases of these indecomposable contact networks. We use a set of algorithms, including one that we create, to obtain the sharp coefficients.

Development and Reliability Analysis of HTR-PM Reactor Protection System

International Nuclear Information System (INIS)

Li Duo; Guo Chao; Xiong Huasheng

2014-01-01

High Temperature Gas-Cooled Reactor-Pebble bed Module (HTR-PM) digital Reactor Protection System (RPS) is a dedicated system, which is designed and developed according to HTR-PM NPP protection specifications. To decrease the probability of accident trips and increase the system reliability, HTR-PM RPS has such features as a framework of four redundant channels, two diverse sub-systems in each channel, and two level two-out-of-four logic voters. Reliability analysis of HTR-PM RPS is based on fault tree model. A fault tree is built based on HTR-PM RPS Failure Modes and Effects Analysis (FMEA), and special analysis is focused on the sub-tree of redundant channel ''2-out-of-4'' logic and the fault tree under one channel is bypassed. The qualitative analysis of fault tree, such as RPS weakness according to minimal cut sets, is summarized in the paper. (author)

Reliability modeling of digital component in plant protection system with various fault-tolerant techniques

International Nuclear Information System (INIS)

Kim, Bo Gyung; Kang, Hyun Gook; Kim, Hee Eun; Lee, Seung Jun; Seong, Poong Hyun

2013-01-01

Highlights: • Integrated fault coverage is introduced for reflecting characteristics of fault-tolerant techniques in the reliability model of digital protection system in NPPs. • The integrated fault coverage considers the process of fault-tolerant techniques from detection to fail-safe generation process. • With integrated fault coverage, the unavailability of repairable component of DPS can be estimated. • The new developed reliability model can reveal the effects of fault-tolerant techniques explicitly for risk analysis. • The reliability model makes it possible to confirm changes of unavailability according to variation of diverse factors. - Abstract: With the improvement of digital technologies, digital protection system (DPS) has more multiple sophisticated fault-tolerant techniques (FTTs), in order to increase fault detection and to help the system safely perform the required functions in spite of the possible presence of faults. Fault detection coverage is vital factor of FTT in reliability. However, the fault detection coverage is insufficient to reflect the effects of various FTTs in reliability model. To reflect characteristics of FTTs in the reliability model, integrated fault coverage is introduced. The integrated fault coverage considers the process of FTT from detection to fail-safe generation process. A model has been developed to estimate the unavailability of repairable component of DPS using the integrated fault coverage. The new developed model can quantify unavailability according to a diversity of conditions. Sensitivity studies are performed to ascertain important variables which affect the integrated fault coverage and unavailability

Fault tree analysis of the manufacturing process of nuclear fuel containers

International Nuclear Information System (INIS)

Liao Weixian; Men Dechun; Sui Yuxue

1998-08-01

The nuclear fuel container consists of barrel body, bottom, cover, locking ring, rubber seal ring, and so on. It should be kept sealed in transportation and storage, so keeps the fuel contained from leakage. Its manufacturing process includes blanking, forming, seam welding, assembling, derusting and painting. The seam welding and assembling of barrel body and bottom are two key procedures, and the slope grinding, barrel body flaring and deep drawing of the bottom are important procedures. Faults in the manufacturing process of the nuclear fuel containers are investigated in details as for its quality requirements. A fault tree is established with products being unqualified as the top event. Five causes resulting in process faults are classified and analysed, and some measures are suggested for controlling different failures in manufacturing. More research work should be conducted in rules how to set up fault trees for manufacturing process

Fault detection and reliability, knowledge based and other approaches

International Nuclear Information System (INIS)

Singh, M.G.; Hindi, K.S.; Tzafestas, S.G.

1987-01-01

These proceedings are split up into four major parts in order to reflect the most significant aspects of reliability and fault detection as viewed at present. The first part deals with knowledge-based systems and comprises eleven contributions from leading experts in the field. The emphasis here is primarily on the use of artificial intelligence, expert systems and other knowledge-based systems for fault detection and reliability. The second part is devoted to fault detection of technological systems and comprises thirteen contributions dealing with applications of fault detection techniques to various technological systems such as gas networks, electric power systems, nuclear reactors and assembly cells. The third part of the proceedings, which consists of seven contributions, treats robust, fault tolerant and intelligent controllers and covers methodological issues as well as several applications ranging from nuclear power plants to industrial robots to steel grinding. The fourth part treats fault tolerant digital techniques and comprises five contributions. Two papers, one on reactor noise analysis, the other on reactor control system design, are indexed separately. (author)

Transforming incomplete fault tree to Ishikawa diagram as an alternative method for technology transfer

Science.gov (United States)

Batzias, Dimitris F.

2012-12-01

Fault Tree Analysis (FTA) can be used for technology transfer when the relevant problem (called 'top even' in FTA) is solved in a technology centre and the results are diffused to interested parties (usually Small Medium Enterprises - SMEs) that have not the proper equipment and the required know-how to solve the problem by their own. Nevertheless, there is a significant drawback in this procedure: the information usually provided by the SMEs to the technology centre, about production conditions and corresponding quality characteristics of the product, and (sometimes) the relevant expertise in the Knowledge Base of this centre may be inadequate to form a complete fault tree. Since such cases are quite frequent in practice, we have developed a methodology for transforming incomplete fault tree to Ishikawa diagram, which is more flexible and less strict in establishing causal chains, because it uses a surface phenomenological level with a limited number of categories of faults. On the other hand, such an Ishikawa diagram can be extended to simulate a fault tree as relevant knowledge increases. An implementation of this transformation, referring to anodization of aluminium, is presented.

Fault tree analysis of KNICS RPS software

International Nuclear Information System (INIS)

Park, Gee Yong; Kwon, Kee Choon; Koh, Kwang Yong; Jee, Eun Kyoung; Seong, Poong Hyun; Lee, Dae Hyung

2008-01-01

This paper describes the application of a software Fault Tree Analysis (FTA) as one of the analysis techniques for a Software Safety Analysis (SSA) at the design phase and its analysis results for the safety-critical software of a digital reactor protection system, which is called the KNICS RPS, being developed in the KNICS (Korea Nuclear Instrumentation and Control Systems) project. The software modules in the design description were represented by Function Blocks (FBs), and the software FTA was performed based on the well-defined fault tree templates for the FBs. The SSA, which is part of the verification and validation (V and V) activities, was activated at each phase of the software lifecycle for the KNICS RPS. At the design phase, the software HAZOP (Hazard and Operability) and the software FTA were employed in the SSA in such a way that the software HAZOP was performed first and then the software FTA was applied. The software FTA was applied to some critical modules selected from the software HAZOP analysis

Comparison of event tree, fault tree and Markov methods for probabilistic safety assessment and application to accident mitigation

International Nuclear Information System (INIS)

James, H.; Harris, M.J.; Hall, S.F.

1992-01-01

Probabilistic safety assessment (PSA) is used extensively in the nuclear industry. The main stages of PSA and the traditional event tree method are described. Focussing on hydrogen explosions, an event tree model is compared to a novel Markov model and a fault tree, and unexpected implication for accident mitigation is revealed. (author)

Reliability Analysis Study of Digital Reactor Protection System in Nuclear Power Plant

International Nuclear Information System (INIS)

Guo, Xiao Ming; Liu, Tao; Tong, Jie Juan; Zhao, Jun

2011-01-01

The Digital I and C systems are believed to improve a plants safety and reliability generally. The reliability analysis of digital I and C system has become one research hotspot. Traditional fault tree method is one of means to quantify the digital I and C system reliability. Review of advanced nuclear power plant AP1000 digital protection system evaluation makes clear both the fault tree application and analysis process to the digital system reliability. One typical digital protection system special for advanced reactor has been developed, which reliability evaluation is necessary for design demonstration. The typical digital protection system construction is introduced in the paper, and the process of FMEA and fault tree application to the digital protection system reliability evaluation are described. Reliability data and bypass logic modeling are two points giving special attention in the paper. Because the factors about time sequence and feedback not exist in reactor protection system obviously, the dynamic feature of digital system is not discussed

San Onofre/Zion auxiliary feedwater system seismic fault tree modeling

International Nuclear Information System (INIS)

Najafi, B.; Eide, S.

1982-02-01

As part of the study for the seismic evaluation of the San Onofre Unit 1 Auxiliary Feedwater System (AFWS), a fault tree model was developed capable of handling the effect of structural failure of the plant (in the event of an earthquake) on the availability of the AFWS. A compatible fault tree model was developed for the Zion Unit 1 AFWS in order to compare the results of the two systems. It was concluded that if a single failure of the San Onofre Unit 1 AFWS is to be prevented, some weight existing, locally operated locked open manual valves have to be used for isolation of a rupture in specific parts of the AFWS pipings

Fault tree analysis for vital area identification

International Nuclear Information System (INIS)

Varnado, G.B.; Ortiz, N.R.

1978-01-01

The use of fault tree analysis techniques to systematically identify (1) the sabotage events which can lead to release of significant quantities of radioactive materials, (2) the areas of the nuclear power plant in which the sabotage events can be accomplished, and (3) the areas of the plant which must be protected to assure that release does not occur are discussed

Presentation of common cause failures in fault tree structure of Krsko PSA : an historical overview

International Nuclear Information System (INIS)

Vrbanic, I.; Kosutic, I.; Vukovic, I.; Simic, Z.

2003-01-01

Failure of multiple components due to a common cause represents one of the most important issues in evaluation of system reliability or unavailability. The frequency of such events has relatively low expectancy, when compared to random failures, which affect individual components. However, in many cases the consequence is a direct loss of safety system or mitigative safety function. For this reason, the modeling of a common cause failure (CCF) and its presentation in fault tree structure is of the uttermost importance in probabilistic safety analyses (PSA). During the past decade, PSA model of Krsko NPP has undergone many small changes and a couple of major ones in fulfilling its basic purpose, which was serving as a tool for providing an appropriate information on the risk associated with actual plant design and operation. All changes to Krsko PSA model were undertaken in order to make it a better tool and / or to make it represent the plant in more accurate manner. The paper provides an overview of changes in CCF modeling in the fault tree structure from the initial PSA model development till present. (author)

RAFT: a computer program for fault tree risk calculations

International Nuclear Information System (INIS)

Seybold, G.D.

1977-11-01

A description and user instructions are presented for RAFT, a FORTRAN computer code for calculation of a risk measure for fault tree cut sets. RAFT calculates release quantities and a risk measure based on the product of probability and release quantity for cut sets of fault trees modeling the accidental release of radioactive material from a nuclear fuel cycle facility. Cut sets and their probabilities are supplied as input to RAFT from an external fault tree analysis code. Using the total inventory available of radioactive material, along with release fractions for each event in a cut set, the release terms are calculated for each cut set. Each release term is multiplied by the cut set probability to yield the cut set risk measure. RAFT orders the dominant cut sets on the risk measure. The total risk measure of processed cut sets and their fractional contributions are supplied as output. Input options are available to eliminate redundant cut sets, apply threshold values on cut set probability and risk, and control the total number of cut sets output. Hash addressing is used to remove redundant cut sets from the analysis. Computer hardware and software restrictions are given along with a sample problem and cross-reference table of the code. Except for the use of file management utilities, RAFT is written exclusively in FORTRAN language and is operational on a Control Data, CYBER 74-18--series computer system. 4 figures

Energy/Reliability Trade-offs in Fault-Tolerant Event-Triggered Distributed Embedded Systems

DEFF Research Database (Denmark)

Gan, Junhe; Gruian, Flavius; Pop, Paul

2011-01-01

task, such that transient faults are tolerated, the timing constraints of the application are satisfied, and the energy consumed is minimized. Tasks are scheduled using fixed-priority preemptive scheduling, while replication is used for recovery from multiple transient faults. Addressing energy...... and reliability simultaneously is especially challenging, since lowering the voltage to reduce the energy consumption has been shown to increase the transient fault rate. We presented a Tabu Search-based approach which uses an energy/reliability trade-off model to find reliable and schedulable implementations...

Fault tree construction of hybrid system requirements using qualitative formal method

International Nuclear Information System (INIS)

Lee, Jang-Soo; Cha, Sung-Deok

2005-01-01

When specifying requirements for software controlling hybrid systems and conducting safety analysis, engineers experience that requirements are often known only in qualitative terms and that existing fault tree analysis techniques provide little guidance on formulating and evaluating potential failure modes. In this paper, we propose Causal Requirements Safety Analysis (CRSA) as a technique to qualitatively evaluate causal relationship between software faults and physical hazards. This technique, extending qualitative formal method process and utilizing information captured in the state trajectory, provides specific guidelines on how to identify failure modes and relationship among them. Using a simplified electrical power system as an example, we describe step-by-step procedures of conducting CRSA. Our experience of applying CRSA to perform fault tree analysis on requirements for the Wolsong nuclear power plant shutdown system indicates that CRSA is an effective technique in assisting safety engineers

Decision tree and PCA-based fault diagnosis of rotating machinery

Science.gov (United States)

Sun, Weixiang; Chen, Jin; Li, Jiaqing

2007-04-01

After analysing the flaws of conventional fault diagnosis methods, data mining technology is introduced to fault diagnosis field, and a new method based on C4.5 decision tree and principal component analysis (PCA) is proposed. In this method, PCA is used to reduce features after data collection, preprocessing and feature extraction. Then, C4.5 is trained by using the samples to generate a decision tree model with diagnosis knowledge. At last the tree model is used to make diagnosis analysis. To validate the method proposed, six kinds of running states (normal or without any defect, unbalance, rotor radial rub, oil whirl, shaft crack and a simultaneous state of unbalance and radial rub), are simulated on Bently Rotor Kit RK4 to test C4.5 and PCA-based method and back-propagation neural network (BPNN). The result shows that C4.5 and PCA-based diagnosis method has higher accuracy and needs less training time than BPNN.

TH-EF-BRC-03: Fault Tree Analysis

Energy Technology Data Exchange (ETDEWEB)

Thomadsen, B. [University of Wisconsin (United States)

2016-06-15

This Hands-on Workshop will be focused on providing participants with experience with the principal tools of TG 100 and hence start to build both competence and confidence in the use of risk-based quality management techniques. The three principal tools forming the basis of TG 100’s risk analysis: Process mapping, Failure-Modes and Effects Analysis and fault-tree analysis will be introduced with a 5 minute refresher presentation and each presentation will be followed by a 30 minute small group exercise. An exercise on developing QM from the risk analysis follows. During the exercise periods, participants will apply the principles in 2 different clinical scenarios. At the conclusion of each exercise there will be ample time for participants to discuss with each other and the faculty their experience and any challenges encountered. Learning Objectives: To review the principles of Process Mapping, Failure Modes and Effects Analysis and Fault Tree Analysis. To gain familiarity with these three techniques in a small group setting. To share and discuss experiences with the three techniques with faculty and participants. Director, TreatSafely, LLC. Director, Center for the Assessment of Radiological Sciences. Occasional Consultant to the IAEA and Varian.

TH-EF-BRC-03: Fault Tree Analysis

International Nuclear Information System (INIS)

Thomadsen, B.

2016-01-01

This Hands-on Workshop will be focused on providing participants with experience with the principal tools of TG 100 and hence start to build both competence and confidence in the use of risk-based quality management techniques. The three principal tools forming the basis of TG 100’s risk analysis: Process mapping, Failure-Modes and Effects Analysis and fault-tree analysis will be introduced with a 5 minute refresher presentation and each presentation will be followed by a 30 minute small group exercise. An exercise on developing QM from the risk analysis follows. During the exercise periods, participants will apply the principles in 2 different clinical scenarios. At the conclusion of each exercise there will be ample time for participants to discuss with each other and the faculty their experience and any challenges encountered. Learning Objectives: To review the principles of Process Mapping, Failure Modes and Effects Analysis and Fault Tree Analysis. To gain familiarity with these three techniques in a small group setting. To share and discuss experiences with the three techniques with faculty and participants. Director, TreatSafely, LLC. Director, Center for the Assessment of Radiological Sciences. Occasional Consultant to the IAEA and Varian.

Fault-tolerant embedded system design and optimization considering reliability estimation uncertainty

International Nuclear Information System (INIS)

Wattanapongskorn, Naruemon; Coit, David W.

2007-01-01

In this paper, we model embedded system design and optimization, considering component redundancy and uncertainty in the component reliability estimates. The systems being studied consist of software embedded in associated hardware components. Very often, component reliability values are not known exactly. Therefore, for reliability analysis studies and system optimization, it is meaningful to consider component reliability estimates as random variables with associated estimation uncertainty. In this new research, the system design process is formulated as a multiple-objective optimization problem to maximize an estimate of system reliability, and also, to minimize the variance of the reliability estimate. The two objectives are combined by penalizing the variance for prospective solutions. The two most common fault-tolerant embedded system architectures, N-Version Programming and Recovery Block, are considered as strategies to improve system reliability by providing system redundancy. Four distinct models are presented to demonstrate the proposed optimization techniques with or without redundancy. For many design problems, multiple functionally equivalent software versions have failure correlation even if they have been independently developed. The failure correlation may result from faults in the software specification, faults from a voting algorithm, and/or related faults from any two software versions. Our approach considers this correlation in formulating practical optimization models. Genetic algorithms with a dynamic penalty function are applied in solving this optimization problem, and reasonable and interesting results are obtained and discussed

Conception of Repairable Dynamic Fault Trees and resolution by the use of RAATSS, a Matlab® toolbox based on the ATS formalism

International Nuclear Information System (INIS)

Manno, G.; Chiacchio, F.; Compagno, L.; D'Urso, D.; Trapani, N.

2014-01-01

Dynamic Fault Tree (DFT) is a well-known stochastic technique for conducting reliability studies of complex systems. At the state of the art, existing tools (both academic and commercial) do not fully support DFT with repairable components and repeated events, lowering the penetration of this powerful technique in real industrial applications (e.g., industrial processes and plants, computer, electronic and network applications). One of the main reasons limiting the attractiveness of DFT is that, originally, DFTs were conceived without repairable components; only recently few related works have started to deal with a formal semantic, which would avoid undefined behavior and misinterpretation of DFT. Other researchers have tackled the problem by introducing extensions of the original Fault Trees (FTs) technique like Boolean Driven Markov Processes (BDMPs) and Generalized Fault Trees (GFTs). However, despite they consider repairable systems and repeated events, we have found that the introduction of a different formalism with more complex features has again limited the penetration of these powerful methods in real applications. The target of this work is the original DFT technique. Starting from the state of the art, a set of standardized rules that frame the behaviors of dynamic gates are designed and a well-defined semantic for repairable-DFT is drawn through the application of a novel formalism, the Adaptive Transitions System (ATS). The proposed theoretical framework is afterward used to code a software tool, RAATSS, for the resolution of extended, repairable-DFT. Moreover, this work introduces some novel concepts regarding the modeling of a system by a DFT and provides a basic hint of the ATS capabilities to describe interdependencies in complex system. - Highlights: • A semantic for Repairable Dynamic Fault Tree (RDFT) was conceived. • Practical motivation for the use of RDFT is presented. • The conception of failure gates for the computation of the

Diagnosis of Constant Faults in Read-Once Contact Networks over Finite Bases using Decision Trees

KAUST Repository

Busbait, Monther I.

2014-01-01

We study the depth of decision trees for diagnosis of constant faults in read-once contact networks over finite bases. This includes diagnosis of 0-1 faults, 0 faults and 1 faults. For any finite basis, we prove a linear upper bound on the minimum

Direct evaluation of fault trees using object-oriented programming techniques

Science.gov (United States)

Patterson-Hine, F. A.; Koen, B. V.

1989-01-01

Object-oriented programming techniques are used in an algorithm for the direct evaluation of fault trees. The algorithm combines a simple bottom-up procedure for trees without repeated events with a top-down recursive procedure for trees with repeated events. The object-oriented approach results in a dynamic modularization of the tree at each step in the reduction process. The algorithm reduces the number of recursive calls required to solve trees with repeated events and calculates intermediate results as well as the solution of the top event. The intermediate results can be reused if part of the tree is modified. An example is presented in which the results of the algorithm implemented with conventional techniques are compared to those of the object-oriented approach.

Reliability and maintainability assessment factors for reliable fault-tolerant systems

Science.gov (United States)

Bavuso, S. J.

1984-01-01

A long term goal of the NASA Langley Research Center is the development of a reliability assessment methodology of sufficient power to enable the credible comparison of the stochastic attributes of one ultrareliable system design against others. This methodology, developed over a 10 year period, is a combined analytic and simulative technique. An analytic component is the Computer Aided Reliability Estimation capability, third generation, or simply CARE III. A simulative component is the Gate Logic Software Simulator capability, or GLOSS. The numerous factors that potentially have a degrading effect on system reliability and the ways in which these factors that are peculiar to highly reliable fault tolerant systems are accounted for in credible reliability assessments. Also presented are the modeling difficulties that result from their inclusion and the ways in which CARE III and GLOSS mitigate the intractability of the heretofore unworkable mathematics.

