Reliability Engineering and System Safety 41 (1993) 231-237

Use of recursive methods in fuzzy fault tree analysis: an aid to quantitative risk analysis

Usha Sharma Design Analysis Division, Central Mechanical Engineering Research Institute, Durgapur--713 209, W.B., India

&

M. Sudhakar Tata Consultancy Services, 2/3, Bishop Wailers Avenue (East) Mylapore, Madras, 600004, India

(Received 29 July 1992; accepted 8 March 1993)

This paper demonstrates the use of recursive techniques in quantitative risk analysis when the probability of occurrence of the basic events is uncertain (fuzzy) in nature instead of having a precise value. Cases of both coherent and non-coherent fault trees with replicated events are dealt with. The analyses have been computerized using an IBM compatible personal computer (PC- AT). The source code is in C and uses Turbo-C graphics routines for creating plots. A wide variety of examples with different membership functions have been considered.

I N T R O D U C T I O N

Fault tree analysis is extensively used in nuclear, aircraft, offshore and many other industries for quantitative risk analysis. However , the conventional fault tree analysis techniques are not directly applicable to some industries, primarily due to the fact that statistical data for failures and failure rates in such industries are almost non-existent. Moreover , factors like human errors are much more significant in some industries. Hence, the reliability data on components or systems which are used in the fault tree analysis in such industries are only rough estimates of the true values and the calculated results are valid only for some specified conditions. Secondly, there are industries where the components, the building blocks of a system, are mainly passive in nature, and statistical data on the failure rates for passive components which contribute in a more or less static manner to the functioning of the system are not as well established as those for active components; therefore the uncertainties in the values of the failure rates are much larger in comparison to active component failures. Hence, there is a flow of uncertainties in reliability values due to sparse

Reliability Engineering and System Safety 0951-8320/93/$06.00 1993 Elsevier Science Publishers Ltd, England.

231

component failure data, neglected human errors, disregard of certain external factors, etc. (see Ref. 2 for the causes and types of uncertainty in PSA of high risk systems). It is worth mentioning here that the probabilistic approach to conventional fault tree analysis--the quantitative aspect of risk analysis---is inadequate to account for such inbuilt uncertainties in data.

Fuzzy set theory proposed by Zadeh 3 has been claimed to offer an ingenious approach to cope with cases where subjective judgment or estimation of an individual plays a vital and significant role while dealing with ambiguity or uncertainty. The theory of possibility which was also proposed by Zadeh 4 as a further development of fuzzy set theory is an important tool for imprecise quantification.

The theory of fuzzy sets, along with possibility theory, is more appropriate for anlysing systems in the presence of uncertainties. 5"6 This theory is rather new and is relatively unknown but knowledge of it and its use is rapidly increasing. Mention may be made to the work of Chun and Ahn 6 which identifies the potential applicability of the fuzzy set theory to the uncertainty analysis of event trees with imprecise and uncertain branch probabilities.

Keeping in view the inadequacy of the conventional fault tree analysis, a series of papers have been written by different authors that uses fuzzy set theory

232 Usha Sharma , M. S u d h a k a r

for fault tree analysis. Mention may be made of the key paper of Tanaka et al.7 Their approach is based on the enumeration of cutsets and the utilization of a trapezoidal representation of failure probability. Another variation of fuzzy fault tree analysis is given by Misra and Weber. ~ Their analysis is based on possibility distributions associated with the baasic events and a fuzzy algebra for cimbining these events. They have in fact proposed a cut set-based algorithm using a discretization procedure which permits consideration of any arbitrary possbility distribution for the events and provides higher precision than that which could be obtained from a graphical approach. They also provided an appropriate representation of conditional possibility distribution which can be used in conjunction with AND and OR gates of a fault tree in order to consider the dependency of failures. In a later paper, Misra and Weber 9 used a similar concept in probabilistic risk assessment. They extended the idea to fuzzy probabilities with arbitrary repre- sentation of failure probability from trapezoidal representation using the concept of sampling and interpolation of membership function. They used a bottom-up approach for the analysis. However, both Tanaka et al. 7 and Misra and Weber '~ kept their analyses limited to coherent fault trees, i.e., fault trees with sample AND and OR gates. It is worth mentioning here, however, that the method proposed by Tanaka et al. 7 is not well suited for large fault trees due to the limitation of cutset approaches. The method proposed by Misra and Weber, 9 on the other hand, does not account for replicated events.

