O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

Introduction to reliability theories

1.009 visualizações

Publicada em

Understanding terminology and mathematical bases of dependability
Being familiar with probabilities and their use in dependability
Beginning with reliability block diagrams

Publicada em: Engenharia
  • Visit this site: tinyurl.com/sexinarea and find sex in your area for one night)) You can find me on this site too)
       Responder 
    Tem certeza que deseja  Sim  Não
    Insira sua mensagem aqui
  • Sex in your area for one night is there tinyurl.com/hotsexinarea Copy and paste link in your browser to visit a site)
       Responder 
    Tem certeza que deseja  Sim  Não
    Insira sua mensagem aqui
  • Girls for sex are waiting for you https://bit.ly/2TQ8UAY
       Responder 
    Tem certeza que deseja  Sim  Não
    Insira sua mensagem aqui
  • Meetings for sex in your area are there: https://bit.ly/2TQ8UAY
       Responder 
    Tem certeza que deseja  Sim  Não
    Insira sua mensagem aqui
  • Our new dating startup, please rate it. We are sure that its the best site for dating. You can visit our site there: https://bit.ly/2SlcOnO
       Responder 
    Tem certeza que deseja  Sim  Não
    Insira sua mensagem aqui

Introduction to reliability theories

  1. 1. Chapter A Introduction to reliability theories UNDERSTANDING TERMINOLOGY AND MATHEMATICAL BASES OF DEPENDABILITY BEING FAMILIAR WITH PROBABILITIES AND THEIR USE IN DEPENDABILITY BEGINNING WITH RELIABILITY BLOCK DIAGRAMS IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 1
  2. 2. Introduction The training This chapter is part of a 4-day training on PFD quantification in accordance with IEC 61508 and IEC 61511. The other chapters concern the functional safety (IEC 61508 & IEC 61511) and methods for calculating the average probability of a dangerous failure on demand (PFDavg), including simplified equations, fault trees, Markov graphs, and Petri nets. The full training also includes a practical summary and a workshop. Further information available on: http://www.ramsindustry.eu/services/pfdcalculation/ and: http://www.securitefonctionnelle.pro/en/trainings/presentation/sil-calculation-pfd-quantification Certification program the 4-day training is part of the Risknowlogy SILComp® certification program to become a Risknowlogy Certified Professional in the field of PFD quantification About the trainer Florent BRISSAUD, PhD, is a Dependability & Safety Consultant for Technological Systems, with more than 10 years of experience in energy, industry, and transportation. His references include GDF SUEZ/ENGIE, Technip, SHELL, VEOLIA, SNCF, DNV GL, BV. Further information available on: http://www.ramsindustry.eu/people/ IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 2
  3. 3. Agenda I. Terminology II. Mathematical bases III. Introduction to probabilities IV. Using probabilities for reliability V. Using reliability block diagrams IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 3
  4. 4. I. Terminology I.1. DEPENDABILITY I.2. AVAILABILITY AND UNAVAILABILITY I.3. FAILURE AND FAILURE MODE I.4. RELIABILITY I.5. MAINTAINABILITY I.6. SAFETY IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 4
  5. 5. I.1. Dependability Dependability ability [of an item] to perform as and when required [IEC 60050-192] Factors of dependability reliability, maintainability, availability, safety (RAMS) Notes:  “Dependability includes availability performance and its influencing factors: reliability performance, maintainability performance, and maintenance support performance” [IEC 60050-191].  “Safety” is usually added to the factors of dependability.  Dependability is sometimes considered as the “science of failures.”  “RAMS” (or “RAM”) is more commonly used instead of “Dependability.”  “Reliability” is often mistakenly used as a “general term” for “dependability” however, “reliability” is only a factor that is not sufficient to characterise “dependability.” IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 5
  6. 6. I.2. Availability and unavailability Availability ability [of an item] to be in a state to perform as required [IEC 60050-192] Availability – instantaneous measure probability that an item is in a state to perform as required at a given instant [IEC 60050-192] Notes:  “To perform as required” always refers to a specific function.  The state of an item of being able to perform as required is the “up state” (also called “working”).  The state of an item of being unable to perform as required is the “down state,” (also called “faulty” or “in maintenance”).  An available item is not necessarily operating (e.g. “stand-by”), (being able to ≠ performing). IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 6
  7. 7. 0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 time t X(t) I.2. Availability and unavailability Availability at time t A(t) = P[the item is in a state to perform as required at time t] A(t) = P[X(t) = 1] With X(t), the (random) state of the item at time t such as: X(t) = 1 if the item is in a state to perform as required at time t (i.e. “up state”) X(t) = 0 otherwise (i.e. “down state”) up state down state up state down state IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 7
  8. 8. I.2. Availability and unavailability Unavailability this is the complementary of availability Unavailability at time t U(t) = P[the item is not in a state to perform as required at time t] U(t) = P[X(t) = 0] U(t) = 1 - A(t) 0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 time t X(t) up state down state up state down state IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 8
  9. 9. I.2. Availability and unavailability Average availability Aavg = MUT / (MUT + MDT) Average unavailability Uavg = MDT / (MUT + MDT) Uavg = 1 - Aavg With: MUT (mean up time), the mean time when the item is in a state to perform as required MDT (mean down time), the mean time when the item is not in a state to perform as required Notes:  The mean values are always defined in a given period of time.  Do not confuse “mean” value and “asymptotic” value.  Do not confuse “estimated” value, “expected” value, and “true” value. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 9
  10. 10. I.3. Failure and failure mode Failure loss of ability [of an item] to perform as required [IEC 60050-192] Notes:  IEC 61508 uses a similar definition.  Failures can be due to different causes (i.e. circumstances) and mechanisms (i.e. process).  The failure of an item is an event that results in a fault state (i.e. “down state”) of that item. failurefailure 0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 time t X(t) up state down state up state down state IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 10
  11. 11. I.3. Failure and failure mode Failure mode manner in which failure occurs [IEC 60050-192] Questions:  What examples of failure modes for a valve can you provide?  What examples of failure modes for a transmitter can you provide?  What examples of failure modes for a safety logic unit can you provide? IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 11
  12. 12. I.3. Failure and failure mode Answers to questions:  Failure to open on demand, failure to close on demand, internal leakage, external leakage, and spurious operation are examples of failure modes for a valve.  Low output, high output, and no output are examples of failure modes for a transmitter.  Erratic output, delayed operation, and no output are examples of failure modes for a safety logic unit. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 12
