Unit No.

2 Network Modelling
and Reliability Evaluation
 Contents

• Basic concepts – Evaluation of network Reliability /

Unreliability – Series systems, Parallel systems, Series - Parallel
systems, partially redundant systems – Types of redundancies
-Evaluation of network Reliability / Unreliability using
conditional probability method – Paths based and Cutest based
approach – complete event tree and reduced event tree
methods.
 Predicted Reliability of Equipment and
Systems with Simple Structure
• Simple structures are those for which a reliability block diagram
exists and can be reduced to a series/parallel forms with independent
elements.
• For such an item, the predicted reliability is calculated according to
the following procedure,
• 1. Definition of the required function and of its associated mission
profile.
• 2. Derivation of the corresponding reliability block diagram (RBD).
• 3. Determination of the operating conditions for each element of the
RBD.
• 4. Determination of the failure rate for each element of the RBD.
• 5. Calculation of the reliability for each element of the RBD.
• 6. Calculation of the item (system) reliability function Rs (t ).
• 7. Elimination of reliability weaknesses and return to step 1 or 2, as
necessary.
 Required Function
• The required function specifies the item's task. Its definition is the starting
point for any analysis, as it defines failures.
• For practical purposes, Parameters should be defined with tolerances and
not merely as fixed values.
• In addition to the required function, environmental conditions at system
level must also be defined. Among these, ambient temperature (e.g.
+40°C), Storage temperature (e.g. -20 to +60°C), humidity (e.g. 40 to
60%), shock, noise (e.g. 40 to 70dB), and power supply voltage
variations (e.g. +.20%).
• From these global environmental conditions, the constructive
characteristics of the system, and the internal loads, operating
conditions (actual stresses) for each element of the system can be
determined.
• Required function and environmental conditions are often time dependent,
leading to a mission profile (operational profile for software).
• A representative mission profile and the corresponding reliability targets
should be defined in the system specifications (initially as a rough
description and then refined step by step)
 Reliability Block Diagram
• Engineering analysis of the system has to be conducted in order to develop
a reliability model. The engineering analysis consists of the following steps:
1. Develop a functional block diagram of the system based on physical
principles governing the operations of the system.
2. Develop the logical and topological relationships between functional
elements of the system.
3. Determine the extent to which a system can operate in a degraded state,
based on performance evaluation studies.
4. Define the spare and repair strategies (for maintenance systems).
Based on the preceding analysis, a reliability block diagram is developed, which
can be used to calculate various measures of reliability and maintainability. The
reliability block diagram (RBD) is a pictorial way of showing the success or
failure combinations for a system.
A system reliability block diagram presents a logical relationship of the system,
subsystems, and components.
Some of the guidelines for drawing these diagrams are as follows:
This chapter describes how to design, analyze, and evaluate the
reliability of a system based on the parts, assemblies, and
subsystems that compose a system. Most of the concepts in this
chapter are explained using one level of the system hierarchical
process. For example, we will illustrate how to compute system
reliability if we know the reliabilities of the subsystems. Then
the same methods and logic can be used to combine assemblies
of the subsystem, and so on.
 Reliability block diagram (RBD)`1
• The reliability block diagram (RBD) is an event diagram. It answers the
following question: Which elements of the item under consideration are
necessary for the fulfilment of the required function and which can fail
without affecting it?
• Setting up a RBD involves, at first, partitioning the item into elements
with clearly defined tasks. The elements which are necessary for the
required function are connected in series, while elements which can fail
with no effect on the required function (redundancy) are connected in
parallel.
• Obviously, the ordering of the series elements in the reliability block
diagram can be arbitrary. Elements which are not relevant for (or used in)
the required function under consideration are removed (put into a
reference list), after having verified (FMEA) that their failure does not
affect elements involved in the required function. These considerations
make it clear that for a given system, each required function has its own
reliability block diagram
Reliability Block Diagram : Series System
 Concept of Redundancy
• High reliability, availability, and / or safety at equipment or system level
can often only be reached with the help of redundancy.
• Redundancy is the existence of more than one means (in an item) for
performing the required function. Redundancy does not just imply a
duplication of hardware, since it can be implemented at the software
level or as a time redundancy. However, to avoid common mode and
single-point failures, redundant elements should be realized (designed
and manufactured) independently from each other.
• Irrespective of the failure mode (e.g. shorts or opens), redundancy
still appears in parallel on the reliability block diagram, not necessarily
in the hardware . In setting up the reliability block diagram, particular
attention must be paid to the series element to a redundancy.
• A FMEA is generally mandatory for such a decision. Should the
redundant elements fulfil only a part of the required function a pseudo
redundancy exist.
 Products with Redundancy
• Redundancy exists when one or more of the parts of a system
can fail and the system will still be able to function with the
parts that remain operational.
• Two common types of redundancy are active and standby.
• In active redundancy, all the parts are energized and operational
during the operation of a system. In active redundancy, the parts
will consume life at the same rate as the individual components.
• In standby redundancy, some parts do not contribute to the
operation of the system, and they get switched on only when
there are failures in the active parts.
• In standby redundancy, the parts in standby ideally should last
longer than the parts in active redundancy
 Conceptual types of standby redundancy

