Some standard content:
1.1 Specification
National Standard of the People's Republic of China
Procedure for fault tree analysis
UDC 519.28
GB7829—87
Fault tree analysis is one of the tools for system reliability and safety analysis. Fault tree analysis includes qualitative analysis and quantitative analysis. The main purpose of qualitative analysis is to find the causes and combinations of causes that lead to the occurrence of undesirable events related to the system, that is, to find all the failure modes that lead to the occurrence of the top event. The main purpose of quantitative analysis is to find the probability of the occurrence of the top event and other quantitative indicators when the probability of all the bottom events is given. In the system design stage, fault tree analysis can help identify potential faults in order to improve the design (including maintainability design); in the system use and maintenance stage, it can help fault diagnosis and improve the use and maintenance plan. 1.2 Scope
This standard specifies the general procedures for fault tree analysis of system reliability and safety, and is mainly applicable to the standard fault tree with both bottom events and top events in two states.
2 Cited standards
GB3187-82 "Basic terms and definitions of reliability". GB4888-85 "Terms and symbols of fault tree". 3 Terms
This standard adopts the term definitions specified in GB3187-82 and GR4888-85. And supplement the following terms: 3.1 Module
For a normal fault tree that has been normalized and simplified (see 5.3 and 5.4.1), a module is a set of at least two bottom events, but not all bottom events. These bottom events can reach a logic gate upward and must pass through this gate to reach the top event. All other bottom events of the fault tree cannot reach this logic gate upward. 3.2 Maximum module
The maximum module of a normal fault tree that has been normalized and simplified is a module of the fault tree, and no other module contains it. 3.3 Cut set
A cut set is a set of bottom events that cause the top event of the normal fault tree to occur. 3.4 Minimum set
The minimum cut set is a set of the minimum number of bottom events that lead to the occurrence of the top event of the regular fault tree. It represents a failure mode that causes the top event of the fault tree to occur.
3.5 Structure function
The structure function of the fault tree is defined as:
(i,X?,.,n)
Approved by the National Bureau of Standards in 198706-03
The top event occurs:
0, the top event does not occur
Implemented in 198801-01
GB 7829--87
Where in is the number of the bottom event of the fault tree, X, X2,, Xn are Boolean variables describing the status of the bottom event, that is, 1, if the th bottom event occurs
0, the th bottom event does not occur
The structural importance of the bottom event
The structural importance of the th bottom event is:
I(i)
i=l,2,,n
Eo(XI,-, Xi-I
I,X.+i,..,Xn)-(Xi,,Xi,o,Xi+1,,Xn))i=1,2,
where (.) is the structural function of the fault tree, M
is the sum of all possible values of X, X2,, Xi-1*
·, X, taking 0 or 1 respectively. The structural importance of the bottom event reflects the importance of each bottom event in the fault tree from the perspective of the fault tree structure. 3.7 Probability importance of bottom events
The probability importance of the :th bottom event is: Ip(i)
3Q (q1 42, , Qn),
i=1,2,,n
where Q (41, 92,, 9n) is the probability of the top event. Under the condition that the bottom events are independent of each other, it is a function of the probability of each bottom event occurring q! , q2,, q.
The probability importance of the first bottom event indicates the rate of change of the probability of the top event caused by a small change in the probability of the first bottom event.
3.8 Relative probability importance of bottom events
The relative probability importance of the first bottom event is I(i)
Q(q1,q2,\ qn)
?Q(q), 42, , qn)
i=l,2,.…,n
The relative probability importance of the first bottom event indicates the rate of change of the probability of the top event caused by a small relative change in the probability of the first bottom event.
4 Preliminary steps for fault tree analysis
Determine the scope of analysis
GB 7829--87
Define the system. Including: the design intention, actual structure, function, boundary (including interface), operation mode, environmental conditions and failure criteria of the system.
b. Determine the purpose and content of the analysis.
c. Clarify the basic assumptions made on the system. Including: assumptions on the operation and maintenance conditions of the system, and assumptions related to performance under all possible conditions of use.
4.2 Familiar with the system
There should be a detailed and thorough understanding of the system. To this end, the cooperation of system designers, maintenance personnel and reliability or safety analysts is required. Failure mode and effect analysis of the system will promote a deep understanding of the system failure law, which will help to correctly determine the top event and establish a fault tree.
