On Minimal Cut Sets Representation with Binary Decision Diagrams

Since their introduction in form of a canonical representation of logical functions, the Binary Decision Diagrams (BDDs) gained a wide acceptance in numerous industrial applications. This paper summarizes the properties of BDD representation of Minimal Cut Sets (MCS) of Fault Tree (FT) models most typically encountered in nuclear energetics. Cut sets from MCS are defined as paths from the top BDD node to terminal nodes in the BDD, on which a quantitative and qualitative FT analysis (FTA) is performed. The core of the FTA on the BDDs is performed with help of two fundamental algorithms, one for conditional probability evaluation and another for the selection of cut sets. The accuracy of conditional probability evaluation represents an essential feature for an unbiased quantitative analysis, such as the top event probability or the determination of event importance measures. The cut set selection algorithm is shown in a generic version introducing logical predicates for its selection criteria. As it is known, the efficiency of depicted algorithms depends only on the number of BDD nodes used for the FT representation. In order to appraise the compactness of the BDD representation of FT models, their characteristics have herein been evaluated on several real-life models from the Nuclear Power Plant Krško. The extraordinariness of the compactness of the BDD representation reflects in its ability to implement advanced dynamic analysis (i.e. what-if) of FT models. The efficiency of such an approach is recognized by commercial vendors upgrading their FT Tools to new versions by implementing BDD based algorithms

Binary decision diagram method for fault tree evaluation in nuclear power plant.

