29 research outputs found
Method and system for dynamic probabilistic risk assessment
The DEFT methodology, system and computer readable medium extends the applicability of the PRA (Probabilistic Risk Assessment) methodology to computer-based systems, by allowing DFT (Dynamic Fault Tree) nodes as pivot nodes in the Event Tree (ET) model. DEFT includes a mathematical model and solution algorithm, supports all common PRA analysis functions and cutsets. Additional capabilities enabled by the DFT include modularization, phased mission analysis, sequence dependencies, and imperfect coverage
Dependability analysis of systems with on-demand and active failure modes, using dynamic fault trees
Safety systems and protection systems can experience
two phases of operation (standby and active); an accurate
dependability analysis must combine an analysis of both phases.
The standby mode can last for a long time, during which the safety
system is periodically tested and maintained. Once a demand occurs,
the safety system must operate successfully for the length of
demand. The failure characteristics of the system are different in
the two phases, and the system can fail in two ways:
1) It can fail to start (fail on-demand), or
2) It can fail while in active mode.
Failure on demand requires an availability analysis of components
(typically electromechanical components) which are
required to start or support the safety system. These support
components are usually maintained periodically while not in
active use.
Active failure refers to the failure while running (once started)
of the active components of the safety system. These active components
can be fault tolerant and use spares or other forms of redundancy,
but are not maintainable while in use.
The approach, in this paper, automatically combines the “availability
analysis of the system in standby mode” with the “reliability
analysis of the system in its active mode.” The general approach
uses an availability analysis of the standby phase to determine the
initial state probabilities for a Markov model of the demand phase.
A detailed method is presented in terms of a dynamic fault-tree
model. A new “dynamic fault-tree construct” captures the dependency
of the demand-components on the support systems, which
are required to detect the demand or to start the demand system.
The method is discussed using a single example sprinkler system
and then applied to a more complete system taken from the offshore
industry
Tutorial: Advanced fault tree applications using HARP
Reliability analysis of fault tolerant computer systems for critical applications is complicated by several factors. These modeling difficulties are discussed and dynamic fault tree modeling techniques for handling them are described and demonstrated. Several advanced fault tolerant computer systems are described, and fault tree models for their analysis are presented. HARP (Hybrid Automated Reliability Predictor) is a software package developed at Duke University and NASA Langley Research Center that is capable of solving the fault tree models presented
Analysis of safety systems with on-demand and dynamic failure modes
An approach for the reliability analysis of systems with on
demand, and dynamic failure modes is presented. Safety
systems such as sprinkler systems, or other protection systems
are characterized by such failure behavior. They have support
subsystems to start up the system on demand, and once they
start running, they are prone to dynamic failure. Failure on
demand requires an availability analysis of components
(typically electromechanical components) which are required
to start or support the safety system. Once the safety system
is started, it is often reasonable to assume that these support
components do not fail while running. Further, these support
components may be tested and maintained periodically while
not in active use. Dynamic failure refers to the failure while
running (once started) of the active components of the safety
system. These active components may be fault tolerant and
utilize spares or other forms of redundancy, but are not
maintainable while in use. In this paper we describe a simple
yet powerful approach to combining the availability analysis
of the static components with a reliability analysis of the
dynamic components. This approach is explained using a
hypothetical example sprinkler system, and applied to a water
deluge system taken from the offshore industry. The
approach is implemented in the fault tree analysis software
package, Galile
HiRel: Hybrid Automated Reliability Predictor (HARP) integrated reliability tool system, (version 7.0). Volume 2: HARP tutorial
The Hybrid Automated Reliability Predictor (HARP) integrated Reliability (HiRel) tool system for reliability/availability prediction offers a toolbox of integrated reliability/availability programs that can be used to customize the user's application in a workstation or nonworkstation environment. The Hybrid Automated Reliability Predictor (HARP) tutorial provides insight into HARP modeling techniques and the interactive textual prompting input language via a step-by-step explanation and demonstration of HARP's fault occurrence/repair model and the fault/error handling models. Example applications are worked in their entirety and the HARP tabular output data are presented for each. Simple models are presented at first with each succeeding example demonstrating greater modeling power and complexity. This document is not intended to present the theoretical and mathematical basis for HARP
HiRel: Hybrid Automated Reliability Predictor (HARP) integrated reliability tool system, (version 7.0). Volume 1: HARP introduction and user's guide
The Hybrid Automated Reliability Predictor (HARP) integrated Reliability (HiRel) tool system for reliability/availability prediction offers a toolbox of integrated reliability/availability programs that can be used to customize the user's application in a workstation or nonworkstation environment. HiRel consists of interactive graphical input/output programs and four reliability/availability modeling engines that provide analytical and simulative solutions to a wide host of reliable fault-tolerant system architectures and is also applicable to electronic systems in general. The tool system was designed to be compatible with most computing platforms and operating systems, and some programs have been beta tested, within the aerospace community for over 8 years. Volume 1 provides an introduction to the HARP program. Comprehensive information on HARP mathematical models can be found in the references
Stochastic Petri net analysis of a replicated file system
We present a stochastic Petri net model of a replicated file system in a distributed environment where replicated files reside on different hosts and a voting algorithm is used to maintain consistency. Witnesses, which simply record the status of the file but contain no data, may be used in addition to or in place of files to reduce overhead. We present a model sufficiently detailed to include file status (current or out-of-date) as well as failure and repair of hosts where copies or witnesses reside. The number of copies and witnesses is not fixed, but is a parameter of the model. Two different majority protocols are examined, one where a majority of all copies and witnesses is necessary to form a quorum, the other where only a majority of the copies and witnesses on operational hosts is needed. The latter, known as adaptive voting, is shown to increase file availability in most cases. We also investigate the process of selection of copies and witnesses to participate in an update when more than the majority is available and show the inherent performance/reliability tradeoffs.