Fault tree analysis
Fault tree analysis (FTA) is a failure analysis in which an undesired state of a system is analyzed using
boolean logicto combine a series of lower-level events. This analysis method is mainly used in the field of safety engineeringto quantitatively determine the probability of a safety hazard.
Fault Tree Analysis attempts to model and analyze failure processes of engineering and biological systems. FTA is basically composed of logic diagrams that display the state of the system and is constructed using graphical design techniques. Originally engineers were responsible for the development of Fault Tree Analysis; FTA development requires people with deep knowledge of the system.Some people define FTA as another part or technique of reliability, although both model the same major aspect but they have arisen from two different perspectives. Reliability was basically developed by mathematicians, while FTA as stated above was developed by engineers.
FTA was initially developed for projects that do not endure any error (e.g., an error in a nuclear reactor is not tolerated). Bell Telephone Laboratories started the development of FTA during early 60's for the U.S. Air Force Minuteman System (Intercontinental Ballistic Missiles and Bombers). Later, U.S. nuclear power plants and the Boeing Company used the system extensively. FTA can be used as a valuable design tool, can identify potential accidents, and eliminate costly design changes. It can also be used as a diagnostic tool, predicting the most likely system failure in a system breakdown. FTA is used in safety engineering and in all major fields of engineering.
Why Fault Tree Analysis?
Since no system is perfect, dealing with a subsystem fault is a necessity, and any working system eventually will have a fault in some place. However, the probability for a complete or partial success is greater than the probability of a complete failure or partial failure. Assembling a FTA is thus not as tedious as assembling a success tree which can turn out to be very time consuming.
Because assembling a FTA can be a costly and cumbersome experience, the perfect method is to consider subsystems. In this way dealing with smaller systems can assure less error work probability, less system analysis. Afterward, the subsystems integrate to form the well analyzed big system.
In the technique known as "fault tree analysis", an undesired effect is taken as the root ('top event') of a tree of logic. There should be only one Top Event and all concerns must tree down from it. This is also a consequence of another Minuteman Missile System requirement that all analysis be top-down. By fiat there was to be no bottom-up analysis. Then, each situation that could cause that effect is added to the tree as a series of logic expressions. When fault trees are labeled with actual numbers about failure probabilities (which are often in practice unavailable because of the expense of testing), computer programs can calculate failure probabilities from fault trees.
The Tree is usually written out using conventional
logic gatesymbols. The route through a tree between an event and an initiator in the tree is called a Cut Set. The shortest credible way through the tree from fault to initiating event is called a Minimal Cut Set.
Some industries use both Fault Trees and Event Trees (see
Probabilistic Risk Assessment). An Event Tree starts from an undesired initiator (loss of critical supply, component failure etc) and follows possible further system events through to a series of final consequences. As each new event is considered, a new node on the tree is added with a split of probabilities of taking either branch. The probabilities of a range of 'top events' arising from the initial event can then be seen.
Classic programs include the
Electric Power Research Institute's (EPRI) CAFTA software, which is used by many of the US nuclear power plants and by a majority of US and international aerospace manufacturers, and the Idaho National Laboratory's SAPHIRE, which is used by the U.S. Government to evaluate the safety and reliabilityof nuclear reactors, the Space Shuttle, and the International Space Station. Outside the US, the software RiskSpectrum is a popular tool for Fault Tree and Event Tree analysis and is licensed for use at almost half of the worlds nuclear power plants for Probabilistic Safety Assessment.
Many different approaches can be used to model a FTA, but the most common and popular way can be summarized in a few steps. Remember that a fault tree is used to analyze a single fault event, and that one and only one event can be analyzed during a single fault tree. Even though the “fault” may vary dramatically, a FTA follows the same procedure for an event, be it a delay of 0.25
msecfor the generation of electrical power, or the random launch of an ICBM.
FTA analysis involves five steps:
# Define the undesired event to study
#* Definition of the undesired event can be very hard to catch, although some of the events are very easy and obvious to observe. An engineer with a wide knowledge of the design of the system or a system analyst with an engineering background is the best person who can help define and number the undesired events. Undesired events are used then to make the FTA, one event for one FTA; no two events will be used to make one FTA.