• There are three conceptual types of standby redundancy: cold,

warm, and hot.
• In cold standby, the secondary parts are shut down until needed.
This lowers the number of hours that the part is active and typically
assumes negligible consumption of useful life, but the transient
stresses on the parts during switching may be high. This transient
• stress can cause faster consumption of life during switching.
• In warm standby, the secondary parts are usually active, but are
idling or unloaded.
• In hot standby, the secondary parts form an active parallel system.
The life of the hot standby parts are assumed to be consumed at
the same rate as active parts.
An Active redundant system : Parallel System
 Conditional Probability method
• Conditional probability is defined as the likelihood of an event or
outcome occurring, based on the occurrence of a previous event or
outcome. Conditional probability is calculated by multiplying the
probability of the preceding event by the updated probability of the
succeeding, or conditional, event.
For example:
• Event A is that an individual applying for college will be accepted. There
is an 80% chance that this individual will be accepted to college.
• Event B is that this individual will be given dormitory housing. Dormitory
housing will only be provided for 60% of all of the accepted students.
• P (Accepted and dormitory housing) = P (Dormitory Housing | Accepted)
P (Accepted) = (0.60)*(0.80) = 0.48.
• A conditional probability would look at these two events in relationship
with one another, such as the probability that you are both accepted to
college, and you are provided with dormitory housing.
 Unconditional probability
• Conditional probability can be contrasted with unconditional
probability. Unconditional probability refers to the likelihood
that an event will take place irrespective of whether any other
events have taken place or any other conditions are present.
• Conditional probability refers to the chances that some
outcome occurs given that another event has also occurred.
• It is often stated as the probability of B given A and is written
as P(B|A), where the probability of B depends on that of A
happening.
• Conditional probability can be contrasted with unconditional
probability.
 Event tree Analysis
• Event trees identify various sequences of events, both failures and
successes that can lead to accidents.
• It is a forward, bottom up tool, starting with a single initiating event
and determining the events leading to a final state.
• Event tree analysis is generally applicable for almost any type of risk
assessment application, but used most effectively to model
accidents where multiple safeguards are in place as protective
features.
• Event trees provide systematic coverage of the time sequence of
event propagation, either through a series of protective system
actions, normal plant functions, operator interventions and incident
consequences.
• They are really one of the first steps in a probabilistic risk
assessment. Event trees are a tool that makes it more
straightforward to assess what pathway is creating the greatest
probability of failure for a specific system
 Methodology
1. Define the system: Define what needs to be involved or where to draw the
boundaries.
2. Identify the accident scenarios: Perform a system assessment to find hazards or
accident scenarios within the system design.
3. Identify the initiating events: Use a hazard analysis to define initiating events.
4. Identify intermediate events: Identify countermeasures associated with the specific
scenario.
5. Build the event tree diagram
6. Obtain event failure probabilities: If the failure probability can not be obtained use
fault tree analysis to calculate it.
7. Identify the outcome risk: Calculate the overall probability of the event paths and
determine the risk.
8. Evaluate the outcome risk: Evaluate the risk of each path and determine its
acceptability.
9. Recommend corrective action: If the outcome risk of a path is not acceptable develop
design changes that change the risk.
10.Document the entire process on the event tree diagrams and update for new
information as needed.
 Advantages
• Enables the assessment of multiple, co-existing faults and failures
• Functions simultaneously in cases of failure and success
• No need to anticipate end events
• Areas of single point failure, system vulnerability, and low payoff
countermeasures may be identified and assessed to deploy resources properly
• paths in a system that lead to a failure can be identified and traced to display
ineffective countermeasures.
• Work can be computerized
• Can be performed on various levels of details
• Visual cause and effect relationship
• Relatively easy to learn and execute
• Models complex systems into an understandable manner
• Follows fault paths across system boundaries
• Combines hardware, software, environment, and human interaction
• Permits probability assessment
• Commercial software is available
 Limitations
• Addresses only one initiating event at a time.
• The initiating challenge must be identified by the
analyst
• Pathways must be identified by the analyst
• Level of loss for each pathway may not be
distinguishable without further analysis
• Success or failure probabilities are difficult to find.
• Can overlook subtle system differences
• Partial successes/failures are not distinguishable
• Requires an analyst with practical training and
experience