fault tree analysis part 12 – redundant structure and standby units
TRANSCRIPT
Fault Tree Analysis
Part 12 – Redundant Structure and Standby Units
Active Redundancy
The redundancy obtained by replacing the important unit with two or more units operating in parallel.
Passive Redundancy
The reserve units can also be kept in standby in such a way that the first of them is activated when the original unit fails, the second is activated when the first reserve unit fails, and so on. If the reserve units carry no load in the waiting period before activation, the redundancy is called passive. In the waiting period, such a unit is said to be in cold standby.
Partly-Loaded Redundancy
The standby units carry a weak load.
Cold Standby, Perfect Switching, No Repairs
Life Time of Standby System
The mean time to system failure
n
iiTT
1
n
iis MTTFMTTF
1
Exact Distribution of Lifetime
If the lifetimes of the n components are independent and exponentially distributed with the same failure rate λ. It can be shown that T is gamma distributed with parameters n and λ. The survivor function is
tn
k
k
s ek
ttR
1
0 !
)()(
Approximate Distribution of Lifetime
Assume that the lifetimes are independent and identically distributed with mean time to failure μ and standard deviation σ. According to Lindeberg-Levy’s central limit theorem, T will be asymptotically normally distributed with mean nμ and variance nσ^2.
Cold Standby, Imperfect Switching, No Repairs
2-Unit System
• A standby system with an active unit (unit 1) and a unit in cold standby. The active unit is under surveillance by a switch, which activates the standby unit when the active unit fails.
• Let be the failure rate of unit 1 and unit 2 respectively; Let (1-p) be the probability that the switching is successful.
21,
Two Disjoint Ways of Survival
1. Unit 1 does not fail in (0, t], i.e.
2. Unit 1 fails in the time interval (τ, τ+dτ], where 0<τ<t. The switch is able to activate unit 2. Unit 2 is activated at time τ and does not fail in the time interval (τ,t].
tT 1
Probabilities of Two Disjoint Events
• Event 1:
• Event 2:
tetT 11Pr
depetTt t 12
10
)(2 )1(Pr
Unit 1 failsSwitching successful
Unit 2 working afterwards
System Reliability
)()1(
)( 121
21
1
21
ttts ee
petR
ts etptR
)1(1)(
21
Mean Time to Failure
210
1)1(
1)(
pdttRMTTF ss
Partly-Loaded Redundancy, Imperfect Switching, No
Repairs
Two-Unit System
Same as before except unit 2 carries a certain load before it is activated. Let denote the failure rate of unit 2 while in partly-loaded standby.
0
Two Disjoint Ways of Survival
1. Unit 1 does not fail in (0, t], i.e.
2. Unit 1 fails in the time interval (τ, τ+dτ], where 0<τ<t. The switch is able to activate unit 2. Unit 2 does not fail in (0, τ], is activated at time τ and does not fail in the time interval (τ,t].
tT 1
Probabilities of Two Disjoint Events
• Event 1:
• Event 2:
tetT 11Pr
deepetTt t 102
10
)(2 )1(Pr
Unit 1 failsat τSwitching
successful
Unit 2 still working after τ Unit 2 working
in (0, τ]
System Reliability
][)1(
)(
0
)(
210
1
210
1021 ttts ee
petR
tts tepetR 21
1
021
)1()(
0
Mean Time to Failure
)()1(
1
)(
012
1
1
0
p
dttRMTTF ss
Cold Standby, Perfect Switching, With Repairs
Possible States of a 2-Unit System with Cold Standby and
Perfect SwitchingSystem Unit A Unit B
