Managing Infrastructure and Systems

Question 1

Why do we want components and systems to be reliable?

Answer 1

• Safety reasons

- Financial reasons (maintenance and delays are costly)

Question 2

What is the purpose of system reliability analysis?

Answer 2

To evaluate the performance of a system using known

information about the system components and structure.

Question 3

Why perform reliability analyses?

Answer 3

To assess the adequacy of engineering systems
– at the design stage or to assess upgrades.

To satisfy regulatory requirements
– demonstrate that a system is fit for purpose.

To support decision making, e.g.:
– to find a balance between safety and cost,
– to determine optimal maintenance strategies.

Question 4

What can happen without reliability analyses?

Answer 4

• Decisions can be subjective and based on biased information.
• Decisions can be inconsistent and based on qualitative
measures or prejudices.
• Available finances can be used inefficiently.

Question 5

What is the definition for Reliability?

Answer 5

Reliability, Rsys(t) : the probability that the system failure mode does not occur from 0 to time t, given that the system worked at time 0.

Question 6

What is the definition for Unreliability?

Answer 6

Unreliability, Fsys(t) : the probability that the system failure mode occurs at least once from 0 to time t given that it worked at time 0.

Question 7

What is the definition for Availability?

Answer 7

Availability, Asys(t) : the probability that the system is operational at
time t, given that it was operational at time 0.

Question 8

What is the definition for Unavailability?

Answer 8

Unavailability, Qsys(t) : the probability that the system failure mode
exists at time t

Question 9

What is the definition for Failure rate?

Answer 9

Failure rate : the rate at which the system failure mode occurs.

Question 10

What is the definition of a path set?

Answer 10

A path set is a list of components, such that if they all work then the system is also in the working state.

Question 11

What is the definition of a minimal path set?

Answer 11

Is a path set, such that if any component is removed the system no longer functions

Question 12

What is the definition of a cut set?

Answer 12

Is a list of components, such that if they all fail then the system is also in the failed state

Question 13

What is the definition of a minimal cut set?

Answer 13

Is a cut set, such that if any item is removed the system will no longer fail

Question 14

Describe what goes inside the connectivity matrix.

Answer 14

cij = k, where k is the number of edges from node i to node j.
(0 for diagonal)

Question 15

Describe what goes inside the connection matrix.

Answer 15

1 for diagonal terms (certain to connect)
0 i f no connection
A where A is the component linking node to node

Question 16

Which 3 methods could you use to calculate the unreliability of an RBD that cannot be represented as a combination of series and parallel networks?

Answer 16

Solution Methods:
– Key Element Method.
– Conversion from Deltas to Stars.
– Minimal Path Set / Cut Set Evaluation.

Question 17

What is the expression for…

a) system success using key element method
b) system failure using key element method

…. given that E is the key element

Answer 17

a) RSYS = (RX) (RE) + (RY) (QE)

b) QSYS = (QX)(RE) + (QY)(QE)

Question 18

Give three matrix methods you can use to find the minimal path sets and state which matrix each method relates to

Answer 18

General Algorithm - using the connectivity matrix
Node Removal - using the connection matrix
Matrix multiplication - using the connection matrix

Question 19

Give two uses of RBD analysis

Answer 19

• Helps to find points of failure and identifies what is making the system unreliable
• Shows a visual representation of a system and therefore reliability can be assessed without numbers

Question 20

How could you improve a system’s reliability? (Once completing RBD analysis)

Answer 20

• Reduce the amount of series systems
• Increase the redundancy
• Upgrade the components to ones with more reliability
• Improve the accuracy of the data on the reliability on for the components

Question 21

How can you improve RBD analysis?

Answer 21

• RBDs are often simplified. To improve analysis, create a more accurate model
• Minimise assumptions and make sure any you do make are reasonable

Question 22

Why might an RBD analysis not be accurate?

Answer 22

• RBDs don’t take into account the effect of not have all 3 in a 2/3 component working (i.e. if 1 fails it might still work but with less power)
• The analysis doesn’t take into account time variations in demand

Question 23

What is FMEA?

Answer 23

FMEA is a powerful design tool that analyses each potential failure mode in the system to examine the
effects on the system

Question 24

What is FMECA?

Answer 24

When FMEA is extended to classify each potential failure effect according to its severity the method is known as FMECA

Question 25

Which stage in a product’s life cycle is it best to carry out FMEA?

Answer 25

Design stage

Question 26

What are the advantages of FMEA?

Answer 26

• Good data gathering process on existing systems
• Rigorous
• Systematic

Question 27

What are the disadvantages of FMEA?

Answer 27

• Time-consuming

* Expensive

Question 28

What type of analysis is FMEA? And what does it identify?

Answer 28

Qualitative analysis that identifies:
– potential system failure modes,
– the causes of the failure modes
– the effects on the system operation associated with the failure modes’ occurrence.

Question 29

What are the two types of FMEA?