Apart from the above-mentioned treatises, a number of authors have also shown similar application of fuzzy set-theory for reliability analysis. Mention may be made of the work of Keller and Kara-Zaitri ~° in applying fuzzy logic to reliability assessment and safety analysis. They used Jr functions (approximate functions) for describing the possibility of failure of components. They have, however, kept their analysis limited to series parallel systems. Recently, Singer l~ and Onisawa l= have applied a fuzzy set approach to fault tree and reliability analysis. Singer ~l has treated the relative frequencies of the basic events as fuzzy numbers. Using standard approximations for the membership function ([L-[~ type), they derived n-ary possibilistic AND, OR and NEG operators, allowing a strightforward evaluation of the frequencies of hazard events in complex systems simultaneously with their tolerances, and constructed possibilistic fault trees.

As far as conventional fault tree analysis techniques are concerned, a considerable amount of work has been done during the last two decades with the aim of widening the state-of-the-art. These techniques can be mainly categorized into (i) the cutsets/prime implicant approach and (ii) direct evaluation algo-

rithms. Although the usual manner in which fault trees are evaluated is by quantification of the minimal cutsets/prime implicants (cutsets in the case of a coherent fault tree and prime implicants in the case of a non-coherent one), these methods may produce only an approximate result in most practical applications, since the determination of minimal cutsets for larger fault trees requires truncation techniques to restrict the number of cutsets that are generated. Moreover, the determination of cutsets itself is tedious and time-consuming which is often one of the reasons for rendering the cutset-based methods slower in comparison to direct evaluation methods.

It is evident from the above survey that a considerable amount of work has already been done to account for the uncertainties in data in quantitative risk analysis using different fault tree analysis techniques. In this paper we use a top-down recursive approach * instead of the usual methods based on cutsets/prime implicants, in contrast with fuzzy set theory for carrying out fuzzy fault tree analysis. A large number of examples are included to illustrate the potential of the recursive technique * in im- plementing fuzzy fault tree analysis.

A casual acquaintance with fuzzy set theory is assumed. However, readers who are not well versed with the basic theory are kindly referred to Ref. 3.

FUZZY PROBABILITIES WITH DIFFERENT REPRESENTATIONS OF THE MEMBERSHIP FUNCTION

In this section we provide the necessary result which have been used in the analysis for the sake of completeness of the paper.

Fuzzy numbers

A fuzzy number is a real number fuzzy set that is both convex and normal. A fuzzy set A is said to be a convex fuzzy set if

Vx, y ~ P : #•[Lx + (1 - )0Y] -> #p(x) A #,,(y),

v z [0, II

where P is the set of real numbers and x, y and # are real numbers.

A fuzzy set is normal if and only if the highest value of the degree of membership equals 1.0.

Fuzzy numbers, like the ordinary numbers, give another fuzzy number as a result of arithmetic operations. 3 The fuzzy probability represents a fuzzy number between zero and one, assigned to the probability of an event.

Recurs,re methods in f u z zy fault tree analysis 233

Fuzzy probabilities with trapezoidal representation Fuzzy probabilities ~_-~ representation ~z

The fuzzy probability (which is a fuzzy number between 0 and 1) of the ith event of a fault tree is said to have trapezoidal representation if its membership function has the form 7

"0

1 - (0:iz - x)10:io

Up,(x) =. 1

1 - ( x - f l , g ) / 0 : , d

0

for O~x<--O~il

for 0:~t <-- x <-- 0:iz

for 0:il ~- X ~- fli2

for fli2 <- x <- flil

for f i , <- x <- i

(1)

It is usually denoted by its four parameters O~il , 0:i2, fli,, fl,2, i.e, p, __a (~/1, 0:i2, ~i2, ~/1).

The complementation of a trapezoidal fuzzy number is also a trapezoidal fuzzy number, denoted by

p, _a_ (1 - fl~,, 1 - fl,2, 1 - 0:,2, 1 - 0:il) (2)

The multiplication of two trapezoidal fuzzy numbers is a fuzzy number given by

p, O p / A (0:~10:i~, 0:i20:j2, f l i2 f l j2 , flilfljl) (3)

with the approximation provided by Tanaka et al., 7 where O denotes the fuzzy multiplication.