U radu se istražuje način vrednovanja stabla kvara te stabla događaja u nuklearnoj energetici primjenom metode binarnih dijagrama odlučivanja. Polazište istraživanja predstavlja model stabla kvara za analizu neželjenih događaja tijekom eksploatacije nuklearne elektrane. Primjenom modela stabla kvara opisuje se korelacija između osnovnih događaja koja uzrokuje pojavu neželjenog događaja. Hijerarhijski uspostavljeni odnosi između osnovnih i izvedenih događaja u sustavu predstavljaju logičke veze između događaja te se mogu predstaviti pomoću binarnih dijagrama odlučivanja (skr. BDD). Postupak vrednovanja stabla kvara ostvaruje se provođenjem kvalitativne i kvantitativne analize modela na BDD zapisu stabla kvara. Međutim, kompleksnost algoritama primijenjenih na BDD zapise proizlazi iz problema izbora redoslijeda osnovnih događaja za formiranje BDD zapisa Boole-Shannonovim razvojem. Složenost problema zahtijeva heuristički pristup, te je shodno tome razvijen algoritam za određivanje redoslijeda varijabli pomoću kojega je moguće vrednovati model stabla kvara s više od 1000 osnovnih događaja u modelu. Osim navedenog problema redoslijeda, u radu je unaprijeđen postupak vrednovanja primjenom kompletnog proračuna pomoću BDD zapisa. Budući, BDD zapis omogućava formiranje potpunog skupa minimalnih presjeka modela otvara se mogućnost povećanja točnosti određivanja parametara pouzdanosti te unapređenja kvalitativne analize. Primjerice, otvara se mogućnost određivanja funkcionalne zavisnosti neželjenog vršnog događaja u odnosu na pojavu pojedinačnih osnovnih događaja u modelu stabla kvara. Također, točno određivanje parametara pouzdanosti umanjuje važnost izbora metode za ocjenu gornje ograde za vjerojatnost pojave vršnog (ili drugog) događaja. Neovisno o tome, u radu su izložena dva nova algoritma za određivanje gornjih ograda iz skupa minimalnih presjeka, te za određivanje uvjetne vjerojatnosti na BDD zapisu modela stabla kvara. Za unapređenje kvalitativne analize u postupku vrednovanja razvijen je algoritam za odabir podskupa MCS skupa navođenjem predikata za izbor željenih minimalnih presjeka. Na taj način omogućen je fleksibilniji izbor minimalnih presjeka usporedbi s konvencionalnim pristupom gdje se selekcija obično provodi prema broju osnovnih događaja ili prema vjerojatnosti iz minimalnog presjeka. Verifikacija te potvrda postupka vrednovanja pomoću BDD zapisa modela stabla kvara ostvarena je implementacijom programskog rješenja za sve prezentirane algoritme. Također, dobiveni rezultati vrednovanja potvrđeni su usporedbom s implementacijom konvencionalnog pristupa iz priznatih programskih rješenja.A nuclear power plant sets the example of a most complex technical system in which nuclear technology is applied to generate electricity. The complexity of the nuclear power plant system reflects not only during its construction, but also during the operation in functional maintenance processes, as in accordance with the highest safety requirements. Complex nuclear power plant systems are usually perceived as a regulated whole of elements divided into smaller subsystems and separate components. Commonly, the structural organization is hierarchically complex due to numerous functional bonds between the subsystems and components. The hierarchical sequence of elements of the nuclear power plant system is observed at a functional level for the purpose of performing the intended functions during operation, which we call the holistic approach. An elimination of errors in the design or during the exploitation of a complex technical system, such as a nuclear power plant, requires large human and financial resources. The emergence of incidents in a complex nuclear power plant system often demands significant financial funds, human resources as well as time duration in order to find the causes and remove consequences. Therefore, prediction, early detection as well as prevention of incidents are extremely important throughout the life cycle of a nuclear power plant. Activities performed throughout the lifecycle are closely linked to the reliability analysis of the system and are most often carried out by assessing the risks in the nuclear power plant's system and its subsystems. One of the questions, raised during the exploitation of a nuclear power plant is the reliability of system elements to meet the highest safety requirements. Meaning, that at the level of the hierarchical organisation it is necessary to determine the probability of operation within timeframes, in the expected manner and under strictly defined operating conditions for all elements of the nuclear power plant system. The problem of determining the probability of system operation is addressed by the reliability theory, and the aim of this work is, by applying the law of the reliability theory, to improve the fault tree method for qualitative and quantitative reliability assessment of the nuclear power plant system. In order for the law of the reliability theory to be applied, the nuclear power plant system must be formally described at the abstract level of the model and it is necessary to provide an unambiguous mapping between the records. The description of the nuclear power plant system is based on the determination of the structural function of the system indicating a functional connection between the constituent elements (subsystems, components). By observing the simple status {work, does not work} on structural function elements of the system and by associating probability with these events, we introduce an elementary link to the theory of reliability, in other words, we define a probabilistic model of the functioning of the nuclear power plant system. It should be noted that this approach is not restricted to the nuclear power plant system, but is applicable on other technical systems as well. The main task of the reliability analysis of a nuclear power plant system is the risk assessement of the entire system and of its most significant subsystems. One most relevant approach for accomplishing this task is to build a fault tree model to describe undesirable events in the system and subsystems. A fundamental activity in the application of the fault tree method is the decomposition of the top event into simpler events to a selected level, where no further analysis is required. Terminating events that are considered indivisible are called basic events and are usually associated with failures of the basic system components. The fault state of a basic component is described with a simple logical variable. The possibility of one component to transit from an operational state to a fault state is measured by assigning the transition probability. On such a defined, meanwhile, probabilistic model two types of analysis are carried out: • Quantitative analysis - calculation of the probability of a top event by defining a function on probabilities of basic events and determining probabilistic parameters (measures of importance) for system components, • Qualitative analysis - determining the minimum sets of basic events and their properties leading to a top event. It is namely known, that for the success of the application of software solutions on a complex fault tree model, it is necessary, either to reduce accuracy, which can be unacceptable for critical systems, or to significantly simplify the model to the level of detail, which allows to carry out more precise calculations. The complexity of the fault tree model basically stems from the complexity of the representation of the logical model represented by the fault tree. Different conventional techniques of representation of logical functions do not necessarily meet the requirements for the presentation of the fault tree model. More recently, binary decision diagrams (BDDs) have gained more popularity in various engineering disciplines. The structure of binary decision diagrams proves to be extremely effective in presenting logical functions that contain sub-function sharing, i.e. sub-functions used multiple times in the logical function definition. However, the usability of BDD-based tools in reliability analysis is directly related to the size of the BDD representation. Determining the optimal size of BDD representations falls into the category of the most difficult problems and has intensively been approached with approximate procedures that do not have to provide optimal solutions. Since the size of the BDD representation for the fault tree model is determined by the order of the basic events from which the model is formed, the problem is attempted to be solved suboptimally by applying heuristic methods. Thereby, this doctoral dissertation brings a new heuristic method for determining the order of basic events, while its purposefulness and applicability have been verified on realistic examples of the fault tree from the model of the nuclear power plant Krško. In simple words, the main thesis herein leans in finding an effective BDD representation for the fault tree model by which we can carry out exact analyses without diminishing accuracy and without reducing the model on realistic examples from the nuclear power plant. Due to the complexity of the problem, results from different fields of applied sciences have been used. For the purpose of verifying and confirming the applicability of the developed algorithms, it is necessary to use results of the mathematical apparatus from several branches: • Complexity theory for analyzing the complexities of developed or used algorithms • Mathematical logic for connecting logical functions with fault tree models • Probability theory for establishing basic relationships in the evaluation process of the fault tree Beside the mathematical apparatus, the results from the theory of reliability establish a connection with formal models of complex systems. Mostly important is the linking of the system model to results from the probability theory on reliability models of complex systems. Further, the concept of logical function and its interpretation on the system model in form of minimal path and cut sets represents an important role. The basic tool for evaluating the system model in nuclear power plants is the fault tree, and the question of the complexity of its analysis (qualitative and/or quantitative) is associated with the complexity of the representation of logical functions using the BDD. In the chapter dedicated to the BDD representation, basic features of BDD representations were introduced by structure of the directed graph with two terminal nodes. The uniqueness property of BDD representation (canonical forms) for logical functions has been shown herein, as well as, in respect of the canonical forms, how the complexity of logical operations on a BDD representation depends on the number of nodes in the graph structure. Further to the basic logical operations of BDD representations, the ZDD modification has been introduced, which enables a unique record of sets, allowing easy operation with combinations of sets, especially for the purpose of presentation and operation over numerous sets of minimal cut sets. In addition, by using simple characterization of minimal cut sets for coherent fault trees, the application of BDD representations to determine their complete MCS set has been implemented and demonstrated. Definitions of importance measures have been derived and the algorithm to calculate conditional probability on the MCS set has been developed, the latter enabling a determination of values of all importance measures for basic events from the fault tree. Beside the importance measures, an algorithm for selecting minimal cut sets according to the given criterion (in form of predicates), as well as algorithms for the assessment of the two bounds for the top event probability have been developed to compare with the conventional quantitative fault tree analysis approach. The developed algorithms and their implementation on the fault tree BDD representation enables the conduct of the evaluation process on the complete MCS set, neither needing any reduction of the set nor any application of approximate approaches to the problem. The thesis shows that BDD representation properties can be used to efficiently solve problems in the process of evaluating the fault tree. However, a key precondition in the application of BDD representation in the evaluation process is the determination of the basic events order. This problem has been predominantly addressed in the dissertation, showing that by applying the newly developed heuristic algorithm the evaluation process can be performed for the even most complex fault tree models. The basis of the new heuristics represents the algorithm for combining existing orders for inputs to gates. This algorithm forms a new order of basic events for the gate, taking into consideration their position and the possibility of the same event appearing in different orders from inputs to these gates. Where there is no overlapping of basic events between the orders for inputs to gates, a simple situation is solved by an algorithm for functions with a single occurrence of variables. A more complex situation is solved, in case of an overlap between orders, by comparing the number of basic events tops in a BDD representation. Since the formation of the order by means of the new heuristic is carried out sequentially in some input order, being sensitive to the choice of this order, the heuristics shall be applied multiple times (limited number of times) to inputs to gates. The best order obtained by this procedure is further improved by the Rudell's sifting method, which proved effective for the largest fault tree models. The entire procedure for the fault tree is carried out in the order of gates that follows from the depth-first traversal of the model. The verification of the approach has been carried out by evaluating examples of the fault tree from the literature and on realistic examples from the model for the Krško nuclear power plant. The thesis reveals, that with the order obtained, it is possible to fully carry out a quantitative and qualitative evaluation without any approximate calculations. Moreover, the results achieved (accuracy, completeness) show the applicability of the approach on realistic examples with a run time comparable to the conventional approach. The scientific contributions of the thesis can be divided into three basic units: 1. The development of an algorithm to determine the order of variables to find BDD representations of a complete fault tree or event tree in probabilistic reliability analyses of power systems. Starting from a model of logical function with a single occurrence of variables, an algorithm was developed, finding the order of basic events in the Boole-Shannon's development of logical functions represented by the fault tree. The principal idea of the new heuristics is based on the application of a recursive relation from the paper for the gate in the fault tree, containing a record of the logical function with a single occurrence of variables, while on other gates the technique of searching for the best permutation of the input based on the assessment of the size of the BDD gate record is applied. To reduce the search space, different fault tree simplification techniques are applied with the aim of increasing the part of the fault tree that has a logical function structure with a single occurrence of variables. During the formation of BDD representations for gates in more complex fault tree models, the dynamic reordering technique is additionally applied by swapping of adjacent logical variables. The new heuristics is applied successively to the gates in the order specified by depth traversing of the fault tree model. The order for top events is optionally dynamically improved for the most complex models. 2. The improvement of the qualitative and quantitative fault tree analysis on complex nuclear power systems by applying a complete calculation of the BDD model record, using the order of basic events specified by the new heuristics. The qualitative analysis of the fault tree has been improved in the domain of selecting a part of the MCS set from a complete set of minimal cut sets while meeting adjusted selection criteria. The difference to the conventional approach is reflected in the approach, since the choice is carried out on the entire MCS set, while in conventional approaches the choice of one part of the MCS set is carried out by discarding the elements during the calculation. For a quantitative analysis of the fault tree, the following algorithms have been developed: • algorithm for determining the top (or other) event probability from a complete MCS set in a BDD representation with a default interpretation of the logical function represented by the fault tree, • algorithm for determining the upper bound for the probability of a top (or other) event from a complete set of minimal cut sets, • algorithm for determining the upper bound for the probability of a top (or other) event from rare events using a complete set of minimal cut sets. 3. The development of the application and the confirmation of the results obtained were achieved by comparison with the conventional approach. All algorithms in the thesis have been fully implemented in the software solution, and the correctness and accuracy of the algorithms has been verified by comparison with the results obtained by conventional approach. For comparison with the conventional approach, the KIRAP software solution was used, since the choice of a conventional solution is invariant for the results. In other words, a comparison with another conventional solution will give similar (most often the same) results using the same approximate methods. This thesis raises questions related to further research work. Undoubtly, the developed heuristic algorithm does not represent the final solution to the problem of the order of basic events in the fault tree model, but it represents a step forward towards the application of the BDD method on real nuclear power plant models and in other technological fields. In this sense, modifications to the existing or the development of new heuristic algorithms are possible, which can exploit the specifics of the fault tree model from the selected scope. In addition, it is possible to extend the scope of application of the BDD method to other problems relating to logical functions and to problems of their efficient representation. It should also be noted, that the possibility of implementing functional analysis over the record of the MCS set arises, since the evaluation of the BDD approach is carried out on a complete set of minimal cut sets. In other words, from a complete set of minimal cut sets it is possible to determine a logical function that shows the model's dependency on the change in probability of a basic event, or on changing the probability of a performed event (gate) and their combinations. In addition to the sensitivity analysis, functional dependency between components can be obtained from the complete MCS set, for example, failures that depend on the function they establish, or sequences of defects with components. Additionally, an interesting area for further research may be the application of BDD representations to dynamic fault trees. The application to dynamic fault trees requires expansion in implementation, especially in the domain of determining the order for priority gates and their implementation by means of binary decision diagrams. An interesting area of research is the problem of finding minimal formats of arbitrary logical functions. In particular, such a problem is the one of determining the minimum record of a noncoherent fault tree. Some progress has already been made in this direction, but there is still room for research, especially in logical functions with hundreds (or thousands) of logical variables. Apart from a practical application of the BDD method, theoretical questions of the properties of BDD representations are also open, particularly the properties of BDD representations for certain categories of logical functions, such as logical functions applied in cryptography (e.g. Bent functions), or in error detection and correction codes