  13. 13. I.3. Failure and failure mode List of failure modes (safety and control equipment) [ISO 14224] 1. Failure to function on demand (FTF) 2. Failure to open on demand (FTO) 3. Failure to close on demand (FTC) 4. Delayed operation (DOP) 5. Spurious operation (SPO) 6. High output (HIO) 7. Low output (LOO) 8. Very low output (VLO) 9. Erratic output (ERO) 10. No output (NOO) 16. Spurious high alarm level (SHH) 17. Spurious low alarm level (SLL) 18. Plugged/choked (PLU) 19. External leakage – process medium (ELP) 20. External leakage – utility medium (ELU) 21. Internal leakage (INL) 22. Leakage in closed position (LCP) 23. Abnormal instrument reading (AIR) 24. Structural deficiency (STD) 25. Minor in-service problems (SER) 26. Other (OTH) 27. Unknown (UNK) IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 13
  14. 14. I.3. Failure and failure mode Question:  What hardware failures can cause the different failure modes of this valve? IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 14 actuator (motor) body of the valve valve in opened position valve in closed position
  15. 15. I.3. Failure and failure mode Answers to question:  Failure to open on demand, failure to close on demand, and spurious operation can be caused by the actuator or the rod ; Internal leakage can be caused by the piston or the seal ; External leakage can be caused by the body of the valve. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 15
  16. 16. I.3. Failure and failure mode Common cause failures failures of multiple items, which would otherwise be considered independent of one another, resulting from a single cause [CEI 60050-192] Common mode failures failures of different items characterized by the same failure mode [CEI 60050-192] Notes:  The common mode failures can be due to different causes, or can be common cause failures.  The common cause and/or mode failures reduce the benefit of redundancies. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 16
  17. 17. I.4. Reliability Reliability ability [of an item] to perform as required, without failure, for a given time interval, under given conditions [IEC 60050-192] Reliability at time t R(t) = P[the item stays in a state to perform as required until time t] R(t) = P[T > t] With: T, the (random) time between the (re)start “up state” of the item and its next failure Note:  In general, it is assumed that the item is in a state to perform as required at the initial time t0: R(t) = P[T > t | X(t0) = 1]. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 17
  18. 18. I.4. Reliability Questions:  What is the difference between reliability and availability?  On what condition the reliability of an item is equal to its availability?  What factors of dependability is considered for availability but not for reliability?  Can a poorly reliable item be very available?  How does reliability change according to time (from t0) ?  How does availability change according to time (from t0) ?  How the reliability of an item can be improved?  How the availability of an item can be improved? IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 18
  19. 19. I.4. Reliability Answers to questions:  The availability takes the restoration to “up state” (i.e. repairs) into account, unlike reliability.  When no restoration to “up state” is considered (i.e. items never repaired), the reliability of an item is equal to its availability.  The maintainability (with regards to the corrective maintenance) is a factor of dependability that is considered for availability but not for reliability.  A poorly reliable item can be very available if the restoration to “up state” is very fast after each failure.  The reliability is always decreasing according to time.  The availability can increase, decrease, and/or stay constant according to time.  The reliability of an item can be improved by improving the quality/properties of the item, or its environmental constraints.  The availability of an item can be improved by improving the reliability of the item, or its maintainability. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 19
  20. 20. I.5. Maintainability Maintainability ability [of an item] to be retained in, or restored to a state to perform as required, under given conditions of use and maintenance [IEC 60050-192] Preventive maintenance maintenance carried out to mitigate degradation and reduce the probability of failure [IEC 60050-192] Corrective maintenance maintenance carried out after fault detection to effect restoration [IEC 60050-192] Notes:  Preventive maintenance acts on reliability (and, indirectly, on availability), while the corrective maintenance only acts on availability.  Preventive maintenance is “scheduled” when it is carried out in accordance with a specified time table and “condition-based” when it is performed upon the assessment of physical conditions. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 20
  21. 21. I.5. Maintainability Maintenance support (i.e. logistic) provision of resources to maintain an item [IEC 60050-192] Maintenance support performance effectiveness of an organization in respect of maintenance support [IEC 60050-192] Note:  Resources include human resources, support equipment, materials and spare parts, maintenance facilities, documentation and information, and maintenance information systems [CEI 60050-192]. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 21
  22. 22. I.6. Safety Safety – “risk” point of view freedom from risk which is not tolerable [ISO/CEI Guide 51:2014] i.e. “in a given context based on the current values of society” Safety – “system” point of view ability [of an item] to prevent hazardous events (i.e. event that may result in physical injury or damage to the health of people or damage to property or the environment [CEI 61508]), or to reduce the consequences of such events on people, property or the environment Note:  Safety refers to accidental events while security refers to intentional events. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 22
  23. 23. II. Mathematical bases II.1. REMINDERS II.2. MTTF, MTTR, MTBF II.3. FAILURE RATE II.4. RELATIONSHIP BETWEEN TERMS IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 23
  24. 24. 0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 time t X(t) II.1. Reminders X(t) is the (random) state of the item at time t such as: X(t) = 1 if the item is in a state to perform as required at time t (i.e. “up state”) X(t) = 0 otherwise (i.e. “down state”) T is the (random) time between the (re)start “up state” of the item and its next failure R(t) = P[T > t] (redefined from t0) A(t) = P[X(t) = 1] T T up state down state up state down state IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 24 t0t0
  25. 25. II.2. MTTF, MTTR, MTBF Mean time to failure (MTTF) mean time between the (re)start “up state” of the item and its next failure Notes:  MTTF is the “mathematical expectancy” (i.e. the mean) of the random variable T.  Some references also define the “mean time to first failure” (MTTFF). Mean time to restore/restoration (MTTR) mean time between the last failure of the item and its restart “up state” Notes:  MTTR includes active repair time, but also fault detection time, logistic delay (e.g. delivery of personnel, tools and parts) and time of restarting – this definition is adopted by the IEC 61508 and the IEC 61511!  Other references (the majority) define MTTR as the “mean repair time,” whish only includes the active (effective) repair time. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 25
  26. 26. II.2. MTTF, MTTR, MTBF Mean time between failures (MTBF) mean time between two consecutive failures of the item MTBF = MTTF + MTTR IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 26 2nd failure1st failure 0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 time t X(t) (M)TTF (M)TTR (M)TTF (M)TBF detection logistic repair restart (M)TBF (mean) time between failures (M)TTF (mean) time to failure (M)TTR (mean) time to restore restart up state
  27. 27. II.2. MTTF, MTTR, MTBF Using these definitions: MUT (mean up time) is equivalent to MTTF MDT (mean down time) is equivalent to MTTR And, thus: Aavg = MTTF / (MTTF + MTTR) Aavg = MTTF / MTBF Uavg = MTTR / (MTTF + MTTR) Uavg = MTTR / MTBF Questions:  To what factors of dependability these concepts refer to?  MTTF  MTTR  MTBF  What is the result of the total time of observation divided by the number of failures observed? IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 27