A fast BDD algorithm for large coherent fault trees analysis

International Nuclear Information System (INIS)

Jung, Woo Sik; Han, Sang Hoon; Ha, Jaejoo

2004-01-01

Although a binary decision diagram (BDD) algorithm has been tried to solve large fault trees until quite recently, they are not efficiently solved in a short time since the size of a BDD structure exponentially increases according to the number of variables. Furthermore, the truncation of If-Then-Else (ITE) connectives by the probability or size limit and the subsuming to delete subsets could not be directly applied to the intermediate BDD structure under construction. This is the motivation for this work. This paper presents an efficient BDD algorithm for large coherent systems (coherent BDD algorithm) by which the truncation and subsuming could be performed in the progress of the construction of the BDD structure. A set of new formulae developed in this study for AND or OR operation between two ITE connectives of a coherent system makes it possible to delete subsets and truncate ITE connectives with a probability or size limit in the intermediate BDD structure under construction. By means of the truncation and subsuming in every step of the calculation, large fault trees for coherent systems (coherent fault trees) are efficiently solved in a short time using less memory. Furthermore, the coherent BDD algorithm from the aspect of the size of a BDD structure is much less sensitive to variable ordering than the conventional BDD algorithm

MOCUS, Minimal Cut Sets and Minimal Path Sets from Fault Tree Analysis

International Nuclear Information System (INIS)

Fussell, J.B.; Henry, E.B.; Marshall, N.H.

1976-01-01

1 - Description of problem or function: From a description of the Boolean failure logic of a system, called a fault tree, and control parameters specifying the minimal cut set length to be obtained MOCUS determines the system failure modes, or minimal cut sets, and the system success modes, or minimal path sets. 2 - Method of solution: MOCUS uses direct resolution of the fault tree into the cut and path sets. The algorithm used starts with the main failure of interest, the top event, and proceeds to basic independent component failures, called primary events, to resolve the fault tree to obtain the minimal sets. A key point of the algorithm is that an and gate alone always increases the number of path sets; an or gate alone always increases the number of cut sets and increases the size of path sets. Other types of logic gates must be described in terms of and and or logic gates. 3 - Restrictions on the complexity of the problem: Output from MOCUS can include minimal cut and path sets for up to 20 gates

Frontiers of reliability

CERN Document Server

Basu, Asit P; Basu, Sujit K

1998-01-01

This volume presents recent results in reliability theory by leading experts in the world. It will prove valuable for researchers, and users of reliability theory. It consists of refereed invited papers on a broad spectrum of topics in reliability. The subjects covered include Bayesian reliability, Bayesian reliability modeling, confounding in a series system, DF tests, Edgeworth approximation to reliability, estimation under random censoring, fault tree reduction for reliability, inference about changes in hazard rates, information theory and reliability, mixture experiment, mixture of Weibul

Probabilistic risk assessment course documentation. Volume 5. System reliability and analysis techniques Session D - quantification

International Nuclear Information System (INIS)

Lofgren, E.V.

1985-08-01

This course in System Reliability and Analysis Techniques focuses on the probabilistic quantification of accident sequences and the link between accident sequences and consequences. Other sessions in this series focus on the quantification of system reliability and the development of event trees and fault trees. This course takes the viewpoint that event tree sequences or combinations of system failures and success are available and that Boolean equations for system fault trees have been developed and are available. 93 figs., 11 tabs

Recent advancements in fault tree methodology at Karlsruhe

International Nuclear Information System (INIS)

Caldarola, L.; Wickenhaeuser, A.

1977-01-01

A very fast analytical computer program for fault tree evaluation has already been developed at the German nuclear research center of Karlsruhe. This program can evaluate coherent systems assuming binary component states. Four different classes of components can be handled by the program: (1) unrepairable components, (2) repairable components with revealed faults, (3) repairable components with faults remaining unrevealed until next demand occurs and (4) repairable components with faults which are detected upon inspection. The program can perform also time dependent calculations. In particular the program can analyse systems characterized by two phases, one following the other in time (two time axis). A new computer program is also being developed. This computer program will be capable to analyse noncoherent systems with multistate components. The mathematical theory supporting the new program is described in the paper. In particular the algorithm for the identification of the prime implicants and the theory for the calculation of the occurrence probability and of the first occurrence probability of the TOP event are discussed

Criteria for evaluating protection from single points of failure for partially expanded fault trees

International Nuclear Information System (INIS)

Aswani, D.; Badreddine, B.; Malone, M.; Gauthier, G.; Proietty, J.

2008-01-01

Fault tree analysis (FTA) is a technique that describes the combinations of events in a system which result in an undesirable outcome. FTA is used as a tool to quantitatively assess a system's probability for an undesirable outcome. Time constraints from concept to production in modern engineering often limit the opportunity for a thorough statistical analysis of a system. Furthermore, when undesirable outcomes are considered such as hazard to human(s), it becomes difficult to identify strict statistical targets for what is acceptable. Consequently, when hazard to human(s) is concerned a common design target is to protect the system from single points of failure (SPOF) which means that no failure mode caused by a single event, concern, or error has a critical consequence on the system. Such a design target is common with 'by-wire' systems. FTA can be used to verify if a system is protected from SPOF. In this paper, sufficient criteria for evaluating protection from SPOF for partially expanded fault trees are proposed along with proof. The proposed criteria consider potential interactions between the lowest drawn events of a partial fault tree expansion which otherwise easily leads to an overly optimistic analysis of protection from SPOF. The analysis is limited to fault trees that are coherent and static

Fault Severity Evaluation and Improvement Design for Mechanical Systems Using the Fault Injection Technique and Gini Concordance Measure

Directory of Open Access Journals (Sweden)

Jianing Wu

2014-01-01

Full Text Available A new fault injection and Gini concordance based method has been developed for fault severity analysis for multibody mechanical systems concerning their dynamic properties. The fault tree analysis (FTA is employed to roughly identify the faults needed to be considered. According to constitution of the mechanical system, the dynamic properties can be achieved by solving the equations that include many types of faults which are injected by using the fault injection technique. Then, the Gini concordance is used to measure the correspondence between the performance with faults and under normal operation thereby providing useful hints of severity ranking in subsystems for reliability design. One numerical example and a series of experiments are provided to illustrate the application of the new method. The results indicate that the proposed method can accurately model the faults and receive the correct information of fault severity. Some strategies are also proposed for reliability improvement of the spacecraft solar array.

Quantitative security and safety analysis with attack-fault trees

NARCIS (Netherlands)

Kumar, Rajesh; Stoelinga, Mariëlle Ida Antoinette

2017-01-01

Cyber physical systems, like power plants, medical devices and data centers have to meet high standards, both in terms of safety (i.e. absence of unintentional failures) and security (i.e. no disruptions due to malicious attacks). This paper presents attack fault trees (AFTs), a formalism that

On the use of non-coherent fault trees in safety and security studies

International Nuclear Information System (INIS)

Contini, S.; Cojazzi, G.G.M.; Renda, G.

2008-01-01

This paper gives some insights on the usefulness of non-coherent fault trees in system modelling from both the point of view of safety and security. A safety-related system can evolve from the working states to failed states through degraded states, i.e. working state, but in a degraded mode. In practical applications the degraded states may be of particular interest due e.g. to the associated risk increase or the different types of consequent actions. The top events definitions of such states contain the working conditions of some sub-systems/components. How the use of non-coherent fault trees can greatly simplify both the modelling and quantification of these states is shown in this paper. Some considerations about the interpretation of the importance indexes of negated basic events are also briefly described. When dealing with security applications, there is a need to cope not only with stochastic events, such as component failures and human errors, but also with deliberate intentional actions, whose successes might be characterised by high probability values. Different mutually exclusive attack scenarios may be envisaged for a given system. Hence, the essential feature of a fault tree analyser is the capability to determine the exact value of the top event probability containing mutually exclusive events. It is also shown that in these cases the use of non-coherent fault trees allows solving the problem with limited effort

WAMCUT, a computer code for fault tree evaluation. Final report

International Nuclear Information System (INIS)

Erdmann, R.C.

1978-06-01

WAMCUT is a code in the WAM family which produces the minimum cut sets (MCS) for a given fault tree. The MCS are useful as they provide a qualitative evaluation of a system, as well as providing a means of determining the probability distribution function for the top of the tree. The program is very efficient and will produce all the MCS in a very short computer time span. 22 figures, 4 tables

Risk and reliability assessment for telecommunications networks

Energy Technology Data Exchange (ETDEWEB)

Wyss, G.D.; Schriner, H.K.; Gaylor, T.R.

1996-08-01

Sandia National Laboratories has assembled an interdisciplinary team to explore the applicability of probabilistic logic modeling (PLM) techniques to model network reliability for a wide variety of communications network architectures. The authors have found that the reliability and failure modes of current generation network technologies can be effectively modeled using fault tree PLM techniques. They have developed a ``plug-and-play`` fault tree analysis methodology that can be used to model connectivity and the provision of network services in a wide variety of current generation network architectures. They have also developed an efficient search algorithm that can be used to determine the minimal cut sets of an arbitrarily-interconnected (non-hierarchical) network without the construction of a fault tree model. This paper provides an overview of these modeling techniques and describes how they are applied to networks that exhibit hybrid network structures (i.e., a network in which some areas are hierarchical and some areas are not hierarchical).

CAT: a computer code for the automated construction of fault trees

International Nuclear Information System (INIS)

Apostolakis, G.E.; Salem, S.L.; Wu, J.S.

1978-03-01

A computer code, CAT (Computer Automated Tree, is presented which applies decision table methods to model the behavior of components for systematic construction of fault trees. The decision tables for some commonly encountered mechanical and electrical components are developed; two nuclear subsystems, a Containment Spray Recirculation System and a Consequence Limiting Control System, are analyzed to demonstrate the applications of CAT code

Algorithms and programs for evaluating fault trees with multi-state components

International Nuclear Information System (INIS)

Wickenhaeuser, A.

1989-07-01

Part 1 and 2 of the report contain a summary overview of methods and algorithms for the solution of fault tree analysis problems. The following points are treated in detail: Treatment of fault tree components with more than two states. Acceleration of the solution algorithms. Decomposition and modularization of extensive systems. Calculation of the structural function and the exact occurrence probability. Treatment of statistical dependencies. A flexible tool to be employed in solving these problems is the method of forming Boolean variables with restrictions. In this way, components with more than two states can be treated, the possibilities of forming modules expanded, and statistical dependencies treated. Part 3 contains descriptions of the MUSTAFA, MUSTAMO, PASPI, and SIMUST computer programs based on these methods. (orig./HP) [de

Probability intervals for the top event unavailability of fault trees

International Nuclear Information System (INIS)

Lee, Y.T.; Apostolakis, G.E.

1976-06-01

The evaluation of probabilities of rare events is of major importance in the quantitative assessment of the risk from large technological systems. In particular, for nuclear power plants the complexity of the systems, their high reliability and the lack of significant statistical records have led to the extensive use of logic diagrams in the estimation of low probabilities. The estimation of probability intervals for the probability of existence of the top event of a fault tree is examined. Given the uncertainties of the primary input data, a method is described for the evaluation of the first four moments of the top event occurrence probability. These moments are then used to estimate confidence bounds by several approaches which are based on standard inequalities (e.g., Tchebycheff, Cantelli, etc.) or on empirical distributions (the Johnson family). Several examples indicate that the Johnson family of distributions yields results which are in good agreement with those produced by Monte Carlo simulation

Study of the reliability of the Auxiliary Feedwater System of a LWR nuclear power plant through the Fault Tree and Bayesian Network; Estudo de confiabilidade do Sistema Auxiliar de Agua de Alimentacao de uma central nuclear a agua leve por arvore de falhas e rede Bayesiana

Energy Technology Data Exchange (ETDEWEB)

Lava, Deise Diana

2016-10-01

This paper aims to present a study of the reliability of the Auxiliary Feedwater System (AFWS) through the methods of Fault Tree and Bayesian Network. Therefore, the paper consists of a literature review of the history of nuclear energy and the methodologies used. The AFWS is responsible for providing water system to cool the secondary circuit of nuclear reactors of the PWR type when normal feeding water system failure. How this system operates only when the primary system fails, it is expected that the AFWS failure probability is very low. The AFWS failure probability is divided into two cases: the first is the probability of failure in the first eight hours of operation and the second is the probability of failure after eight hours of operation, considering that the system has not failed within the first eight hours. The calculation of the probability of failure of the second case was made through the use of Fault Tree and Bayesian Network, that it was constructed from the Fault Tree. The results of the failure probability obtained were very close, on the order of 10{sup -3}. (author)

Multi-state system in a fault tree analysis of a nuclear based thermochemical hydrogen plant

International Nuclear Information System (INIS)

Zhang, Y.

2008-01-01

Nuclear-based hydrogen generation is a promising way to supply hydrogen for this large market in the future. This thesis focuses on one of the most promising methods, a thermochemical Cu-Cl cycle, which is currently under development by UOIT, Atomic Energy of Canada Limited (AECL) and the Argonne National Laboratory (ANL). The safety issues of the Cu-Cl cycle are addressed in this thesis. An investigation of major accident scenarios shows that potential tragedies can be avoided with effective risk analysis and safety management programs. As a powerful and systematic tool, fault tree analysis (FTA) is adapted to the particular needs of the Cu-Cl system. This thesis develops a new method that combines FTA with a reliability analysis tool, multi-state system (MSS), to improve the accuracy of FTA and also improve system reliability. (author)

Application of reliability-centered maintenance to boiling water reactor emergency core cooling systems fault-tree analysis

International Nuclear Information System (INIS)

Choi, Y.A.; Feltus, M.A.

1995-01-01

Reliability-centered maintenance (RCM) methods are applied to boiling water reactor plant-specific emergency core cooling system probabilistic risk assessment (PRA) fault trees. The RCM is a technique that is system function-based, for improving a preventive maintenance (PM) program, which is applied on a component basis. Many PM programs are based on time-directed maintenance tasks, while RCM methods focus on component condition-directed maintenance tasks. Stroke time test data for motor-operated valves (MOVs) are used to address three aspects concerning RCM: (a) to determine if MOV stroke time testing was useful as a condition-directed PM task; (b) to determine and compare the plant-specific MOV failure data from a broad RCM philosophy time period compared with a PM period and, also, compared with generic industry MOV failure data; and (c) to determine the effects and impact of the plant-specific MOV failure data on core damage frequency (CDF) and system unavailabilities for these emergency systems. The MOV stroke time test data from four emergency core cooling systems [i.e., high-pressure coolant injection (HPCI), reactor core isolation cooling (RCIC), low-pressure core spray (LPCS), and residual heat removal/low-pressure coolant injection (RHR/LPCI)] were gathered from Philadelphia Electric Company's Peach Bottom Atomic Power Station Units 2 and 3 between 1980 and 1992. The analyses showed that MOV stroke time testing was not a predictor for eminent failure and should be considered as a go/no-go test. The failure data from the broad RCM philosophy showed an improvement compared with the PM-period failure rates in the emergency core cooling system MOVs. Also, the plant-specific MOV failure rates for both maintenance philosophies were shown to be lower than the generic industry estimates

Qualitative analysis in reliability and safety studies

International Nuclear Information System (INIS)

Worrell, R.B.; Burdick, G.R.

1976-01-01

The qualitative evaluation of system logic models is described as it pertains to assessing the reliability and safety characteristics of nuclear systems. Qualitative analysis of system logic models, i.e., models couched in an event (Boolean) algebra, is defined, and the advantages inherent in qualitative analysis are explained. Certain qualitative procedures that were developed as a part of fault-tree analysis are presented for illustration. Five fault-tree analysis computer-programs that contain a qualitative procedure for determining minimal cut sets are surveyed. For each program the minimal cut-set algorithm and limitations on its use are described. The recently developed common-cause analysis for studying the effect of common-causes of failure on system behavior is explained. This qualitative procedure does not require altering the fault tree, but does use minimal cut sets from the fault tree as part of its input. The method is applied using two different computer programs. 25 refs

Users' manual for fault tree analysis code: CUT-TD

International Nuclear Information System (INIS)

Watanabe, Norio; Kiyota, Mikio.

1992-06-01

The CUT-TD code has been developed to find minimal cut sets for a given fault tree and to calculate the occurrence probability of its top event. This code uses an improved top-down algorithm which can enhance the efficiency in deriving minimal cut sets. The features in processing techniques incorporated into CUT-TD are as follows: (1) Consecutive OR gates or consecutive AND gates can be coalesced into a single gate. As a result, this processing directly produces cut sets for the redefined single gate with each gate not being developed. (2) The independent subtrees are automatically identified and their respective cut sets are separately found to enhance the efficiency in processing. (3) The minimal cut sets can be obtained for the top event of a fault tree by combining their respective minimal cut sets for several gates of the fault tree. (4) The user can reduce the computing time for finding minimal cut sets and control the size and significance of cut sets by inputting a minimum probability cut off and/or a maximum order cut off. (5) The user can select events that need not to be further developed in the process of obtaining minimal cut sets. This option can reduce the number of minimal cut sets, save the computing time and assists the user in reviewing the result. (6) Computing time is monitored by the CUT-TD code so that it can prevent the running job from abnormally ending due to excessive CPU time and produce an intermediate result. The CUT-TD code has the ability to restart the calculation with use of the intermediate result. This report provides a users' manual for the CUT-TD code. (author)

Interim reliability-evaluation program: analysis of the Browns Ferry, Unit 1, nuclear plant. Appendix B - system descriptions and fault trees

International Nuclear Information System (INIS)

Mays, S.E.; Poloski, J.P.; Sullivan, W.H.; Trainer, J.E.; Bertucio, R.C.; Leahy, T.J.

1982-07-01

This report describes a risk study of the Browns Ferry, Unit 1, nuclear plant. The study is one of four such studies sponsored by the NRC Office of Research, Division of Risk Assessment, as part of its Interim Reliability Evaluation Program (IREP), Phase II. This report is contained in four volumes: a main report and three appendixes. Appendix B provides a description of Browns Ferry, Unit 1, plant systems and the failure evaluation of those systems as they apply to accidents at Browns Ferry. Information is presented concerning front-line system fault analysis; support system fault analysis; human error models and probabilities; and generic control circuit analyses

The contribution of instrumentation and control software to system reliability

International Nuclear Information System (INIS)

Fryer, M.O.

1984-01-01

Advanced instrumentation and control systems are usually implemented using computers that monitor the instrumentation and issue commands to control elements. The control commands are based on instrument readings and software control logic. The reliability of the total system will be affected by the software design. When comparing software designs, an evaluation of how each design can contribute to the reliability of the system is desirable. Unfortunately, the science of reliability assessment of combined hardware and software systems is in its infancy. Reliability assessment of combined hardware/software systems is often based on over-simplified assumptions about software behavior. A new method of reliability assessment of combined software/hardware systems is presented. The method is based on a procedure called fault tree analysis which determines how component failures can contribute to system failure. Fault tree analysis is a well developed method for reliability assessment of hardware systems and produces quantitative estimates of failure probability based on component failure rates. It is shown how software control logic can be mapped into a fault tree that depicts both software and hardware contributions to system failure. The new method is important because it provides a way for quantitatively evaluating the reliability contribution of software designs. In many applications, this can help guide designers in producing safer and more reliable systems. An application to the nuclear power research industry is discussed

Quantile arithmetic methodology for uncertainty propagation in fault trees

International Nuclear Information System (INIS)

Abdelhai, M.; Ragheb, M.

1986-01-01

A methodology based on quantile arithmetic, the probabilistic analog to interval analysis, is proposed for the computation of uncertainties propagation in fault tree analysis. The basic events' continuous probability density functions (pdf's) are represented by equivalent discrete distributions by dividing them into a number of quantiles N. Quantile arithmetic is then used to performthe binary arithmetical operations corresponding to the logical gates in the Boolean expression of the top event expression of a given fault tree. The computational advantage of the present methodology as compared with the widely used Monte Carlo method was demonstrated for the cases of summation of M normal variables through the efficiency ratio defined as the product of the labor and error ratios. The efficiency ratio values obtained by the suggested methodology for M = 2 were 2279 for N = 5, 445 for N = 25, and 66 for N = 45 when compared with the results for 19,200 Monte Carlo samples at the 40th percentile point. Another advantage of the approach is that the exact analytical value of the median is always obtained for the top event

Fault tolerance and reliability in integrated ship control

DEFF Research Database (Denmark)

Nielsen, Jens Frederik Dalsgaard; Izadi-Zamanabadi, Roozbeh; Schiøler, Henrik

2002-01-01

Various strategies for achieving fault tolerance in large scale control systems are discussed. The positive and negative impacts of distribution through network communication are presented. The ATOMOS framework for standardized reliable marine automation is presented along with the corresponding...

Reliability analysis of shutdown system

International Nuclear Information System (INIS)

Kumar, C. Senthil; John Arul, A.; Pal Singh, Om; Suryaprakasa Rao, K.

2005-01-01

This paper presents the results of reliability analysis of Shutdown System (SDS) of Indian Prototype Fast Breeder Reactor. Reliability analysis carried out using Fault Tree Analysis predicts a value of 3.5 x 10 -8 /de for failure of shutdown function in case of global faults and 4.4 x 10 -8 /de for local faults. Based on 20 de/y, the frequency of shutdown function failure is 0.7 x 10 -6 /ry, which meets the reliability target, set by the Indian Atomic Energy Regulatory Board. The reliability is limited by Common Cause Failure (CCF) of actuation part of SDS and to a lesser extent CCF of electronic components. The failure frequency of individual systems is -3 /ry, which also meets the safety criteria. Uncertainty analysis indicates a maximum error factor of 5 for the top event unavailability

Analytical propagation of uncertainties through fault trees

International Nuclear Information System (INIS)

Hauptmanns, Ulrich

2002-01-01

A method is presented which enables one to propagate uncertainties described by uniform probability density functions through fault trees. The approach is analytical. It is based on calculating the expected value and the variance of the top event probability. These two parameters are then equated with the corresponding ones of a beta-distribution. An example calculation comparing the analytically calculated beta-pdf (probability density function) with the top event pdf obtained using the Monte-Carlo method shows excellent agreement at a much lower expense of computing time

Comparing Two Different Approaches to the Modeling of the Common Cause Failures in Fault Trees

International Nuclear Information System (INIS)

Vukovic, I.; Mikulicic, V.; Vrbanic, I.