Fault tree model analysis with binary decision diagrams

U ovom ću radu detaljno predstaviti postupak prikaza stabla kvara pomoću dijagrama binarne odluke. Osim toga pokazat ću kako se iz takvog prikaza stabla kvara mogu vrlo efikasno izvesti važni kvantitativni parametri stabla kvara. Predstavljanjem stabla kvara pomoću dijagrama binarne odluke djelotvornim postupkom minimizacije dobiva se minimalna disjunktna forma koja predstavlja polazno stablo kvara. Iz minimalne forme određuje se jednostavnim postupkom sve ili samo neke kombinacije osnovnih događaja neophodne za ostvarivanje neželjenog vršnog događaja. Osim identifikacije neželjenih kombinacija osnovnih događaja, iz prikaza pomoću dijagrama binarne odluke mogu se za svaku pojedinu osnovnu komponentu (osnovni događaj) odrediti važni empirički parametri. Tim postupkom moguće je odrediti mjere važnosti svake komponente, primjerice: faktor porasta rizika, faktor smanjenja rizika, Fussel−Vesely mjera važnosti, koeficijent osjetljivosti i ostali parametri. U radu su prikazani razvijeni algoritmi za određivanje mjera važnosti za komponente uz pripadajuće rezultate za konkretne primjere iz literature i iz prakse dobivenim na dijelovima modela stabla kvara za nuklearnu elektranu "Krško". Osobito je važno istaknuti prednosti ovakvog pristupa u egzaktnom kvantitativnom izračunu stabla kvara naspram alternativnih prikaza koji daju samo približne rezultate.In this paper I shall lay out in a detailed way the procedure of representing a fault tree through binary decision diagrams. In addition to that I shall show how highly important quantitative fault tree parameters can efficiently be derived from a fault tree representation. The fault tree representation through binary decision diagrams with the aid of efficient minimisation procedures results in a minimal disjunctive form, which corresponds to the initial fault tree. Out of these minimal forms by simple procedures all or only some combinations of basic events are determined, which are essential for the achievement of unwished top events. Beside the identification of unwished combinations of basic events, the representation through binary decision diagrams enables the determination of relevant empirical parameters for each elementary component (basic event). This procedure enables the establishment of the importance factor of every component e.g. risk increase factor, risk decrease factor, Fussel−Vesely importance factor, critical importance factor and others. The thesis also presents developed algorithms for the determination of importance measures for components as well as respective results for actual examples from the literature and praxis relating to parts of model fault trees for the nuclear power plant "Krško". It is particularly important to emphasize the advantages of such an approach in the exact quantitative calculation of fault trees compared to alternative representations which bring only approximate results

Binary decision diagram method for fault tree evaluation in nuclear power plant.

