Data Requirements

To carry out quantifications of an FT, quantitative data need to be input for the basic events. In the simplest form, the input data consists of probabilities for the basic events of the fault tree. As was described in preceding sections, the basic event probabilities can be used in the fault tree equations to determine the probabilities of every higher event in the fault tree, including the top event. Data bases exist that provide basic data for calculating probabilities of different types of basic events. The data in these data bases are used in standard reliability and probability formulas to calculate the basic event probabilities. The use of component failure rates was discussed in a previous section. Available fault tree computer codes use basic input data to calculate the basic event probabilities.

The basic data that are required depends on the type of basic event being quantified. The list below gives the types of data that are generally required:

Component failure rate data. Component failure rates are required to calculate component

failure probabilities and component unavailabilities. If a component failure rate data base is used, as is the general case, then the failure mode of the component in the data base should be

the component defined in the data base includes failure contributions from its power supply and the one being evaluated doesn’t, then the data or the model should be modified to insure consistency). Often, the component being evaluated can only be approximated or can only be bracketed by component specifications in the data base. It is therefore important to define associated uncertainty bounds that not only cover statistical uncertainties in the estimate of a given data value, but also the variations in possible applicable data values (this uncertainty is sometimes referred to as the “tolerance” uncertainty and can often be much larger than the statistical uncertainty).

In addition to defining the component specification, it is important to identify whether a standby failure rate or an operating failure rate is required, or both. A standby failure rate is used to determine the probability of a failure to start from a standby condition. An operating failure rate is used to determine the probability of failure to operate for an operating component that has successfully started. For an operating failure rate, a time of operation is also needed to determine the failure probability. For a standby component, the average time that a standby failure exists before repair is accomplished is needed to calculate the unavailability. Failure rates are sometimes given in units or per demand instead of per hour. The demand can be an operational cycle of the component for a cyclic component, an average operation time for an operating component, or an average time a failure exists before completion of repair. The analyst needs to determine which is the definition used for a given data value and if it is applicable, e.g. if the average time that a failure exists is similar to that being evaluated.

Human error data. Data in human error data bases consists of human error rates per action.

Human error quantification and human error reliability is different from human factors analysis. Human factors analysis is a psychological assessment of the factors affecting human behavior. Human factors analysis is a qualitative analysis. Human reliability analysis quantifies the probability of different types of human actions. It is human reliability analysis that is used in FTA.

To quantify the human error that is modeled in the fault tree using a human error rate data base, the human error being modeled should be matched as closely as possible to the same type of human error in the data base. Often expert opinion will be used to estimate the human error rate because of the inapplicability of available human error data. In any case, the uncertainty associated with the human error rate should account for the possible variations in human performance and conditions as well as statistical estimation error. Oftentimes, conservatively high human error rates are assigned to determine the resulting sensitivity of the top event probability. Those human error rates for which the top event probability is sensitive are then assessed with more accuracy.

Common cause failure data. Common cause failure (CCF) data are required when CCFs are

modeled in the fault tree. The modeling of CCFs was discussed in an earlier section and is addressed in the Sample Container Seal Design Example in Chapter 12. Generally, when CCFs are modeled, conditional failure probabilities are required that are termed beta factors. For more detailed CCF models, more detailed conditional failure probabilities are used that account for the number of previous failures. These more detailed models utilize data that are termed alpha factors, beta binomial factors, or multiple Greek Letter factors. Specialized CCF data sources are available for some components. Often, a conservatively high value is used for the

conditional failure probability for a sensitivity study. If the top event is sensitive to the value then a more accurate assessment is performed.

Phenomenological data. Phenomenological data are needed if one or more initiating event

occurrences are modeled as basic events in the fault tree. These phenomenological events can include micrometeoroid or orbital debris (MMOD) damage, a fire or explosion, or an earthquake. The basic data are event frequencies per mission or per unit time. These frequencies, if small, are often used as probabilities and if they are in units of per unit time can be multiplied by the appropriate time interval. For a high value of a frequency, the top event is then the frequency of occurrence (or the expected number of top event occurrences in a given interval). Specialized data bases or expert opinion are used to obtain these estimates along with their uncertainty ranges.

In addition to initiating event probabilities, additional probabilities may be required if sequences are modeled in the fault tree that begin with the phenomenological event. These special probabilities can include the probability that a defect is missed by inspection and the probability that the defect propagates to failure. These probabilities are obtained from external calculations, e.g., stress versus strength calculations, or from expert opinion.