2002-01-01

The potential for common cause failures in systems that perform critical functions has been recognized as very important contributor to risk associated with operation of nuclear power plants. Consequentially, modeling of common cause failures (CCF) in fault trees has become one among the essential elements in any probabilistic safety assessment (PSA). Detailed and realistic representation of CCF potential in fault tree structure is sometimes very challenging task. This is especially so in the cases where a common cause group involves more than two components. During the last ten years the difficulties associated with this kind of modeling have been overcome to some degree by development of integral PSA tools with high capabilities. Some of them allow for the definition of CCF groups and their automated expanding in the process of Boolean resolution and generation of minimal cutsets. On the other hand, in PSA models developed and run by more traditional tools, CCF-potential had to be modeled in the fault trees explicitly. With explicit CCF modeling, fault trees can grow very large, especially in the cases when they involve CCF groups with 3 or more members, which can become an issue for the management of fault trees and basic events with traditional non-integral PSA models. For these reasons various simplifications had to be made. Speaking in terms of an overall PSA model, there are also some other issues that need to be considered, such as maintainability and accessibility of the model. In this paper a comparison is made between the two approaches to CCF modeling. Analysis is based on a full-scope Level 1 PSA model for internal initiating events that had originally been developed by a traditional PSA tool and later transferred to a new-generation PSA tool with automated CCF modeling capabilities. Related aspects and issues mentioned above are discussed in the paper. (author)

TU-AB-BRD-03: Fault Tree Analysis

Energy Technology Data Exchange (ETDEWEB)

Dunscombe, P. [University of Calgary (Canada)

2015-06-15

Current quality assurance and quality management guidelines provided by various professional organizations are prescriptive in nature, focusing principally on performance characteristics of planning and delivery devices. However, published analyses of events in radiation therapy show that most events are often caused by flaws in clinical processes rather than by device failures. This suggests the need for the development of a quality management program that is based on integrated approaches to process and equipment quality assurance. Industrial engineers have developed various risk assessment tools that are used to identify and eliminate potential failures from a system or a process before a failure impacts a customer. These tools include, but are not limited to, process mapping, failure modes and effects analysis, fault tree analysis. Task Group 100 of the American Association of Physicists in Medicine has developed these tools and used them to formulate an example risk-based quality management program for intensity-modulated radiotherapy. This is a prospective risk assessment approach that analyzes potential error pathways inherent in a clinical process and then ranks them according to relative risk, typically before implementation, followed by the design of a new process or modification of the existing process. Appropriate controls are then put in place to ensure that failures are less likely to occur and, if they do, they will more likely be detected before they propagate through the process, compromising treatment outcome and causing harm to the patient. Such a prospective approach forms the basis of the work of Task Group 100 that has recently been approved by the AAPM. This session will be devoted to a discussion of these tools and practical examples of how these tools can be used in a given radiotherapy clinic to develop a risk based quality management program. Learning Objectives: Learn how to design a process map for a radiotherapy process Learn how to

TU-AB-BRD-03: Fault Tree Analysis

International Nuclear Information System (INIS)

Dunscombe, P.

2015-01-01

Current quality assurance and quality management guidelines provided by various professional organizations are prescriptive in nature, focusing principally on performance characteristics of planning and delivery devices. However, published analyses of events in radiation therapy show that most events are often caused by flaws in clinical processes rather than by device failures. This suggests the need for the development of a quality management program that is based on integrated approaches to process and equipment quality assurance. Industrial engineers have developed various risk assessment tools that are used to identify and eliminate potential failures from a system or a process before a failure impacts a customer. These tools include, but are not limited to, process mapping, failure modes and effects analysis, fault tree analysis. Task Group 100 of the American Association of Physicists in Medicine has developed these tools and used them to formulate an example risk-based quality management program for intensity-modulated radiotherapy. This is a prospective risk assessment approach that analyzes potential error pathways inherent in a clinical process and then ranks them according to relative risk, typically before implementation, followed by the design of a new process or modification of the existing process. Appropriate controls are then put in place to ensure that failures are less likely to occur and, if they do, they will more likely be detected before they propagate through the process, compromising treatment outcome and causing harm to the patient. Such a prospective approach forms the basis of the work of Task Group 100 that has recently been approved by the AAPM. This session will be devoted to a discussion of these tools and practical examples of how these tools can be used in a given radiotherapy clinic to develop a risk based quality management program. Learning Objectives: Learn how to design a process map for a radiotherapy process Learn how to

The reliability of nuclear power plant safety systems

International Nuclear Information System (INIS)

Susnik, J.

1978-01-01

A criterion was established concerning the protection that nuclear power plant (NPP) safety systems should afford. An estimate of the necessary or adequate reliability of the total complex of safety systems was derived. The acceptable unreliability of auxiliary safety systems is given, provided the reliability built into the specific NPP safety systems (ECCS, Containment) is to be fully utilized. A criterion for the acceptable unreliability of safety (sub)systems which occur in minimum cut sets having three or more components of the analysed fault tree was proposed. A set of input MTBF or MTTF values which fulfil all the set criteria and attain the appropriate overall reliability was derived. The sensitivity of results to input reliability data values was estimated. Numerical reliability evaluations were evaluated by the programs POTI, KOMBI and particularly URSULA, the last being based on Vesely's kinetic fault tree theory. (author)

Improvement of Matrix Converter Drive Reliability by Online Fault Detection and a Fault-Tolerant Switching Strategy

DEFF Research Database (Denmark)

Nguyen-Duy, Khiem; Liu, Tian-Hua; Chen, Der-Fa

2011-01-01

The matrix converter system is becoming a very promising candidate to replace the conventional two-stage ac/dc/ac converter, but system reliability remains an open issue. The most common reliability problem is that a bidirectional switch has an open-switch fault during operation. In this paper, a...

The use of fault tree analysis to minimize research reactor downtime

International Nuclear Information System (INIS)

Dodd, B.; Wang, C.H.; Anderson, T.V.

1984-01-01

For many reasons it is often highly desirable to maintain a research reactor in a continuously operable state and in the event of any failures to minimize the length of the reactor downtime. In order to keep the length of future downtimes to less than ten days for the sixteen year old OSU TRIGA reactor, a fault tree analysis was performed for all of the systems required to maintain the reactor operational. As a result of this analysis, it was possible to determine the critical parts and key components. By examining the availability and delivery times for each of these items, it was then possible to make reasoned decisions relating to the advance purchase of spare parts. This paper outlines the above process, along with examples of fault trees developed, and a recent history of the efficacy of this technique. (author)

Using SETS to find minimal cut sets in large fault trees

International Nuclear Information System (INIS)

Worrell, R.B.; Stack, D.W.

1978-01-01

An efficient algebraic algorithm for finding the minimal cut sets for a large fault tree was defined and a new procedure which implements the algorithm was added to the Set Equation Transformation System (SETS). The algorithm includes the identification and separate processing of independent subtrees, the coalescing of consecutive gates of the same kind, the creation of additional independent subtrees, and the derivation of the fault tree stem equation in stages. The computer time required to determine the minimal cut sets using these techniques is shown to be substantially less than the computer time required to determine the minimal cut sets when these techniques are not employed. It is shown for a given example that the execution time required to determine the minimal cut sets can be reduced from 7,686 seconds to 7 seconds when all of these techniques are employed

The Reliability and Stability of an Inferred Phylogenetic Tree from Empirical Data.

Science.gov (United States)

Katsura, Yukako; Stanley, Craig E; Kumar, Sudhir; Nei, Masatoshi

2017-03-01

The reliability of a phylogenetic tree obtained from empirical data is usually measured by the bootstrap probability (Pb) of interior branches of the tree. If the bootstrap probability is high for most branches, the tree is considered to be reliable. If some interior branches show relatively low bootstrap probabilities, we are not sure that the inferred tree is really reliable. Here, we propose another quantity measuring the reliability of the tree called the stability of a subtree. This quantity refers to the probability of obtaining a subtree (Ps) of an inferred tree obtained. We then show that if the tree is to be reliable, both Pb and Ps must be high. We also show that Ps is given by a bootstrap probability of the subtree with the closest outgroup sequence, and computer program RESTA for computing the Pb and Ps values will be presented. © The Author 2017. Published by Oxford University Press on behalf of the Society for Molecular Biology and Evolution.

Reliability analysis of self-supply system of V-1 nuclear power plant

International Nuclear Information System (INIS)

Kuklik, B.

The results are summarized of the fault tree analysis of the V-1 power plant self-consumption system. The 6 kV busbars providing power for the main circulating pumps, the steam generator feed pumps and other important components including the 0.4 kV busbars are of the highest importance for nuclear safety. A fault tree analysis was also made of the emergency core cooling system of the reactor. Dangerous faults are defined and fault trees are developed. A brief description is given of the calculation algorithm for a digital computer. Some results are discussed. The calculated reliability of the emergency core cooling system is 10 5 years, of the 6 kV busbars it is 6.6x10 4 years. In case of a permanent or a long-term outage of the 220 kV stand-bye power supply, the system reliability is reduced to 7x10 2 years. (Z.M.)

A survey of NASA and military standards on fault tolerance and reliability applied to robotics

Science.gov (United States)

Cavallaro, Joseph R.; Walker, Ian D.

1994-01-01

There is currently increasing interest and activity in the area of reliability and fault tolerance for robotics. This paper discusses the application of Standards in robot reliability, and surveys the literature of relevant existing standards. A bibliography of relevant Military and NASA standards for reliability and fault tolerance is included.

On the numerical solution of fault trees

International Nuclear Information System (INIS)

Demichela, M.; Piccinini, N.; Ciarambino, I.; Contini, S.

2003-01-01

In this paper an account will be given of the numerical solution of the logic trees directly extracted from the Recursive Operability Analysis. Particular attention will be devoted to the use of the NOT and INH logic gates for correct logical representation of Fault Trees prior to their quantitative resolution. The NOT gate is needed for correct logical representation of events when both non-intervention and correct intervention of a protective system may lead to a Top Event. The INH gate must be used to correctly represent the time link between two events that are both necessary, but must occur in sequence. Some numerical examples will be employed to show both the correct identification of the events entering the INH gates and how use of the AND gate instead of the INH gate leads to overestimation of the probability of occurrence of a Top Event

Reliability of the emergency AC power system at nuclear power plants

International Nuclear Information System (INIS)

Battle, R.E.; Campbell, D.J.; Baranowsky, P.W.

1983-01-01

The reliability of the emergency ac power systems typical of most nuclear power plants was estimated, and the cost and increase in reliability for several improvements were estimated. Fault trees were constructed based on a detailed design review of the emergency ac power systems of 18 nuclear plants. The failure probabilities used in the fault trees were calculated from extensive historical data collected from Licensee Event Reports (LERs) and from operating experience information obtained from nuclear plant licensees. No one or two improvements can be made at all plants to significantly increase the industry-average emergency ac power system reliability; rather the most beneficial improvements are varied and plant specific. Improvements in reliability and the associated costs are estimated using plant specific designs and failure probabilities

The integration of expert-defined importance factors to enrich Bayesian Fault Tree Analysis

International Nuclear Information System (INIS)

Darwish, Molham; Almouahed, Shaban; Lamotte, Florent de

2017-01-01

This paper proposes an analysis of a hybrid Bayesian-Importance model for system designers to improve the quality of services related to Active Assisted Living Systems. The proposed model is based on two factors: failure probability measure of different service components and, an expert defined degree of importance that each component holds for the success of the corresponding service. The proposed approach advocates the integration of expert-defined importance factors to enrich the Bayesian Fault Tree Analysis (FTA) approach. The evaluation of the proposed approach is conducted using the Fault Tree Analysis formalism where the undesired state of a system is analyzed using Boolean logic mechanisms to combine a series of lower-level events.

STARS software tool for analysis of reliability and safety

International Nuclear Information System (INIS)

Poucet, A.; Guagnini, E.

1989-01-01

This paper reports on the STARS (Software Tool for the Analysis of Reliability and Safety) project aims at developing an integrated set of Computer Aided Reliability Analysis tools for the various tasks involved in systems safety and reliability analysis including hazard identification, qualitative analysis, logic model construction and evaluation. The expert system technology offers the most promising perspective for developing a Computer Aided Reliability Analysis tool. Combined with graphics and analysis capabilities, it can provide a natural engineering oriented environment for computer assisted reliability and safety modelling and analysis. For hazard identification and fault tree construction, a frame/rule based expert system is used, in which the deductive (goal driven) reasoning and the heuristic, applied during manual fault tree construction, is modelled. Expert system can explain their reasoning so that the analyst can become aware of the why and the how results are being obtained. Hence, the learning aspect involved in manual reliability and safety analysis can be maintained and improved

Decision-table development for use with the CAT code for the automated fault-tree construction

International Nuclear Information System (INIS)

Wu, J.S.; Salem, S.L.; Apostolakis, G.E.

1977-01-01

A library of decision tables to be used in connection with the CAT computer code for the automated construction of fault trees is presented. A decision table is constructed for each component type describing the output of the component in terms of its inputs and its internal states. In addition, a modification of the CAT code that couples it with a fault tree analysis code is presented. This report represents one aspect of a study entitled, 'A General Evaluation Approach to Risk-Benefit for Large Technological Systems, and Its Application to Nuclear Power.'

Automatic fault tree construction with RIKKE - a compendium of examples. Vol. 2

International Nuclear Information System (INIS)

Taylor, J.R.

1982-02-01

This second volume describes the construction of fault trees for systems with loops, including control and safety loops. It also gives a short summary of the event coding scheme used in the FTLIB component model library. (author)

HVAC fault tree analysis for WIPP integrated risk assessment

International Nuclear Information System (INIS)

Kirby, P.; Iacovino, J.

1990-01-01

In order to evaluate the public health risk from operation of the Waste Isolation Pilot Plant (WIPP) due to potential radioactive releases, a probabilistic risk assessment of waste handling operations was conducted. One major aspect of this risk assessment involved fault tree analysis of the plant heating, ventilation, and air conditioning (HVAC) systems, which comprise the final barrier between waste handling operations and the environment. 1 refs., 1 tab

Post Fire Safe Shutdown Analysis Using a Fault Tree Logic Model

International Nuclear Information System (INIS)

Yim, Hyun Tae; Park, Jun Hyun

2005-01-01

Every nuclear power plant should have its own fire hazard analysis including the fire safe shutdown analysis. A safe shutdown (SSD) analysis is performed to demonstrate the capability of the plant to safely shut down for a fire in any given area. The basic assumption is that there will be fire damage to all cables and equipment located within a common fire area. When evaluating the SSD capabilities of the plant, based on a review of the systems, equipment and cables within each fire area, it should be determined which shutdown paths are either unaffected or least impacted by a postulated fire within the fire area. Instead of seeking a success path for safe shutdown given all cables and equipment damaged by a fire, there can be an alternative approach to determine the SSD capability: fault tree analysis. This paper introduces the methodology for fire SSD analysis using a fault tree logic model

An investigation of the relations between fault tree analysis and cause consequence analysis with special reference to a photometry and conductimetry system

International Nuclear Information System (INIS)

Weber, G.

1980-02-01

For an automated photometry and conductimetry system, the relations between cause consequence analysis and fault tree analysis have been investigated. It has been shown how failure combinations of a cause consequence diagram and minimal cuts of a fault tree can be identified. This procedure allows a mutual control of fault tree analysis and cause consequence analysis. From a representation of all failure combinations of the system by means of a matrix we obtain a control of our analysis. Moreover, heuristic rules improving and simplifying the cause consequence analysis can be found. Necessary assumptions for the validity of these rules are discussed. Methodologically, the relation of a fault tree and a cause consequence diagram can be represented (under certain conditions) as a relation of a Boolean function and a binary decision tree. (orig.) 891 HP/orig. 892 MKO [de

Fault Tree Analysis with Temporal Gates and Model Checking Technique for Qualitative System Safety Analysis

International Nuclear Information System (INIS)

Koh, Kwang Yong; Seong, Poong Hyun

2010-01-01

Fault tree analysis (FTA) has suffered from several drawbacks such that it uses only static gates and hence can not capture dynamic behaviors of the complex system precisely, and it is in lack of rigorous semantics, and reasoning process which is to check whether basic events really cause top events is done manually and hence very labor-intensive and time-consuming for the complex systems while it has been one of the most widely used safety analysis technique in nuclear industry. Although several attempts have been made to overcome this problem, they can not still do absolute or actual time modeling because they adapt relative time concept and can capture only sequential behaviors of the system. In this work, to resolve the problems, FTA and model checking are integrated to provide formal, automated and qualitative assistance to informal and/or quantitative safety analysis. Our approach proposes to build a formal model of the system together with fault trees. We introduce several temporal gates based on timed computational tree logic (TCTL) to capture absolute time behaviors of the system and to give concrete semantics to fault tree gates to reduce errors during the analysis, and use model checking technique to automate the reasoning process of FTA

SAFTAC, Monte-Carlo Fault Tree Simulation for System Design Performance and Optimization

International Nuclear Information System (INIS)

Crosetti, P.A.; Garcia de Viedma, L.

1976-01-01

1 - Description of problem or function: SAFTAC is a Monte Carlo fault tree simulation program that provides a systematic approach for analyzing system design, performing trade-off studies, and optimizing system changes or additions. 2 - Method of solution: SAFTAC assumes an exponential failure distribution for basic input events and a choice of either Gaussian distributed or constant repair times. The program views the system represented by the fault tree as a statistical assembly of independent basic input events, each characterized by an exponential failure distribution and, if used, a constant or normal repair distribution. 3 - Restrictions on the complexity of the problem: The program is dimensioned to handle 1100 basic input events and 1100 logical gates. It can be re-dimensioned to handle up to 2000 basic input events and 2000 logical gates within the existing core memory

Reliability modelling of repairable systems using Petri nets and fuzzy Lambda-Tau methodology

International Nuclear Information System (INIS)

Knezevic, J.; Odoom, E.R.

2001-01-01

A methodology is developed which uses Petri nets instead of the fault tree methodology and solves for reliability indices utilising fuzzy Lambda-Tau method. Fuzzy set theory is used for representing the failure rate and repair time instead of the classical (crisp) set theory because fuzzy numbers allow expert opinions, linguistic variables, operating conditions, uncertainty and imprecision in reliability information to be incorporated into the system model. Petri nets are used because unlike the fault tree methodology, the use of Petri nets allows efficient simultaneous generation of minimal cut and path sets

Reliability and fault tolerance in the European ADS project

International Nuclear Information System (INIS)

Biarrotte, Jean-Luc

2013-01-01

After an introduction to the theory of reliability, this paper focuses on a description of the linear proton accelerator proposed for the European ADS demonstration project. Design issues are discussed and examples of cases of fault tolerance are given. (author)

Suitability review of FMEA and reliability analysis for digital plant protection system and digital engineered safety features actuation system

Energy Technology Data Exchange (ETDEWEB)

Kim, I. S.; Kim, T. K.; Kim, M. C.; Kim, B. S.; Hwang, S. W.; Ryu, K. C. [Hanyang Univ., Seoul (Korea, Republic of)

2000-11-15

Of the many items that should be checked out during a review stage of the licensing application for the I and C system of Ulchin 5 and 6 units, this report relates to a suitability review of the reliability analysis of Digital Plant Protection System (DPPS) and Digital Engineered Safety Features Actuation System (DESFAS). In the reliability analysis performed by the system designer, ABB-CE, fault tree analysis was used as the main methods along with Failure Modes and Effect Analysis (FMEA). However, the present regulatory technique dose not allow the system reliability analysis and its results to be appropriately evaluated. Hence, this study was carried out focusing on the following four items ; development of general review items by which to check the validity of a reliability analysis, and the subsequent review of suitability of the reliability analysis for Ulchin 5 and 6 DPPS and DESFAS L development of detailed review items by which to check the validity of an FMEA, and the subsequent review of suitability of the FMEA for Ulchin 5 and 6 DPPS and DESFAS ; development of detailed review items by which to check the validity of a fault tree analysis, and the subsequent review of suitability of the fault tree for Ulchin 5 and 6 DPPS and DESFAS ; an integrated review of the safety and reliability of the Ulchin 5 and 6 DPPS and DESFAS based on the results of the various reviews above and also of a reliability comparison between the digital systems and the comparable analog systems, i.e., and analog Plant Protection System (PPS) and and analog Engineered Safety Features Actuation System (ESFAS). According to the review mentioned above, the reliability analysis of Ulchin 5 and 6 DPPS and DESFAS generally satisfies the review requirements. However, some shortcomings of the analysis were identified in our review such that the assumed test periods for several equipment were not properly incorporated in the analysis, and failures of some equipment were not included in the

Reliability of Coulomb stress changes inferred from correlated uncertainties of finite-fault source models

KAUST Repository

Woessner, J.