U radu se istražuje način vrednovanja stabla kvara te stabla događaja u nuklearnoj energetici primjenom metode binarnih dijagrama odlučivanja. Polazište istraživanja predstavlja model stabla kvara za analizu neželjenih događaja tijekom eksploatacije nuklearne elektrane. Primjenom modela stabla kvara opisuje se korelacija između osnovnih događaja koja uzrokuje pojavu neželjenog događaja. Hijerarhijski uspostavljeni odnosi između osnovnih i izvedenih događaja u sustavu predstavljaju logičke veze između događaja te se mogu predstaviti pomoću binarnih dijagrama odlučivanja (skr. BDD). Postupak vrednovanja stabla kvara ostvaruje se provođenjem kvalitativne i kvantitativne analize modela na BDD zapisu stabla kvara. Međutim, kompleksnost algoritama primijenjenih na BDD zapise proizlazi iz problema izbora redoslijeda osnovnih događaja za formiranje BDD zapisa Boole-Shannonovim razvojem. Složenost problema zahtijeva heuristički pristup, te je shodno tome razvijen algoritam za određivanje redoslijeda varijabli pomoću kojega je moguće vrednovati model stabla kvara s više od 1000 osnovnih događaja u modelu. Osim navedenog problema redoslijeda, u radu je unaprijeđen postupak vrednovanja primjenom kompletnog proračuna pomoću BDD zapisa. Budući, BDD zapis omogućava formiranje potpunog skupa minimalnih presjeka modela otvara se mogućnost povećanja točnosti određivanja parametara pouzdanosti te unapređenja kvalitativne analize. Primjerice, otvara se mogućnost određivanja funkcionalne zavisnosti neželjenog vršnog događaja u odnosu na pojavu pojedinačnih osnovnih događaja u modelu stabla kvara. Također, točno određivanje parametara pouzdanosti umanjuje važnost izbora metode za ocjenu gornje ograde za vjerojatnost pojave vršnog (ili drugog) događaja. Neovisno o tome, u radu su izložena dva nova algoritma za određivanje gornjih ograda iz skupa minimalnih presjeka, te za određivanje uvjetne vjerojatnosti na BDD zapisu modela stabla kvara. Za unapređenje kvalitativne analize u postupku vrednovanja razvijen je algoritam za odabir podskupa MCS skupa navođenjem predikata za izbor željenih minimalnih presjeka. Na taj način omogućen je fleksibilniji izbor minimalnih presjeka usporedbi s konvencionalnim pristupom gdje se selekcija obično provodi prema broju osnovnih događaja ili prema vjerojatnosti iz minimalnog presjeka. Verifikacija te potvrda postupka vrednovanja pomoću BDD zapisa modela stabla kvara ostvarena je implementacijom programskog rješenja za sve prezentirane algoritme. Također, dobiveni rezultati vrednovanja potvrđeni su usporedbom s implementacijom konvencionalnog pristupa iz priznatih programskih rješenja.A nuclear power plant sets the example of a most complex technical system in which nuclear technology is applied to generate electricity. The complexity of the nuclear power plant system reflects not only during its construction, but also during the operation in functional maintenance processes, as in accordance with the highest safety requirements. Complex nuclear power plant systems are usually perceived as a regulated whole of elements divided into smaller subsystems and separate components. Commonly, the structural organization is hierarchically complex due to numerous functional bonds between the subsystems and components. The hierarchical sequence of elements of the nuclear power plant system is observed at a functional level for the purpose of performing the intended functions during operation, which we call the holistic approach. An elimination of errors in the design or during the exploitation of a complex technical system, such as a nuclear power plant, requires large human and financial resources. The emergence of incidents in a complex nuclear power plant system often demands significant financial funds, human resources as well as time duration in order to find the causes and remove consequences. Therefore, prediction, early detection as well as prevention of incidents are extremely important throughout the life cycle of a nuclear power plant. Activities performed throughout the lifecycle are closely linked to the reliability analysis of the system and are most often carried out by assessing the risks in the nuclear power plant's system and its subsystems. One of the questions, raised during the exploitation of a nuclear power plant is the reliability of system elements to meet the highest safety requirements. Meaning, that at the level of the hierarchical organisation it is necessary to determine the probability of operation within timeframes, in the expected manner and under strictly defined operating conditions for all elements of the nuclear power plant system. The problem of determining the probability of system operation is addressed by the reliability theory, and the aim of this work is, by applying the law of the reliability theory, to improve the fault tree method for qualitative and quantitative reliability assessment of the nuclear power plant system. In order for the law of the reliability theory to be applied, the nuclear power plant system must be formally described at the abstract level of the model and it is necessary to provide an unambiguous mapping between the records. The description of the nuclear power plant system is based on the determination of the structural function of the system indicating a functional connection between the constituent elements (subsystems, components). By observing the simple status {work, does not work} on structural function elements of the system and by associating probability with these events, we introduce an elementary link to the theory of reliability, in other words, we define a probabilistic model of the functioning of the nuclear power plant system. It should be noted that this approach is not restricted to the nuclear power plant system, but is applicable on other technical systems as well. The main task of the reliability analysis of a nuclear power plant system is the risk assessement of the entire system and of its most significant subsystems. One most relevant approach for accomplishing this task is to build a fault tree model to describe undesirable events in the system and subsystems. A fundamental activity in the application of the fault tree method is the decomposition of the top event into simpler events to a selected level, where no further analysis is required. Terminating events that are considered indivisible are called basic events and are usually associated with failures of the basic system components. The fault state of a basic component is described with a simple logical variable. The possibility of one component to transit from an operational state to a fault state is measured by assigning the transition probability. On such a defined, meanwhile, probabilistic model two types of analysis are carried out: • Quantitative analysis - calculation of the probability of a top event by defining a function on probabilities of basic events and determining probabilistic parameters (measures of importance) for system components, • Qualitative analysis - determining the minimum sets of basic events and their properties leading to a top event. It is namely known, that for the success of the application of software solutions on a complex fault tree model, it is necessary, either to reduce accuracy, which can be unacceptable for critical systems, or to significantly simplify the model to the level of detail, which allows to carry out more precise calculations. The complexity of the fault tree model basically stems from the complexity of the representation of the logical model represented by the fault tree. Different conventional techniques of representation of logical functions do not necessarily meet the requirements for the presentation of the fault tree model. More recently, binary decision diagrams (BDDs) have gained more popularity in various engineering disciplines. The structure of binary decision diagrams proves to be extremely effective in presenting logical functions that contain sub-function sharing, i.e. sub-functions used multiple times in the logical function definition. However, the usability of BDD-based tools in reliability analysis is directly related to the size of the BDD representation. Determining the optimal size of BDD representations falls into the category of the most difficult problems and has intensively been approached with approximate procedures that do not have to provide optimal solutions. Since the size of the BDD representation for the fault tree model is determined by the order of the basic events from which the model is formed, the problem is attempted to be solved suboptimally by applying heuristic methods. Thereby, this doctoral dissertation brings a new heuristic method for determining the order of basic events, while its purposefulness and applicability have been verified on realistic examples of the fault tree from the model of the nuclear power plant Krško. In simple words, the main thesis herein leans in finding an effective BDD representation for the fault tree model by which we can carry out exact analyses without diminishing accuracy and without reducing the model on realistic examples from the nuclear power plant. Due to the complexity of the problem, results from different fields of applied sciences have been used. For the purpose of verifying and confirming the applicability of the developed algorithms, it is necessary to use results of the mathematical apparatus from several branches: • Complexity theory for analyzing the complexities of developed or used algorithms • Mathematical logic for connecting logical functions with fault tree models • Probability theory for establishing basic relationships in the evaluation process of the fault tree Beside the mathematical apparatus, the results from the theory of reliability establish a connection with formal models of complex systems. Mostly important is the linking of the system model to results from the probability theory on reliability models of complex systems. Further, the concept of logical function and its interpretation on the system model in form of minimal path and cut sets represents an important role. The basic tool for evaluating the system model in nuclear power plants is the fault tree, and the question of the complexity of its analysis (qualitative and/or quantitative) is associated with the complexity of the representation of logical functions using the BDD. In the chapter dedicated to the BDD representation, basic features of BDD representations were introduced by structure of the directed graph with two terminal nodes. The uniqueness property of BDD representation (canonical forms) for logical functions has been shown herein, as well as, in respect of the canonical forms, how the complexity of logical operations on a BDD representation depends on the number of nodes in the graph structure. Further to the basic logical operations of BDD representations, the ZDD modification has been introduced, which enables a unique record of sets, allowing easy operation with combinations of sets, especially for the purpose of presentation and operation over numerous sets of minimal cut sets. In addition, by using simple characterization of minimal cut sets for coherent fault trees, the application of BDD representations to determine their complete MCS set has been implemented and demonstrated. Definitions of importance measures have been derived and the algorithm to calculate conditional probability on the MCS set has been developed, the latter enabling a determination of values of all importance measures for basic events from the fault tree. Beside the importance measures, an algorithm for selecting minimal cut sets according to the given criterion (in form of predicates), as well as algorithms for the assessment of the two bounds for the top event probability have been developed to compare with the conventional quantitative fault tree analysis approach. The developed algorithms and their implementation on the fault tree BDD representation enables the conduct of the evaluation process on the complete MCS set, neither needing any reduction of the set nor any application of approximate approaches to the problem. The thesis shows that BDD representation properties can be used to efficiently solve problems in the process of evaluating the fault tree. However, a key precondition in the application of BDD representation in the evaluation process is the determination of the basic events order. This problem has been predominantly addressed in the dissertation, showing that by applying the newly developed heuristic algorithm the evaluation process can be performed for the even most complex fault tree models. The basis of the new heuristics represents the algorithm for combining existing orders for inputs to gates. This algorithm forms a new order of basic events for the gate, taking into consideration their position and the possibility of the same event appearing in different orders from inputs to these gates. Where there is no overlapping of basic events between the orders for inputs to gates, a simple situation is solved by an algorithm for functions with a single occurrence of variables. A more complex situation is solved, in case of an overlap between orders, by comparing the number of basic events tops in a BDD representation. Since the formation of the order by means of the new heuristic is carried out sequentially in some input order, being sensitive to the choice of this order, the heuristics shall be applied multiple times (limited number of times) to inputs to gates. The best order obtained by this procedure is further improved by the Rudell's sifting method, which proved effective for the largest fault tree models. The entire procedure for the fault tree is carried out in the order of gates that follows from the depth-first traversal of the model. The verification of the approach has been carried out by evaluating examples of the fault tree from the literature and on realistic examples from the model for the Krško nuclear power plant. The thesis reveals, that with the order obtained, it is possible to fully carry out a quantitative and qualitative evaluation without any approximate calculations. Moreover, the results achieved (accuracy, completeness) show the applicability of the approach on realistic examples with a run time comparable to the conventional approach. The scientific contributions of the thesis can be divided into three basic units: 1. The development of an algorithm to determine the order of variables to find BDD representations of a complete fault tree or event tree in probabilistic reliability analyses of power systems. Starting from a model of logical function with a single occurrence of variables, an algorithm was developed, finding the order of basic events in the Boole-Shannon's development of logical functions represented by the fault tree. The principal idea of the new heuristics is based on the application of a recursive relation from the paper for the gate in the fault tree, containing a record of the logical function with a single occurrence of variables, while on other gates the technique of searching for the best permutation of the input based on the assessment of the size of the BDD gate record is applied. To reduce the search space, different fault tree simplification techniques are applied with the aim of increasing the part of the fault tree that has a logical function structure with a single occurrence of variables. During the formation of BDD representations for gates in more complex fault tree models, the dynamic reordering technique is additionally applied by swapping of adjacent logical variables. The new heuristics is applied successively to the gates in the order specified by depth traversing of the fault tree model. The order for top events is optionally dynamically improved for the most complex models. 2. The improvement of the qualitative and quantitative fault tree analysis on complex nuclear power systems by applying a complete calculation of the BDD model record, using the order of basic events specified by the new heuristics. The qualitative analysis of the fault tree has been improved in the domain of selecting a part of the MCS set from a complete set of minimal cut sets while meeting adjusted selection criteria. The difference to the conventional approach is reflected in the approach, since the choice is carried out on the entire MCS set, while in conventional approaches the choice of one part of the MCS set is carried out by discarding the elements during the calculation. For a quantitative analysis of the fault tree, the following algorithms have been developed: • algorithm for determining the top (or other) event probability from a complete MCS set in a BDD representation with a default interpretation of the logical function represented by the fault tree, • algorithm for determining the upper bound for the probability of a top (or other) event from a complete set of minimal cut sets, • algorithm for determining the upper bound for the probability of a top (or other) event from rare events using a complete set of minimal cut sets. 3. The development of the application and the confirmation of the results obtained were achieved by comparison with the conventional approach. All algorithms in the thesis have been fully implemented in the software solution, and the correctness and accuracy of the algorithms has been verified by comparison with the results obtained by conventional approach. For comparison with the conventional approach, the KIRAP software solution was used, since the choice of a conventional solution is invariant for the results. In other words, a comparison with another conventional solution will give similar (most often the same) results using the same approximate methods. This thesis raises questions related to further research work. Undoubtly, the developed heuristic algorithm does not represent the final solution to the problem of the order of basic events in the fault tree model, but it represents a step forward towards the application of the BDD method on real nuclear power plant models and in other technological fields. In this sense, modifications to the existing or the development of new heuristic algorithms are possible, which can exploit the specifics of the fault tree model from the selected scope. In addition, it is possible to extend the scope of application of the BDD method to other problems relating to logical functions and to problems of their efficient representation. It should also be noted, that the possibility of implementing functional analysis over the record of the MCS set arises, since the evaluation of the BDD approach is carried out on a complete set of minimal cut sets. In other words, from a complete set of minimal cut sets it is possible to determine a logical function that shows the model's dependency on the change in probability of a basic event, or on changing the probability of a performed event (gate) and their combinations. In addition to the sensitivity analysis, functional dependency between components can be obtained from the complete MCS set, for example, failures that depend on the function they establish, or sequences of defects with components. Additionally, an interesting area for further research may be the application of BDD representations to dynamic fault trees. The application to dynamic fault trees requires expansion in implementation, especially in the domain of determining the order for priority gates and their implementation by means of binary decision diagrams. An interesting area of research is the problem of finding minimal formats of arbitrary logical functions. In particular, such a problem is the one of determining the minimum record of a noncoherent fault tree. Some progress has already been made in this direction, but there is still room for research, especially in logical functions with hundreds (or thousands) of logical variables. Apart from a practical application of the BDD method, theoretical questions of the properties of BDD representations are also open, particularly the properties of BDD representations for certain categories of logical functions, such as logical functions applied in cryptography (e.g. Bent functions), or in error detection and correction codes

