Figure 5.12: Petri Nets to be used in Petri Nets driven by RBD
each component of the system that is subject for partial proof test (without p8; check the second item in previous paragraphs). The Petri Nets in figure (5.12b) models the delay of partial tests and the repair. Notice the circles in blue colour, these are shortcuts used to connect to places with the same label (e.g., p12). For each component added in the Petri driven by RBD, a shortcut should be added for the repair and the test actions. In appendix D we present a simple example Petri Net driven by RBD.
5.6 Method Comparison
We have presented four approaches for assessing the unavailability due to time related failures.
These approaches are the use of (i)the structure functions of RBD, (ii) Analytical Formulae
de-rived from Fault Tree analysis, (iii) time dependent unavailability based on Fault Tree analysis (which it is another way of presenting RBD), and (iv)Petri Nets which uses Montecarlo Simula-tion to perform the analysis.
Amongst the known techniques available for reliability analysis (see e.g., ISO/TR-12489, 2013) we have not discussed Markov analysis. This is because we are interested in modelling the effect to proof testing (e.g., of safety systems), and because proof tests are carried out a de-terministic time instants(Brissaud and Oliveira, 2012), transition from failed states (under the assumption that the failure is repaired) are not exponentially distributed, which is the founda-tion for Markov chains(Rausand and Høyland, 2004). In this case, multi-phase Markov models are more proper to include the effect of periodic proof testing(ISO/TR-12489, 2013).
The methods discussed in this chapter may be compared taking into account two main fac-tors (see e.g., Brissaud and Oliveira, 2012). Features of the model and of the analysis.
5.6.1 Models Relationship
RBD are built in term of functions and it may lead to unknown effects of failure of components in the system. This disadvantage can be overcome by the use of Fault Tree Analysis. However, both RBD and FTA are static models and therefore the dynamics of the system cannot be described.
On the other hand, Petri Nets are suitable for modelling the dynamics of the system and they can be easily built by using virtual RBD, Virtual RBD that can be drawn from FTA. The size of the virtual RBDs is almost equal to number of components of the system. This make the graphical representation of the model easy to read and understand it, even whit the inclusion of Petri Nets. The use of Petri Nets driven by virtual RBD makes the model less prone to modelling errors because the component’s Petri Net have the same structure.
5.6.2 Analysis
In the previous paragraph we discussed the main relationship amongst the techniques used in this report and how we can end using Petri Nets. However, each technique (the technique itself ) has its own way for doing the analysis. As we are interested on the average unavailability of safety systems subject to periodic full proof test, partial proof test, imperfect proof test, we proposed a
model (e.g., see Eq (5.3)) and we incorporated the proposed model in the use of each technique.
As mentioned, the analytical solution for finding the total availability of the system from the RBD6 and using the proposed model requires the use of software. It can be a limitation since foundation in programming is essential for understanding the model and avoid the use of the algorithm that we presented as a "black box". However, the correct use of the proposed algo-rithm provides an exact solution and a very good illustration of the instant unavailability by including the effect of proof tests (perfect, partial or imperfect). Other advantage of the pro-posed approach is the flexibility to include other probability distributions. For example, we can use the availability function by assuming the Weibull distribution in the same way that we used the exponential distribution.
We also discussed the use of analytical formulae derived from the minimal cut set theory.
As mentioned, with this approach we cannot model the effect of imperfect proof testing and several approximations are needed to compute the average unavailability. The "difficult" part is to find the minimal cut sets; but software tools are available for this matter (e.g., CARA). From the package CARA we can also compute the average unavailability based on the upper bound approximation(Rausand and Høyland, 2004) which is less conservative than the result that can be obtained from Eq. (5.5). The main disadvantage of this approach is that it is limited to failure rates exponentially distributed.
Petri Nets driven by virtual RBD are easy to build and the technique is very flexible. Different factors like demands and test duration may be included. The limitation of this technique lies on the package capabilities and the ability of the analyst, mainly due to systematic errors. Bris-saud and Oliveira (2012) claim that the only drawback of this technique is the time required to perform the analysis.
6RBD that can be derived from a FTA
Failure Modes and Reliability Data Analysis
6.1 Introduction
The identification of the modes in which a system may fail is as important as the technique used in the reliability analysis. In this chapter we discuss the main failure modes that may affect the major components of a WOCS. For each failure mode we present a short description and the effects due to proof testing.