2012-07-14

Static stress transfer is one physical mechanism to explain triggered seismicity. Coseismic stress-change calculations strongly depend on the parameterization of the causative finite-fault source model. These models are uncertain due to uncertainties in input data, model assumptions, and modeling procedures. However, fault model uncertainties have usually been ignored in stress-triggering studies and have not been propagated to assess the reliability of Coulomb failure stress change (ΔCFS) calculations. We show how these uncertainties can be used to provide confidence intervals for co-seismic ΔCFS-values. We demonstrate this for the MW = 5.9 June 2000 Kleifarvatn earthquake in southwest Iceland and systematically map these uncertainties. A set of 2500 candidate source models from the full posterior fault-parameter distribution was used to compute 2500 ΔCFS maps. We assess the reliability of the ΔCFS-values from the coefficient of variation (CV) and deem ΔCFS-values to be reliable where they are at least twice as large as the standard deviation (CV ≤ 0.5). Unreliable ΔCFS-values are found near the causative fault and between lobes of positive and negative stress change, where a small change in fault strike causes ΔCFS-values to change sign. The most reliable ΔCFS-values are found away from the source fault in the middle of positive and negative ΔCFS-lobes, a likely general pattern. Using the reliability criterion, our results support the static stress-triggering hypothesis. Nevertheless, our analysis also suggests that results from previous stress-triggering studies not considering source model uncertainties may have lead to a biased interpretation of the importance of static stress-triggering.

Dynamic reliability and risk assessment of the accident localization system of the Ignalina NPP RBMK-1500 reactor

International Nuclear Information System (INIS)

Kopustinskas, V.; Augutis, J.; Rimkevicius, S.

2005-01-01

The paper presents reliability and risk analysis of the RBMK-1500 reactor accident localization system (ALS) (confinement), which prevents radioactive releases to the environment. Reliability of the system was estimated and compared by two methods: the conventional fault tree method and an innovative dynamic reliability model, based on stochastic differential equations. Frequency of radioactive release through ALS was also estimated. The results of the study indicate that conventional fault tree modeling techniques in this case apply high degree of conservatism in the system reliability estimates. One of the purposes of the ALS reliability study was to demonstrate advantages of the dynamic reliability analysis against the conventional fault/event tree methods. The Markovian framework to deal with dynamic aspects of system behavior is presented. Although not analyzed in detail, the framework is also capable of accounting for non-constant component failure rates. Computational methods are proposed to solve stochastic differential equations, including analytical solution, which is possible only for relatively small and simple systems. Other numerical methods, like Monte Carlo and numerical schemes of differential equations are analyzed and compared. The study is finalized with concluding remarks regarding both the studied system reliability and computational methods used

The Combined Application of Fault Trees and Turbine Cycle Simulation in Generation Risk Assessment

International Nuclear Information System (INIS)

Heo, Gyun Young; Park, Jin Kyun

2009-01-01

The paper describes a few ideas developed for the framework to quantify human errors taking place during the test and maintenance (T and M) in a secondary system of nuclear power plants, which was presented in the previous meeting. GRA-HRE (Generation Risk Assessment for Human Related Events) is composed of four essential components, the human error interpreter, the frequency estimator, the risk estimator, and the derate estimator. The proposed GRA gave emphasis on explicitly considering human errors, performing fault tree analysis including the entire balance-of-plant side, and quantifying electric loss under abnormal plant configurations. In terms of the consideration of human errors, it was hard to distinguish the effects of human errors from other failure modes in the conventional GRA because the human errors were implicitly involved in mechanical failure mode. Since the risk estimator in GRA-HRE separately deals with the basic events representing human error modes such as control failure, wrong object, omission, wrong action, etc., we can recognize their relative importance comparing with other types of mechanical failures. Other specialties in GRA-HRE came from the combined application of fault tree analysis and turbine cycle simulation. The previous study suggested that we would use the fault tree analysis with the top events designated by system's malfunction such as 'feedwater system failure' to develop the risk estimator. However, this approach could not clearly provide the path of propagation of human errors, and it was difficult to present the failure logics in some cases. In order to overcome these bottlenecks, the paper is going to propose the modified idea to setup top events and to explain how to make use of turbine cycle simulation to complete the fault trees in a cooperative manner

Fault-Tree Modeling of Safety-Critical Network Communication in a Digitalized Nuclear Power Plant

Energy Technology Data Exchange (ETDEWEB)

Lee, Sang Hun; Kang, Hyun Gook [KAIST, Daejeon (Korea, Republic of)

2015-10-15

To achieve technical self-reliance for nuclear I and C systems in Korea, the Advanced Power Reactor 1400 (APR-1400) man-machine interface system (MMIS) architecture was developed by the Korea Atomic Energy Research Institute (KAERI). As one of the systems in the developed MMIS architecture, the Engineered Safety Feature-Component Control System (ESF-CCS) employs a network communication system for the transmission of safety-critical information from group controllers (GCs) to loop controllers (LCs) to effectively accommodate the vast number of field controllers. The developed fault-tree model was then applied to several case studies. As an example of the development of a fault-tree model for ESF-CCS signal failure, the fault-tree model of ESF-CCS signal failure for CS pump PP01A in the CSAS condition was designed by considering the identified hazardous states of network failure that would result in a failure to provide input signals to the corresponding LC. The quantitative results for four case studies demonstrated that the probability of overall network communication failure, which was calculated as the sum of the failure probability associated with each failure cause, contributes up to 1.88% of the probability of ESF-CCS signal failure for the CS pump considered in the case studies.

Evaluation of tecnological reliability of wind turbine facility Gibara 2

International Nuclear Information System (INIS)

Torres Valle, Antonio; Martínez Martín, Erich

2016-01-01

Renewable energy, particularly wind, will occupy an important place in the coming decades, marked by the depletion of fossil fuel sources. In Cuba significant growth in the use of these energy sourcesis forecasted. For this reason is importantthe creation of reliable technology to ensure that future mission. The paper proposes as its central objective, the analysis of reliability of Wind Farm Gibara 2 starting from its representation based on the methodology of fault tree and to recommend some possible applications of the results. An essential step in the research is the determination of participating components in the fault tree and processing of the available reliability database at the Wind Farm Gibara 2. The document essentially helpsin the identification of the main contributors to the unavailability of facilities and optimizing maintenance policy. (author)

Fault locator of an allyl chloride plant

Directory of Open Access Journals (Sweden)

Savković-Stevanović Jelenka B.

2004-01-01

Full Text Available Process safety analysis, which includes qualitative fault event identification, the relative frequency and event probability functions, as well as consequence analysis, was performed on an allye chloride plant. An event tree for fault diagnosis and cognitive reliability analysis, as well as a troubleshooting system, were developed. Fuzzy inductive reasoning illustrated the advantages compared to crisp inductive reasoning. A qualitative model forecast the future behavior of the system in the case of accident detection and then compared it with the actual measured data. A cognitive model including qualitative and quantitative information by fuzzy logic of the incident scenario was derived as a fault locator for an ally! chloride plant. The obtained results showed the successful application of cognitive dispersion modeling to process safety analysis. A fuzzy inductive reasoner illustrated good performance to discriminate between different types of malfunctions. This fault locator allowed risk analysis and the construction of a fault tolerant system. This study is the first report in the literature showing the cognitive reliability analysis method.

Irregular recurrence of large earthquakes along the san andreas fault: evidence from trees.

Science.gov (United States)

Jacoby, G C; Sheppard, P R; Sieh, K E

1988-07-08

Old trees growing along the San Andreas fault near Wrightwood, California, record in their annual ring-width patterns the effects of a major earthquake in the fall or winter of 1812 to 1813. Paleoseismic data and historical information indicate that this event was the "San Juan Capistrano" earthquake of 8 December 1812, with a magnitude of 7.5. The discovery that at least 12 kilometers of the Mojave segment of the San Andreas fault ruptured in 1812, only 44 years before the great January 1857 rupture, demonstrates that intervals between large earthquakes on this part of the fault are highly variable. This variability increases the uncertainty of forecasting destructive earthquakes on the basis of past behavior and accentuates the need for a more fundamental knowledge of San Andreas fault dynamics.

Fault tolerant control of a three-phase three-wire shunt active filter system based on reliability analysis

Energy Technology Data Exchange (ETDEWEB)

Poure, P. [Laboratoire d' Instrumentation Electronique de Nancy LIEN, EA 3440, Nancy-Universite, Faculte des Sciences et Techniques, BP 239, 54506 Vandoeuvre Cedex (France); Weber, P.; Theilliol, D. [Centre de Recherche en Automatique de Nancy UMR 7039, Nancy-Universite, CNRS, Faculte des Sciences et Techniques, BP 239, 54506 Vandoeuvre Cedex (France); Saadate, S. [Groupe de Recherches en Electrotechnique et Electronique de Nancy UMR 7037, Nancy-Universite, CNRS, Faculte des Sciences et Techniques, BP 239, 54506 Vandoeuvre Cedex (France)

2009-02-15

This paper deals with fault tolerant shunt three-phase three-wire active filter topologies for which reliability is very important in industry applications. The determination of the optimal reconfiguration structure among various ones with or without redundant components is discussed based on reliability criteria. First, the reconfiguration of the inverter is detailed and a fast fault diagnosis method for power semi-conductor or driver fault detection and compensation is presented. This method avoids false fault detection due to power semi-conductors switching. The control architecture and algorithm are studied and a fault tolerant control strategy is considered. Simulation results in open and short circuit cases validate the theoretical study. Finally, the reliability of the studied three-phase three-wire filter shunt active topologies is analyzed to determine the optimal one. (author)

Usefulness of the Monte Carlo method in reliability calculations

International Nuclear Information System (INIS)

Lanore, J.M.; Kalli, H.

1977-01-01

Three examples of reliability Monte Carlo programs developed in the LEP (Laboratory for Radiation Shielding Studies in the Nuclear Research Center at Saclay) are presented. First, an uncertainty analysis is given for a simplified spray system; a Monte Carlo program PATREC-MC has been written to solve the problem with the system components given in the fault tree representation. The second program MONARC 2 has been written to solve the problem of complex systems reliability by the Monte Carlo simulation, here again the system (a residual heat removal system) is in the fault tree representation. Third, the Monte Carlo program MONARC was used instead of the Markov diagram to solve the simulation problem of an electric power supply including two nets and two stand-by diesels

Reliability of the emergency ac-power system at nuclear power plants

International Nuclear Information System (INIS)

Battle, R.E.; Campbell, D.J.; Baranowsky, P.W.

1982-01-01

The reliability of the emergency ac-power systems typical of several nuclear power plants was estimated, the costs of several possible improvements was estimated. Fault trees were constructed based on a detailed design review of the emergency ac-power systems of 18 nuclear plants. The failure probabilities used in the fault trees were calculated from extensive historical data collected from Licensee Event Reports (LERs) and from operating experience information obtained from nuclear plant licensees. It was found that there are not one or two improvements that can be made at all plants to significantly increase the industry-average emergency ac-power-system reliability, but the improvements are varied and plant-specific. Estimates of the improvements in reliability and the associated cost are estimated using plant-specific designs and failure probabilities

The DYLAM approach for the dynamic reliability analysis of systems

International Nuclear Information System (INIS)

Cojazzi, Giacomo

1996-01-01

In many real systems, failures occurring to the components, control failures and human interventions often interact with the physical system evolution in such a way that a simple reliability analysis, de-coupled from process dynamics, is very difficult or even impossible. In the last ten years many dynamic reliability approaches have been proposed to properly assess the reliability of these systems characterized by dynamic interactions. The DYLAM methodology, now implemented in its latest version, DYLAM-3, offers a powerful tool for integrating deterministic and failure events. This paper describes the main features of the DYLAM-3 code with reference to the classic fault-tree and event-tree techniques. Some aspects connected to the practical problems underlying dynamic event-trees are also discussed. A simple system, already analyzed with other dynamic methods is used as a reference for the numerical applications. The same system is also studied with a time-dependent fault-tree approach in order to show some features of dynamic methods vs classical techniques. Examples including stochastic failures, without and with repair, failures on demand and time dependent failure rates give an extensive overview of DYLAM-3 capabilities

Rolling bearing fault diagnosis using adaptive deep belief network with dual-tree complex wavelet packet.

Science.gov (United States)

Shao, Haidong; Jiang, Hongkai; Wang, Fuan; Wang, Yanan

2017-07-01

Automatic and accurate identification of rolling bearing fault categories, especially for the fault severities and compound faults, is a challenge in rotating machinery fault diagnosis. For this purpose, a novel method called adaptive deep belief network (DBN) with dual-tree complex wavelet packet (DTCWPT) is developed in this paper. DTCWPT is used to preprocess the vibration signals to refine the fault characteristics information, and an original feature set is designed from each frequency-band signal of DTCWPT. An adaptive DBN is constructed to improve the convergence rate and identification accuracy with multiple stacked adaptive restricted Boltzmann machines (RBMs). The proposed method is applied to the fault diagnosis of rolling bearings. The results confirm that the proposed method is more effective than the existing methods. Copyright © 2017 ISA. Published by Elsevier Ltd. All rights reserved.

Probabilistic Risk Assessment of Hydraulic Fracturing in Unconventional Reservoirs by Means of Fault Tree Analysis: An Initial Discussion

Science.gov (United States)

Rodak, C. M.; McHugh, R.; Wei, X.

2016-12-01

The development and combination of horizontal drilling and hydraulic fracturing has unlocked unconventional hydrocarbon reserves around the globe. These advances have triggered a number of concerns regarding aquifer contamination and over-exploitation, leading to scientific studies investigating potential risks posed by directional hydraulic fracturing activities. These studies, balanced with potential economic benefits of energy production, are a crucial source of information for communities considering the development of unconventional reservoirs. However, probabilistic quantification of the overall risk posed by hydraulic fracturing at the system level are rare. Here we present the concept of fault tree analysis to determine the overall probability of groundwater contamination or over-exploitation, broadly referred to as the probability of failure. The potential utility of fault tree analysis for the quantification and communication of risks is approached with a general application. However, the fault tree design is robust and can handle various combinations of regional-specific data pertaining to relevant spatial scales, geological conditions, and industry practices where available. All available data are grouped into quantity and quality-based impacts and sub-divided based on the stage of the hydraulic fracturing process in which the data is relevant as described by the USEPA. Each stage is broken down into the unique basic events required for failure; for example, to quantify the risk of an on-site spill we must consider the likelihood, magnitude, composition, and subsurface transport of the spill. The structure of the fault tree described above can be used to render a highly complex system of variables into a straightforward equation for risk calculation based on Boolean logic. This project shows the utility of fault tree analysis for the visual communication of the potential risks of hydraulic fracturing activities on groundwater resources.

A Novel Method for Detection and Classification of Covered Conductor Faults

Directory of Open Access Journals (Sweden)

Stanislav Misak

2016-01-01

Full Text Available Medium-Voltage (MV overhead lines with Covered Conductors (CCs are increasingly being used around the world primarily in forested or dissected terrain areas or in urban areas where it is not possible to utilize MV cable lines. The CC is specific in high operational reliability provided by the conductor core insulation compared to Aluminium-Conductor Steel-Reinforced (ACSR overhead lines. The only disadvantage of the CC is rather the problematic detection of faults compared to the ACSR. In this work, we consider the following faults: the contact of a tree branch with a CC and the fall of a conductor on the ground. The standard protection relays are unable to detect the faults and so the faults pose a risk for individuals in the vicinity of the conductor as well as it compromises the overall safety and reliability of the MV distribution system. In this article, we continue with our previous work aimed at the method enabling detection of the faults and we introduce a method enabling a classification of the fault type. Such a classification is especially important for an operator of an MV distribution system to plan the optimal maintenance or repair the faulty conductors since the fall of a tree branch can be solved later whereas the breakdown of a conductor means an immediate action of the operator.

Application of subset simulation methods to dynamic fault tree analysis

International Nuclear Information System (INIS)

Liu Mengyun; Liu Jingquan; She Ding

2015-01-01

Although fault tree analysis has been implemented in the nuclear safety field over the past few decades, it was recently criticized for the inability to model the time-dependent behaviors. Several methods are proposed to overcome this disadvantage, and dynamic fault tree (DFT) has become one of the research highlights. By introducing additional dynamic gates, DFT is able to describe the dynamic behaviors like the replacement of spare components or the priority of failure events. Using Monte Carlo simulation (MCS) approach to solve DFT has obtained rising attention, because it can model the authentic behaviors of systems and avoid the limitations in the analytical method. In this paper, it provides an overview and MCS information for DFT analysis, including the sampling of basic events and the propagation rule for logic gates. When calculating rare-event probability, large amount of simulations in standard MCS are required. To improve the weakness, subset simulation (SS) approach is applied. Using the concept of conditional probability and Markov Chain Monte Carlo (MCMC) technique, the SS method is able to accelerate the efficiency of exploring the failure region. Two cases are tested to illustrate the performance of SS approach, and the numerical results suggest that it gives high efficiency when calculating complicated systems with small failure probabilities. (author)

Calculation of the reliability of large complex systems by the relevant path method

International Nuclear Information System (INIS)

Richter, G.

1975-03-01

In this paper, analytical methods are presented and tested with which the probabilistic reliability data of technical systems can be determined for given fault trees and block diagrams and known reliability data of the components. (orig./AK) [de

Quantitative analysis of a fault tree with priority AND gates

International Nuclear Information System (INIS)

Yuge, T.; Yanagi, S.

2008-01-01

A method for calculating the exact top event probability of a fault tree with priority AND gates and repeated basic events is proposed when the minimal cut sets are given. A priority AND gate is an AND gate where the input events must occur in a prescribed order for the occurrence of the output event. It is known that the top event probability of such a dynamic fault tree is obtained by converting the tree into an equivalent Markov model. However, this method is not realistic for a complex system model because the number of states which should be considered in the Markov analysis increases explosively as the number of basic events increases. To overcome the shortcomings of the Markov model, we propose an alternative method to obtain the top event probability in this paper. We assume that the basic events occur independently, exponentially distributed, and the component whose failure corresponds to the occurrence of the basic event is non-repairable. First, we obtain the probability of occurrence of the output event of a single priority AND gate by Markov analysis. Then, the top event probability is given by a cut set approach and the inclusion-exclusion formula. An efficient procedure to obtain the probabilities corresponding to logical products in the inclusion-exclusion formula is proposed. The logical product which is composed of two or more priority AND gates having at least one common basic event as their inputs is transformed into the sum of disjoint events which are equivalent to a priority AND gate in the procedure. Numerical examples show that our method works well for complex systems

Analysis of fault tolerance and reliability in distributed real-time system architectures

International Nuclear Information System (INIS)

Philippi, Stephan

2003-01-01

Safety critical real-time systems are becoming ubiquitous in many areas of our everyday life. Failures of such systems potentially have catastrophic consequences on different scales, in the worst case even the loss of human life. Therefore, safety critical systems have to meet maximum fault tolerance and reliability requirements. As the design of such systems is far from being trivial, this article focuses on concepts to specifically support the early architectural design. In detail, a simulation based approach for the analysis of fault tolerance and reliability in distributed real-time system architectures is presented. With this approach, safety related features can be evaluated in the early development stages and thus prevent costly redesigns in later ones

Development of reliability and probabilistic safety assessment program RiskA

International Nuclear Information System (INIS)

Wu, Yican

2015-01-01

Highlights: • There are four parts in the structure of RiskA. User input part lets users input the PSA model and some necessary data by GUI or model transformation tool. In calculation engine part, fault tree analysis, event tree analysis, uncertainty analysis, sensitivity analysis, importance analysis and failure mode and effects analysis are supplied. User output part outputs the analysis results, user customized reports and some other data. The last part includes reliability database, some other common tools and help documents. • RiskA has several advanced features. Extensible framework makes it easy to add any new functions, making RiskA to be a large platform of reliability and probabilistic safety assessment. It is very fast to analysis fault tree in RiskA because many advanced algorithm improvement were made. Many model formats can be imported and exported, which made the PSA model in the commercial software can be easily transformed to adapt RiskA platform. Web-based co-modeling let several users in different places work together whenever they are online. • The comparison between RiskA and other mature PSA codes (e.g. CAFTA, RiskSpectrum, XFTA) has demonstrated that the calculation and analysis of RiskA is correct and efficient. Based on the development of this code package, many applications of safety and reliability analysis of some research reactors and nuclear power plants were performed. The development of RiskA appears to be of realistic and potential value for academic research and practical operation safety management of nuclear power plants in China and abroad. - Abstract: PSA (probabilistic safety assessment) software, the indispensable tool in nuclear safety assessment, has been widely used. An integrated reliability and PSA program named RiskA has been developed by FDS Team. RiskA supplies several standard PSA modules including fault tree analysis, event tree analysis, uncertainty analysis, failure mode and effect analysis and reliability

Reliability analysis for power supply system in a reprocessing facility based on GO methodology

International Nuclear Information System (INIS)

Wang Renze

2014-01-01

GO methodology was applied to analyze the reliability of power supply system in a typical reprocessing facility. Based on the fact that tie breakers are set in the system, tie breaker operator was defined. Then GO methodology modeling and quantitative analysis were performed sequently, minimal cut sets and average unavailability of the system were obtained. Parallel analysis between GO methodology and fault tree methodology was also performed. The results showed that setup of tie breakers was rational and necessary and that the modeling was much easier and the chart was much more succinct for GO methodology parallel with fault tree methodology to analyze the reliability of the power supply system. (author)

Effect Analysis of Digital I and C Systems on Plant Safety based on Fault-Tree Analysis

International Nuclear Information System (INIS)

Lee, Seung Jun; Jung, Wondea

2014-01-01

Deterioration and an inadequate supply of components of analog I and C systems have led to inefficient and costly maintenance. Moreover, since the fast evolution of digital technology has enabled more reliable functions to be designed for NPP safety, the transition from analog to digital has been accelerated. Owing to the distinguishable characteristics of digital I and C systems, a reliability analysis of digital systems has become an important element of a probabilistic safety assessment (PSA). Digital I and C systems have unique characteristics such as fault-tolerant techniques and software. However, these features have not been properly considered yet in most NPP PSA models. The effect of digital I and C systems should be evaluated by comparing them to that of analog I and C systems. Before installing a digital I and C system, even though it is expected that the plant safety can be improved through the advantageous features of digital I and C systems, it should be validated whether the total NPP safety is better than analog systems or is the same at least. In this work, the fault-tree (FT) technique, which is most widely used in a PSA, was used to compare the effects of analog and digital I and C systems. From a case study, the results of plant safety were compared. In this work, the effect of a digital RPS was evaluated by comparing it to that of an analog RPS based on the FT models. In the evaluation results, it was observed that digital RPS has a positive effect on reducing the system unavailability. The analysis results can be used for the development of a guide for evaluating digital I and C systems and reliability requirements

Safety and reliability assessment

International Nuclear Information System (INIS)

1979-01-01

This report contains the papers delivered at the course on safety and reliability assessment held at the CSIR Conference Centre, Scientia, Pretoria. The following topics were discussed: safety standards; licensing; biological effects of radiation; what is a PWR; safety principles in the design of a nuclear reactor; radio-release analysis; quality assurance; the staffing, organisation and training for a nuclear power plant project; event trees, fault trees and probability; Automatic Protective Systems; sources of failure-rate data; interpretation of failure data; synthesis and reliability; quantification of human error in man-machine systems; dispersion of noxious substances through the atmosphere; criticality aspects of enrichment and recovery plants; and risk and hazard analysis. Extensive examples are given as well as case studies

Systems Analysis Programs for Hands-on Integrated Reliability Evaluations (SAPHIRE), Version 5.0: Integrated Reliability and Risk Analysis System (IRRAS) reference manual. Volume 2

International Nuclear Information System (INIS)

Russell, K.D.; Kvarfordt, K.J.; Skinner, N.L.; Wood, S.T.; Rasmuson, D.M.