Fault tree model analysis with binary decision diagrams

U ovom ću radu detaljno predstaviti postupak prikaza stabla kvara pomoću dijagrama binarne odluke. Osim toga pokazat ću kako se iz takvog prikaza stabla kvara mogu vrlo efikasno izvesti važni kvantitativni parametri stabla kvara. Predstavljanjem stabla kvara pomoću dijagrama binarne odluke djelotvornim postupkom minimizacije dobiva se minimalna disjunktna forma koja predstavlja polazno stablo kvara. Iz minimalne forme određuje se jednostavnim postupkom sve ili samo neke kombinacije osnovnih događaja neophodne za ostvarivanje neželjenog vršnog događaja. Osim identifikacije neželjenih kombinacija osnovnih događaja, iz prikaza pomoću dijagrama binarne odluke mogu se za svaku pojedinu osnovnu komponentu (osnovni događaj) odrediti važni empirički parametri. Tim postupkom moguće je odrediti mjere važnosti svake komponente, primjerice: faktor porasta rizika, faktor smanjenja rizika, Fussel−Vesely mjera važnosti, koeficijent osjetljivosti i ostali parametri. U radu su prikazani razvijeni algoritmi za određivanje mjera važnosti za komponente uz pripadajuće rezultate za konkretne primjere iz literature i iz prakse dobivenim na dijelovima modela stabla kvara za nuklearnu elektranu "Krško". Osobito je važno istaknuti prednosti ovakvog pristupa u egzaktnom kvantitativnom izračunu stabla kvara naspram alternativnih prikaza koji daju samo približne rezultate.In this paper I shall lay out in a detailed way the procedure of representing a fault tree through binary decision diagrams. In addition to that I shall show how highly important quantitative fault tree parameters can efficiently be derived from a fault tree representation. The fault tree representation through binary decision diagrams with the aid of efficient minimisation procedures results in a minimal disjunctive form, which corresponds to the initial fault tree. Out of these minimal forms by simple procedures all or only some combinations of basic events are determined, which are essential for the achievement of unwished top events. Beside the identification of unwished combinations of basic events, the representation through binary decision diagrams enables the determination of relevant empirical parameters for each elementary component (basic event). This procedure enables the establishment of the importance factor of every component e.g. risk increase factor, risk decrease factor, Fussel−Vesely importance factor, critical importance factor and others. The thesis also presents developed algorithms for the determination of importance measures for components as well as respective results for actual examples from the literature and praxis relating to parts of model fault trees for the nuclear power plant "Krško". It is particularly important to emphasize the advantages of such an approach in the exact quantitative calculation of fault trees compared to alternative representations which bring only approximate results

Fault tree model analysis with binary decision diagrams

U ovom ću radu detaljno predstaviti postupak prikaza stabla kvara pomoću dijagrama binarne odluke. Osim toga pokazat ću kako se iz takvog prikaza stabla kvara mogu vrlo efikasno izvesti važni kvantitativni parametri stabla kvara. Predstavljanjem stabla kvara pomoću dijagrama binarne odluke djelotvornim postupkom minimizacije dobiva se minimalna disjunktna forma koja predstavlja polazno stablo kvara. Iz minimalne forme određuje se jednostavnim postupkom sve ili samo neke kombinacije osnovnih događaja neophodne za ostvarivanje neželjenog vršnog događaja. Osim identifikacije neželjenih kombinacija osnovnih događaja, iz prikaza pomoću dijagrama binarne odluke mogu se za svaku pojedinu osnovnu komponentu (osnovni događaj) odrediti važni empirički parametri. Tim postupkom moguće je odrediti mjere važnosti svake komponente, primjerice: faktor porasta rizika, faktor smanjenja rizika, Fussel−Vesely mjera važnosti, koeficijent osjetljivosti i ostali parametri. U radu su prikazani razvijeni algoritmi za određivanje mjera važnosti za komponente uz pripadajuće rezultate za konkretne primjere iz literature i iz prakse dobivenim na dijelovima modela stabla kvara za nuklearnu elektranu "Krško". Osobito je važno istaknuti prednosti ovakvog pristupa u egzaktnom kvantitativnom izračunu stabla kvara naspram alternativnih prikaza koji daju samo približne rezultate.In this paper I shall lay out in a detailed way the procedure of representing a fault tree through binary decision diagrams. In addition to that I shall show how highly important quantitative fault tree parameters can efficiently be derived from a fault tree representation. The fault tree representation through binary decision diagrams with the aid of efficient minimisation procedures results in a minimal disjunctive form, which corresponds to the initial fault tree. Out of these minimal forms by simple procedures all or only some combinations of basic events are determined, which are essential for the achievement of unwished top events. Beside the identification of unwished combinations of basic events, the representation through binary decision diagrams enables the determination of relevant empirical parameters for each elementary component (basic event). This procedure enables the establishment of the importance factor of every component e.g. risk increase factor, risk decrease factor, Fussel−Vesely importance factor, critical importance factor and others. The thesis also presents developed algorithms for the determination of importance measures for components as well as respective results for actual examples from the literature and praxis relating to parts of model fault trees for the nuclear power plant "Krško". It is particularly important to emphasize the advantages of such an approach in the exact quantitative calculation of fault trees compared to alternative representations which bring only approximate results

Binary decision diagram method for fault tree evaluation in nuclear power plant.