  28. 28. II.2. MTTF, MTTR, MTBF Answers to questions:  The MTTF refers to the reliability.  The MTTR refers to the maintainability.  The MTBF, as a combination of MTTF and MTTR, refers to the availability.  The total time of observation divided by the number of failures observed results to the “observed” MTBF. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 28
  29. 29. II.2. MTTF, MTTR, MTBF Comparison of the MTTR with other standards taxonomies of times to restore/restoration [ISO/TR 12489] Notes:  ISO/TR 12489 is a technical guide called “Petroleum, petrochemical and natural gas industries — Reliability modelling and calculation of safety systems.”  IEV 191 refers to the second edition of the IEC 60050-191. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 29
  30. 30. II.3. Failure rate Failure rate at time t probability that a failure of the item occurs within time interval [t ; t + Δt] given that the item has stayed in “up state” (i.e. no failure has occurred) until time t, divided by Δt, and when Δt tends to zero Notes:  Without the condition “the item has stayed in “up state” until time t,” it becomes the “unconditional failure intensity” at time t (or “failure frequency”).  By replacing this same condition by “the item is in “up state” at time t,” it becomes the “conditional failure intensity” at time t (or “Vesely failure rate”). To simplify (with Δt small): λ(t) × Δt ≈ P[t < T ≤ t + Δt | T > t] Special case: If the failure rate is constant and if the failures are repaired immediately, then the failure rate can be interpreted as the mean number of failures per time unit. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 30
  31. 31. II.3. Failure rate Units for failure rates  per hour  per 106 hours, (e.g. OREDA)  per 109 hours (FIT), (e.g. electronical equipment)  per year And also:  per operating hour  per km  per cycle  per solicitation Notes:  1 year ≈ 8760 hours  1 month ≈ 730 hours  1 day = 24 hours IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 31
  32. 32. II.3. Failure rate “Bathtub” curve:  “early life failure” (or “burn-in”) period  decreasing failure rate  “constant” (or “useful life”) period  constant failure rate  “wear-out failure” (or “ageing”) period  increasing failure rate Note:  Reliability laws called “Weibull” allow modelling such failure rates. time t λ(t) time t λ(t) burn-in useful life ageing burn-in ageing IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 32
  33. 33. II.3. Failure rate Question:  To what “period” may correspond the failures due to the following causes?  wrong design  manufacturing error  installation/commissioning error  wear/fouling  circuit break  exceptional constraint  operational error  bad weather Notes:  Usually, only the “useful life” period is considered (e.g. OREDA).  In what follows, all the failure rates will be assumed constant. In this case, T follows an exponential distribution of parameter λ.  A ”proper” design, installation, and preventive maintenance can justify this assumption. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 33
  34. 34. II.3. Failure rate Answers to question:  Basically, wrong design, manufacturing error, and installation/commissioning error are early life failures; wear/fouling is a wear-out failure; circuit break, exceptional constraint, operational error, and bad weather are useful life failures (or wear-out failures in case of accumulation). IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 34
  35. 35. II.4. Relationship between terms Relationship between MTTF and (constant) failure rate MTTF = 1 / λ and λ = 1 / MTTF Relationship between reliability and (constant) failure rate R(t) = exp(-λ × t) and λ = - ln(R(t)) / t possible approximation if λ × t < 10-2: exp(-λ × t) ≈ 1 - λ × t Relationship between MTTR and (constant) restoration rate MTTR = 1 / μ and μ = 1 / MTTR Reminders Aavg = MTTF / MTBF Uavg = MTTR / MTBF MTBF = MTTF + MTTR Note:  MTTF, MTTR, MTBF, and failure rates have to be often defined per failure mode instead of per equipment item. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 35
  36. 36. II.4. Relationship between terms Exercise A.01:  What is the MTTF of an item for which the failure rate is 50 FIT?  What is the reliability of this item at 1 year, 10 years, and 100 years?  What are the MTBF and the average availability of an item for which the MTTF is 10 years and the MTTR is 8 hours?  What are the MTBF and the average availability of an item for which the failure rate is 0.05 per year and the restoration rate is 0.2 per hour?  What is the failure rate of an item for which the reliability at t = 1 year is 0.99?  What is the reliability of an item at t = MTTF? IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 36
  37. 37. II.4. Relationship between terms Answers to Exercise A.01:  The failure rate is λ = 50 FIT = 50 / 109 = 5 × 10-8 per hour. Since the failure rate is constant: MTTF = 1 / λ = 2 × 107 hours ≈ 2,283 years.  The reliability at t is R(t) = exp(- λ × t) ≈ 1 - λ × t, with λ = 5 × 10-8 per hour. R(1 year) = R(8,760 hours) = exp(- 5 × 10-8 × 8,760) ≈ 0.99956, which can be approximated by 1 - 5 × 10-8 × 8,760 ≈ 0.99956. R(10 years) = R(10 × 8,760 hours) = exp(- 5 × 10-8 × 10 × 8,760) ≈ 0.99563, which can be approximated by 1 - 5 × 10-8 × 10 × 8,760 ≈ 0.99562. R(100 years) = R(100 × 8,760 hours) = exp(- 5 × 10-8 × 100 × 8,760) ≈ 0.95715, which can be approximated by 1 - 5 × 10-8 × 100 × 8,760 ≈ 0.95620.  MTBF = MTTF + MTTR = 10 x 8,760 + 8 = 87,608 hours. Aavg = MTTF / MTBF = (10 x 8,760) / 87,608 ≈ 0.99991.  Since the failure rate is constant: MTTF = 1 / λ = 1 / (0.05 / 8,760) = 175,200 hours. Since the restoration rate is constant: MTTR = 1 / μ = 1 / 0.2 = 5 hours. MTBF = MTTF + MTTR = 175,200 + 5 = 175,205 hours. Aavg = MTTF / MTBF = 175,200 / 175,205 ≈ 0.99997.  Since the failure rate is constant: λ = - ln(R(t)) / t = - ln(R(8,760)) / 8,760 ≈ 1.15 × 10-6.  Since the failure rate is constant: MTTF = 1 / λ, and R(MTTF) = exp(- λ × MTTF) = exp(- λ / λ) = exp(- 1) = 0.36788. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 37
  38. 38. III. Introduction to probabilities III.1. WHAT IS A PROBABILITY? III.2. RULES ON EVENTS III.3. RULES ON PROBABILITIES III.4. INDEPENDENT EVENTS III.5. INCOMPATIBLE EVENTS III.6. PIVOTAL DECOMPOSITION IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 38
  39. 39. III.1. What is a probability? “Classical” interpretation based on enumeration, a probability is the ratio of the number of favourable cases (i.e. outcomes of events) to the number of all possible cases  limited to events for which the outcomes are equally probable (e.g. card game, dice) “Frequentist” interpretation (or “physical”) based on trials that can be repeated identically and infinitely, a probability is the relative frequency of occurrence of the event in a large number of trials  suitable for mathematicians (statistic) who deal with a (very) large number of available data and are able to measure tendencies on which to bet on (e.g. insurances, finance, games) “Subjective” interpretation (or “Bayesian”) a probability simply measures a “degree of belief”  more “pragmatic,” it is suitable for engineers who do not use probabilities as an end in itself but as indicators to help in making decisions, and must be updated according to feedback  more appropriate to failures of systems or human errors, which are more often due to inner features and specific environmental conditions for which the concept of “identical trials” is inappropriate  more appropriate to rare events (lack of data and need for “judgment”) IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 39
  40. 40. III.1. What is a probability? IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 40 A mathematician to the last, Count Auguste-Bastien de la Rochefoucault notices that his odds of dying on the 9 of October at 8 in the morning at the age of 55 just raised from 1/481800 up to 1/1.