1994-07-01

The Systems Analysis Programs for Hands-on Integrated Reliability Evaluations (SAPHIRE) refers to a set of several microcomputer programs that were developed to create and analyze probabilistic risk assessments (PRAs), primarily for nuclear power plants. The Integrated Reliability and Risk Analysis System (IRRAS) is a state-of-the-art, microcomputer-based probabilistic risk assessment (PRA) model development and analysis tool to address key nuclear plant safety issues. IRRAS is an integrated software tool that gives the use the ability to create and analyze fault trees and accident sequences using a microcomputer. This program provides functions that range from graphical fault tree construction to cut set generation and quantification to report generation. Version 1.0 of the IRRAS program was released in February of 1987. Since then, many user comments and enhancements have been incorporated into the program providing a much more powerful and user-friendly system. This version has been designated IRRAS 5.0 and is the subject of this Reference Manual. Version 5.0 of IRRAS provides the same capabilities as earlier versions and ads the ability to perform location transformations, seismic analysis, and provides enhancements to the user interface as well as improved algorithm performance. Additionally, version 5.0 contains new alphanumeric fault tree and event used for event tree rules, recovery rules, and end state partitioning

Reliability modeling of digital RPS with consideration of undetected software faults

Energy Technology Data Exchange (ETDEWEB)

Khalaquzzaman, M.; Lee, Seung Jun; Jung, Won Dea [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of); Kim, Man Cheol [Chung Ang Univ., Seoul (Korea, Republic of)

2013-10-15

This paper provides overview of different software reliability methodologies and proposes a technic for estimating the reliability of RPS with consideration of undetected software faults. Software reliability analysis of safety critical software has been challenging despite spending a huge effort for developing large number of software reliability models, and no consensus yet to attain on an appropriate modeling methodology. However, it is realized that the combined application of BBN based SDLC fault prediction method and random black-box testing of software would provide better ground for reliability estimation of safety critical software. Digitalizing the reactor protection system of nuclear power plant has been initiated several decades ago and now full digitalization has been adopted in the new generation of NPPs around the world because digital I and C systems have many better technical features like easier configurability and maintainability over analog I and C systems. Digital I and C systems are also drift-free and incorporation of new features is much easier. Rules and regulation for safe operation of NPPs are established and has been being practiced by the operators as well as regulators of NPPs to ensure safety. The failure mechanism of hardware and analog systems well understood and the risk analysis methods for these components and systems are well established. However, digitalization of I and C system in NPP introduces some crisis and uncertainty in reliability analysis methods of the digital systems/components because software failure mechanisms are still unclear.

Interim reliability evaluation program (IREP)

International Nuclear Information System (INIS)

Carlson, D.D.; Murphy, J.A.

1981-01-01

The Interim Reliability Evaluation Program (IREP), sponsored by the Office of Nuclear Regulatory Research of the US Nuclear Regulatory Commission, is currently applying probabilistic risk analysis techniques to two PWR and two BWR type power plants. Emphasis was placed on the systems analysis portion of the risk assessment, as opposed to accident phenomenology or consequence analysis, since the identification of risk significant plant features was of primary interest. Traditional event tree/fault tree modeling was used for the analysis. However, the study involved a more thorough investigation of transient initiators and of support system faults than studies in the past and substantially improved techniques were used to quantify accident sequence frequencies. This study also attempted to quantify the potential for operator recovery actions in the course of each significant accident

System safety and reliability using object-oriented programming techniques

International Nuclear Information System (INIS)

Patterson-Hine, F.A.; Koen, B.V.

1987-01-01

Direct evaluation fault tree codes have been written in recursive, list-processing computer languages such as PL/1 (PATREC-I) and LISP (PATREC-L). The pattern-matching strategy implemented in these codes has been used extensively in France to evaluate system reliability. Recent reviews of the risk management process suggest that a data base containing plant-specific information be integrated with a package of codes used for probabilistic risk assessment (PRA) to alleviate some of the difficulties that make a PRA so costly and time-intensive. A new programming paradigm, object-oriented programming, is uniquely suited for the development of such a software system. A knowledge base and fault tree evaluation algorithm, based on previous experience with PATREC-L, have been implemented using object-oriented techniques, resulting in a reliability assessment environment that is easy to develop, modify, and extend

Making systems with mutually exclusive events analysable by standard fault tree analysis tools

International Nuclear Information System (INIS)

Vaurio, J.K.

2001-01-01

Methods are developed for analysing systems that comprise mutually exclusive events by fault tree techniques that accept only statistically independent basic events. Techniques based on equivalent models and numerical transformations are presented for phased missions and for systems with component-caused system-level common cause failures. Numerical examples illustrate the methods

Reliability analysis of component-level redundant topologies for solid-state fault current limiter

Science.gov (United States)

Farhadi, Masoud; Abapour, Mehdi; Mohammadi-Ivatloo, Behnam

2018-04-01

Experience shows that semiconductor switches in power electronics systems are the most vulnerable components. One of the most common ways to solve this reliability challenge is component-level redundant design. There are four possible configurations for the redundant design in component level. This article presents a comparative reliability analysis between different component-level redundant designs for solid-state fault current limiter. The aim of the proposed analysis is to determine the more reliable component-level redundant configuration. The mean time to failure (MTTF) is used as the reliability parameter. Considering both fault types (open circuit and short circuit), the MTTFs of different configurations are calculated. It is demonstrated that more reliable configuration depends on the junction temperature of the semiconductor switches in the steady state. That junction temperature is a function of (i) ambient temperature, (ii) power loss of the semiconductor switch and (iii) thermal resistance of heat sink. Also, results' sensitivity to each parameter is investigated. The results show that in different conditions, various configurations have higher reliability. The experimental results are presented to clarify the theory and feasibility of the proposed approaches. At last, levelised costs of different configurations are analysed for a fair comparison.

Fault recovery in the reliable multicast protocol

Science.gov (United States)

Callahan, John R.; Montgomery, Todd L.; Whetten, Brian

1995-01-01

The Reliable Multicast Protocol (RMP) provides a unique, group-based model for distributed programs that need to handle reconfiguration events at the application layer. This model, called membership views, provides an abstraction in which events such as site failures, network partitions, and normal join-leave events are viewed as group reformations. RMP provides access to this model through an application programming interface (API) that notifies an application when a group is reformed as the result of a some event. RMP provides applications with reliable delivery of messages using an underlying IP Multicast (12, 5) media to other group members in a distributed environment even in the case of reformations. A distributed application can use various Quality of Service (QoS) levels provided by RMP to tolerate group reformations. This paper explores the implementation details of the mechanisms in RMP that provide distributed applications with membership view information and fault recovery capabilities.

Reliability of emergency alternating-current power systems at nuclear power plants: a discussion of NUREG/CR-2989

International Nuclear Information System (INIS)

Battle, R.E.

1985-01-01

The reliability of emergency alternating-current power systems typical of most nuclear power plants was estimated by using fault-tree analysis of selected typical designs. The failure probabilities used in the fault trees were calculated from extensive historical data collected from Licensee Event Reports and from operating experience information obtained from nuclear plant licensees. Trends of diesel generator independent failure on demand are included. No one or two improvements can be made at all plants to increase significantly the industry-average emergency alternating-current power system reliability; the most beneficial improvements are varied and plant specific

Reliability analysis of Angra I safety systems

International Nuclear Information System (INIS)

Oliveira, L.F.S. de; Soto, J.B.; Maciel, C.C.; Gibelli, S.M.O.; Fleming, P.V.; Arrieta, L.A.

1980-07-01

An extensive reliability analysis of some safety systems of Angra I, are presented. The fault tree technique, which has been successfully used in most reliability studies of nuclear safety systems performed to date is employed. Results of a quantitative determination of the unvailability of the accumulator and the containment spray injection systems are presented. These results are also compared to those reported in WASH-1400. (E.G.) [pt

Reliability studies in research reactors

International Nuclear Information System (INIS)

Albuquerque, Tob Rodrigues de

2013-01-01

Fault trees and event trees are widely used in industry to model and to evaluate the reliability of safety systems. Detailed analyzes in nuclear installations require the combination of these two techniques. This study uses the methods of FT (Fault Tree) and ET (Event Tree) to accomplish the PSA (Probabilistic Safety Assessment) in research reactors. According to IAEA (lnternational Atomic Energy Agency), the PSA is divided into Level 1, Level 2 and Level 3. At the Level 1, conceptually, the security systems perform to prevent the occurrence of accidents, At the Level 2, once accidents happened, this Level seeks to minimize consequences, known as stage management of accident, and at Level 3 accident impacts are determined. This study focuses on analyzing the Level 1, and searching through the acquisition of knowledge, the consolidation of methodologies for future reliability studies. The Greek Research Reactor, GRR-1, is a case example. The LOCA (Loss of Coolant Accident) was chosen as the initiating event and from it, using ET, possible accidental sequences were developed, which could lead damage to the core. Moreover, for each of affected systems, probabilities of each event top of FT were developed and evaluated in possible accidental sequences. Also, the estimates of importance measures for basic events are presented in this work. The studies of this research were conducted using a commercial computational tool SAPHIRE. Additionally, achieved results thus were considered satisfactory for the performance or the failure of analyzed systems. (author)

IMPORTANCE, Minimal Cut Sets and System Availability from Fault Tree Analysis

International Nuclear Information System (INIS)

Lambert, H. W.

1987-01-01

1 - Description of problem or function: IMPORTANCE computes various measures of probabilistic importance of basic events and minimal cut sets to a fault tree or reliability network diagram. The minimal cut sets, the failure rates and the fault duration times (i.e., the repair times) of all basic events contained in the minimal cut sets are supplied as input data. The failure and repair distributions are assumed to be exponential. IMPORTANCE, a quantitative evaluation code, then determines the probability of the top event and computes the importance of minimal cut sets and basic events by a numerical ranking. Two measures are computed. The first describes system behavior at one point in time; the second describes sequences of failures that cause the system to fail in time. All measures are computed assuming statistical independence of basic events. In addition, system unavailability and expected number of system failures are computed by the code. 2 - Method of solution: Seven measures of basic event importance and two measures of cut set importance can be computed. Birnbaum's measure of importance (i.e., the partial derivative) and the probability of the top event are computed using the min cut upper bound. If there are no replicated events in the minimal cut sets, then the min cut upper bound is exact. If basic events are replicated in the minimal cut sets, then based on experience the min cut upper bound is accurate if the probability of the top event is less than 0.1. Simpson's rule is used in computing the time-integrated measures of importance. Newton's method for approximating the roots of an equation is employed in the options where the importance measures are computed as a function of the probability of the top event, and a shell sort puts the output in descending order of importance

Reliability analysis for new technology-based transmitters

Energy Technology Data Exchange (ETDEWEB)

Brissaud, Florent, E-mail: florent.brissaud.2007@utt.f [Institut National de l' Environnement Industriel et des Risques (INERIS), Parc Technologique Alata, BP 2, 60550 Verneuil-en-Halatte (France); Universite de Technologie de Troyes (UTT), Institut Charles Delaunay (ICD) and STMR UMR CNRS 6279, 12 rue Marie Curie, BP 2060, 10010 Troyes cedex (France); Barros, Anne; Berenguer, Christophe [Universite de Technologie de Troyes (UTT), Institut Charles Delaunay (ICD) and STMR UMR CNRS 6279, 12 rue Marie Curie, BP 2060, 10010 Troyes cedex (France); Charpentier, Dominique [Institut National de l' Environnement Industriel et des Risques (INERIS), Parc Technologique Alata, BP 2, 60550 Verneuil-en-Halatte (France)

2011-02-15

The reliability analysis of new technology-based transmitters has to deal with specific issues: various interactions between both material elements and functions, undefined behaviours under faulty conditions, several transmitted data, and little reliability feedback. To handle these particularities, a '3-step' model is proposed, based on goal tree-success tree (GTST) approaches to represent both the functional and material aspects, and includes the faults and failures as a third part for supporting reliability analyses. The behavioural aspects are provided by relationship matrices, also denoted master logic diagrams (MLD), with stochastic values which represent direct relationships between system elements. Relationship analyses are then proposed to assess the effect of any fault or failure on any material element or function. Taking these relationships into account, the probabilities of malfunction and failure modes are evaluated according to time. Furthermore, uncertainty analyses tend to show that even if the input data and system behaviour are not well known, these previous results can be obtained in a relatively precise way. An illustration is provided by a case study on an infrared gas transmitter. These properties make the proposed model and corresponding reliability analyses especially suitable for intelligent transmitters (or 'smart sensors').

Fault tree analysis of Project S-4404, Upgrade Canyon Exhaust System

International Nuclear Information System (INIS)

Browne, E.V.; Low, J.M.; Lux, C.R.

1992-01-01

Project S-4404, Upgrade Canyon Exhaust Systems, is a $177 million project with the purpose of upgrading the Exhaust Systems for both F and H Canyon Facilities. This upgrade will replace major portions of the F and H-Canyon exhaust systems, downstream of their respective sand filters with higher capacity and more reliable systems. Because of the high cost, DOE requested Program Control ampersand Integration (PC ampersand I) to examine specific deletions to the project. PC ampersand I requested Nuclear Processes Safety Research (NPSR) to perform an analysis to compare failure rates for the existing F ampersand H Canyon exhaust systems with the proposed exhaust system and specific proposed exhaust system alternatives. The objective of this work was to perform an analysis and compare failure rates for the existing F ampersand H Canyon exhaust systems with the proposed project exhaust system and proposed project alternatives. Based on fault tree analysis, two conclusions are made. First, D ampersand D activities can be eliminated from the project with no significant decrease to exhaust system safety. Deletion of D ampersand D activities would result in a cost savings of $29 million. Second, deletion of DOE Order 6430.1A requirements regarding DBAs would decrease exhaust system safety by a factor of 12

Reliability evaluation of nuclear power plants

International Nuclear Information System (INIS)

Rondiris, I.L.

1978-10-01

The research described in this thesis is concerned with the reliability/safety analysis of complex systems, such as nuclear power stations, basically using the event tree methodology. The thesis introduces and assesses a computational technique which applies the methodology to complex systems by simulating their topology and operational logic. The technique develops the system event tree and relates each branch of this tree to its qualitative and quantitative impact on specified system outcomes following an abnormal operating condition. Then, the thesis aims at deducing the critical failure modes of complex systems. This is achieved by a new technique for deducing the minimal cut or tie sets of various system outcomes. The technique is, furthermore, expanded to identify potential common mode failures and cut or tie sets containing dependent failures of some components. After dealing with the qualitative part of a reliability study, the thesis introduces two methods for calculating the probability of a component being either in the failure or in the partial failure state. The first method deals with revealed faults and makes use of the concept of Markov processes. The second one deals with unrevealed faults and can be used to calculate the relevant probability of component taking into account its inspection and replacement process. (author)

SALP-PC, a computer program for fault tree analysis on personal computers

International Nuclear Information System (INIS)

Contini, S.; Poucet, A.

1987-01-01

The paper presents the main characteristics of the SALP-PC computer code for fault tree analysis. The program has been developed in Fortran 77 on an Olivetti M24 personal computer (IBM compatible) in order to reach a high degree of portability. It is composed of six processors implementing the different phases of the analysis procedure. This particular structure presents some advantages like, for instance, the restart facility and the possibility to develop an event tree analysis code. The set of allowed logical operators, i.e. AND, OR, NOT, K/N, XOR, INH, together with the possibility to define boundary conditions, make the SALP-PC code a powerful tool for risk assessment. (orig.)

The completeness of fault tree analysis in the presence of dependencies

International Nuclear Information System (INIS)

Hughes, R.P.

1989-02-01

Existing standard fault tree assessments of systems do not include an assessment of the effects of dependencies in an integrated fashion, but simply add on a ''common cause cut-off''. To support the values used for this cut-off, cut-sets involving certain groups of components susceptible to dependent failure can be assessed using the Distributed Failure Probability method. These rank one contributions do not cover all the possibilities, however, so there is an outstanding need for an integrated procedure for dependent failure assessment of systems which allows for all ranks of cut-set. The purpose of this note is to provide such a procedure which builds upon the standard approach to fault tree analysis. In this standard approach, only a limited number of cut-sets is found, and they are evaluated assuming independence of their components. So, some cut-sets are neglected which could be important contributors to the system failure probability if their components are not independent of each other. The procedure developed therefore deals with this truncation problem and with dependency together. The result is a practical and efficient method for bounding system failure probabilities. The method is a progressive one, whereby this bound is reduced as necessary by a more refined analysis. A simple example is used to illustrate the procedure. (author)

A systematic fault tree analysis based on multi-level flow modeling

International Nuclear Information System (INIS)

Gofuku, Akio; Ohara, Ai

2010-01-01

The fault tree analysis (FTA) is widely applied for the safety evaluation of a large-scale and mission-critical system. Because the potential of the FTA, however, strongly depends on human skill of analyzers, problems are pointed out in (1) education and training, (2) unreliable quality, (3) necessity of expertise knowledge, and (4) update of FTA results after the reconstruction of a target system. To get rid of these problems, many techniques to systematize FTA activities by applying computer technologies have been proposed. However, these techniques only use structural information of a target system and do not use functional information that is one of important properties of an artifact. The principle of FTA is to trace comprehensively cause-effect relations from a top undesirable effect to anomaly causes. The tracing is similar to the causality estimation technique that the authors proposed to find plausible counter actions to prevent or to mitigate the undesirable behavior of plants based on the model by a functional modeling technique, Multilevel Flow Modeling (MFM). The authors have extended this systematic technique to construct a fault tree (FT). This paper presents an algorithm of systematic construction of FT based on MFM models and demonstrates the applicability of the extended technique by the FT construction result of a cooling plant of nitric acid. (author)

A Bypass-Ring Scheme for a Fault Tolerant Multicast

Directory of Open Access Journals (Sweden)

V. Dynda

2003-01-01

Full Text Available We present a fault tolerant scheme for recovery from single or multiple node failures in multi-directional multicast trees. The scheme is based on cyclic structures providing alternative paths to eliminate faulty nodes and reroute the traffic. Our scheme is independent of message source and direction in the tree, provides a basis for on-the-fly repair and can be used as a platform for various strategies for reconnecting tree partitions. It only requires an underlying infrastructure to provide a reliable routing service. Although it is described in the context of a message multicast, the scheme can be used universally in all systems using tree-based overlay networks for communication among components.

Reliability Evaluation of Service-Oriented Architecture Systems Considering Fault-Tolerance Designs

Directory of Open Access Journals (Sweden)

Kuan-Li Peng

2014-01-01

strategies. Sensitivity analysis of SOA at both coarse and fine grain levels is also studied, which can be used to efficiently identify the critical parts within the system. Two SOA system scenarios based on real industrial practices are studied. Experimental results show that the proposed SOA model can be used to accurately depict the behavior of SOA systems. Additionally, a sensitivity analysis that quantizes the effects of system structure as well as fault tolerance on the overall reliability is also studied. On the whole, the proposed reliability modeling and analysis framework may help the SOA system service provider to evaluate the overall system reliability effectively and also make smarter improvement plans by focusing resources on enhancing reliability-sensitive parts within the system.

Reliability evaluation of nuclear power plants by fault tree analysis

International Nuclear Information System (INIS)

Iwao, H.; Otsuka, T.; Fujita, I.