U radu se istražuje način vrednovanja stabla kvara te stabla događaja u nuklearnoj energetici primjenom metode binarnih dijagrama odlučivanja. Polazište istraživanja predstavlja model stabla kvara za analizu neželjenih događaja tijekom eksploatacije nuklearne elektrane. Primjenom modela stabla kvara opisuje se korelacija između osnovnih događaja koja uzrokuje pojavu neželjenog događaja. Hijerarhijski uspostavljeni odnosi između osnovnih i izvedenih događaja u sustavu predstavljaju logičke veze između događaja te se mogu predstaviti pomoću binarnih dijagrama odlučivanja (skr. BDD). Postupak vrednovanja stabla kvara ostvaruje se provođenjem kvalitativne i kvantitativne analize modela na BDD zapisu stabla kvara. Međutim, kompleksnost algoritama primijenjenih na BDD zapise proizlazi iz problema izbora redoslijeda osnovnih događaja za formiranje BDD zapisa Boole-Shannonovim razvojem. Složenost problema zahtijeva heuristički pristup, te je shodno tome razvijen algoritam za određivanje redoslijeda varijabli pomoću kojega je moguće vrednovati model stabla kvara s više od 1000 osnovnih događaja u modelu. Osim navedenog problema redoslijeda, u radu je unaprijeđen postupak vrednovanja primjenom kompletnog proračuna pomoću BDD zapisa. Budući, BDD zapis omogućava formiranje potpunog skupa minimalnih presjeka modela otvara se mogućnost povećanja točnosti određivanja parametara pouzdanosti te unapređenja kvalitativne analize. Primjerice, otvara se mogućnost određivanja funkcionalne zavisnosti neželjenog vršnog događaja u odnosu na pojavu pojedinačnih osnovnih događaja u modelu stabla kvara. Također, točno određivanje parametara pouzdanosti umanjuje važnost izbora metode za ocjenu gornje ograde za vjerojatnost pojave vršnog (ili drugog) događaja. Neovisno o tome, u radu su izložena dva nova algoritma za određivanje gornjih ograda iz skupa minimalnih presjeka, te za određivanje uvjetne vjerojatnosti na BDD zapisu modela stabla kvara. Za unapređenje kvalitativne analize u postupku vrednovanja razvijen je algoritam za odabir podskupa MCS skupa navođenjem predikata za izbor željenih minimalnih presjeka. Na taj način omogućen je fleksibilniji izbor minimalnih presjeka usporedbi s konvencionalnim pristupom gdje se selekcija obično provodi prema broju osnovnih događaja ili prema vjerojatnosti iz minimalnog presjeka. Verifikacija te potvrda postupka vrednovanja pomoću BDD zapisa modela stabla kvara ostvarena je implementacijom programskog rješenja za sve prezentirane algoritme. Također, dobiveni rezultati vrednovanja potvrđeni su usporedbom s implementacijom konvencionalnog pristupa iz priznatih programskih rješenja.A nuclear power plant sets the example of a most complex technical system in which nuclear technology is applied to generate electricity. The complexity of the nuclear power plant system reflects not only during its construction, but also during the operation in functional maintenance processes, as in accordance with the highest safety requirements. Complex nuclear power plant systems are usually perceived as a regulated whole of elements divided into smaller subsystems and separate components. Commonly, the structural organization is hierarchically complex due to numerous functional bonds between the subsystems and components. The hierarchical sequence of elements of the nuclear power plant system is observed at a functional level for the purpose of performing the intended functions during operation, which we call the holistic approach. An elimination of errors in the design or during the exploitation of a complex technical system, such as a nuclear power plant, requires large human and financial resources. The emergence of incidents in a complex nuclear power plant system often demands significant financial funds, human resources as well as time duration in order to find the causes and remove consequences. Therefore, prediction, early detection as well as prevention of incidents are extremely important throughout the life cycle of a nuclear power plant. Activities performed throughout the lifecycle are closely linked to the reliability analysis of the system and are most often carried out by assessing the risks in the nuclear power plant's system and its subsystems. One of the questions, raised during the exploitation of a nuclear power plant is the reliability of system elements to meet the highest safety requirements. Meaning, that at the level of the hierarchical organisation it is necessary to determine the probability of operation within timeframes, in the expected manner and under strictly defined operating conditions for all elements of the nuclear power plant system. The problem of determining the probability of system operation is addressed by the reliability theory, and the aim of this work is, by applying the law of the reliability theory, to improve the fault tree method for qualitative and quantitative reliability assessment of the nuclear power plant system. In order for the law of the reliability theory to be applied, the nuclear power plant system must be formally described at the abstract level of the model and it is necessary to provide an unambiguous mapping between the records. The description of the nuclear power plant system is based on the determination of the structural function of the system indicating a functional connection between the constituent elements (subsystems, components). By observing the simple status {work, does not work} on structural function elements of the system and by associating probability with these events, we introduce an elementary link to the theory of reliability, in other words, we define a probabilistic model of the functioning of the nuclear power plant system. It should be noted that this approach is not restricted to the nuclear power plant system, but is applicable on other technical systems as well. The main task of the reliability analysis of a nuclear power plant system is the risk assessement of the entire system and of its most significant subsystems. One most relevant approach for accomplishing this task is to build a fault tree model to describe undesirable events in the system and subsystems. A fundamental activity in the application of the fault tree method is the decomposition of the top event into simpler events to a selected level, where no further analysis is required. Terminating events that are considered indivisible are called basic events and are usually associated with failures of the basic system components. The fault state of a basic component is described with a simple logical variable. The possibility of one component to transit from an operational state to a fault state is measured by assigning the transition probability. On such a defined, meanwhile, probabilistic model two types of analysis are carried out: • Quantitative analysis - calculation of the probability of a top event by defining a function on probabilities of basic events and determining probabilistic parameters (measures of importance) for system components, • Qualitative analysis - determining the minimum sets of basic events and their properties leading to a top event. It is namely known, that for the success of the application of software solutions on a complex fault tree model, it is necessary, either to reduce accuracy, which can be unacceptable for critical systems, or to significantly simplify the model to the level of detail, which allows to carry out more precise calculations. The complexity of the fault tree model basically stems from the complexity of the representation of the logical model represented by the fault tree. Different conventional techniques of representation of logical functions do not necessarily meet the requirements for the presentation of the fault tree model. More recently, binary decision diagrams (BDDs) have gained more popularity in various engineering disciplines. The structure of binary decision diagrams proves to be extremely effective in presenting logical functions that contain sub-function sharing, i.e. sub-functions used multiple times in the logical function definition. However, the usability of BDD-based tools in reliability analysis is directly related to the size of the BDD representation. Determining the optimal size of BDD representations falls into the category of the most difficult problems and has intensively been approached with approximate procedures that do not have to provide optimal solutions. Since the size of the BDD representation for the fault tree model is determined by the order of the basic events from which the model is formed, the problem is attempted to be solved suboptimally by applying heuristic methods. Thereby, this doctoral dissertation brings a new heuristic method for determining the order of basic events, while its purposefulness and applicability have been verified on realistic examples of the fault tree from the model of the nuclear power plant Krško. In simple words, the main thesis herein leans in finding an effective BDD representation for the fault tree model by which we can carry out exact analyses without diminishing accuracy and without reducing the model on realistic examples from the nuclear power plant. Due to the complexity of the problem, results from different fields of applied sciences have been used. For the purpose of verifying and confirming the applicability of the developed algorithms, it is necessary to use results of the mathematical apparatus from several branches: • Complexity theory for analyzing the complexities of developed or used algorithms • Mathematical logic for connecting logical functions with fault tree models • Probability theory for establishing basic relationships in the evaluation process of the fault tree Beside the mathematical apparatus, the results from the theory of reliability establish a connection with formal models of complex systems. Mostly important is the linking of the system model to results from the probability theory on reliability models of complex systems. Further, the concept of logical function and its interpretation on the system model in form of minimal path and cut sets represents an important role. The basic tool