5 Work items
5.1 Determine the top event
Based on the analysis, the system failure criteria and the understanding of the system, determine the undesirable events related to the system, that is, the top event. Usually this event significantly affects the technical performance, economy, reliability, safety or other required characteristics of the system. The top event must be clearly defined, and it is the core of the fault tree analysis. When we are concerned about more than one undesirable event related to the system, we can use all these undesirable events as input events of the same hypothetical top event, so as to reduce the problem to the situation of only one top event for unified processing. 5.2 Establishing a fault tree
Establishing a fault tree is a repeated, in-depth and gradual improvement process, which should usually start in the early design stage of the system. With the progress of system design and the increasing understanding of failure modes, the fault tree will grow accordingly. When establishing a fault tree, it is necessary to avoid missing important failure modes. 5.2.1 Analysis of events to be considered
The events considered when building a fault tree should include hardware failures, possible software failures and human errors, as well as all conditions, environments and other factors related to system operation. All failure events must be clearly defined, and the conditions for the occurrence of each failure event must be pointed out. 5.2.2 Handling of common cause events
The same cause event that appears in different branches of the fault tree is called a common cause event. It affects two or more different result events. If a fault event is a common cause event, the event appearing in different branches of the fault tree must be labeled with the same event number. If the common cause event is not a bottom event, it should be simplified with the same transfer symbol. 5.2.3 Methods for building fault trees
The methods for building fault trees include deductive method, decision table method and synthetic method. Deductive method is mainly used for manual construction, while decision table method and synthetic method are mainly used for computer-assisted construction.
5.2.4 Deductive method construction
The deductive method construction should start from the top event and proceed step by step. The steps are as follows: a. Analyze the top event and find the direct necessary and sufficient cause that causes the top event. Take the top event as the output event, all direct causes as input, and connect them with appropriate logic gates according to the actual logical relationship of these events. b. Analyze each input event directly related to the top event. If the event can be further decomposed, it will be used as the output of the lower level and processed as the top event in step a. Repeat the above steps, decomposing downwards step by step, until all input events cannot be decomposed any further or it is unnecessary to decompose any further. These input events are the bottom events of the fault tree. The decomposition of each level of result events must strictly follow the "direct necessary and sufficient cause" to avoid the omission of certain fault modes.
5.3 Fault Tree Normalization
In order to systematically describe and analyze the fault tree, the constructed fault tree must be normalized to become a fault tree containing only bottom events, result events, and three logical gates of "OR", "NOT". 260
The main contents of fault tree normalization include: GB 7829--87
Treat undetected events as basic events or delete them; a.
Transform the AND gate into; bZxz.net
Transform the voting gate into a combination of OR gate and write gate; c.
Transform the XOR gate into a combination of OR gate, AND gate and NOT gate; d.
Transform the forbidden gates into writes.
Simplification and module decomposition of fault trees
Simplification and module decomposition of fault trees are effective measures to reduce the scale of fault trees and thus save analysis workload. 5.4.1 Simplification of fault trees
Remove obvious logical redundant events and obvious logical redundant gates. Use the same transfer symbol to represent the same tree, and use similar transfer symbols to represent similar subtrees. b.
5.4.2 Module decomposition of fault trees
According to the definition of modules and maximum modules (see 3.1 and 3.2), find the largest possible module of the fault tree. If computer a.
software is available, find all the largest modules of the fault tree. Each module constitutes a module tree, which can be analyzed qualitatively and quantitatively separately. b.
Replace each module tree with an equivalent virtual bottom event to reduce the scale of the original fault tree. c.
After the qualitative and quantitative analysis of the fault tree, the relationship between the top event and each module can be converted into the relationship between the top event and the bottom event according to actual needs.