# Obtain an understanding of the system
#* Once the undesired event is selected, all causes with probabilities of affecting the undesired event of 0 or more are studied and analyzed. Getting exact numbers for the probabilities leading to the event is usually impossible for the reason that it may be very costly and time consuming to do so. Computer software is used to study probabilities; this may lead to less costly system analysis.
System analysts can help with understanding the overall system. System designers have full knowledge of the system and this knowledge is very important for not missing any cause affecting the undesired event. For the selected event all causes are then numbered and sequenced in the order of occurrence and then are used for the next step which is drawing or constructing the fault tree.
# Construct the fault tree
#* After selecting the undesired event and analyzed the system so that we know all the causing effects and if possible their probabilities we can now construct the fault tree. Fault tree is based on AND and OR gates which define the major characteristics of the fault tree.
# Evaluate the fault tree
#* After the fault tree has been assembled for a specific undesired event, it is evaluated and analyzed for any possible improvement or in other words study the risk management and find ways for system improvement. This step is as an introduction for the final step which will be to control the hazards identified. In short, in this step we identify all possible hazards affecting in a direct or indirect way the system.
# Control the hazards identified
#* This step is very specific and differs largely from one system to another, but the main point will always be that after identifying the hazards all possible methods are pursued to decrease the probability of occurrence.
Root cause analysis
* [http://www.nrc.gov/reading-rm/doc-collections/nuregs/staff/sr0492/] – U.S. Nuclear Regulatory Commission Fault Tree Handbook (NUREG-0492)
* [http://www.hq.nasa.gov/office/codeq/doctree/fthb.pdf] – NASA Fault Tree Analysis With Aerospace Applications - an update to NUREG-0492
Wikimedia Foundation. 2010.
Look at other dictionaries:
Event Tree Analysis — Die Ereignisbaumanalyse (englisch Event Tree Analysis) ist ein induktives Verfahren, welches mögliche Folgen eines auftretenden Fehlers bestimmen soll. Sie ist eine Art der Systemanalyse und als Qualitätsmethode in der DIN 25419 beschrieben.… … Deutsch Wikipedia
Apollo Root Cause Analysis — The primary purpose of root cause analysis is to identify the causes of undesirable events such that they do not happen again. Apollo root cause analysis can also be used to identify the causal relationships of desirable events such that they can … Wikipedia
Root cause analysis — (RCA) is a class of problem solving methods aimed at identifying the root causes of problems or events. Root Cause Analysis is any structured approach to identifying the factors that resulted in the nature, the magnitude, the location, and the… … Wikipedia
Attack tree — Attack trees are conceptual diagrams of threats on computer systems and possible attacks to reach those threats. The concept was suggested by Bruce Schneier] . Basic Attack trees are multi leveled diagrams consisting of one root, leaves, and… … Wikipedia
Failure analysis — is the process of collecting and analyzing data to determine the cause of a failure. It is an important discipline in many branches of manufacturing industry, such as the electronics industry, where it is a vital tool used in the development of… … Wikipedia
Failure mode and effects analysis — A failure modes and effects analysis (FMEA) is a procedure for analysis of potential failure modes within a system for classification by severity or determination of the effect of failures on the system. It is widely used in manufacturing… … Wikipedia
Event Tree — Die Ereignisbaumanalyse (englisch Event Tree Analysis) ist ein induktives Verfahren, welches mögliche Folgen eines auftretenden Fehlers bestimmen soll. Sie ist eine Art der Systemanalyse und als Qualitätsmethode in der DIN 25419 beschrieben.… … Deutsch Wikipedia
Causal layered analysis — (CLA) is one of several futures techniques used as a means to inquire into the causes of social phenomena and to generate a set of forecasts as to the future course of the phenomena.As a theory, CLA seeks to integrate empiricist, interpretive,… … Wikipedia
Hazard Analysis and Critical Control Points — (HACCP) is a systematic preventive approach to food safety and pharmaceutical safety that addresses physical, chemical, and biological hazards as a means of prevention rather than finished product inspection. HACCP is used in the food industry to … Wikipedia
FTA/HA — Fault Tree Analysis/Hazards Analysis Contributor: MSFC … NASA Acronyms