4 O S
3 F O
2 S O
1 O F
0 F F
State Space Diagram
0
1
2
34A
A
B
B
A
B
State Equations
)(
)(
)(
)(
)(
00
)(000
000
00)(0
00
)(
)(
)(
)(
)(
4
3
2
1
0
4
3
2
1
0
tP
tP
tP
tP
tP
tP
tP
tP
tP
tP
AB
AAB
AB
BBA
BA
Eliminating the Failed State
)(
)(
)(
)(
)(
00
)(000
000
00)(0
00
)(
)(
)(
)(
)(
4
3
2
1
0
4
3
2
1
0
tP
tP
tP
tP
tP
tP
tP
tP
tP
tP
AB
AAB
AB
BBA
BA
Laplace Transform
• Substitute s=0
• Note that
1
0
0
0
)0(P
)0(P
)0(P
)0(P
00
)(00
00
00)(
4
3
2
1
AB
AAB
AB
BBA
)()(Pi tPs iL
Solution
BBAABA
A
A
B
A
BA
A
AB
A
AB
A
BA
A
B
B
BA
P
PP
PPP
PPP
PP
)0(
)0(1)0(
)0()0()0(
)0()0()0(
)0()0(
1
14
134
123
12
Mean Time to Failure
0
00
00
)(
)()(
)()(
dttR
dttRttR
dttRtdtttfMTTF
Mean Time to Failure
• Take Laplace transform of R(t)
• Substitute s=0
dtetRs st
0)()(R
MTTFdttR
0)()0(R
Mean Time to Failure
BA
BAB
B
SMTTF
1111
)0(P)0(P)0(P)0(P
)0(sR
B
A
BA
4321
Cold Standby, Perfect Switching, With Repairs,A Main Operating Unit
Possible States
System Unit A
(Main Unit)
Unit B
4 O S
3 F O
2 S O
1 O F
0 F F
State Space Diagram
0
34A
BA
State Equations
)(
)(
)(
)(0
0
)(
)(
)(
4
3
0
4
3
0
tP
tP
tP
tP
tP
tP
AA
AAB
B
Where
1)()()( 430 tPtPtP
Steady State Probabilities
4
3
0
)(0
0
0
0
0
P
P
P
AA
AAB
B
Availability and Unavailability
43
4
3
0
PPA
P
P
PQ
ABABA
AB
ABABA
A
ABABA
BA
Eliminate Failed State from State Equations
)(
)(
)(
)(0
0
)(
)(
)(
4
3
0
4
3
0
tP
tP
tP
tP
tP
tP
AA
AAB
B
Where
1)()()( 430 tPtPtP
Treating State 0 as An Absorbing State
• Take Laplace transform and let s=0
• Solution
1
0
)0(P
)0(P)(
4
3
AA
AAB
BA
A
A
B
1)0(P
1)0(P
4
3
Mean Times to Failure and to Repair
• Mean time to failure
• Mean time to repairBA
A
BA
SMTTF
11
)0(P)0(P)0(R 43
1
SMTTR
Cold Standby, Imperfect Switching, With Repairs,A Main Operating Unit
State Space Diagram
0
34Ap )1(
B
A
Ap
Steady State Probabilities
4
3
0
)1()(0
0
0
0
P
P
P
p
p
AA
AAB
AB
Availability and Unavailability
43
4
3
0
)1(
)1(
)1(
)1(
PPA
ppP
pp
pP
pp
pPQ
ABAAABA
AB
ABAAABA
A
ABAAABA
AABA
Mean Time to Failure
)(
)1(
)0(P)0(P)0(R 43
ABA
ABA
S
p
p
MTTF
Partly-Loaded Standby, Perfect Switching, With
Repairs,A Main Operating Unit
Possible States of a 2-Unit System with Partly-Loaded
Standby and Perfect SwitchingSystem Unit A Unit B
4 O S
3 F O
2 S O
1 O F
0 F F
State Space Diagram
0
1
34A
A
B
SB
A
Steady State Probabilities
1
0
0
0
0
)(0
)(00
00
0
4310
4
3
1
0
PPPP
P
P
P
P
SBAA
AAB
SBA
BA
L Spares, With Replacements and Repairs
State Space Diagram
0
1
2 2j
12 j
22 j 2L
12 L 12 L
Notation
• State 2j (j = 0, 1, …,L): A total of j spare units are in a repair queue, and (L-j) spares are normal. A failed unit in the system is being replaced by a normal spared unit, the system is working.
• State 2j+1 (j = 0, 1, …, L-1): A total of j spare units are in a repair queue, and (L-j) spares are normal. A failed unit in the system is being replaced by a normal spared unit, the system does not work.
• State 2L+1: All spares are in a repair queue. A failed unit in the system is under priority repair. This is a type of quasi-replacement.
Notation
• λ:
Constant failure rate
• μ:
Constant repair rate
• ε:
Constant replacement rate
Steady-State State Equations
1
0
),2,1(0)(
)1,,1,0(0
0
12
0
122
22212
122
20
L
jj
LL
jjj
jj
P
PP
LjPPP
LjPP
PP
Steady-State Availability
1
0
2
02
11L
k
Lk
j
j
L
jj
P
PA