  41. 41. III.1. What is a probability? Is a probabilistic result, uncertain by nature, relevant?  “Are no probabilities to be accepted, merely because they are not certainties?” Jane Austen (1775 - 1817), English novelist, [Sense and Sensibility]  “Doubt is an unpleasant mental state, but certainty is ridiculous.” Voltaire (1694 - 1778), French enlightenment writer, historian, and philosopher  “Absolute certainty is a privilege of uneducated minds and fanatics.” C.J. Keyser (1862 - 1947), American mathematician Criteria for a “good” probabilistic result  coherence: the probabilities given to events reflect the hierarchy of the likelihood of these events, considering the current state of knowledge  substantiality: the results take the most relevant information into account  robustness: uncertainties in the input information have a minimal impact on the coherence of the results (i.e. results have low uncertainties) IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 41
  42. 42. III.1. What is a probability? Properties of a probability  refers to an event  without unit (contrarily to a frequency!)  between 0 and 1  equal to 1 if the event does/will occur with an absolute certainty  equal to 0 if the event does/will not occur with an absolute certainty  the greater the confidence we have in the occurrence of the event is, the greater is (or should be) the probability given to this event Notes:  Do not confuse probabilities and frequencies! A frequency is expressed per time unit and can be strictly greater than 1.  A frequency (e.g. the PFH) does not have the same properties and cannot be handled as a probability. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 42
  43. 43. III.2. Rules on events Universe the set of all possible events constitutes the universes (finite or infinite), noted Ω Intersection (or “conjunction”) A and B means that these both events are present (also noted A ∩ B) Union (or “disjunction”) A or B means that any one (or both) of these events are present (also noted A ∪ B) Permutation of events A and B = B and A A or B = B or A Distribution of events A and (B or C) = (A and B) or (A and C) Negation of events not-not-A = A not-(A or B) = not-A and not-B not-(A and B) = not-A or not-B IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 43
  44. 44. III.3. Rules on probabilities Probability of event A, given event B P[A | B] is the probability that event A occurs, given that event B is present (under condition that B is possible) Probability of event A and B - Bayes theorem P[A and B] = P[A | B] × P[B] = P[B | A] × P[A] P[A | B] = P[A and B] / P[B] P[B | A] = P[A and B] / P[A] Probability of event A or B P[A or B] = P[A] + P[B] - P[A and B] Probability of event not-A (or “complement”) P[not-A] = 1 - P[A] Probability of the universe P[Ω] = 1 A BA and B IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 44 Ω
  45. 45. III.3. Rules on probabilities Exercise A.02:  Express probability P[A and B and C].  Express probability P[A or B or C].  Express probability P[(A and B) or C]. Note:  The general case for union of events is defined by the inclusion-exclusion principle or “Poincaré formula.” IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 45
  46. 46. III.3. Rules on probabilities Answers to Exercise A.02:  P[A and B and C] = P[A and (B and C)] = P[A] × P[(B and C) | A] = P[A] × P[B | A] × P[(C | B) | A] = P[A] × P[B | A] × P[C | (A and B)]  P[A or B or C] = P[A or (B or C)] = P[A] + P[B or C] – P[A and (B or C)] = P[A] + P[B] + P[C] – P[B and C] – P[(A and B) or (A and C)] = P[A] + P[B] + P[C] – P[B and C] – {P[A and B] + P[A and C] – P[A and B and A and C]} = P[A] + P[B] + P[C] – P[B and C] – P[A and B] – P[A and C] + P[A and B and C]  P[(A and B) or C] = P[A and B] + P[C] – P[A and B and C] IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 46
  47. 47. III.4. Independent events Events A and B are independent if P[A | B] = P[A] = pA and P[B | A] = P[B] = pB that is, the presence or not of event B does not have any influence on the probability of event A, and vice-versa Probability of event A and B P[A and B] = pA × pB Probability of event A or B P[A or B] = pA + pB - pA × pB P[A or B] = 1 - (1 - pA) × (1 - pB) A BA and B IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 47 Ω
  48. 48. III.4. Independent events Question:  Are these pairs of events dependent or independent?  raining and storming  having a four-leaf clover and win to the lottery  having a four-leaf clover and win a tennis game  human error of operator O1 on procedure P1 and human error of operator O2 on procedure P2  human error of operator O1 on procedure P1 and human error of operator O1 on procedure P2  human error of operator O1 on procedure P1 and human error of operator O2 on procedure P1 IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 48
  49. 49. III.4. Independent events Answers to question:  Raining and storming are dependent (storming is more likely in case of raining).  Having a four-leaf clover and win to the lottery are independent (failing proof to the contrary).  Having a four-leaf clover and win a tennis game are dependent for superstitious players that would play better with a lucky charm, and independent for the others.  Human error of operator O1 on procedure P1 and human error of operator O2 on procedure P2 are independent if the two operators and the two procedures are not related.  Human error of operator O1 on procedure P1 and human error of operator O1 on procedure P2 are dependent (the same operator can reproduce the same errors).  Human error of operator O1 on procedure P1 and human error of operator O2 on procedure P1 are dependent (the procedure can be tricky and/or not well defined). IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 49
  50. 50. III.4. Independent events Exercise A.03:  Assuming that all the events are independent, express the following probabilities:  P[A and B and C]  P[A or B or C]  P[(A and B) or C] Notes:  The combination of events “A1 and A2 and … and An,” also noted “A1 ∩ A2 ∩ … ∩ An,” can be written shortly by: i=1 n Ai.  The operation p1 × p2 × p3 × … × pn is commonly noted i=1 n pi.  The combination of events “A1 or A2 or … or An,” also noted “A1 ∪ A2 ∪ … ∪ An,” can be written shortly by: i=1 n Ai.  The operation 1 - (1- p1) × (1 - p2) × (1 - p3) × … × (1 - pn) is commonly noted i=1 n pi. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 50