for evaluating the system model in nuclear power plants is the fault tree, and the question of the complexity of its analysis (qualitative and/or quantitative) is associated with the complexity of the representation of logical functions using the BDD. In the chapter dedicated to the BDD representation, basic features of BDD representations were introduced by structure of the directed graph with two terminal nodes. The uniqueness property of BDD representation (canonical forms) for logical functions has been shown herein, as well as, in respect of the canonical forms, how the complexity of logical operations on a BDD representation depends on the number of nodes in the graph structure. Further to the basic logical operations of BDD representations, the ZDD modification has been introduced, which enables a unique record of sets, allowing easy operation with combinations of sets, especially for the purpose of presentation and operation over numerous sets of minimal cut sets. In addition, by using simple characterization of minimal cut sets for coherent fault trees, the application of BDD representations to determine their complete MCS set has been implemented and demonstrated. Definitions of importance measures have been derived and the algorithm to calculate conditional probability on the MCS set has been developed, the latter enabling a determination of values of all importance measures for basic events from the fault tree. Beside the importance measures, an algorithm for selecting minimal cut sets according to the given criterion (in form of predicates), as well as algorithms for the assessment of the two bounds for the top event probability have been developed to compare with the conventional quantitative fault tree analysis approach. The developed algorithms and their implementation on the fault tree BDD representation enables the conduct of the evaluation process on the complete MCS set, neither needing any reduction of the set nor any application of approximate approaches to the problem. The thesis shows that BDD representation properties can be used to efficiently solve problems in the process of evaluating the fault tree. However, a key precondition in the application of BDD representation in the evaluation process is the determination of the basic events order. This problem has been predominantly addressed in the dissertation, showing that by applying the newly developed heuristic algorithm the evaluation process can be performed for the even most complex fault tree models. The basis of the new heuristics represents the algorithm for combining existing orders for inputs to gates. This algorithm forms a new order of basic events for the gate, taking into consideration their position and the possibility of the same event appearing in different orders from inputs to these gates. Where there is no overlapping of basic events between the orders for inputs to gates, a simple situation is solved by an algorithm for functions with a single occurrence of variables. A more complex situation is solved, in case of an overlap between orders, by comparing the number of basic events tops in a BDD representation. Since the formation of the order by means of the new heuristic is carried out sequentially in some input order, being sensitive to the choice of this order, the heuristics shall be applied multiple times (limited number of times) to inputs to gates. The best order obtained by this procedure is further improved by the Rudell's sifting method, which proved effective for the largest fault tree models. The entire procedure for the fault tree is carried out in the order of gates that follows from the depth-first traversal of the model. The verification of the approach has been carried out by evaluating examples of the fault tree from the literature and on realistic examples from the model for the Krško nuclear power plant. The thesis reveals, that with the order obtained, it is possible to fully carry out a quantitative and qualitative evaluation without any approximate calculations. Moreover, the results achieved (accuracy, completeness) show the applicability of the approach on realistic examples with a run time comparable to the conventional approach. The scientific contributions of the thesis can be divided into three basic units: 1. The development of an algorithm to determine the order of variables to find BDD representations of a complete fault tree or event tree in probabilistic reliability analyses of power systems. Starting from a model of logical function with a single occurrence of variables, an algorithm was developed, finding the order of basic events in the Boole-Shannon's development of logical functions represented by the fault tree. The principal idea of the new heuristics is based on the application of a recursive relation from the paper for the gate in the fault tree, containing a record of the logical function with a single occurrence of variables, while on other gates the technique of searching for the best permutation of the input based on the assessment of the size of the BDD gate record is applied. To reduce the search space, different fault tree simplification techniques are applied with the aim of increasing the part of the fault tree that has a logical function structure with a single occurrence of variables. During the formation of BDD representations for gates in more complex fault tree models, the dynamic reordering technique is additionally applied by swapping of adjacent logical variables. The new heuristics is applied successively to the gates in the order specified by depth traversing of the fault tree model. The order for top events is optionally dynamically improved for the most complex models. 2. The improvement of the qualitative and quantitative fault tree analysis on complex nuclear power systems by applying a complete calculation of the BDD model record, using the order of basic events specified by the new heuristics. The qualitative analysis of the fault tree has been improved in the domain of selecting a part of the MCS set from a complete set of minimal cut sets while meeting adjusted selection criteria. The difference to the conventional approach is reflected in the approach, since the choice is carried out on the entire MCS set, while in conventional approaches the choice of one part of the MCS set is carried out by discarding the elements during the calculation. For a quantitative analysis of the fault tree, the following algorithms have been developed: • algorithm for determining the top (or other) event probability from a complete MCS set in a BDD representation with a default interpretation of the logical function represented by the fault tree, • algorithm for determining the upper bound for the probability of a top (or other) event from a complete set of minimal cut sets, • algorithm for determining the upper bound for the probability of a top (or other) event from rare events using a complete set of minimal cut sets. 3. The development of the application and the confirmation of the results obtained were achieved by comparison with the conventional approach. All algorithms in the thesis have been fully implemented in the software solution, and the correctness and accuracy of the algorithms has been verified by comparison with the results obtained by conventional approach. For comparison with the conventional approach, the KIRAP software solution was used, since the choice of a conventional solution is invariant for the results. In other words, a comparison with another conventional solution will give similar (most often the same) results using the same approximate methods. This thesis raises questions related to further research work. Undoubtly, the developed heuristic algorithm does not represent the final solution to the problem of the order of basic events in the fault tree model, but it represents a step forward towards the application of the BDD method on real nuclear power plant models and in other technological fields. In this sense, modifications to the existing or the development of new heuristic algorithms are possible, which can exploit the specifics of the fault tree model from the selected scope. In addition, it is possible to extend the scope of application of the BDD method to other problems relating to logical functions and to problems of their efficient representation. It should also be noted, that the possibility of implementing functional analysis over the record of the MCS set arises, since the evaluation of the BDD approach is carried out on a complete set of minimal cut sets. In other words, from a complete set of minimal cut sets it is possible to determine a logical function that shows the model's dependency on the change in probability of a basic event, or on changing the probability of a performed event (gate) and their combinations. In addition to the sensitivity analysis, functional dependency between components can be obtained from the complete MCS set, for example, failures that depend on the function they establish, or sequences of defects with components. Additionally, an interesting area for further research may be the application of BDD representations to dynamic fault trees. The application to dynamic fault trees requires expansion in implementation, especially in the domain of determining the order for priority gates and their implementation by means of binary decision diagrams. An interesting area of research is the problem of finding minimal formats of arbitrary logical functions. In particular, such a problem is the one of determining the minimum record of a noncoherent fault tree. Some progress has already been made in this direction, but there is still room for research, especially in logical functions with hundreds (or thousands) of logical variables. Apart from a practical application of the BDD method, theoretical questions of the properties of BDD representations are also open, particularly the properties of BDD representations for certain categories of logical functions, such as logical functions applied in cryptography (e.g. Bent functions), or in error detection and correction codes