Answer 29

1) Product FMEA
– Analyses the product and how failure modes affect its operation.
E.g. Determine causes and effects of fire protection system failure
2) Process FMEA
– Analyses the process by which the product is built, maintained and
used.
– Examines how failures in the process affect product operation.
E.g. Determine causes and effects of failures while maintaining a fire protection system

Question 30

What are the two approaches for FMEA?

Answer 30

1. Functional (top-down) :
   – System decomposed to sub-assemblies (sub-system, modules,
   components)
   - Depending on the information available and study objective
   – Consider effects of loss of inputs and sub-assembly failures
   – Used in the early design stages
2. Hardware (bottom-up):
   – Detailed system breakdown
   – Consider each individual component and effects of its failure modes
   – Used in detailed design

Question 31

What are the eight steps involved in FMEA procedure?

Answer 31

1. Define system:
   – Components, boundaries and interfaces
   – All modes of operation
   – Environment profile
   – Mission / phases and times in each phase
   – Mission / phase objectives
2. Construct functional block diagrams:
   – Functional connection between sub-systems / components
   – Hierarchy level at which the analysis is done
3. Note assumptions:
   – System and sub-system boundaries
   – Failure modes/failure rates, etc.
4. Define system failure modes
5. List component (sub-system) failure modes:
   – Review failure information prior to commencing study (failure modes can be found by investigation of failure data)
6. Complete FMEA worksheets:
   – Analyse the effect at LOCAL and SYSTEM level for each component (sub-system) failure mode
   – Assume worst potential consequences
7. Review worksheets to determine the reliability critical
   components
8. Make recommendations for design improvements and further work

Question 32

What do the symbols stand for under the ‘Failure Mode Criticality Number’ section of the formula sheet?

Answer 32

lamda o = failure mode rate
lamda p = failure rate
alpha = proportion of failures in specified failure mode
beta = probability that expected failure effect will result
Cm = Criticality Number
t = mission or phase time period

Question 33

What does a vote gate mean in a fault tree?

Answer 33

Output event occurs if at least k of the n input events occur.

Question 34

What does a Priority AND gate mean in a fault tree?

Answer 34

Output event occurs if all input events occur in sequential order from left to right.

Question 35

What does a NOT gate mean in a fault tree?

Answer 35

Output event occurs if input event does not occur.

Question 36

What does an intermediate event represent in a fault tree?

Answer 36

System or component event description

Question 37

What does a basic event represent in a fault tree?

Answer 37

Basic event for which failure and repair data is available.

Usually represents a component failure.

Question 38

What does a house event represent in a fault tree?

Answer 38

Represents definitely occurring or definitely not occurring events.

Question 39

What does a transfer event represent in a fault tree?

Answer 39

Indicates that this part of the fault tree is developed in a different part of the diagram or on a different page.

Question 40

What do dual fault trees allow you to find?

Answer 40

minimal path sets

Question 41

What are the tree possible maintenance policies?

Answer 41

1. No repair
2. Repair when failure is revealed
   (unscheduled maintenance)
3. Repair when failure is unrevealed and must be discovered
   (scheduled maintenance)

Question 42

What is the symbol for:

a) Failure rate (hazard rate)
b) Repair rate
c) Mean time to failure (MTTF)
d) Mean time to repair (MTTR)
e) Inspection interval

Answer 42

a) lamda
b) weird v
c) mew
d) tau
e) theata

Question 43

What does steady state mean?

Answer 43

t tends to infinity

Question 44

What are the drawbacks when using fault trees to calculate top event probability?

Answer 44

Using the inclusion-exclusion expansion to calculate the exact top event probability for large fault trees is not practical. Even for fast modern digital computers a calculation involving many cut sets can take a great deal of processing time.

Question 45

How do the approximations to the top event probability compare to each other?

Answer 45

Qsys is less than or equal to Min Cut Set Upper Bound which is less than or equal to Rare Event/ Upper Bound

Question 46

What do importance measures tell us?

Answer 46

Indicate, in some sense, the contribution each element of the system makes to the system failure event.

Question 47

What is the definition of ‘Critical State’?

Answer 47

A critical system state for component i is a state for the remaining n-1 components such that failure of component i causes the system to go from a working to a failed state.

Question 48

Give an example of a deterministic importance measure.

Answer 48

Structural Importance Measure

Question 49

Give examples of probabilistic availability importance measures.

Answer 49

Birnbaum’s Measure/Criticality Function
Criticality Measure of Importance
Fussell-Vesely Measure of Importance
Fussell-Vesely Measure of Cut Set Importance

Question 50

Give examples of probabilistic reliability importance measures.

Answer 50

Barlow-Proschan Measure of Initiator Importance

Sequential Contributory Measure of Enabler Importance

Question 51

How do you calculate the structural importance measure?

Answer 51

(number of critical states for component i) / (total number of states for the n-1 remaining components)

Question 52

What is the definition of Birnbaum’s Measure/Criticality Function?

Answer 52

The Criticality Function for a component i, Gi

(q) is the probability that the system is in a critical state for component i.

Question 53

What is the definition of Criticality Measure of Importance?