1993-01-01

As a work sponsored by the Ministry of International Trade and Industry, the Safety Information Research Center of NUPEC, using reliability data based on the operational experience of the domestic LWR Plants, has implemented FTA for the standard PWRs and BWRs in Japan with reactor scram due to system failures being at the top event. Up to this point, we have obtained the FT chart and minimal cut set for each type of system failure for qualitative evaluation, and we have estimated system unavailability, Fussell-Vesely importance and risk worth for components for quantitative evaluation. As the second stage of a series in our reliability evaluation work, another program was started to establish a support system. The aim of this system is to assist foreign and domestic plants in creating countermeasures when incidents occur, by providing them with the necessary information using the above analytical method and its results. (author)

Reliability Assessment of Offshore Wind Turbines Considering Faults of Electrical / Mechanical Components

DEFF Research Database (Denmark)

Kostandyan, Erik; Sørensen, John Dalsgaard

2013-01-01

For offshore wind turbines, the cost contribution to Cost of Energy from inspections and Operation & Maintenance can be substantial, and can be expected to increase when wind farms are placed at deeper water depths, further from the coast and in more harsh environments. Estimates of the reliability...... is considered and related to reliability estimation by taking into account faults e.g. due to failure of an electrical component or loss of grid....

Reliability analysis of the reactor protection system with fault diagnosis

International Nuclear Information System (INIS)

Lee, D.Y.; Han, J.B.; Lyou, J.

2004-01-01

The main function of a reactor protection system (RPS) is to maintain the reactor core integrity and reactor coolant system pressure boundary. The RPS consists of the 2-out-of-m redundant architecture to assure a reliable operation. The system reliability of the RPS is a very important factor for the probability safety assessment (PSA) evaluation in the nuclear field. To evaluate the system failure rate of the k-out-of-m redundant system is not so easy with the deterministic method. In this paper, the reliability analysis method using the binomial process is suggested to calculate the failure rate of the RPS system with a fault diagnosis function. The suggested method is compared with the result of the Markov process to verify the validation of the suggested method, and applied to the several kinds of RPS architectures for a comparative evaluation of the reliability. (orig.)

Fault Tree Analysis for Safety/Security Verification in Aviation Software

Directory of Open Access Journals (Sweden)

Andrew J. Kornecki

2013-01-01

Full Text Available The Next Generation Air Traffic Management system (NextGen is a blueprint of the future National Airspace System. Supporting NextGen is a nation-wide Aviation Simulation Network (ASN, which allows integration of a variety of real-time simulations to facilitate development and validation of the NextGen software by simulating a wide range of operational scenarios. The ASN system is an environment, including both simulated and human-in-the-loop real-life components (pilots and air traffic controllers. Real Time Distributed Simulation (RTDS developed at Embry Riddle Aeronautical University, a suite of applications providing low and medium fidelity en-route simulation capabilities, is one of the simulations contributing to the ASN. To support the interconnectivity with the ASN, we designed and implemented a dedicated gateway acting as an intermediary, providing logic for two-way communication and transfer messages between RTDS and ASN and storage for the exchanged data. It has been necessary to develop and analyze safety/security requirements for the gateway software based on analysis of system assets, hazards, threats and attacks related to ultimate real-life future implementation. Due to the nature of the system, the focus was placed on communication security and the related safety of the impacted aircraft in the simulation scenario. To support development of safety/security requirements, a well-established fault tree analysis technique was used. This fault tree model-based analysis, supported by a commercial tool, was a foundation to propose mitigations assuring the gateway system safety and security. 

Waste Management Fault Tree Data Bank (WM): 1992 status report

International Nuclear Information System (INIS)

Baughman, D.F.; Hang, P.; Townsend, C.S.

1993-01-01

The Risk Assessment Methodology Group (RAM) of the Nuclear Process Safety Research Section (NPSR) maintains a compilation of incidents that have occurred in the Waste Management facilities. The Waste Management Fault Tree Data Bank (WM) contains more than 35,000 entries ranging from minor equipment malfunctions to incidents with significant potential for injury or contamination of personnel. This report documents the status of the WM data bank including: availability, training, source of data, search options, and usage, to which these data have been applied. Periodic updates to this memorandum are planned as additional data or applications are acquired

Algorithm for finding minimal cut sets in a fault tree

International Nuclear Information System (INIS)

Rosenberg, Ladislav

1996-01-01

This paper presents several algorithms that have been used in a computer code for fault-tree analysing by the minimal cut sets method. The main algorithm is the more efficient version of the new CARA algorithm, which finds minimal cut sets with an auxiliary dynamical structure. The presented algorithm for finding the minimal cut sets enables one to do so by defined requirements - according to the order of minimal cut sets, or to the number of minimal cut sets, or both. This algorithm is from three to six times faster when compared with the primary version of the CARA algorithm

Safety analyses of potential exposure in medical irradiation plants by Fuzzy Fault Tree

International Nuclear Information System (INIS)

Casamirra, Maddalena; Castiglia, Francesco; Giardina, Mariarosa; Tomarchio, Elio

2008-01-01

The results of Fuzzy Fault Tree (FFT) analyses of various accidental scenarios, which involve the operators in potential exposures inside an High Dose Rate (HDR) remote after-loading systems for use in brachytherapy, are reported. To carry out fault tree analyses by means of fuzzy probabilities, the TREEZZY2 computer code is used. Moreover, the HEART (Human Error Assessment and Reduction Technique) model, properly modified on the basis of the fuzzy approach, has been employed to assess the impact of performances haping and error-promoting factors in the context of the accidental events. The assessment of potential dose values for some identified accidental scenarios allows to consider, for a particular event, a fuzzy uncertainty range in potential dose estimate. The availability of lower and upper limits allows evaluating the possibility of optimization of the installation from the point of view of radiation protection. The adequacy of the training and information program for staff and patients (and their family members) and the effectiveness of behavioural rules and safety procedures were tested. Some recommendations on procedures and equipment to reduce the risk of radiological exposure are also provided. (author)

Comparison of methods for uncertainty analysis of nuclear-power-plant safety-system fault-tree models

International Nuclear Information System (INIS)

Martz, H.F.; Beckman, R.J.; Campbell, K.; Whiteman, D.E.; Booker, J.M.

1983-04-01

A comparative evaluation is made of several methods for propagating uncertainties in actual coupled nuclear power plant safety system faults tree models. The methods considered are Monte Carlo simulation, the method of moments, a discrete distribution method, and a bootstrap method. The Monte Carlo method is found to be superior. The sensitivity of the system unavailability distribution to the choice of basic event unavailability distribution is also investigated. The system distribution is also investigated. The system distribution is especially sensitive to the choice of symmetric versus asymmetric basic event distributions. A quick-and dirty method for estimating percentiles of the system unavailability distribution is developed. The method identifies the appropriate basic event distribution percentiles that should be used in evaluating the Boolean system equivalent expression for a given fault tree model to arrive directly at the 5th, 10th, 50th, 90th, and 95th percentiles of the system unavailability distribution

Fuzzy fault tree assessment based on improved AHP for fire and explosion accidents for steel oil storage tanks.

Science.gov (United States)

Shi, Lei; Shuai, Jian; Xu, Kui

2014-08-15

Fire and explosion accidents of steel oil storage tanks (FEASOST) occur occasionally during the petroleum and chemical industry production and storage processes and often have devastating impact on lives, the environment and property. To contribute towards the development of a quantitative approach for assessing the occurrence probability of FEASOST, a fault tree of FEASOST is constructed that identifies various potential causes. Traditional fault tree analysis (FTA) can achieve quantitative evaluation if the failure data of all of the basic events (BEs) are available, which is almost impossible due to the lack of detailed data, as well as other uncertainties. This paper makes an attempt to perform FTA of FEASOST by a hybrid application between an expert elicitation based improved analysis hierarchy process (AHP) and fuzzy set theory, and the occurrence possibility of FEASOST is estimated for an oil depot in China. A comparison between statistical data and calculated data using fuzzy fault tree analysis (FFTA) based on traditional and improved AHP is also made. Sensitivity and importance analysis has been performed to identify the most crucial BEs leading to FEASOST that will provide insights into how managers should focus effective mitigation. Copyright © 2014 Elsevier B.V. All rights reserved.

Integrating reliability analysis and design

International Nuclear Information System (INIS)

Rasmuson, D.M.

1980-10-01

This report describes the Interactive Reliability Analysis Project and demonstrates the advantages of using computer-aided design systems (CADS) in reliability analysis. Common cause failure problems require presentations of systems, analysis of fault trees, and evaluation of solutions to these. Results have to be communicated between the reliability analyst and the system designer. Using a computer-aided design system saves time and money in the analysis of design. Computer-aided design systems lend themselves to cable routing, valve and switch lists, pipe routing, and other component studies. At EG and G Idaho, Inc., the Applicon CADS is being applied to the study of water reactor safety systems

Power electronics reliability analysis.

Energy Technology Data Exchange (ETDEWEB)

Smith, Mark A.; Atcitty, Stanley

2009-12-01

This report provides the DOE and industry with a general process for analyzing power electronics reliability. The analysis can help with understanding the main causes of failures, downtime, and cost and how to reduce them. One approach is to collect field maintenance data and use it directly to calculate reliability metrics related to each cause. Another approach is to model the functional structure of the equipment using a fault tree to derive system reliability from component reliability. Analysis of a fictitious device demonstrates the latter process. Optimization can use the resulting baseline model to decide how to improve reliability and/or lower costs. It is recommended that both electric utilities and equipment manufacturers make provisions to collect and share data in order to lay the groundwork for improving reliability into the future. Reliability analysis helps guide reliability improvements in hardware and software technology including condition monitoring and prognostics and health management.

FAULT TREE ANALYSIS FOR EXPOSURE TO REFRIGERANTS USED FOR AUTOMOTIVE AIR CONDITIONING IN THE U.S.

Science.gov (United States)

A fault tree analysis was used to estimate the number of refrigerant exposures of automotive service technicians and vehicle occupants in the United States. Exposures of service technicians can occur when service equipment or automotive air-conditioning systems leak during servic...

Living PRAs [probabilistic risk analysis] made easier with IRRAS [Integrated Reliability and Risk Analysis System

International Nuclear Information System (INIS)

Russell, K.D.; Sattison, M.B.; Rasmuson, D.M.

1989-01-01

The Integrated Reliability and Risk Analysis System (IRRAS) is an integrated PRA software tool that gives the user the ability to create and analyze fault trees and accident sequences using an IBM-compatible microcomputer. This program provides functions that range from graphical fault tree and event tree construction to cut set generation and quantification. IRRAS contains all the capabilities and functions required to create, modify, reduce, and analyze event tree and fault tree models used in the analysis of complex systems and processes. IRRAS uses advanced graphic and analytical techniques to achieve the greatest possible realization of the potential of the microcomputer. When the needs of the user exceed this potential, IRRAS can call upon the power of the mainframe computer. The role of the Idaho National Engineering Laboratory if the IRRAS program is that of software developer and interface to the user community. Version 1.0 of the IRRAS program was released in February 1987 to prove the concept of performing this kind of analysis on microcomputers. This version contained many of the basic features needed for fault tree analysis and was received very well by the PRA community. Since the release of Version 1.0, many user comments and enhancements have been incorporated into the program providing a much more powerful and user-friendly system. This version is designated ''IRRAS 2.0''. Version 3.0 will contain all of the features required for efficient event tree and fault tree construction and analysis. 5 refs., 26 figs

Improved FTA methodology and application to subsea pipeline reliability design.

Science.gov (United States)

Lin, Jing; Yuan, Yongbo; Zhang, Mingyuan

2014-01-01

An innovative logic tree, Failure Expansion Tree (FET), is proposed in this paper, which improves on traditional Fault Tree Analysis (FTA). It describes a different thinking approach for risk factor identification and reliability risk assessment. By providing a more comprehensive and objective methodology, the rather subjective nature of FTA node discovery is significantly reduced and the resulting mathematical calculations for quantitative analysis are greatly simplified. Applied to the Useful Life phase of a subsea pipeline engineering project, the approach provides a more structured analysis by constructing a tree following the laws of physics and geometry. Resulting improvements are summarized in comparison table form.

Analytical solutions of linked fault tree probabilistic risk assessments using binary decision diagrams with emphasis on nuclear safety applications

International Nuclear Information System (INIS)

Nusbaumer, O. P. M.

2007-01-01

This study is concerned with the quantification of Probabilistic Risk Assessment (PRA) using linked Fault Tree (FT) models. Probabilistic Risk assessment (PRA) of Nuclear Power Plants (NPPs) complements traditional deterministic analysis; it is widely recognized as a comprehensive and structured approach to identify accident scenarios and to derive numerical estimates of the associated risk levels. PRA models as found in the nuclear industry have evolved rapidly. Increasingly, they have been broadly applied to support numerous applications on various operational and regulatory matters. Regulatory bodies in many countries require that a PRA be performed for licensing purposes. PRA has reached the point where it can considerably influence the design and operation of nuclear power plants. However, most of the tools available for quantifying large PRA models are unable to produce analytically correct results. The algorithms of such quantifiers are designed to neglect sequences when their likelihood decreases below a predefined cutoff limit. In addition, the rare event approximation (e.g. Moivre's equation) is typically implemented for the first order, ignoring the success paths and the possibility that two or more events can occur simultaneously. This is only justified in assessments where the probabilities of the basic events are low. When the events in question are failures, the first order rare event approximation is always conservative, resulting in wrong interpretation of risk importance measures. Advanced NPP PRA models typically include human errors, common cause failure groups, seismic and phenomenological basic events, where the failure probabilities may approach unity, leading to questionable results. It is accepted that current quantification tools have reached their limits, and that new quantification techniques should be investigated. A novel approach using the mathematical concept of Binary Decision Diagram (BDD) is proposed to overcome these deficiencies

Digraph-fault tree methodology for the assessment of material control systems

International Nuclear Information System (INIS)

Lambert, H.E.; Lim, J.J.; Gilman, F.M.

1979-01-01

The Lawrence Livermore Laboratory, under contract to the United States Nuclear Regulatory Commission, is developing a procedure to assess the effectiveness of material control and accounting systems at nuclear fuel cycle facilities. The purpose of a material control and accounting system is to prevent the theft of special nuclear material such as plutonium or highly enriched uranium. This report presents the use of a directed graph and fault tree analysis methodology in the assessment procedure. This methodology is demonstrated by assessing a simulated material control system design, the Test Bed

Reliability study of the Controls Interlocks Beam Dumping System CIBDS V5

CERN Document Server

Blumenschein, Miriam Ruth

2017-01-01

The CIBDS V5 reliability study includes a failure mode and effect analysis, a failure rate prediction and a fault tree analysis. The different steps of these analyses, the assumptions as well as the results are summarised in this note.

How to avoid the generation of logic loops in the construction of fault trees

International Nuclear Information System (INIS)

Demichela, M.; Piccinini, N.; Ciarambino, I.; Contini, S.

2004-01-01

Generation of an infinite series of identical sub-trees may occur during the construction of a Fault Tree (FT) when one item of equipment in a plant is considered several times in the same sub-tree in the course of the tree extraction from a HazOp (Hazard Operability analysis) analysis. Generation of loops in the construction of an FT can be avoided by means of an ad hoc logical analysis in which certain simple rules of syntax are taken into account. A radical solution, however, can be obtained if identification of unwanted events in a process plant is not undertaken with conventional procedures, such as HazOp (Operability Analysis with guide words, failure mode and effect analysis (FMEA) etc.), but with a more modern and structured version, such as Recursive Operability Analysis (ROA), which is both systematic and complete, and allows direct extraction of logic trees, (FT, event trees, etc.) for subsequent quantification. This feature means that, by contrast with conventional operability analysis, the congruence of the ROA itself can be checked. The ROA method is illustrated in this paper with the aid of some simple examples

Study of the Atucha I nuclear power plant's residual heat removal system unavailability through the fault tree analysis and common cause failures

International Nuclear Information System (INIS)

Terrado, C.A.

1991-06-01

The present essay offers a comprehensive research of the Atucha I nuclear power plant's residual heat removal system unavailability, including Fault Tree Analysis and Common Cause Failures (CCF) treatment. The study is developed within the Event Tree perspective that considers the loss of external electrical power of the initiating event. The event was constructed by the Safety Evaluations Division of the Ezeiza Atomic Center in Argentina. According to the Event Tree, the research includes system demand during plant operation with 132 KV and emergency generation (Diesel motor generators). The system unavailability assessment is approached in two different ways: a) Considering independent failures only. b) Taking into account the existence of Common Cause Events, and modeling dependent failures. The Fault Tree quantification is played using the AIEA PSAPACK Code. The assessment data base is compiled from plant specific records and generic data bases like TECDOC 478. After Fault Tree model logic development, some general procedures used in common cause failures treating are applied to pick up another set of solutions. The results of the study are: a) Four Fault Trees have been developed to model the abovementioned system: 132 KV and emergency generation, both including and excluding CCF. b) The following unavailability values were obtained: 132 KV independent failures only: 7 10 -4 . Emergency generation independent failures only: 1.53 10 -2 . 132 KV dependent and independent failures: 3.6 10 -3 . Emergency generation dependent and independent failures: 1.74 10 -2 . The major conclusions obtained from the precedent results are: a) When using 132 KV system configuration, minimal cut sets involving common cause failures represents 81%from total system unavailability. b) The dependent failures treatment is an important task to be considered in safety assessments in order to reach more realistic values. (Author) [es

Computer scientist looks at reliability computations

International Nuclear Information System (INIS)

Rosenthal, A.

1975-01-01

Results from the theory of computational complexity are applied to reliability computations on fault trees and networks. A well known class of problems which almost certainly have no fast solution algorithms is presented. It is shown that even approximately computing the reliability of many systems is difficult enough to be in this class. In the face of this result, which indicates that for general systems the computation time will be exponential in the size of the system, decomposition techniques which can greatly reduce the effective size of a wide variety of realistic systems are explored

Main-coolant-pump shaft-seal reliability investigation. Interim report

International Nuclear Information System (INIS)

Fair, C.E.; Marsi, J.A.; Greer, A.O.

1982-09-01

This report contains the results of a survey of reactor coolant pump shaft seal reliability. The survey sample is representatively large (approx. = 27% of total US commercial plant population) and includes the three industry seal suppliers (Bingham-Williamette, Byron Jackson, and Westinghouse). Operationally incurred/induced problems and seal redesign parameters are identified. Failure hypotheses in the form of fault trees have been developed to describe the failure mechanisms. Recommendations are made for seal reliability improvement

Reliability and Availability Evaluation of Wireless Sensor Networks for Industrial Applications

Science.gov (United States)

Silva, Ivanovitch; Guedes, Luiz Affonso; Portugal, Paulo; Vasques, Francisco

2012-01-01

Wireless Sensor Networks (WSN) currently represent the best candidate to be adopted as the communication solution for the last mile connection in process control and monitoring applications in industrial environments. Most of these applications have stringent dependability (reliability and availability) requirements, as a system failure may result in economic losses, put people in danger or lead to environmental damages. Among the different type of faults that can lead to a system failure, permanent faults on network devices have a major impact. They can hamper communications over long periods of time and consequently disturb, or even disable, control algorithms. The lack of a structured approach enabling the evaluation of permanent faults, prevents system designers to optimize decisions that minimize these occurrences. In this work we propose a methodology based on an automatic generation of a fault tree to evaluate the reliability and availability of Wireless Sensor Networks, when permanent faults occur on network devices. The proposal supports any topology, different levels of redundancy, network reconfigurations, criticality of devices and arbitrary failure conditions. The proposed methodology is particularly suitable for the design and validation of Wireless Sensor Networks when trying to optimize its reliability and availability requirements. PMID:22368497

Use of COMCAN III in system design and reliability analysis

International Nuclear Information System (INIS)

Rasmuson, D.M.; Shepherd, J.C.; Marshall, N.H.; Fitch, L.R.

1982-03-01

This manual describes the COMCAN III computer program and its use. COMCAN III is a tool that can be used by the reliability analyst performing a probabilistic risk assessment or by the designer of a system desiring improved performance and efficiency. COMCAN III can be used to determine minimal cut sets of a fault tree, to calculate system reliability characteristics, and to perform qualitative common cause failure analysis

PC-based support programs coupled with the sets code for large fault tree analysis

International Nuclear Information System (INIS)

Hioki, K.; Nakai, R.

1989-01-01

Power Reactor and Nuclear Fuel Development Corporation (PNC) has developed four PC programs: IEIQ (Initiating Event Identification and Quantification), MODESTY (Modular Even Description for a Variety of Systems), FAUST (Fault Summary Tables Generation Program) and ETAAS (Event Tree Analysis Assistant System). These programs prepare the input data for the SETS (Set Equation Transformation System) code and construct and quantify event trees (E/Ts) using the output of the SETS code. The capability of these programs is described and some examples of the results are presented in this paper. With these PC programs and the SETS code, PSA can now be performed with more consistency and less manpower

Swimming pool reactor reliability and safety analysis

International Nuclear Information System (INIS)

Li Zhaohuan

1997-01-01

A reliability and safety analysis of Swimming Pool Reactor in China Institute of Atomic Energy is done by use of event/fault tree technique. The paper briefly describes the analysis model, analysis code and main results. Meanwhile it also describes the impact of unassigned operation status on safety, the estimation of effectiveness of defense tactics in maintenance against common cause failure, the effectiveness of recovering actions on the system reliability, the comparison of occurrence frequencies of the core damage by use of generic and specific data

HiRel: Hybrid Automated Reliability Predictor (HARP) integrated reliability tool system, (version 7.0). Volume 3: HARP Graphics Oriented (GO) input user's guide

Science.gov (United States)

Bavuso, Salvatore J.; Rothmann, Elizabeth; Mittal, Nitin; Koppen, Sandra Howell

1994-01-01

The Hybrid Automated Reliability Predictor (HARP) integrated Reliability (HiRel) tool system for reliability/availability prediction offers a toolbox of integrated reliability/availability programs that can be used to customize the user's application in a workstation or nonworkstation environment. HiRel consists of interactive graphical input/output programs and four reliability/availability modeling engines that provide analytical and simulative solutions to a wide host of highly reliable fault-tolerant system architectures and is also applicable to electronic systems in general. The tool system was designed at the outset to be compatible with most computing platforms and operating systems, and some programs have been beta tested within the aerospace community for over 8 years. This document is a user's guide for the HiRel graphical preprocessor Graphics Oriented (GO) program. GO is a graphical user interface for the HARP engine that enables the drawing of reliability/availability models on a monitor. A mouse is used to select fault tree gates or Markov graphical symbols from a menu for drawing.

