system safety - m10 combinatorial failure probability ... · introduction 1 introduction 2 overview...
TRANSCRIPT
System SafetyM10 Combinatorial Failure Probability Analysis V1.0
Matthew Squair
UNSW@Canberra
15 October 2015
1 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Except for images whose sources are specifically identified, this copyright work islicensed under a Creative Commons Attribution-Noncommercial, No-derivatives 4.0International licence.
To view a copy of this licence, visit http://creativecommons.org/licenses/by-nc-nd/4.0/
2 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
1 Introduction
2 Overview
3 Methodology
4 Limitations, advantages and disadvantages
5 Conclusions
6 Further reading
3 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Introduction
1 Introduction
2 Overview
3 Methodology
4 Limitations, advantages and disadvantages
5 Conclusions
6 Further reading
4 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Introduction
Learning outcomes
Understand the need for a combinatorial probability method for qualitativeprobability estimates
Be able to describe and illustrate the rules for construction
Understand the strengths and weaknesses of the method
5 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Overview
1 Introduction
2 Overview
3 Methodology
4 Limitations, advantages and disadvantages
5 Conclusions
6 Further reading
6 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Overview
Overview
“To avoid paralysis resulting from waiting for definitive data, weassume we have greater knowledge than scientists actually possessand make decisions based on those assumptions.”
— William Ruckleshaus
7 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Overview
Origins
Developed for the System Effectiveness and Safety Technical Committeeof the American Institute of Aeronautics and Astronautics
Where we only have subjective estimates of probability measured on anordinal scale, how can we deal with combined probabilities of contributingevents?
Often we have more confidence in our estimates of contributors than ofthe top event alone
This technique was developed to address this problem
8 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Overview
Key definitions
Ordinal scale. The ordinal scale allows for rank ordering of data which inturn allows it to be sorted. The scale does not allow for relative differencesbetween the data values. Mathematical operations cannot be carried outon ordinal values. Subjective probability (likelihood) is an ordinal scaledvalue
Ratio scale. A ratio scale possesses a meaningful (unique andnon-arbitrary) zero value which allows us to express ratio (A is twice aslikely as B) and all mathematical operations are allowed. Quantitativeprobability is a ratio scaled value
9 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Overview
Combinatorial analysis and the system lifecycle
10 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Methodology
1 Introduction
2 Overview
3 Methodology
4 Limitations, advantages and disadvantages
5 Conclusions
6 Further reading
11 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Methodology
Methodology
1 Arbitrary probability (likelihood) values (dimensionless numbers) havebeen assigned to the probability steps of MIL-STD-882 to convert theordinal scale into a synthetic ratio scale
2 Subjective probabilities (likelihood) of contributor events/conditionsare estimated as usual, using the MIL-STD-882 scale as a guide
3 Probability values corresponding to the estimates are usedcombinatorially, as in the classical numerical methods
4 The probability value for the combined result is then re-translatedinto the subjective scale of MIL-STD-882
12 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Methodology Probability values
Establishing likelihood for union under OR gates
The values selected are dimensionless with NO quantitative significance
Selected to provide a consistent decadal increment between adjacentvalues and thresholds
As a result for the Union set of ei events UOR(e)
∆PUOR(e)=
{0 if | UOR(e) 6 2,
1 if | UOR(e) |> 2(1)
13 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Methodology Probability values
Establishing probability for union under AND gates
And for the Union set of events ei, UAND(e) at the highest level of the scalethe schema ensures that:
∆PUAND(e)=
{0 if | UAND(e) |6 2,
−1 if | UAND(e) |> 2(2)
Common exposure durations
A duration of exposure must still be defined for these combinatorialcalculations, and the exposures durations must be consistent acrossinitiating events
14 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Methodology Probability values scale definition
AIAA/SESTC defined value scale
Figure: AIAA/SESTC combinatorial value scale [Clements 1993]
15 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Methodology Example
Confined space example [Clements 1993]
Example
Problem. A confined space is equipped with forced ventilation and contains an inert gassystem. No history of inert gas leaks but many connections and threaded fittings
The confined space is regularly entered. An O2 detector and alarm system ispermanently installed, has battery backup and is regularly maintained and tested. Thesystem has been found inoperable several times over a 10 year period, but recentrefurbishments are thought to have fixed it
Using engineering judgement assign probability values to each factor an evaluate the
probability of an unannunciated life threatening atmosphere exposure for the coming
year
16 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Methodology Example
Confined space example (cont’d)
17 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Methodology Example
Confined space example (cont’d)
Given the three events must occur these probabilities are combined underan AND gate
Pc = P1 × P2 × P3
= (3× 10−1)× (3× 10−2)× (3× 10−3)
= (2.7× 10−5)
The combined probability (2.7× 10−5) corresponds to a qualitative level ofE or ”Improbable”. The overall probability may be judged to be at thatlevel with the same confidence that we assigned the lower level probabilities
18 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Methodology Example
Subjective fault trees
The combinatorial probability method can be applied to fault trees forwhich we have subjective estimates of the leaf node probabilities.Methodology:
1 Develop fault tree
2 Evaluate and derive the minimum cut sets
3 Assign subjective probabilities to leaf nodes
4 Translate subjective probabilities to probability values
5 Calculate likelihood of TLE as per standard probability theory
6 Transform P(TLE) back into subjective probability
19 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Limitations, advantages and disadvantages
1 Introduction
2 Overview
3 Methodology
4 Limitations, advantages and disadvantages
5 Conclusions
6 Further reading
20 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Limitations, advantages and disadvantages
Limitations of the method
A set of subjective estimates generates a subjective result, if a quantitativeanalysis is required it needs to use quantitative data
Combinatorial probability is not magic
This method cannot confer less uncertainty upon the final result than isthe uncertainty of judgment for the ingoing contributor likelihoods
21 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Limitations, advantages and disadvantages
Advantages of the method
Advantages of the method are
We can apply this technique without quantitative data
We can apply this during the early concept definition phases
Allows us to utilise component estimates of failure
A good adjunct technique for the PHA
Allows us to construct ’qualitative/subjective’ fault trees
Useful for risk based concept design
22 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Limitations, advantages and disadvantages
Disadvantages of the method
Disadvantages of the method are
This remains a subjective estimate
The numerical ordinal scale can be mis-interpreted
23 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Conclusions
1 Introduction
2 Overview
3 Methodology
4 Limitations, advantages and disadvantages
5 Conclusions
6 Further reading
24 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Conclusions
Conclusions
Combinatorial failure probability analysis is a useful adjunct techniqueduring the early concept definition phases of the project, but if you havereal quantitative data use it
25 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0
Further reading
Bibliography
[Clements 1993] Clements, P., (1993) Combinatorial Failure Probability Analysis usingMIL-STD-882C, 5th Ed., Oct 1993, Sverdrup.
[MIL-STD-882C 1993] Standard Practice for System Safety (1993) US Dept of DefenseStandard MIL- STD-882C, 19 January 1993.
26 Matthew Squair M10 Combinatorial Failure Probability Analysis V1.0