睿地可靠度論壇(TW-REDI Forum)

標題: A.1.2 故障樹分析 [打印本頁]

作者: hlperng    時間: 2013-12-19 16:24:26     標題: A.1.2 故障樹分析

本帖最後由 hlperng 於 2015-9-28 12:22 編輯

A.1.2 故障樹分析(fault tree analysis, FTA)

A.1.2.1 description and purpose

Fault tree analysis (FTA) is a top-down approach for analysing product dependability.  It is concerned with the identification and analysis of conditions and factors which cause, or contribute to, the occurrence of a defined undesirable outcome and which affect product performance, safety, economy, or other specified characteristics.  


A.1.2.2 Application

Fault tree analysis has a two-fold application, as a means of identification of a cause of a known failure, and as a failure mode analysis and dependability modelling and prediction tool.  

FTA is used investigate potential faults, their modes and causes, and to quantify their contribution to system unavailability in the course of product design.  The fault tree is constructred to represent not only system functions but also their hardware and software along with their interactions.  If the human is part of the system, human errors can be included in the FTA as well.  The probability of occurrence of the causes of fault modes is determined by engineering analysis, and then rolled up to evaluate the magnitude of their contribution to the overall product unreliability, allowing trade-off and reliablity growth.  This allows dependabiilty modelling of mixed hardware, electronic and mechanical , and software and their interaction to this application, the FTA becomes a powerful analysis tool.  

A.1.2.3 Key elements

The key elements of a fault tree are:
- gates and events;
- cut sets.

Gates represent the outcome, and events represent input into gates.  Symbolic representation of some specific gates may vary from one textbook or analysis software to another; however, representation of the basic gates is fairly universal.  

Cut sets are groups of event that, if all occur, would cause a system failure.  Mininal cut sets contain the minimum number of events that are required for failure.  A removal of one of them would resul in the system not failing.  

A.1.2.4 Benefits

- Can be started in early stages of a design and further developed in detail concurrently with design development.  
- Identifies and records systematically the logical fault paths from a specific effect, back to the prime causes by using Boolean algebra.  
- Allows easy conversion of logical models into conrresponding probability measures.  

A.1.2.5 Limitations

- FTA is not able to represent time or sequence dependency of events correctly.
- FTA has limitation with respect to reconfiguration or state-dependent behaviours of systems.

These limitations can compensated by combination of FTA with Markov models, where Markov models are taken as basic events in fault trees.  

A.1.2.6 Example

Top level system fault tree representatiion for an audio amplifier: the major sub-systems are the entry gates to the top-level gate and the simplifier system.  

The highest contributor to the overall failure turned out to be the sub-tree shown in Figure A.3.  


The symboles given in Table A.1 are used in the representation of the fault tree.  


FTA symbolSymbol nameDescription

Top Event or
Intermediate Event
Top or intermediate event which describes the system fault; sub-system fault or higher level fault than the basic event level fault.
Basic EventBasic event for which reliability information is available.
Undeveloped EventA part of the system that yet has to be developed - defined.
Transfer GateGate indicating that this part of the system is developed in another part or page of the diagram.
OR GateThis output event occurs if any of its input event occurs.
AND GateThe output event takes place if all of the input events occur.



The goal of this analysis was to find the most likely cause of amplifier failure.  The highest contributor to amplifier failure appears to be the electrolytic capacitor resulting from its inherent failure rate will occur.  This is due to the fact that the capacitor of lower voltage rating was originally chosen for the design because of its smaller physical size, thus the derating of this capacitor was 90 %, taking into consideration the DC voltage only.  Ripple current was but an additional cause of capacitor failure.  
Both causes produced an order of magnitude increase in the failure capacitor original failure rate that, for the size of the electrolytic capacitor (1,500 μF) is not low, evan under higher derating.  The capacitor was replaced with one with the proper voltage rating and since it appears on six places in the design, the replacement has reduced overall probability of amplifier failure for its predetermined life expectancy by more than 20 %.  The result of this fault mode cause mitigation is an improvement in the system reliability.  

Here, the system unavailability, Q, calculated for the given time of operation, also represents the system probability of failure, F(t), as the repair times were not allowed.  

The gates in the above example are standard annotations, except for the gates representing the sub-systems, where the triangle, representing the transfer gates mean that the gates were developed later, and the square around them denotes that each of those is shown on a separate page.  









歡迎光臨 睿地可靠度論壇(TW-REDI Forum) (http://60.251.32.214/) Powered by Discuz! X2