Answer 53

The probability that the system is in a critical state for component i and i has failed. (Weighted by QSYS).

Question 54

What is the definition of Fussell-Vesely Measure of Importance?

Answer 54

Probability of the union of all minimal cut sets containing i given that the system has failed.

Question 55

What is the definition of Fussell-Vesely Measure of Cut Set Importance?

Answer 55

Probability of occurrence of cut set i given that the system has failed.

Question 56

What is the definition of frequency/unconditional failure intensity?

Answer 56

The frequency of an event is the probability that the event occurs per unit time at time t.

Question 57

What assumption do we make when calculating unconditional failure intensity?

Answer 57

Basic events cannot occur simultaneously, i.e. only one basic event can occur in any time interval dt.

Question 58

What is the formula for unconditional failure intensity in terms of lamda and Q(t)

Answer 58

lambda( 1 - Q(t))

Question 59

How do you calculate minimal cut set frequency?

Answer 59

Sum of all the combinations of 1 w and the rest qs (using all letters/components in cut set)

Question 60

What is top event frequency? (Also known as system unconditional failure intensity)

Answer 60

The probability that the top event occurs at t

per unit time

Question 61

Why is it more accurate to use initiators and enablers in some cases?

Answer 61

As with many safety protection systems, the order of events is actually of vital importance to the occurrence of the top event.
If a hazardous event occurs after the protection systems have failed then there will be a dangerous system failure.
If the hazardous event occurs before the protection systems fail then the dangerous system failure will be avoided.

Question 62

What is an initiating event?

Answer 62

Perturb system variables and place a demand on

control/protection systems to respond.

Question 63

What is an enabling event?

Answer 63

Are inactive control/protection systems which permit initiating events to cause the top event.

Question 64

What is the definition of Barlow-Proschan Measure of Initiator Importance

Answer 64

The probability that initiating event i causes the system failure over the interval (0, t). [Weighted by W(0,t)].

Question 65

What is the definition of Sequential Contributory Measure of Enabler Importance

Answer 65

The probability that enabling event i permits an initiating event to cause system failure in (0, t). [Weighted by W(0,t)].

Question 66

Why would you use FTAs in real life?

Answer 66

• To better understand a system and how it can fail
• To calculate system unreliability and its unconditional failure intensity
• To look at the way safety systems operate (through using initiators and enablers)
• To identify areas of improvement for the system (through using importance measures)

Question 67

What does simulation seek to do and how?

Answer 67

Simulation seeks to “duplicate” the behaviour of the system under investigation by studying interactions among its components.

Question 68

Give an example of ‘next event scheduling’

Answer 68

Customers arrive and either go into service immediately if the server is idle or join a waiting line (queue) if the server is busy.

Question 69

Why might you use simulation/the Monte Carlo method instead of the analytical methods?

Answer 69

Problem Areas for Analytical Methods:
• Large Fault Trees / Networks.
• Complex Component Failure Distributions.
• Investigating Maintenance Philosophy (Queues).
• Considering more than two component states.
• Dependencies - failures or repairs.

Question 70

Give some desirable properties of random numbers.

Answer 70

• Uniform ~ U [0,1]
• Independent.
• Fast

Additional Desirable Properties (Pseudo-random numbers):
• Long cycle lengths.
• Repeatable.

Question 71

What are four of the methods that can be used to generate random numbers?

Answer 71

1. Die.
2. Tables.
3. Calculators (electronic noise).
   Pseudo-Random Numbers:
4. Computer Algorithm

Question 72

What does modulo m mean?

Answer 72

keep dividing by m until you get a number less than m

Question 73

What is discrete event simulation?

Answer 73

• Component failure and repair characteristics can be represented by probability distributions and in this case simulation steps through time dealing with events chronologically.
• Discrete event simulation is used to model a system in this way.
• The times at which events occur are obtained by random
sampling from the appropriate probability distributions.

Question 74

What are the steps to complete the convolution method?

Answer 74

• Generate 12 random numbers
• Calculate the sum of these 12
• t = ((x-6)*standard deviation)+mew

(remember, mew in this case can be MMTF or MMTR, depends what you’re looking at)

Question 75

Which time to failure would you take as the system time to failure from multiple component times in series?

Answer 75

The minimum

Question 76

Which time to failure would you take as the system time to failure from multiple component times in parallel?

Answer 76

The maximum

Question 77

What are the advantages of simulation?

Answer 77

• Model Complex Systems.
• Systems can be stochastic (random).
• Vary operating conditions.
• Vary system designs.
• Vary maintenance strategies.
• Can change time scales.

Question 78

What are the disadvantages of simulation

Answer 78

• Exact solutions are not obtained.
• Cost.
• Time.
• Validation process difficult.

Question 79

What should the initial conditions be?

Answer 79

Desire conditions that are “typical” or “representative” of real system.

Question 80

If the initial conditions are not obvious, what could you do?

Answer 80

– Ignore.
– “Warm Up” simulation
– Sample from a range of conditions.