  51. 51. III.4. Independent events Answers to Exercise A.03:  P[A and B and C] = P[A] × P[B | A] × P[C | (A and B)] = P[A] × P[B] × P[C]  P[A or B or C] = P[A] + P[B] + P[C] – P[A and B] – P[A and C] – P[B and C] + P[A and B and C] = P[A] + P[B] + P[C] – P[A] × P[B] – P[A] × P[C] – P[B] × P[C] + P[A] × P[B] × P[C] = 1 – (1 – P[A]) × (1 – P[B]) × (1 – P[C])  P[(A and B) or C] = P[A and B] + P[C] – P[A and B and C] = P[A] × P[B] + P[C] – P[A] × P[B] × P[C] = P[A] × P[B] × (1 – P[C]) + P[C] IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 51
  52. 52. III.5. Incompatible events Events A and B are incompatible (or “disjoint” or “mutually exclusive”) if P[A | B] = 0 and P[B | A] = 0 Probability of event A and B P[A and B] = 0 Probability of event A or B P[A or B] = pA + pB Questions:  What examples of incompatible events can you provide?  Can two events be incompatible and independent? A B IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 52 Ω
  53. 53. III.5. Incompatible events Answers to questions:  Yes and no, head and tale, being at two different places at the same time are examples of incompatible events.  Two incompatible events cannot be independent because the presence of one modifies the probability of the other (which becomes nil). IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 53
  54. 54. III.6. Pivotal decomposition Partition set of events {E1, E2, E3, …, En} such as: • P[Ei] ≠ 0 for i = 1, 2, …, n • Ei and Ej are incompatible for i ≠ j • P[E1 or E2 or E3 or … or En] = 1 For example: {B, not-B} is a partition (if P[B] ≠ 0 and P[not-B] ≠ 0) Pivotal decomposition of event A A = (A and B) or (A and not-B) Thus: P[A] = P[(A and B) or (A and not-B)] P[A] = P[A and B] + P[A and not-B] (because of incompatibility) P[A] = P[B] × P[A | B] + (1 - P[B]) × P[A | not-B] (applying Bayes theorem) A BA and B IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 54 Ω
  55. 55. III.6. Pivotal decomposition Question:  Assuming that events A, B, and C are independent, are the following events dependent or independent?  event (A and B) and event (A and C)  event (A and B) and event (A or C)  event (A or B) and event (A or C) Exercise A.04:  Assuming that events A, B, and C are independent, express the following probabilities:  P[(A and B) or (A and C)]  P[(A or B) and (A or C)]  P[(A and B) or (A and C) or (B and C)]  P[(A or B) and (A or C) and (B or C)] IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 55
  56. 56. III.6. Pivotal decomposition Answers to question:  Event (A and B) and event (A and C), are dependent because A takes part into the two events, same as event (A and B) and event (A or C), and event (A or B) and event (A or C). Answers to Exercise A.04 (1st part):  P[(A and B) or (A and C)] = P[A] × P[{(A and B) or (A and C)} | A] + (1 – P[A]) × P[{(A and B) or (A and C)} | not-A] = P[A] × P[B or C] + (1 – P[A]) × 0 = P[A] × (P[B] + P[C] – P[B] × P[C])  P[(A or B) and (A or C)] = P[A] × P[{(A or B) and (A or C)} | A] + (1 – P[A]) × P[{(A or B) et (A or C)} | not-A] = P[A] × 1 + (1 – P[A]) × P[B and C] = P[A] + (1 – P[A]) × P[B] × P[C] IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 56
  57. 57. III.6. Pivotal decomposition Answers to Exercise A.04 (2nd part):  P[(A and B) or (A and C) or (B and C)] = P[A] × P[{(A and B) or (A and C) or (B and C)} | A] + (1 – P[A]) × P[{(A and B) or (A and C) or (B and C)} | not-A] = P[A] × P[B or C or (B and C)] + (1 – P[A]) × P[B and C] = P[A] × P[B or C] + (1 – P[A]) × P[B and C] = P[A] × (P[B] + P[C] – P[B] × P[C]) + (1 – P[A]) × P[B] × P[C]  P[(A or B) and (A or C) and (B or C)] = P[A] × P[{(A or B) and (A or C) and (B or C)} | A] + (1 – P[A]) × P[{(A or B) and (A or C) and (B or C)} | not-A] = P[A] × P[B or C] + (1 – P[A]) × P[B and C and (B or C)] = P[A] × P[B or C] + (1 – P[A]) × P[B and C] = P[A] × (P[B] + P[C] – P[B] × P[C]) + (1 – P[A]) × P[B] × P[C] IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 57
  58. 58. IV. Using probabilities for reliability IV.1. WHAT WILL WE MANIPULATE WITH PROBABILITIES? IV.2. SERIES SYSTEM IV.3. PARALLEL SYSTEM IV.4. SERIES/PARALLEL SYSTEM IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 58
  59. 59. IV.1. What will we manipulate with probabilities? Reliability of an item at time t R(t) = P[the item stays in a state to perform as required until time t] Availability of an item at time t A(t) = P[the item is in a state to perform as required at time t] Unavailability of an item at time t U(t) = P[the item is not in a state to perform as required at time t] Notes:  In what follows, a probability p can be any of these measures.  To simplify, we will note p instead of p(t), even if manipulated values are generally time-dependent.  Pay attention! We will see that “average” probabilities such as average (un)availability (Aavg et Uavg) cannot be manipulated in the same way! IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 59
  60. 60. IV.1. What will we manipulate with probabilities? Exercise A.05:  Are events T > t and T > t0, with condition t0 < t, independent?  Explain the signification of probability P[T > t | T > t0].  Apply the Bayes theorem to probability P[T > t | T > t0].  Assuming that the failure rate is constant, express probability P[T > t | T > t0].  Deduce from the previous result why it is said, in that case, that the reliability is “memoryless,” or that the item “does not age”? IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 60
  61. 61. IV.1. What will we manipulate with probabilities? Answers to Exercise A.05:  With condition (t0 < t), (T > t) always implies (T > t0), i.e. P[T > t0 | T > t] = 1, thus events (T > t) and (T > t0) are not independent.  T is the time between the (re)start “up state” of the item and its next failure. P[T > t | T > t0] is then the probability that the item stays in “up state” until time t, given it has already stayed in “up state” until time t0.  P[T > t | T > t0] = P[(T > t) and (T > t0)] / P[(T > t0)] = P[T > t] / P[T > t0] with condition t0 < t  Reliability at t is R(t) = P[T > t], and since the failure rate is constant: R(t) = exp(- λ × t). P[T > t | T > t0] = P[T > t] / P[T > t0] with condition t0 < t, thus P[T > t | T > t0] = R(t) / R(t0) = exp(- λ × t) / exp(- λ × t0) = exp(- λ × (t - t0)) = R(t - t0).  Regardless of the “age” of the item (i.e. t0), its reliability for the x next time units (i.e. R(x) with x = t - t0) only depends on the value of x, but not on the “age” of the item. In other words, the probability that an item which is currently in “up sate” stays in this state for the x next years does not depend on the duration while it has already stayed in “up state” until today. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 61