Reliability analysis of the auxiliary feedwater system; Analiza zanesljivosti sistema pomozne napajalne vode

Energy Technology Data Exchange (ETDEWEB)

Susnik, J; Dusic, M [Institut Jozef Stefan, Ljubljana (Yugoslavia)

1984-07-01

The reliability of a NPP auxiliary feedwater system is evaluated using the fault tree analysis. The system is analyzed during the time interval 0 to 6 hours with the computer package program PREP/KITT which is described in more detail. (author)

Application of fault tree methodology to modeling of the AP1000 plant digital reactor protection system

International Nuclear Information System (INIS)

Teolis, D.S.; Zarewczynski, S.A.; Detar, H.L.

2012-01-01

The reactor trip system (RTS) and engineered safety features actuation system (ESFAS) in nuclear power plants utilizes instrumentation and control (IC) to provide automatic protection against unsafe and improper reactor operation during steady-state and transient power operations. During normal operating conditions, various plant parameters are continuously monitored to assure that the plant is operating in a safe state. In response to deviations of these parameters from pre-determined set points, the protection system will initiate actions required to maintain the reactor in a safe state. These actions may include shutting down the reactor by opening the reactor trip breakers and actuation of safety equipment based on the situation. The RTS and ESFAS are represented in probabilistic risk assessments (PRAs) to reflect the impact of their contribution to core damage frequency (CDF). The reactor protection systems (RPS) in existing nuclear power plants are generally analog based and there is general consensus within the PRA community on fault tree modeling of these systems. In new plants, such as AP1000 plant, the RPS is based on digital technology. Digital systems are more complex combinations of hardware components and software. This combination of complex hardware and software can result in the presence of faults and failure modes unique to a digital RPS. The United States Nuclear Regulatory Commission (NRC) is currently performing research on the development of probabilistic models for digital systems for inclusion in PRAs; however, no consensus methodology exists at this time. Westinghouse is currently updating the AP1000 plant PRA to support initial operation of plants currently under construction in the United States. The digital RPS is modeled using fault tree methodology similar to that used for analog based systems. This paper presents high level descriptions of a typical analog based RPS and of the AP1000 plant digital RPS. Application of current fault

Fault tree analysis: A survey of the state-of-the-art in modeling, analysis and tools

NARCIS (Netherlands)

Ruijters, Enno Jozef Johannes; Stoelinga, Mariëlle Ida Antoinette

2015-01-01

Fault tree analysis (FTA) is a very prominent method to analyze the risks related to safety and economically critical assets, like power plants, airplanes, data centers and web shops. FTA methods comprise of a wide variety of modelling and analysis techniques, supported by a wide range of software

Fault Tree Analysis: A survey of the state-of-the-art in modeling, analysis and tools

NARCIS (Netherlands)

Ruijters, Enno Jozef Johannes; Stoelinga, Mariëlle Ida Antoinette

2014-01-01

Fault tree analysis (FTA) is a very prominent method to analyze the risks related to safety and economically critical assets, like power plants, airplanes, data centers and web shops. FTA methods comprise of a wide variety of modelling and analysis techniques, supported by a wide range of software

BACFIRE, Minimal Cut Sets Common Cause Failure Fault Tree Analysis

International Nuclear Information System (INIS)

Fussell, J.B.

1983-01-01

1 - Description of problem or function: BACFIRE, designed to aid in common cause failure analysis, searches among the basic events of a minimal cut set of the system logic model for common potential causes of failure. The potential cause of failure is called a qualitative failure characteristics. The algorithm searches qualitative failure characteristics (that are part of the program input) of the basic events contained in a set to find those characteristics common to all basic events. This search is repeated for all cut sets input to the program. Common cause failure analysis is thereby performed without inclusion of secondary failure in the system logic model. By using BACFIRE, a common cause failure analysis can be added to an existing system safety and reliability analysis. 2 - Method of solution: BACFIRE searches the qualitative failure characteristics of the basic events contained in the fault tree minimal cut set to find those characteristics common to all basic events by either of two criteria. The first criterion can be met if all the basic events in a minimal cut set are associated by a condition which alone may increase the probability of multiple component malfunction. The second criterion is met if all the basic events in a minimal cut set are susceptible to the same secondary failure cause and are located in the same domain for that cause of secondary failure. 3 - Restrictions on the complexity of the problem - Maxima of: 1001 secondary failure maps, 101 basic events, 10 cut sets

Integrated Reliability Estimation of a Nuclear Maintenance Robot including a Software

Energy Technology Data Exchange (ETDEWEB)

Eom, Heung Seop; Kim, Jae Hee; Jeong, Kyung Min [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2011-10-15

Conventional reliability estimation techniques such as Fault Tree Analysis (FTA), Reliability Block Diagram (RBD), Markov Model, and Event Tree Analysis (ETA) have been used widely and approved in some industries. Then there are some limitations when we use them for a complicate robot systems including software such as intelligent reactor inspection robots. Therefore an expert's judgment plays an important role in estimating the reliability of a complicate system in practice, because experts can deal with diverse evidence related to the reliability and then perform an inference based on them. The proposed method in this paper combines qualitative and quantitative evidences and performs an inference like experts. Furthermore, it does the work in a formal and in a quantitative way unlike human experts, by the benefits of Bayesian Nets (BNs)

Reliability of Measured Data for pH Sensor Arrays with Fault Diagnosis and Data Fusion Based on LabVIEW

OpenAIRE

Liao, Yi-Hung; Chou, Jung-Chuan; Lin, Chin-Yi

2013-01-01

Fault diagnosis (FD) and data fusion (DF) technologies implemented in the LabVIEW program were used for a ruthenium dioxide pH sensor array. The purpose of the fault diagnosis and data fusion technologies is to increase the reliability of measured data. Data fusion is a very useful statistical method used for sensor arrays in many fields. Fault diagnosis is used to avoid sensor faults and to measure errors in the electrochemical measurement system, therefore, in this study, we use fault diagn...

A Primer for DoD Reliability, Maintainability, Safety, and Logistics Standards, 1992

Science.gov (United States)

1991-10-01

Application of Reliability-Centered Maintenance to Naval Aircraft Weapon Systems and Support Equipment "* FMD -91 Failure Mode/Mechanism...Distributions ( FMD -91) available from the Reliability Analysis Center, HIT Research Institute, 201 Mill St., Rome, NY 13440-8200. 14.4 PHYSICAL...Fault Tree Analysis ( FTA ) (9) Sneak Circuit Analysis (10) Design Reviews Items (1) and (2) are addressed in Section 7 largely by reference to MIL

Large-coil-test-facility fault-tree analysis

International Nuclear Information System (INIS)

1982-01-01

An operating-safety study is being conducted for the Large Coil Test Facility (LCTF). The purpose of this study is to provide the facility operators and users with added insight into potential problem areas that could affect the safety of personnel or the availability of equipment. This is a preliminary report, on Phase I of that study. A central feature of the study is the incorporation of engineering judgements (by LCTF personnel) into an outside, overall view of the facility. The LCTF was analyzed in terms of 32 subsystems, each of which are subject to failure from any of 15 generic failure initiators. The study identified approximately 40 primary areas of concern which were subjected to a computer analysis as an aid in understanding the complex subsystem interactions that can occur within the facility. The study did not analyze in detail the internal structure of the subsystems at the individual component level. A companion study using traditional fault tree techniques did analyze approximately 20% of the LCTF at the component level. A comparison between these two analysis techniques is included in Section 7

Modelling of nuclear power plant control and instrumentation elements for automatic disturbance and reliability analysis

International Nuclear Information System (INIS)

Hollo, E.

1985-08-01

Present Final Report summarizes results of R/D work done within IAEA-VEIKI (Institute for Electrical Power Research, Budapest, Hungary) Research Contract No. 3210 during 3 years' period of 01.08.1982 - 31.08.1985. Chapter 1 lists main research objectives of the project. Main results obtained are summarized in Chapters 2 and 3. Outcomes from development of failure modelling methodologies and their application for C/I components of WWER-440 units are as follows (Chapter 2): improvement of available ''failure mode and effect analysis'' methods and mini-fault tree structures usable for automatic disturbance (DAS) and reliability (RAS) analysis; general classification and determination of functional failure modes of WWER-440 NPP C/I components; set up of logic models for motor operated control valves and rod control/drive mechanism. Results of development of methods and their application for reliability modelling of NPP components and systems cover (Chapter 3): development of an algorithm (computer code COMPREL) for component-related failure and reliability parameter calculation; reliability analysis of PAKS II NPP diesel system; definition of functional requirements for reliability data bank (RDB) in WWER-440 units. Determination of RDB input/output data structure and data manipulation services. Methods used are a-priori failure mode and effect analysis, combined fault tree/event tree modelling technique, structural computer programming, probability theory application to nuclear field

Probabilistic simulation applications to reliability assessments

International Nuclear Information System (INIS)

Miller, Ian; Nutt, Mark W.; Hill, Ralph S. III

2003-01-01

Probabilistic risk/reliability (PRA) analyses for engineered systems are conventionally based on fault-tree methods. These methods are mature and efficient, and are well suited to systems consisting of interacting components with known, low probabilities of failure. Even complex systems, such as nuclear power plants or aircraft, are modeled by the careful application of these approaches. However, for systems that may evolve in complex and nonlinear ways, and where the performance of components may be a sensitive function of the history of their working environments, fault-tree methods can be very demanding. This paper proposes an alternative method of evaluating such systems, based on probabilistic simulation using intelligent software objects to represent the components of such systems. Using a Monte Carlo approach, simulation models can be constructed from relatively simple interacting objects that capture the essential behavior of the components that they represent. Such models are capable of reflecting the complex behaviors of the systems that they represent in a natural and realistic way. (author)

Reliability analysis of the automatic control and power supply of reactor equipment

International Nuclear Information System (INIS)

Monori, Pal; Nagy, J.A.; Meszaros, Zoltan; Konkoly, Laszlo; Szabo, Antal; Nagy, Laszlo

1988-01-01

Based on reliability analysis the shortcomings of nuclear facilities are discovered. Fault tree types constructed for the technology of automatic control and for power supply serve as input data of the ORCHARD 2 computer code. In order to charaterize the reliability of the system, availability, failure rates and time intervals between failures are calculated. The results of the reliability analysis of the feedwater system of the Paks Nuclear Power Plant showed that the system consisted of elements of similar reliabilities. (V.N.) 8 figs.; 3 tabs

A general method dealing with correlations in uncertainty propagation in fault trees

International Nuclear Information System (INIS)

Qin Zhang

1989-01-01

This paper deals with the correlations among the failure probabilities (frequencies) of not only the identical basic events but also other basic events in a fault tree. It presents a general and simple method to include these correlations in uncertainty propagation. Two examples illustrate this method and show that neglecting these correlations results in large underestimation of the top event failure probability (frequency). One is the failure of the primary pump in a chemical reactor cooling system, the other example is an accident to a road transport truck carrying toxic waste. (author)

An HVAC [heating, ventilation, and air-conditioning] fault-tree analysis for WIPP [Waste Isolation Pilot Plant] integrated risk assessment

International Nuclear Information System (INIS)

Kirby, P.N.; Iacovino, J.M.

1990-01-01

In order to evaluate the public health risk of potential radioactive releases from operation of the Waste Isolation Pilot Plant (WIPP), a probabilistic risk assessment of waste-handling operations was conducted. One major aspect of this risk assessment involved fault-tree analysis of the plant heating, ventilation, and air-conditioning (HVAC) systems, which constitute the final barrier between waste-handling operations and the environment. The WIPP site is designed to receive and store two types of waste: contact-handled transuranic (CH TRU) wastes to be shipped in 208-ell drums and remote-handled (RH) TRU wastes to be shipped in shielded casks. The identification of accident sequences for CH waste operations revealed no identified accidents that could release significant radioactive particulates to the environment without a failure in the HVAC systems. When the HVAC fault-tree results were combined with other critical system fault trees and the analysis of waste-handling accident sequences, the approximation of the overall WIPP plant risk due to airborne releases was determined to be 2.6 x 10 -7 fatalities per year for the population within a 50-mile radius of the WIPP site. This risk was demonstrated to be well below the risk of fatality from other voluntary and involuntary activities for the population within the vicinity of the WIPP

A fuzzy decision tree method for fault classification in the steam generator of a pressurized water reactor

International Nuclear Information System (INIS)

Zio, Enrico; Baraldi, Piero; Popescu, Irina Crenguta

2009-01-01

This paper extends a method previously introduced by the authors for building a transparent fault classification algorithm by combining the fuzzy clustering, fuzzy logic and decision trees techniques. The baseline method transforms an opaque, fuzzy clustering-based classification model into a fuzzy logic inference model based on linguistic rules which can be represented by a decision tree formalism. The classification model thereby obtained is transparent in that it allows direct interpretation and inspection of the model. An extension in the procedure for the development of the fuzzy logic inference model is introduced to allow the treatment of more complicated cases, e.g. splitted and overlapping clusters. The corresponding computational tool developed relies on a number of parameters which can be tuned by the user to optimally compromise the level of transparency of the classification process and its efficiency. A numerical application is presented with regards to the fault classification in the Steam Generator of a Pressurized Water Reactor.

Analytical solutions of linked fault tree probabilistic risk assessments using binary decision diagrams with emphasis on nuclear safety applications[Dissertation 17286

Energy Technology Data Exchange (ETDEWEB)

Nusbaumer, O. P. M

2007-07-01

This study is concerned with the quantification of Probabilistic Risk Assessment (PRA) using linked Fault Tree (FT) models. Probabilistic Risk assessment (PRA) of Nuclear Power Plants (NPPs) complements traditional deterministic analysis; it is widely recognized as a comprehensive and structured approach to identify accident scenarios and to derive numerical estimates of the associated risk levels. PRA models as found in the nuclear industry have evolved rapidly. Increasingly, they have been broadly applied to support numerous applications on various operational and regulatory matters. Regulatory bodies in many countries require that a PRA be performed for licensing purposes. PRA has reached the point where it can considerably influence the design and operation of nuclear power plants. However, most of the tools available for quantifying large PRA models are unable to produce analytically correct results. The algorithms of such quantifiers are designed to neglect sequences when their likelihood decreases below a predefined cutoff limit. In addition, the rare event approximation (e.g. Moivre's equation) is typically implemented for the first order, ignoring the success paths and the possibility that two or more events can occur simultaneously. This is only justified in assessments where the probabilities of the basic events are low. When the events in question are failures, the first order rare event approximation is always conservative, resulting in wrong interpretation of risk importance measures. Advanced NPP PRA models typically include human errors, common cause failure groups, seismic and phenomenological basic events, where the failure probabilities may approach unity, leading to questionable results. It is accepted that current quantification tools have reached their limits, and that new quantification techniques should be investigated. A novel approach using the mathematical concept of Binary Decision Diagram (BDD) is proposed to overcome these

Systems analysis programs for hands-on integrated reliability evaluations (SAPHIRE) version 5.0, technical reference manual

International Nuclear Information System (INIS)

Russell, K.D.; Atwood, C.L.; Galyean, W.J.; Sattison, M.B.; Rasmuson, D.M.

1994-07-01

The Systems Analysis Programs for Hands-on Integrated Reliability Evaluations (SAPHIRE) refers to a set of several microcomputer programs that were developed to create and analyze probabilistic risk assessments (PRAs), primarily for nuclear power plants. This volume provides information on the principles used in the construction and operation of Version 5.0 of the Integrated Reliability and Risk Analysis System (IRRAS) and the System Analysis and Risk Assessment (SARA) system. It summarizes the fundamental mathematical concepts of sets and logic, fault trees, and probability. This volume then describes the algorithms that these programs use to construct a fault tree and to obtain the minimal cut sets. It gives the formulas used to obtain the probability of the top event from the minimal cut sets, and the formulas for probabilities that are appropriate under various assumptions concerning repairability and mission time. It defines the measures of basic event importance that these programs can calculate. This volume gives an overview of uncertainty analysis using simple Monte Carlo sampling or Latin Hypercube sampling, and states the algorithms used by these programs to generate random basic event probabilities from various distributions. Further references are given, and a detailed example of the reduction and quantification of a simple fault tree is provided in an appendix

Effect Analysis of Faults in Digital I and C Systems of Nuclear Power Plants

Energy Technology Data Exchange (ETDEWEB)

Lee, Seung Jun; Jung, Won Dea [KAERI, Dajeon (Korea, Republic of); Kim, Man Cheol [Chung-Ang University, Seoul (Korea, Republic of)

2014-08-15

A reliability analysis of digital instrumentation and control (I and C) systems in nuclear power plants has been introduced as one of the important elements of a probabilistic safety assessment because of the unique characteristics of digital I and C systems. Digital I and C systems have various features distinguishable from those of analog I and C systems such as software and fault-tolerant techniques. In this work, the faults in a digital I and C system were analyzed and a model for representing the effects of the faults was developed. First, the effects of the faults in a system were analyzed using fault injection experiments. A software-implemented fault injection technique in which faults can be injected into the memory was used based on the assumption that all faults in a system are reflected in the faults in the memory. In the experiments, the effect of a fault on the system output was observed. In addition, the success or failure in detecting the fault by fault-tolerant functions included in the system was identified. Second, a fault tree model for representing that a fault is propagated to the system output was developed. With the model, it can be identified how a fault is propagated to the output or why a fault is not detected by fault-tolerant techniques. Based on the analysis results of the proposed method, it is possible to not only evaluate the system reliability but also identify weak points of fault-tolerant techniques by identifying undetected faults. The results can be reflected in the designs to improve the capability of fault-tolerant techniques.

Effect analysis of faults in digital I and C systems of nuclear power plants

International Nuclear Information System (INIS)

Lee, Seung Jun

2014-01-01

A reliability analysis of digital instrumentation and control (I and C) systems in nuclear power plants has been introduced as one of the important elements of a probabilistic safety assessment because of the unique characteristics of digital I and C systems. Digital I and C systems have various features distinguishable from those of analog I and C systems such as software and fault-tolerant techniques. In this work, the faults in a digital I and C system were analyzed and a model for representing the effects of the faults was developed. First, the effects of the faults in a system were analyzed using fault injection experiments. A software-implemented fault injection technique in which faults can be injected into the memory was used based on the assumption that all faults in a system are reflected in the faults in the memory. In the experiments, the effect of a fault on the system output was observed. In addition, the success or failure in detecting the fault by fault-tolerant functions included in the system was identified. Second, a fault tree model for representing that a fault is propagated to the system output was developed. With the model, it can be identified how a fault is propagated to the output or why a fault is not detected by fault-tolerant techniques. Based on the analysis results of the proposed method, it is possible to not only evaluate the system reliability but also identify weak points of fault-tolerant techniques by identifying undetected faults. The results can be reflected in the designs to improve the capability of fault-tolerant techniques. (author)

Integrated Reliability and Risk Analysis System (IRRAS)

International Nuclear Information System (INIS)

Russell, K.D.; McKay, M.K.; Sattison, M.B.; Skinner, N.L.; Wood, S.T.; Rasmuson, D.M.

1992-01-01

The Integrated Reliability and Risk Analysis System (IRRAS) is a state-of-the-art, microcomputer-based probabilistic risk assessment (PRA) model development and analysis tool to address key nuclear plant safety issues. IRRAS is an integrated software tool that gives the user the ability to create and analyze fault trees and accident sequences using a microcomputer. This program provides functions that range from graphical fault tree construction to cut set generation and quantification. Version 1.0 of the IRRAS program was released in February of 1987. Since that time, many user comments and enhancements have been incorporated into the program providing a much more powerful and user-friendly system. This version has been designated IRRAS 4.0 and is the subject of this Reference Manual. Version 4.0 of IRRAS provides the same capabilities as Version 1.0 and adds a relational data base facility for managing the data, improved functionality, and improved algorithm performance

Software reliability

CERN Document Server

Bendell, A

1986-01-01

Software Reliability reviews some fundamental issues of software reliability as well as the techniques, models, and metrics used to predict the reliability of software. Topics covered include fault avoidance, fault removal, and fault tolerance, along with statistical methods for the objective assessment of predictive accuracy. Development cost models and life-cycle cost models are also discussed. This book is divided into eight sections and begins with a chapter on adaptive modeling used to predict software reliability, followed by a discussion on failure rate in software reliability growth mo

Contribution to calculating characteristics of power transmission of relevance to technical reliability

Energy Technology Data Exchange (ETDEWEB)

Voigt, B

1982-02-19

The possibilities are shown how input parameters are determined for reliability computations. This is done for the components of a transmission system and the evaluated failure statistics of an electric utility company. The following parameters of high interest to reliability engineering are treated: dependence of the failure frequency on the system's cable length, distribution of failure intervals of cables with different voltage levels, followerd by a study of influencing variables due to daily or seasonal fluctuations. Possibilities are pointed out of computing the system reliability on the basis of component parameters, and a method is presented that can be applied in the planning stage as well as during operation of energy transmission systems. Finally, the calculation of a real sub-net of a given energy supply is presented. The methodology of fault-tree analysis, implemented in several, different computer programs, is the input parameter of this section. This method is applied to determine minimum interface structures of a system, to simulating the TOP event in the fault tree and, in the method presented here, to determining the structural significance of components within a system.