Fuzzy probabilities with ~ representation ~°

The fuzzy probability of an event in a fault tree is said to have a n represenation if its membership function is of the form

r0 for O<_x<_s-21s

(x - s +2ls ) 2 for s - 2 1 s < - x < - s - l s (Z/s) 2

1 - 2 (x - s)2 for s - l s < - x < - s (21s) 2

#p,(x) =' (4)

1 - 2 (x - s)2 for s<--x<--s+rs (2rs) 2

2 ( x - s + 2 r s ) 2 for s + r s < - x < - - s + 2 r s (2rs) 2

0 for s + 2 r s ~ x < _ l

A z-type fuzzy number is denoted by

Pi a__ (si, lsi, rsi)

with ls,, rs~ << 1-0. In this case the complementation of a fuzzy number is given by

/~, ___a (1 - si, rsi, lsi) (5)

and the multiplication of two ~r-type fuzzy numbers P~ a_ (s,, lsi, rsi) and pi ~= (sj, Is~, rsi) is given by

p, Op/a_ (s~si, s,ls/+ s/lsg, sirs / +s/rsi) (6)

neglecting terms like Is,Is~.

A fuzzy number Pi is said to be of IL-I~ type, if its membership function is of the form

#p . (x )=n_[ (~ i -x ) /0 : i ] for x<-Mi , 0: ,>0

= E [ ( x - ~ , ) / f l , ] for x>>-~i, f l ,>O (7)

where ~ , is the maximal value for which /~p,(~,) = 1; 0:1 and t , are left and right spreads, and 0_ and R are appropriate functions of ( ~ , - x ) / 0 : i and ( x - ~ i ) / f l i respectively. An Q_-E type fuzzy number is denoted by its three parameters ~ , , 0:~, fl~, i.e., p~ ___a (~ i , 0:,, fl~).

In this case the complementation is given by

p, _a (1 - ~ , , fl,, 0:,) (8)

and the multiplication of two [L-~ type fuzzy numbers P, __a ( l~ , 0:~, fli) and p/& (~fl/, 0%/3/) is given by

p, ®pj ~ (~,%, M,0:j + ~j0:,, ~,~j + %t~,) (9a)

for 1~;, Mj > 0 and relatively small values of 0:i and fl,, and by

~ f l j + ~/~6~ + flifli) (9b)

for larger values of 0:, and fl~. In the present paper eqn (9a) is used.

Fuzzy probabilities with normal representation

A fuzzy number p, is said to have a normal representation of its membership function is of the form

l t m ( x ) = e x p [ - { ( x - m i ) / o i , } 2] for O < x < - m i

= e x p [ - { ( m i - x ) / o i 2 } 2] for m i < - x < - I (10)

A normal fuzzy number is denoted by its three parameters m,, Oil, o;2, i.e., p, a_ (mi, oil, o,2).

The complementation in this case is given by

f , ~ ( 1 - m , , 0,2, o/1 ) (11)

and the multiplication of two fuzzy numbers having a normal representation of the membership function is given by

P, ®pj a_ (mimj, o, lmj + ojlm,, oi2m j + %.2m,) (12)

with Oil , O/l , 0i2 , Ojz <<mi, m/.

NUMERICAL EXAMPLES

In this section various illustrative examples of fuzzy fault tree analysis of coherent and non-coherent systems have been provided.

234 Usha Sharma, M. Sudhakar

Fig. 1. Fault tree of Example 1.

Table 1. Fuzzy probability data for the primary events of Example 1

Event Parameters (~-[~ type) n o . . . . . .

~i ai and fii

5 0.035 1-115E-3 7 0.007 2 15-25E -4 9 0-03 5-56E-5

10 (I.001 38 3.2E-4 12 0.003 2 1.566E-4 14 0.002 8 1.922E-4 16 0.005 1-778E-5 18 0.003 2.185E-5 19 0-004 5 1.126E-4 21 0.013 4.45E-5 23 0-065 1.068E-4 27 0.006 2 1.65E-4 28 0-015 7 2.65E-4 29 0-048 1-555E-4 31 (/.(t02 7 2.338E-5 33 0.027 5 4.448E-4 35 0.006 5 2.923E-4

Example 1

In this example, we perform fault tree analysis of a COherent fault tree with REplicated primary inputs (as shown in Fig. 1) in which the probabili ty of occurrence of the basic events has some uncertainty factor and can be represented by an fl_-E type membership function of the form

1 UP'(x) = []-[(~¢~i - x)loli] = 1 + [(~4]i - x)l~il for x ~ [~i

1 = ~ [(x - Mi)/fli] = for x --> Mi

1 + I(x - ~ , ) / #7 ,1

The analysis has been carried out with the set of random data shown in Table 1 for the fuzzy probability of the pr imary events.