  62. 62. IV.1. What will we manipulate with probabilities? Coherent system  when all the components are in “up state,” the system is in “up state”  when all the components are in “down state,” the system is in “down state”  if the system is in “up state” and if a component initially in “down state” becomes in “up state,” (i.e. restoration of a component), then the system stays in “up state”  if the system is in “down state” and if a component initially in “up state” becomes in “down state,” (i.e. failure of a component), then the system stays in “down state” Notes:  In other words, a restoration has always a “positive” (or nil) effect on the system and a failure has always a “negative” (or nil) effect on the system.  We will consider here only one function per system and the “up states” and “down states” of the components and of the system will therefore always refer to this function.  In what follows, all systems will be assumed coherent. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 62
  63. 63. IV.2. Series system Features the ability of the system to perform as required necessitates that all the components (relevant and defined as such) are in “up state” Example to feed reservoir R1 requires: the “up state” of pump P1 (inject the fluid) AND the “up state” of valve V1 (open and stay opened) IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 63
  64. 64. IV.2. Series system Reliability in terms of events Example of a series system S made up of components A, B, C, …: (system S stays in a state to perform as required until time t) = (component A stays in “up state” until time t) and (component B stays in “up state” until time t) and (component C stays in “up state” until time t) and … Reliability in terms of probabilities Assuming that all events are independent: RS(t) = RA(t) × RB(t) × RC(t) × … With: RS(t) = P[system S stays in a state to perform as required until time t] RX(t) = P[component X stays in “up state” until time t] with X = A, B, C, … Note:  The same process is applicable to availability. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 64
  65. 65. IV.2. Series system Exercise A.06:  Express the reliability of a system made up of three components in series, for which failure rates are λ1, λ2, and λ3.  What can we say about the failure rate of this system?  Deduce from the previous result the MTTF of the system.  Express the availability of this system (noted AS(t)) as a function of the availability of its components (noted AX(t) with X = 1, 2, 3).  Express the unavailability of this system (noted US(t)) as a function of the unavailability of its components (noted UX(t) with X = 1, 2, 3). IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 65
  66. 66. IV.2. Series system Answers to Exercise A.06:  Assuming a series system S made up of independent components 1, 2, and 3. The reliability of the system is: RS(t) = R1(t) × R2(t) × R3(t). Assuming that the failure rates are constant, the reliability of each component is: Ri(t) = exp(- λi × t). Thus, RS(t) = exp(- λ1 × t) × exp(- λ2 × t) × exp(- λ3 × t) = exp(- (λ1 + λ2 + λ3) × t).  The reliability of the system can be expressed as: RS(t) = exp(- λS × t), with λS = λ1 + λ2 + λ3. The failure rate of the system is therefore constant and equal to the sum of the failure rates of the components.  MTTF = 1 / λS, with λS = λ1 + λ2 + λ3.  Assuming a series system S made up of independent components 1, 2, and 3. The availability of the system is: AS(t) = A1(t) × A2(t) × A3(t).  Assuming a series system S made up of independent components 1, 2, and 3. The unavailability of the system is: US(t) = 1 – AS(t) = 1 – A1(t) × A2(t) × A3(t) = 1 – (1 – U1(t)) × (1 – U2(t)) × (1 – U3(t)). IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 66
  67. 67. IV.3. Parallel system Characteristics the ability of the system to perform as required necessitates that at least one of the components (relevant and defined as such) is in “up state” Example to empty reservoir R1 requires: the “up state” of valve V3 (open and stay opened) OR the “up state” of valve V4 (open and stay opened) IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 67
  68. 68. IV.3. Parallel system Reliability in terms of events Example of a parallel system S made up of components A, B, C, … which are never repaired: (system S stays in a state to perform as required until time t) = (component A stays in “up state” until time t) or (component B stays in “up state” until time t) or (component C stays in “up state” until time t) or … Reliability in terms of probabilities Assuming that all the events are independent: RS(t) = 1 - (1- RA(t)) × (1- RB(t)) × (1- RC(t)) × … With: RS(t) = P[system S stays in a state to perform as required until time t] RX(t) = P[component X stays in “up state” until time t] with X = A, B, C, … Note:  The same process is applicable to availability (without the condition “which are never repaired”). IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 68
  69. 69. IV.3. Parallel system Exercise A.07:  Express the reliability of a system made up of two components in parallel, which are never repaired and for which failure rates are λ1 and λ2.  What can we say about the failure rate of this system?  Express the availability of this system (noted AS(t)) as a function of the availability of its components (noted AX(t) with X = 1, 2).  Express the unavailability of this system (noted US(t)) as a function of the unavailability of its components (noted UX(t) with X = 1, 2). IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 69
  70. 70. IV.3. Parallel system Answers to Exercise A.07:  Assuming a parallel system S made up of independent components 1 and 2, which are not never repaired. The reliability of the system is: RS(t) = 1 – (1 – R1(t)) × (1 – R2(t)). Assuming that the failure rates are constant, the reliability of each component is: Ri(t) = exp(- λi × t). Thus, RS(t) = 1 – (1 – exp(- λ1 × t)) × (1 – exp(- λ2 × t)).  The failure rate of the system is obtained by the following formula: λS = - ln(RS(t)) / t, with RS(t) = 1 – (1 – exp(- λ1 × t)) × (1 – exp(- λ2 × t)). The failure rate of the system is not constant.  Assuming a parallel system S made up of independent components 1 and 2. The availability of the system is: AS(t) = 1 – (1 – A1(t)) × (1 – A2(t)).  Assuming a parallel system S made up of independent components 1 and 2. The unavailability of the system is: US(t) = 1 – AS(t) = = (1 – A1(t)) × (1 – A2(t)) = U1(t) × U2(t). IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 70