5.5 Qualitative analysis
Use the descending method or the ascending method to find all the minimum cut sets of the fault tree. 5.5.1 Descending method
The basic principle of the descending method is: for each output event, if there is an OR gate below, then each input event under the OR gate is arranged in a row; if there is an AND gate below, then all input events under the AND gate are arranged in the same row. The steps of the descending method are: starting from the top event, proceed from top to bottom, repeat the above principles for each result event, until all result events are processed, and the set of bottom events in each row is a cut set of the fault tree. Finally, according to the meaning of the minimum cut set, the cut sets of each row are compared pairwise, and those rows that are not the minimum cut set are crossed out, and the remaining are all the minimum cut sets of the fault tree. The example of the downward method for finding all the minimum cut sets of the fault tree can be found in Appendix A, A. 1. 5.5.21 The basic principle of the upward method is: for each result event, if there is an OR gate below, then this result event is represented as the Boolean sum of the input events under the OR gate (event union), and if there is a gate below, then this result event is represented as the Boolean product of the input elements under the AND gate (intersection of elements)
The steps of the upward method are: starting from the bottom event, proceed step by step from bottom to top. Repeat the above principles for each result event until all result events are processed. Substitute the obtained expressions one by one, and according to the rules of Boolean operations, express the quality event as the simplest form of the sum of the bottom and top products, where each term corresponds to a minimum cut set of the fault tree, thereby obtaining all the minimum cut sets of the fault tree. See Appendix A A.2 for an example of how to use the ascending method to find all the minimum cut sets of a fault tree. 5.6 Quantitative analysis
If there is enough data to estimate the probability of occurrence of each bottom event in the fault tree, the following quantitative analysis can be performed on the fault tree under the condition that all bottom events are relatively independent. 5.6.1 Probability of occurrence of top event
The methods for finding the probability of occurrence of top events include: truth table method, probability diagram method, tolerance formula method, non-intersecting Boolean algebra method, etc. The truth table method and probability diagram method are only applicable to the case where the number of bottom components of the fault tree is small. The tolerance formula method is only applicable to the case where the number of minimum cut sets of the fault tree is small. When the scale of the fault tree is relatively large, the non-intersecting Boolean algebra method can be used. See Appendix B B.1 for an example of how to use the non-intersecting Boolean algebra method to find the probability of occurrence of top events. 5.6.2 Purity
GB 7829--87
According to actual needs, select one or several importance indicators and calculate them quantitatively. The most basic importance in fault tree analysis is: structural importance, probability importance and relative probability importance of the bottom event. See Appendix B, B.2 for an example.
Fault Tree Analysis Report
The following are just the basic terms that define a fault tree analysis report: a.
Purpose and scope.
System description:
Design description,
System operation,
Detailed system boundary definition.
Assumptions:
Assumptions of system design;
Assumptions of operation, maintenance, testing and inspection
Assumptions of reliability modeling.
Definition and criteria of system failures.
Fault Tree Analysis:
Analysis, data and symbol table used. Results and conclusions.
Other items can be added according to the needs of specific system analysis, such as: functional block diagram or circuit diagram of the system;
Summary of reliability data and information used; fault tree description in computer-readable form. GB7829-87
Appendix A
Example of qualitative analysis of fault tree
(reference)
A.1 Downward method to find all minimum cut sets of fault tree For the fault tree given in the figure, the steps of the downward method can be seen in the following table: Step
XIX2X:
XrXe =Xe
Step 1. Below the top event T is an OR gate, and the input events E, and E, under the gate are arranged in a row. Step 2 Below event E, is an OR gate, and the input events E, and E, under the gate are arranged in a row; below event E, is an AND gate, and the input events E, and E, under the gate are arranged in the same row. 263
GB7829--87
Step 3. Event E, is followed by an AND gate, and the input events X, X2 and X3 under this gate are arranged in the same row; event E, is followed by an AND gate, and the input events X, and X under this gate are arranged in the same row; event E, is followed by an OR gate, and the input events X and X under this gate are arranged in rows respectively, and are combined with event E to form XE and XE6. Step 4. Event E. is followed by an OR gate, and the input events X, and X under this gate are arranged in rows respectively, and are combined with event X to form X, X, and X, X, and are combined with event XsX and X. X6. So far, all the result events of the fault tree have been processed. The rows obtained in step 1 are all cut sets. Step 5. Perform pairwise comparisons. Since (X) is a cut set, (X, Y.) and (X, X.) are not minimum cut sets and must be crossed out. Finally, all the minimum cut sets of the fault tree are obtained as follows: 1Xel,(X3,X1,1Xs,X,l,(Xi,Xz,X,A,2 The upward method is used to find all the minimum cut sets of the fault tree. For the fault tree given in Figure A1, starting from the bottom event, E3 - X,X,X3, E - X. X4,
Es =X+ + Xs, Ee= Xs + X6,
E =E, +E+= XX2X3 +X,X.