The fuzzy probability of the top event was found to be (0.008 224), 0.000 289, 0.000 289). Figure 2 shows the fuzzy probability plot of the same.

Example 2

In this example the fault tree, as shown in Fig. 3, is also a COherent one and membership function of the primary events is of the NOrmal type. The fault tree under consideration has only six pr imary events of which five are replicated.

The analysis was carried out with the set of random data shown in Table 2 for the fuzzy probabili ty of the primary events.

The fuzzy probability of the top event was found to be (0-000 293 9, 0-000 299 3, 0-000 848 9). Figure 4 provides the fuzzy probabili ty plot of the top event of the same.

8

_= el

JO E

1.0

0.9

0.8.

0.7

0.6

0.5_

0.4_

0.3_

0.2_

O,t

o Ol.OOZ

Fuzzy faul t t ree analysis

LExa,.ole ~ . i

0'.004

Probability

o'.oos o'.ooe O 1

Fig. 2. Fuzzy probability plot of the top event of Example 1.

Example 3

The fault tree under consideration is a NOn-COheren t one (as shown in Fig. 5) with REplicated events and the membership function of the basic events is of TRapezoidal type. A bar over an event number refers to the uncomplemented form.

The set of data for which the analysis was carried out is given in Table 3.

Recursive methods in fuzzy fault tree analysis 235

TOP EVENT I

Fig. 3. Fault tree of Example 2.

Table 2. Fuzzy probability data for the primary events of Example 2

Event Parameters (normal-type) n o .

mi oii Oil2

8 0.001 8 0.001 8 0.002 3 10 -0.001 55 0-000 75 0.000 72 12 0.002 5 0.000 5 0.000 6 19 0.004 5 0.000 5 0.000 55 20 0.001 325 0-000 3 0.000 2 22 0:000 25 0.000 35 0.000 35

,,C

.g E

I. 0 _~

0.9._

0.8_

0.7_

0.6_

0 5

0 4

0 3

0.2

0.1

Fuzzy fault tree analysis lExa~Dle no.2

01

Prob lb i l i ty

Fig. 4. Fuzzy probability plot of the top event of Example 2.

The fuzzy probability of the top event was found to be (0.003, 0.003 4608, 0.004451 15, 0.006851 5) and to have the membership function plotted in Fig. 6.

Example 4

The fault tree under consideration is a NOn-COherent one and is shown in Fig. 7. The membership function of the primary events is of the :r-type.

The set of data for which the analysis was carried out is provided in Table 4.

The fuzzy probability of the top event was found to be (0-005 70621, 0.001 563 8, 0.001563 8). Figure 8 proives the fuzzy probability plot of the top event

CONCLUSIONS

It is evident from the anlysis carried out in the present paper that if there exist uncertainties in data which constitute the primary causes of concern in several high risk engineering systems, and if these are to be adequately accounted for, then this can be achieved without much difficulty. Complexity of the fault trees and limitations of the cutset approaches do not pose any problem for the application of fuzzy set theory to quantitative risk analysis. Complexity of the member- ship functions can also be handled without any difficulty. Advantages of the recursive techniques (which have been proved to be faster) can be easily implemented for fuzzy fault tree analysis.

A C K N O W L E D G E M E N T S

The first author is grateful to Dr A. Gopalakrishnan, Director, CMERI, for providing all the necesary facilities to complete the present work which was started at the Reliability Engineering Centre of

236 Usha Sharma, M. Sudhakar

TOP EVENT I

Fig. 5. Fault tree of Example 3.

Table 3. Fuzzy probability data for the primary events of Example 3 (in terms of E-5)

Event Parameters (trapezoidal-type) n o .