  71. 71. IV.4. Series/parallel system Characteristics the ability of the system to perform as required necessitates that a combination of its components, mixing series and parallel sub-systems, are in “up state” Example to transit fluid through reservoir R1 requires: the “up state” of pump P1 (inject fluid) AND the “up state” of valve V1 (open and stay opened) AND [the “up state” of valve V3 (open and stay opened) OR the “up state” of valve V4 (open and stay opened)] IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 71
  72. 72. IV.4. Series/parallel system Example of reliability in terms of events considering system S made up of components A, B, C, D, and E which are never repaired system S stays in a state to perform as required until time t if and only if: (components A and B stay in “up state” until time t) and [(component C stays in “up state” until time t) or (components D and E stay in “up state” until time t)] Example of reliability in terms of probabilities Assuming that all events are independent: RS(t) = RA(t) × RB(t) × [1 - (1- RC(t)) × (1- RD(t) × RE(t))] With: RS(t) = P[system S stays in a state to perform as required until time t] RX(t) = P[component X stays in “up state” until time t] with X = A, B, C, … Notes:  The same process is applicable to availability (without the condition “which are never repaired”).  For the general cases of series/parallel systems, it is convenient to use reliability block diagrams. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 72
  73. 73. V. Using reliability block diagrams V.1. RELIABILITY BLOCK DIAGRAMS (RBD) V.2. MINIMAL PATH SETS (MPS) V.3. MINIMAL CUT SETS (MCS) V.4. TRANSCRIPTION OF A RBD TO RELIABILITY V.5. TRANSCRIPTION OF A RBD TO RELIABILITY (CONTRAPOSED) IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 73
  74. 74. V.1. Reliability block diagrams (RBD) Description  graphical representation of a system with regards to a function  composed by (functional) blocks, representing components (or items) that participate to the ability of the system to perform as required  these blocks are graphically organised in a way to depict the (functional) architecture of the (series/parallel) system Blocks in series and parallel two blocks in series mean that the “up state” of the associated components is required two blocks in parallel mean that the “up state” of one of the associated components is sufficient (i.e. redundancy) IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 74 A B B A
  75. 75. V.1. Reliability block diagrams (RBD) Logic of success each path from the input to the output of the RDB represents a set of components for which the “up state” at a given time is sufficient for the system being in a state to perform as required at this time if there is no such a path for which all the components are not in “up state” at a given time, then the system is not in a state to perform as required at this time Notes:  In some cases, it is required to use a same block at different places of the RBD.  Depending on the needs of the study, a given component can be divided into several blocks, especially to differentiate several failure modes. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 75 A B A B C C D E F
  76. 76. V.1. Reliability block diagrams (RBD) Exercise A.08:  Considering the below RBD, determine if the following configurations imply that the system is or is not in a state to perform as required:  all components are in “up state” except components A and E, which are in “down state”  all components are in “up state” except components B and E, which are in “down state”  all components are in “up state” except components B and C, which are in “down state”  all components are in “up state” except component D, which is in “down state”  all components are in “up state” except components E and F, which are in “down state” IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 76 A B A B C C D E F
  77. 77. V.1. Reliability block diagrams (RBD) Answers to Exercise A.08:  {B, C, D, F} is a path from the input to the output of the RDB and represents a set of components that are in “up state”. In this configuration, the system is therefore in a state to perform as required.  {A, C, D, F} is a path from the input to the output of the RDB and represents a set of components that are in “up state”. In this configuration, the system is therefore in a state to perform as required.  There is no path from the input to the output of the RDB for which all the components are in “up state”. In this configuration, the system is therefore not in a state to perform as required.  There is no path from the input to the output of the RDB for which all the components are in “up state”. In this configuration, the system is therefore not in a state to perform as required.  There is no path from the input to the output of the RDB for which all the components are in “up state”. In this configuration, the system is therefore not in a state to perform as required. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 77
  78. 78. V.2. Minimal path sets (MPS) Definition minimum set of components for which the “up state” at a given time is sufficient to ensure that the system is in a state to perform as required at this time a RBD equivalent to the original can be obtained by putting all the MPS in parallel, each of the MPS being composed of its elements in series Exercise A.09:  What are the MPS of the below RDB?  Propose an equivalent RBD, obtained from the MPS. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 78 A B C D E F G H
  79. 79. V.2. Minimal path sets (MPS) Answers to Exercise A.09:  The MPS are: {A, B, C, F, G}, {A, B, C, F, H}, {A, D, E, F, G}, and {A, D, E, F, H}.  An equivalent RBD is therefore: IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 79
  80. 80. V.3. Minimal cut sets (MCS) Definition minimum set of components for which the “down state” at a given time is sufficient to ensure that the system is in a state to perform as required at this time a RBD equivalent to the original can be obtained by putting all the MCS in series, each of the MCS being composed of its elements in parallel Exercise A.10:  What are the MCS of the below RBD?  Propose an equivalent RBD, obtained from the MCS. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 80 A B C D E F G H