E2=E,E: = (X, +X) (X,+X6)
= X4 Xs + Xa Xe + X5 X6 + X6 X6= X.Xs +Xh
T =E, +E=X+XX+XXs+XX2X3
So all the minimum cut sets of the fault tree are obtained:
(Xs1 , (X3, X,), 1X4, X,) +Xi,X2, X3)26.
GB 7829—87
Appendix B
Example of quantitative analysis of fault tree
(reference)
For the fault tree given in the figure of Appendix A, it is known that all bottom events are independent, and the probability of occurrence of all bottom events is given: q
Use the disjoint Boolean algebra method to find the probability of occurrence of the top event B.1
Use the disjoint Boolean algebra method to find the probability of occurrence of the top event. The steps are as follows: 45
From all the minimum cut sets obtained in Appendix A, the top event can be immediately expressed as the simplest Boolean expression of the sum of the products of each bottom event a.
T = X +XX +XX +XXX
Convert the above formula into a disjoint Boolean sum
T - X+ XX,X+X,X,XX+ X, X,X,XX (X + XX) = Xe + X3X,X + X+X,XX +X X2XXX where x: represents the opposite event of the bottom event X, that is, it means that the ith bottom event does not occur. c. Calculate the probability of both ends of the expression in b that has been deintersected, and get the probability of the top event occurring Q (q1, 92, , q6)
=P (X) +p (XXX) +P (XX,XX,) +p(X,XX,X,X)=46+q3q4p6+p:945p6+qi42q:pp6 where: =1一: represents the probability that the ith bottom event does not occur. Performing numerical calculations, we get the probability of the top event occurring: Q= 0.011354
B.2 Importance
Probability Importance of Bottom Events
Output 3.7, the probability importance of the first bottom event is: I(i)=
B.Substituting the Q of 1ci into the equation, we get:
Ip()=q243pap6
Ip(2)=q193pap
3-Q (q1, 42, , Q6)
i=1,2,3,,6
Ip(3)=qpe-q445p +q1q2pas
Ip(4)=4:pe +p35p641q29:p6
Ip(5)=p:qp6
GB7829—87
lp(6)=1q394-p39495-19293p
For numerical calculation, we get the probability importance of each bottom event:p(1)
0.000 5791
Ip(4)
B.2.2 Relative probability importance of the bottom event
Out of 3.8, the relative probability importance of the bottom event is: Ic(i)
lp(2)
0. 000 579 1
p(5)
Q (q1, 92,, q6)
qiIp(i)
Q(qt, q2,,q6)
lp(3)
p(6)
Q (q1,q2,-,46)
i=1,2,3,..,6
Where Q(.) and lp(i) are obtained by B.1c and B.2.1 respectively. By numerical calculation, the relative probability importance of each bottom event is: lc (1)
t (2)
B.2.3 Structural importance of bottom events
Te (3)
Ic (4)
I (5)
Ic (6)
The definition of the structural importance of bottom events is given in 3.6. The structural importance of bottom events is entirely determined by the structure of the fault tree and has nothing to do with the probability of occurrence of the bottom events. It has been theoretically proved that when the probability of occurrence of all bottom events is 1, the probability importance of the bottom events is equal to the structural importance of the bottom events. Therefore, in the expression of 1p(i) in B.2.1, substitute qh=ph
, and perform numerical calculation to obtain the structural importance of each bottom event: Is()
Additional explanation:
1(2)
(3)
This standard is proposed by the Ministry of Power Plant Industry of the People's Republic of China. =l, 2,
1(4)
a(5)
This standard is under the jurisdiction of the National Technical Committee for Reliability and Maintainability of Electrical and Electrical Products. The main drafters of this standard are Cao Puhua, Liao Jiongsheng, Shi Dinghua, and Su Deqing. 266
1(6)
Tip: This standard content only shows part of the intercepted content of the complete standard. If you need the complete standard, please go to the top to download the complete standard document for free.