Implementation of PATREC nuclear reliability program in PROLOG

International Nuclear Information System (INIS)

Koen, B.V.; Koen, D.B.

1987-01-01

PROLOG, the de facto computer language for research in artificial intelligence in Japan, is a logical choice for research in the pattern recognition strategy for evaluating the reliability of complex systems expressed as fault trees. PROLOG's basic data type is the tree, and its basic control construct is pattern matching. It is also based on recursive programming and allows dynamic allocation of memory, both of which are essential for an efficient reduction of the input tree. Since the inference engine of PROLOG automatically examines the user-defined data base in a systematic order, an additional advantage of this language is that the largest known pattern will always be found first without coding complex tree searches of the pattern library as was required in other computer languages such as PL/1 and LISP

Reliable Fault Diagnosis of Rotary Machine Bearings Using a Stacked Sparse Autoencoder-Based Deep Neural Network

Directory of Open Access Journals (Sweden)

Muhammad Sohaib

2018-01-01

Full Text Available Due to enhanced safety, cost-effectiveness, and reliability requirements, fault diagnosis of bearings using vibration acceleration signals has been a key area of research over the past several decades. Many fault diagnosis algorithms have been developed that can efficiently classify faults under constant speed conditions. However, the performances of these traditional algorithms deteriorate with fluctuations of the shaft speed. In the past couple of years, deep learning algorithms have not only improved the classification performance in various disciplines (e.g., in image processing and natural language processing, but also reduced the complexity of feature extraction and selection processes. In this study, using complex envelope spectra and stacked sparse autoencoder- (SSAE- based deep neural networks (DNNs, a fault diagnosis scheme is developed that can overcome fluctuations of the shaft speed. The complex envelope spectrum made the frequency components associated with each fault type vibrant, hence helping the autoencoders to learn the characteristic features from the given input signals more readily. Moreover, the implementation of SSAE-DNN for bearing fault diagnosis has avoided the need of handcrafted features that are used in traditional fault diagnosis schemes. The experimental results demonstrate that the proposed scheme outperforms conventional fault diagnosis algorithms in terms of fault classification accuracy when tested with variable shaft speed data.

Dissipativity-Based Reliable Control for Fuzzy Markov Jump Systems With Actuator Faults.

Science.gov (United States)

Tao, Jie; Lu, Renquan; Shi, Peng; Su, Hongye; Wu, Zheng-Guang

2017-09-01

This paper is concerned with the problem of reliable dissipative control for Takagi-Sugeno fuzzy systems with Markov jumping parameters. Considering the influence of actuator faults, a sufficient condition is developed to ensure that the resultant closed-loop system is stochastically stable and strictly ( Q, S,R )-dissipative based on a relaxed approach in which mode-dependent and fuzzy-basis-dependent Lyapunov functions are employed. Then a reliable dissipative control for fuzzy Markov jump systems is designed, with sufficient condition proposed for the existence of guaranteed stability and dissipativity controller. The effectiveness and potential of the obtained design method is verified by two simulation examples.

Multi-Level Simulated Fault Injection for Data Dependent Reliability Analysis of RTL Circuit Descriptions

Directory of Open Access Journals (Sweden)

NIMARA, S.

2016-02-01

Full Text Available This paper proposes data-dependent reliability evaluation methodology for digital systems described at Register Transfer Level (RTL. It uses a hybrid hierarchical approach, combining the accuracy provided by Gate Level (GL Simulated Fault Injection (SFI and the low simulation overhead required by RTL fault injection. The methodology comprises the following steps: the correct simulation of the RTL system, according to a set of input vectors, hierarchical decomposition of the system into basic RTL blocks, logic synthesis of basic RTL blocks, data-dependent SFI for the GL netlists, and RTL SFI. The proposed methodology has been validated in terms of accuracy on a medium sized circuit – the parallel comparator used in Check Node Unit (CNU of the Low-Density Parity-Check (LDPC decoders. The methodology has been applied for the reliability analysis of a 128-bit Advanced Encryption Standard (AES crypto-core, for which the GL simulation was prohibitive in terms of required computational resources.

Fault Diagnosis and Fault-tolerant Control of Modular Multi-level Converter High-voltage DC System

DEFF Research Database (Denmark)

Liu, Hui; Ma, Ke; Wang, Chao

2016-01-01

of failures and lower the reliability of the MMC-HVDC system. Therefore, research on the fault diagnosis and fault-tolerant control of MMC-HVDC system is of great significance in order to enhance the reliability of the system. This paper provides a comprehensive review of fault diagnosis and fault handling...

German risk study on nuclear power plants. Appendix 2. Reliability analysis. Deutsche Risikostudie Kernkraftwerke. Fachband 2: Zuverlaessigkeitsanalyse

Energy Technology Data Exchange (ETDEWEB)

Dietlmeier, W.; Gossner, S.; Gueldner, W.; Hoertner, H.; von Linden, J.; Preischl, W.; Reichart, G.; Spindler, H.; Volmer, G.; Zipf, G.

1981-01-01

Based on the event tree analysis as documented in the Appendix 1, the failure probabilities of the system functions required to control the initiating events are evaluated in this Appendix 2. The reliability investigations necessary for the evaluation of the event sequences are performed mostly by means of the fault tree analysis. The methods of the reliability analysis, the composition and function of the systems important to safety and the functional tests performed on these systems are dealt with in detail. The comprehensive documentation of the reliability analyses as performed for the internal events necessitated a division of this Appendix 2 into two volumes.

Discrete event simulation versus conventional system reliability analysis approaches

DEFF Research Database (Denmark)

Kozine, Igor

2010-01-01

Discrete Event Simulation (DES) environments are rapidly developing and appear to be promising tools for building reliability and risk analysis models of safety-critical systems and human operators. If properly developed, they are an alternative to the conventional human reliability analysis models...... and systems analysis methods such as fault and event trees and Bayesian networks. As one part, the paper describes briefly the author’s experience in applying DES models to the analysis of safety-critical systems in different domains. The other part of the paper is devoted to comparing conventional approaches...

Investigating Strain Transfer Along the Southern San Andreas Fault: A Geomorphic and Geodetic Study of Block Rotation in the Eastern Transverse Ranges, Joshua Tree National Park, CA

Science.gov (United States)

Guns, K. A.; Bennett, R. A.; Blisniuk, K.

2017-12-01

To better evaluate the distribution and transfer of strain and slip along the Southern San Andreas Fault (SSAF) zone in the northern Coachella valley in southern California, we integrate geological and geodetic observations to test whether strain is being transferred away from the SSAF system towards the Eastern California Shear Zone through microblock rotation of the Eastern Transverse Ranges (ETR). The faults of the ETR consist of five east-west trending left lateral strike slip faults that have measured cumulative offsets of up to 20 km and as low as 1 km. Present kinematic and block models present a variety of slip rate estimates, from as low as zero to as high as 7 mm/yr, suggesting a gap in our understanding of what role these faults play in the larger system. To determine whether present-day block rotation along these faults is contributing to strain transfer in the region, we are applying 10Be surface exposure dating methods to observed offset channel and alluvial fan deposits in order to estimate fault slip rates along two faults in the ETR. We present observations of offset geomorphic landforms using field mapping and LiDAR data at three sites along the Blue Cut Fault and one site along the Smoke Tree Wash Fault in Joshua Tree National Park which indicate recent Quaternary fault activity. Initial results of site mapping and clast count analyses reveal at least three stages of offset, including potential Holocene offsets, for one site along the Blue Cut Fault, while preliminary 10Be geochronology is in progress. This geologic slip rate data, combined with our new geodetic surface velocity field derived from updated campaign-based GPS measurements within Joshua Tree National Park will allow us to construct a suite of elastic fault block models to elucidate rates of strain transfer away from the SSAF and how that strain transfer may be affecting the length of the interseismic period along the SSAF.

Reliability assessment of complex electromechanical systems under epistemic uncertainty

International Nuclear Information System (INIS)

Mi, Jinhua; Li, Yan-Feng; Yang, Yuan-Jian; Peng, Weiwen; Huang, Hong-Zhong

2016-01-01

The appearance of macro-engineering and mega-project have led to the increasing complexity of modern electromechanical systems (EMSs). The complexity of the system structure and failure mechanism makes it more difficult for reliability assessment of these systems. Uncertainty, dynamic and nonlinearity characteristics always exist in engineering systems due to the complexity introduced by the changing environments, lack of data and random interference. This paper presents a comprehensive study on the reliability assessment of complex systems. In view of the dynamic characteristics within the system, it makes use of the advantages of the dynamic fault tree (DFT) for characterizing system behaviors. The lifetime of system units can be expressed as bounded closed intervals by incorporating field failures, test data and design expertize. Then the coefficient of variation (COV) method is employed to estimate the parameters of life distributions. An extended probability-box (P-Box) is proposed to convey the present of epistemic uncertainty induced by the incomplete information about the data. By mapping the DFT into an equivalent Bayesian network (BN), relevant reliability parameters and indexes have been calculated. Furthermore, the Monte Carlo (MC) simulation method is utilized to compute the DFT model with consideration of system replacement policy. The results show that this integrated approach is more flexible and effective for assessing the reliability of complex dynamic systems. - Highlights: • A comprehensive study on the reliability assessment of complex system is presented. • An extended probability-box is proposed to convey the present of epistemic uncertainty. • The dynamic fault tree model is built. • Bayesian network and Monte Carlo simulation methods are used. • The reliability assessment of a complex electromechanical system is performed.

Failure analysis of storage tank component in LNG regasification unit using fault tree analysis method (FTA)

Science.gov (United States)

Mulyana, Cukup; Muhammad, Fajar; Saad, Aswad H.; Mariah, Riveli, Nowo

2017-03-01

Storage tank component is the most critical component in LNG regasification terminal. It has the risk of failure and accident which impacts to human health and environment. Risk assessment is conducted to detect and reduce the risk of failure in storage tank. The aim of this research is determining and calculating the probability of failure in regasification unit of LNG. In this case, the failure is caused by Boiling Liquid Expanding Vapor Explosion (BLEVE) and jet fire in LNG storage tank component. The failure probability can be determined by using Fault Tree Analysis (FTA). Besides that, the impact of heat radiation which is generated is calculated. Fault tree for BLEVE and jet fire on storage tank component has been determined and obtained with the value of failure probability for BLEVE of 5.63 × 10-19 and for jet fire of 9.57 × 10-3. The value of failure probability for jet fire is high enough and need to be reduced by customizing PID scheme of regasification LNG unit in pipeline number 1312 and unit 1. The value of failure probability after customization has been obtained of 4.22 × 10-6.

A novel method of fuzzy fault tree analysis combined with VB program to identify and assess the risk of coal dust explosions.

Directory of Open Access Journals (Sweden)

Hetang Wang

Full Text Available Coal dust explosions (CDE are one of the main threats to the occupational safety of coal miners. Aiming to identify and assess the risk of CDE, this paper proposes a novel method of fuzzy fault tree analysis combined with the Visual Basic (VB program. In this methodology, various potential causes of the CDE are identified and a CDE fault tree is constructed. To overcome drawbacks from the lack of exact probability data for the basic events, fuzzy set theory is employed and the probability data of each basic event is treated as intuitionistic trapezoidal fuzzy numbers. In addition, a new approach for calculating the weighting of each expert is also introduced in this paper to reduce the error during the expert elicitation process. Specifically, an in-depth quantitative analysis of the fuzzy fault tree, such as the importance measure of the basic events and the cut sets, and the CDE occurrence probability is given to assess the explosion risk and acquire more details of the CDE. The VB program is applied to simplify the analysis process. A case study and analysis is provided to illustrate the effectiveness of this proposed method, and some suggestions are given to take preventive measures in advance and avoid CDE accidents.

Reliability analysis of the reconstructed safety systems of the Kozloduy-2 WWER-440/V-230 reactor

Energy Technology Data Exchange (ETDEWEB)

Kalchev, B [Energoproekt, Sofia (Bulgaria)

1996-12-31

The Unit 2 of the Kozloduy NPP started operations in 1975. As it is designed according to safety standards of the middle sixties, it needs reconstruction in order to prolong its operational life up to the design age of 30 years, in agreement with the increased safety requirements in Bulgaria. The reliability analyses of front line systems of the unit are performed to this end. The approach taken in the study is the fault tree methodology to determine the unavailability of each system. Common mode failures are considered for the pumps and valves using the beta factor method. The mission time for each system is 24 hours and the test period is 720 hours. Support systems and human errors are also included. All the systems control and instrumentation signals are modelled explicitly in the fault trees. The generic IDEA reliability data base is used for all quantifications. The initiating events that would require the system operation are presented and on this basis the thermohydraulic analysis success criteria for each system are determined. The code for probabilistic safety assessment PSAPACK is used. Fault trees for the following front line safety systems are constructed: the high pressure injection system, the spray system and the auxiliary feed water system. The analysis consider some proposed decisions for reconstruction. The results show that the reliability of these systems has increased after reconstruction and the safety has been upgraded. This decrease the core damage frequency from 3.53E{sup -3}, 1/RY to 1.07E{sup -3}, 1/RY. 5 refs., 2 tabs., 5 figs.

Reliability analysis of the reconstructed safety systems of the Kozloduy-2 WWER-440/V-230 reactor

International Nuclear Information System (INIS)

Kalchev, B.

1995-01-01

The Unit 2 of the Kozloduy NPP started operations in 1975. As it is designed according to safety standards of the middle sixties, it needs reconstruction in order to prolong its operational life up to the design age of 30 years, in agreement with the increased safety requirements in Bulgaria. The reliability analyses of front line systems of the unit are performed to this end. The approach taken in the study is the fault tree methodology to determine the unavailability of each system. Common mode failures are considered for the pumps and valves using the beta factor method. The mission time for each system is 24 hours and the test period is 720 hours. Support systems and human errors are also included. All the systems control and instrumentation signals are modelled explicitly in the fault trees. The generic IDEA reliability data base is used for all quantifications. The initiating events that would require the system operation are presented and on this basis the thermohydraulic analysis success criteria for each system are determined. The code for probabilistic safety assessment PSAPACK is used. Fault trees for the following front line safety systems are constructed: the high pressure injection system, the spray system and the auxiliary feed water system. The analysis consider some proposed decisions for reconstruction. The results show that the reliability of these systems has increased after reconstruction and the safety has been upgraded. This decrease the core damage frequency from 3.53E -3 , 1/RY to 1.07E -3 , 1/RY. 5 refs., 2 tabs., 5 figs

Reliability analysis and initial requirements for FC systems and stacks

Science.gov (United States)

Åström, K.; Fontell, E.; Virtanen, S.

In the year 2000 Wärtsilä Corporation started an R&D program to develop SOFC systems for CHP applications. The program aims to bring to the market highly efficient, clean and cost competitive fuel cell systems with rated power output in the range of 50-250 kW for distributed generation and marine applications. In the program Wärtsilä focuses on system integration and development. System reliability and availability are key issues determining the competitiveness of the SOFC technology. In Wärtsilä, methods have been implemented for analysing the system in respect to reliability and safety as well as for defining reliability requirements for system components. A fault tree representation is used as the basis for reliability prediction analysis. A dynamic simulation technique has been developed to allow for non-static properties in the fault tree logic modelling. Special emphasis has been placed on reliability analysis of the fuel cell stacks in the system. A method for assessing reliability and critical failure predictability requirements for fuel cell stacks in a system consisting of several stacks has been developed. The method is based on a qualitative model of the stack configuration where each stack can be in a functional, partially failed or critically failed state, each of the states having different failure rates and effects on the system behaviour. The main purpose of the method is to understand the effect of stack reliability, critical failure predictability and operating strategy on the system reliability and availability. An example configuration, consisting of 5 × 5 stacks (series of 5 sets of 5 parallel stacks) is analysed in respect to stack reliability requirements as a function of predictability of critical failures and Weibull shape factor of failure rate distributions.

Data-driven simultaneous fault diagnosis for solid oxide fuel cell system using multi-label pattern identification

Science.gov (United States)

Li, Shuanghong; Cao, Hongliang; Yang, Yupu

2018-02-01

Fault diagnosis is a key process for the reliability and safety of solid oxide fuel cell (SOFC) systems. However, it is difficult to rapidly and accurately identify faults for complicated SOFC systems, especially when simultaneous faults appear. In this research, a data-driven Multi-Label (ML) pattern identification approach is proposed to address the simultaneous fault diagnosis of SOFC systems. The framework of the simultaneous-fault diagnosis primarily includes two components: feature extraction and ML-SVM classifier. The simultaneous-fault diagnosis approach can be trained to diagnose simultaneous SOFC faults, such as fuel leakage, air leakage in different positions in the SOFC system, by just using simple training data sets consisting only single fault and not demanding simultaneous faults data. The experimental result shows the proposed framework can diagnose the simultaneous SOFC system faults with high accuracy requiring small number training data and low computational burden. In addition, Fault Inference Tree Analysis (FITA) is employed to identify the correlations among possible faults and their corresponding symptoms at the system component level.

Method for assessing reliability of a network considering probabilistic safety assessment

International Nuclear Information System (INIS)

Cepin, M.

2005-01-01

A method for assessment of reliability of the network is developed, which uses the features of the fault tree analysis. The method is developed in a way that the increase of the network under consideration does not require significant increase of the model. The method is applied to small examples of network consisting of a small number of nodes and a small number of their connections. The results give the network reliability. They identify equipment, which is to be carefully maintained in order that the network reliability is not reduced, and equipment, which is a candidate for redundancy, as this would improve network reliability significantly. (author)

Enterprise architecture availability analysis using fault trees and stakeholder interviews

Science.gov (United States)

Närman, Per; Franke, Ulrik; König, Johan; Buschle, Markus; Ekstedt, Mathias

2014-01-01

The availability of enterprise information systems is a key concern for many organisations. This article describes a method for availability analysis based on Fault Tree Analysis and constructs from the ArchiMate enterprise architecture (EA) language. To test the quality of the method, several case-studies within the banking and electrical utility industries were performed. Input data were collected through stakeholder interviews. The results from the case studies were compared with availability of log data to determine the accuracy of the method's predictions. In the five cases where accurate log data were available, the yearly downtime estimates were within eight hours from the actual downtimes. The cost of performing the analysis was low; no case study required more than 20 man-hours of work, making the method ideal for practitioners with an interest in obtaining rapid availability estimates of their enterprise information systems.

Rectifier Fault Diagnosis and Fault Tolerance of a Doubly Fed Brushless Starter Generator

Directory of Open Access Journals (Sweden)

Liwei Shi

2015-01-01

Full Text Available This paper presents a rectifier fault diagnosis method with wavelet packet analysis to improve the fault tolerant four-phase doubly fed brushless starter generator (DFBLSG system reliability. The system components and fault tolerant principle of the high reliable DFBLSG are given. And the common fault of the rectifier is analyzed. The process of wavelet packet transforms fault detection/identification algorithm is introduced in detail. The fault tolerant performance and output voltage experiments were done to gather the energy characteristics with a voltage sensor. The signal is analyzed with 5-layer wavelet packets, and the energy eigenvalue of each frequency band is obtained. Meanwhile, the energy-eigenvalue tolerance was introduced to improve the diagnostic accuracy. With the wavelet packet fault diagnosis, the fault tolerant four-phase DFBLSG can detect the usual open-circuit fault and operate in the fault tolerant mode if there is a fault. The results indicate that the fault analysis techniques in this paper are accurate and effective.

Reliability investigation for the ECC subsystem of a 1300 MWe-PWR

International Nuclear Information System (INIS)

Lalovic, M.

1983-01-01

In this study, a fault-tree analysis is used for reliability investigation of Emergency Core Cooling Sub-system of a 1300 MWe pressurised water reactor. Basic assumptions of the study are large break in the reactor coolant system and independence of the pseudo-components. Relatively high non-availability of the sub-system was calculated. Critical component and minimum cut set are determined. (author)

GOTRES: an expert system for fault detection and analysis

International Nuclear Information System (INIS)

Chung, D.T.; Modarres, M.

1989-01-01

This paper describes a deep-knowledge expert system shell for diagnosing faults in process operations. The expert program shell is called GOTRES (GOal TRee Expert System) and uses a goal tree-success tree deep-knowledge structure to model its knowledge-base. To demonstrate GOTRES, we have built an on-line fault diagnosis expert system for an experimental nuclear reactor facility using this shell. The expert system is capable of diagnosing fault conditions using system goal tree as well as utilizing accumulated operating knowledge to predict plant causal and temporal behaviours. The GOTRES shell has also been used for root-cause detection and analysis in a nuclear plant. (author)

Calculating Nuclear Power Plant Vulnerability Using Integrated Geometry and Event/Fault-Tree Models