  81. 81. V.3. Minimal cut sets (MCS) Answers to Exercise A.10:  The MCS are: {A}, {B, D}, {B, E}, {C, D}, {C, E}, {F}, and {G, H}.  An equivalent RBD is therefore: IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 81
  82. 82. V.4. Transcription of a RBD to reliability Process 1. Transcribe each block X of the RBD to a “component” event: “component X stays in “up state” until time t” 2. Use the RBD to express the “system” event: “system S stays in a state to perform as required until time t” as a function of the “component” events - a block in series implies an intersection of events (AND) - a block in parallel implies an union of events (OR) 3. If required, factorise the repeated “component” events - for example, using the pivotal decomposition 4. Get the reliability RS(t) of the system by applying the probability rules on the reliability RX(t) of the components (for a system for which the components are never repaired). Reminder, assuming that all events are independent: - P[A and B] = pA × pB - P[A or B] = 1 - (1 - pA) × (1 - pB) Note:  The same process is applicable to availability and the negation of the availability allows to obtain the unavailability. IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 82
  83. 83. V.4. Transcription of a RBD to reliability Exercise A.11:  Express the reliability of the two systems for which the RBD are given below.  System 1:  System 2: IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 83 A B C D E F G H A B A B C C D E F
  84. 84. V.4. Transcription of a RBD to reliability Answers to Exercise A.11 (1st part):  X: component X stays in “up state” until time t S: system S stays in a state to perform as required until time t S = A and ((B and C) or (D and E)) and F and (G or H) P[S] = P[A and ((B and C) or (D and E)) and F and (G or H)] = P[A] × P[(B and C) or (D and E)] × P[F] × P[G or H] = P[A] × (1 – (1 – P[B and C]) × (1 – P[D and E])) × P[F] × (1 – (1 – P[G]) × (1 – P[H])) = P[A] × (1 – (1 – P[B] × P[C]) × (1 – P[D] × P[E])) × P[F] × (1 – (1 – P[G]) × (1 – P[H])) Rs(t) = RA(t) × [1 – (1 – RB(t) × RC(t)) × (1 – RD(t) × RE(t))] × RF(t) × [1 – (1 – RG(t)) × (1 – RH(t))] IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 84
  85. 85. V.4. Transcription of a RBD to reliability Answers to Exercise A.11 (2nd part):  X: component X stays in “up state” until time t S: system S stays in a state to perform as required until time t S = ((A and B) or (A and C) or (B and C)) and D and (E or F) P[S] = P[((A and B) or (A and C) or (B and C)) and D and (E or F)] = P[((A and B) or (A and C) or (B and C))] × P[D] × P[E or F] = (P[A] × P[B or C] + (1 – P[A]) × P[B and C]) × P[D] × (1 – (1 – P[E]) × (1 – P[F])) = (P[A] × (1 – (1 – P[B]) × (1 – P[C])) + (1 – P[A]) × P[B] × P[C]) × P[D] × (1 – (1 – P[E]) × (1 – P[F])) Rs(t) = [RA(t) × (1 – (1 – RB(t)) × (1 – RC(t))) + (1 – RA(t)) × RB(t) × RC(t))] × RD(t) × [1 – (1 – RE(t)) × (1 – RF(t))] IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 85
  86. 86. V.5. Transcription of a RBD to reliability (contraposed) Process 1. Transcribe each block X of the RBD to a “component” event: “component X does not stay in “up state” until time t” 2. Use the RBD to express the “system” event: “system S does not stay in a state to perform as required until time t” as a function of the “component” events - a block in series implies an intersection of events (OR) - a block in parallel implies an union of events (AND) 3. If required, factorise the repeated “component” events - for example, using the pivotal decomposition 4. Get the reliability RS(t) of the system by applying the probability rules on the reliability RX(t) of the components (for a system for which the components are never repaired), thinking of negations. Reminder, assuming that all events are independent: - P[A and B] = pA × pB - P[A or B] = 1 - (1 - pA) × (1 - pB) - P[non-A] = 1 - pA Note:  The same process is applicable to availability and unavailability (via the negation). IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 86
  87. 87. V.5. Transcription of a RBD to reliability (contraposed) Exercise A.12:  Express the reliability of the two systems for which the RBD are given below (via the contraposed approach).  System 1:  System 2: IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 87 A B C D E F G H A B A B C C D E F
  88. 88. V.5. Transcription of a RBD to reliability (contraposed) Answers to Exercise A.11 (1st part):  X*: the component X does not stay in “up state” until time t S*: system S does not stay in a state to perform as required until time t S* = A* or ((B* or C*) and (D* or E*)) or F* or (G* and H*) P[S*] = P[A* or ((B* or C*) and (D* or E*)) or F* or (G* and H*)] = 1 – (1 – P[A*]) × (1 – P[(B* or C*) and (D* or E*)]) × (1 – P[F*]) × (1 – P[G* and H*]) = 1 – (1 – P[A*]) × (1 – P[B* or C*] × P[D* or E*]) × (1 – P[F*]) × (1 – P[G*] × P[H*]) = 1 – (1 – P[A*]) × (1 – (1 – (1 – P[B*]) × (1 – P[C*])) × (1 – (1 – P[D*]) × (1 – P[E*]))) × (1 – P[F*]) × (1 – P[G*] × P[H*]) Rs(t) = RA(t) × [1 – (1 – RB(t) × RB(t)) × (1 – RD(t) × RE(t))] × RF(t) × [1 – (1 – RG(t)) × (1 – RH(t))] IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 88
  89. 89. V.5. Transcription of a RBD to reliability (contraposed) Answers to Exercise A.11 (2nd part):  X*: the component X does not stay in “up state” until time t S*: system S does not stay in a state to perform as required until time t S* = ((A* or B*) and (A* or C*) and (B* or C*)) or D* or (E* and F*) P[S*] = P[((A* or B*) and (A* or C*) and (B* or C*)) or D* or (E* and F*)] = 1 – (1 – P[(A* or B*) and (A* or C*) and (B* or C*)]) × (1 – P[D*]) × (1 – P[E* and F*]) = 1 – (1 – (P[A*] × P[B* or C*] + (1 – P[A*]) × P[B* and C*]) × (1 – P[D*]) × (1 – P[E*] × P[F*]) = 1 – (1 – (P[A*] × (1 – (1 – P[B*]) × (1 – P[C*])) + (1 – P[A*]) × P[B*] × P[C*]) × (1 – P[D*]) × (1 – P[E*] × P[F*]) Rs(t) = [1 – ((1 – RA(t)) × (1 – RB(t) × RC(t)) + RA(t) × (1 – RB(t)) × (1 – RC(t))] × RD(t) × [1 – (1 – RE(t)) × (1 – RF(t))] IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 89
  90. 90. End of Chapter A For the next chapters, register to the 4-day training on PFD quantification in accordance with IEC 61508 and IEC 61511 www.RAMSindustry.eu/services/pfdcalculation/ www.FStraining.pro IR & IS © 2018 Rev. 3.0 EN on-line FLORENT BRISSAUD - WWW.RAMSINDUSTRY.EU DIDIER TURCINOVIC - WWW.FSTRAINING.PRO 90

×