3 2.0 8.0 10.0 2%0 4 5.0 9.0 15.0 20.0 5 50.0 120.0 210-0 250.0 6 7.2 20.0 25-0 32.0 7 15.0 21.0 29-0 35.0 8 200.0 300.0 350.0 400.0 9 290.0 332.0 425.0 512.0

10 3-25 4.5 5.5 6-0 11 250.0 425.0 600.0 680.0 12 285.0 325.0 416.0 650.0 13 37.5 44-5 50.0 70.0 14 200-0 365.0 450-0 575.0 15 11-2 28.9 52.5 55-0 16 38.0 49.0 51.5 65.0 17 20-0 39.2 58.15 65.0 18 42.5 55.8 62.0 72-0 19 16-5 32.5 49-5 52.0

Fuzzy fault tree analysis

iExa~ple no. 3

g u g _o. J~

~ .01

Probability

Fig. 6. Fuzzy probability plot of the top event of Example 3.

"1.0_

0 9 .

0,8

0 7

0 6 _

05_

0.4

0.3

o z

Ol

o~o - - - - ;~ -o z

TOP ~ ]

+

Fig. 7. Fault tree of Example 4.

Recursive methods in fuzzy fault tree analysis 237

Table 4. Fuzzy probability data for the primary events of Example 4 (in terms of E-3)

Event Parameters (n-type) n o s

si /si and tsi

which it would not have been possible to bring out the paper in its present form. Thanks are also due to Professor G. Apostolakis for his critical comments and valuable suggestions.

3, 8, 18, 23 1.24 0.312 4, 9, 14, 19, 24 2.5 1.15 5, 10, 15, 20, 29 5.0 1.778 6, 11, 16, 21, 32 5.7 1.56 7, 12, 17, 22 6.2 1.556

Fuzzy fault tree analysis I I / x a ~ l e no.4

0.9_

0 . 8 .

0 . 7 _

0 . 6 _ g ~ o.5_

,_~ O.4_

0.3_ .13 E

0 . Z -

0.1_

o o[ooz o!oo4 o!oo6 o'.ooe ol

Probability

Fig. 8. Fuzzy probability plot of the top event of Example 4.

I IT-Kharagpur . The first author also takes this opportunity to express her sincere thanks to the second author for his valuable computer work without

R E F E R E N C E S

1. Page, L. B. & Perry, J. E., An algorithm for exact fault tree probabilities without cut sets, IEEE Trans. Reliability, R-35(5) (1986) 544-58.

2. Wu, J.S., Apostolakis, G. E. & Okrent, D. Uncertainties in system analysis: probabilistic versus nonprobabilistic theories, Reliability Engineering & System Safety, 30 (1990) 163-81.

3. Zadeh, L. A., Fuzzy sets, information and control, 8 (1965) 338-53.

4. Zadeh, L. A., Fuzzy set as a basis for a theory of possibility, Fuzzy Sets & Systems, 1(l) (1978) 3-28.

5. Dubois, D. & Prade, H., On the relevance of non-standard theories on uncertainty in modeling and pooling expert opionions, Reliability Engineering & System Safety, 36 (1992) 95-107.

5. Moon-Hyun Chun and Kwant-II, Ahn, Assessment of the potential applicability of fuzzy set theory of accident progression event trees with phenomenological uncer- tainties, Reliability Engineering & System Safety, 37 (1992) 237-52.

7. Tanaka, H., Fan. L. T., Lai, F. S. & Toguchi, K., Fault tree analysis by fuzzy probability, IEEE Trans. Reliability, R-32(5) (1983) 453-7.

8. Misra, K. B. & Weber, G. G., A new method for fuzzy fault tree analysis, Microelectronics and Reliability, 29(2) (1989) 195-216.

9. Misra, K. B. & Weber, G. G., Use of fuzzy set theory for level-I studies in probabilistic risk assessment, Fuzzy Sets and Systems, 37 (1990) 139-60.

10. Keller, A. Z. & Kara-Zaitri, C., Further application of fuzzy logic to reliability assessment and safety analysis, Microelectronics & Reliability, 29(3) (1989) 399-404.

11. Singer, D., A fuzzy set approach to fault tree and reliability analysis, Fuzzy Sets & Systems, 28 (1988) 145-55.

12. Onisawa, T., Fuzzy theory in reliability analysis, Fuzzy Sets & Systems, 29 (1989) 250-1.