Development and first application of an operating events ranking tool

The operating experience feedback is important for maintaining and improving safety and availability in nuclear power plants. Detailed investigation of all events is challenging since it requires excessive resources, especially in case of large event databases. This paper presents an event groups ranking method to complement the analysis of individual operating events. The basis for the method is the use of an internationally accepted events characterization scheme that allows different ways of events grouping and ranking. The ranking method itself consists of implementing the analytical hierarchy process (AHP) by means of a custom developed tool which allows events ranking based on ranking indexes pre-determined by expert judgement. Following the development phase, the tool was applied to analyze a complete set of 5 years of real nuclear power plants operating events (1453 events). The paper presents the potential of this ranking method to identify possible patterns throughout the event database and therefore to give additional insights into the events as well as to give quantitative input for the prioritization of furthermore detailed investigation of selected event groups.JRC.F.5-Nuclear Reactor Safety Assessmen

Uncertainty Analysis of Method-based Operating Event Groups Ranking

Safe operation and industrial improvements are coming from the technology development and operational experience (OE) feedback. A long life span for many industrial facilities makes OE very important. Proper assessment and understanding of OE remains a challenge because of organization system relations complexity and because of an amount of OE events acquired. One way to improve OE events understanding is to focus their investigation and analyze in details the most important. The OE ranking method is developed to select the most important events based on the basic event parameters and the analytical hierarchy process applied at the level of event groups. This paper investigates further how uncertainty in the model is affecting ranking results. An analysis was performed on the set of two databases from the 20 years of nuclear power plants in France and Germany. From all uncertainties the presented analysis selected ranking indexes as the most relevant for consideration. Here the presented analysis of uncertainty clearly shows that considering uncertainty is important for all results, especially for event groups ranked closely and next to the most important one. Together with the previously performed sensitivity analysis uncertainty assessment provides additional insights and a better judgment of the event groups importance in further detail investigation.JRC.F.5-Nuclear Reactor Safety Assessmen