E NGINEERING

R ELIABILITY

R ELIABILITY
B LOCK
D IAGRAMS
RBD D EFINITION
E NGINEERING R ELIABILITY
RBD S AND FAULT
T REES
S YSTEM S TRUCTURE
FAULT T REES AND R ELIABILITY B LOCK D IAGRAMS
Q UALITATIVE
A NALYSIS
S TRUCTURE
F UNCTIONS Harry G. Kwatny
PATHS AND C UTSETS

Q UANTITATIVE
A NALYSIS Department of Mechanical Engineering & Mechanics
R ELIABILITY Drexel University
R EDUNDANCY
 O UTLINE

E NGINEERING
R ELIABILITY

R ELIABILITY B LOCK D IAGRAMS

R ELIABILITY
B LOCK RBD Definition
D IAGRAMS
RBD D EFINITION RBDs and Fault Trees
RBD S AND FAULT
T REES System Structure
S YSTEM S TRUCTURE

Q UALITATIVE
A NALYSIS Q UALITATIVE A NALYSIS
S TRUCTURE
F UNCTIONS Structure Functions
PATHS AND C UTSETS

Q UANTITATIVE
Paths and Cutsets
A NALYSIS
R ELIABILITY
R EDUNDANCY Q UANTITATIVE A NALYSIS
Reliability
Redundancy
 R ELIABILITY B LOCK D IAGRAMS

E NGINEERING
R ELIABILITY I A reliability block diagram (RBD) provides a success
oriented view of the system.
R ELIABILITY I RBDs provide a framework for understanding redundancy.
B LOCK
D IAGRAMS I RBDs facilitate the computation of system reliability from
RBD D EFINITION
RBD S AND FAULT component reliabilities.
T REES
S YSTEM S TRUCTURE I RBDs and fault trees provide essentially the same
Q UALITATIVE information.
A NALYSIS
S TRUCTURE
F UNCTIONS
I Below is the RBD for the backup power supply.
PATHS AND C UTSETS

Q UANTITATIVE
A NALYSIS
Off-site
R ELIABILITY
R EDUNDANCY
power

a b

Transfer Diesel-
switch generator
 R ELIABILITY B LOCK D IAGRAMS D EFINITION

E NGINEERING
R ELIABILITY

R ELIABILITY
B LOCK A reliability block diagram (RBD) is defined as follows:
D IAGRAMS
RBD D EFINITION I A reliability block diagram is a graph whose edges are
RBD S AND FAULT
T REES
S YSTEM S TRUCTURE
the system components.
Q UALITATIVE I There are a pair of nodes called terminal nodes (a)
A NALYSIS
S TRUCTURE and (b) in the backup power supply diagram.
F UNCTIONS
PATHS AND C UTSETS I If there is a path between the terminal nodes which
Q UANTITATIVE
A NALYSIS contains only edges with functional components, the
R ELIABILITY
R EDUNDANCY
entire system is functional. Otherwise it is not
functional.
 S ERIAL & PARALLEL C ONFIGURATIONS

E NGINEERING
R ELIABILITY

a A1 A2 b
R ELIABILITY
B LOCK Serial
D IAGRAMS
RBD D EFINITION

A1
RBD S AND FAULT
T REES
S YSTEM S TRUCTURE

Q UALITATIVE a b
A NALYSIS
S TRUCTURE
F UNCTIONS A2
PATHS AND C UTSETS

Q UANTITATIVE Parallel
A NALYSIS
R ELIABILITY
R EDUNDANCY

I In the serial configuration, failure of either component,

A1 or A2 causes system failure.
I In the parallel configuration, both components must fail
in order for the system to fail redundancy
 E XAMPLE : F IRE P UMP S YSTEM

E NGINEERING
R ELIABILITY

R ELIABILITY
B LOCK
D IAGRAMS I The reliability block diagram for the fire pump system is
RBD D EFINITION
RBD S AND FAULT
shown below.
T REES
S YSTEM S TRUCTURE I The redundancy of the pumps is clearly evident.
Q UALITATIVE
A NALYSIS
S TRUCTURE
Fire
Pump 1
F UNCTIONS
PATHS AND C UTSETS
a Engine Valve b
Q UANTITATIVE
A NALYSIS Fire
R ELIABILITY
Pump2
R EDUNDANCY
 R ELIABILITY B LOCK D IAGRAMS & FAULT
T REES 1
E NGINEERING
R ELIABILITY

TOP TOP
R ELIABILITY
B LOCK
D IAGRAMS
RBD D EFINITION
RBD S AND FAULT
T REES
S YSTEM S TRUCTURE
A1 occurs A2 occurs A1 occurs A2 occurs
Q UALITATIVE
A NALYSIS A1 A2 A1 A2
S TRUCTURE
F UNCTIONS
PATHS AND C UTSETS
A1

Q UANTITATIVE a A1 A2 b a b
A NALYSIS
Serial A2
R ELIABILITY

Parallel
R EDUNDANCY

Notice that the fault tree takes a failure perspective, whereas

the reliability block diagram takes a success perspective.
 R ELIABILITY B LOCK D IAGRAMS & FAULT
T REES 2
E NGINEERING
R ELIABILITY

R ELIABILITY
B LOCK
D IAGRAMS TOP
RBD D EFINITION
RBD S AND FAULT
T REES
S YSTEM S TRUCTURE

Q UALITATIVE
A NALYSIS A2
S TRUCTURE
a A1
F UNCTIONS A1 b G1
PATHS AND C UTSETS
A3
Q UANTITATIVE
A NALYSIS
R ELIABILITY
R EDUNDANCY

A2 A3

A simple serial parallel composition.

 S ERIES S TRUCTURE

E NGINEERING
R ELIABILITY

R ELIABILITY
B LOCK
D IAGRAMS
RBD D EFINITION
RBD S AND FAULT
T REES
S YSTEM S TRUCTURE
a 1 2 n b
Q UALITATIVE
A NALYSIS
S TRUCTURE
F UNCTIONS
PATHS AND C UTSETS
A system composed of n subsystems is called a series
Q UANTITATIVE
A NALYSIS structure if the failure of any one component causes failure
R ELIABILITY
R EDUNDANCY
of the complete system.
 PARALLEL S TRUCTURE

E NGINEERING
R ELIABILITY

R ELIABILITY
1
B LOCK
D IAGRAMS
RBD D EFINITION
RBD S AND FAULT
T REES
S YSTEM S TRUCTURE 2
a b
Q UALITATIVE
A NALYSIS
S TRUCTURE
F UNCTIONS
PATHS AND C UTSETS
n
Q UANTITATIVE
A NALYSIS
R ELIABILITY
R EDUNDANCY

A system composed of n subsystems is called a parallel

structure if it operates if any one or more of its components
operates.
 k- OUT- OF -n S TRUCTURES

E NGINEERING
R ELIABILITY
two-out-of-three structure

R ELIABILITY
B LOCK 1 2
D IAGRAMS
RBD D EFINITION
RBD S AND FAULT
T REES
S YSTEM S TRUCTURE
a 2 3 b
Q UALITATIVE
A NALYSIS
S TRUCTURE
F UNCTIONS
PATHS AND C UTSETS

Q UANTITATIVE 1 3
A NALYSIS
R ELIABILITY
R EDUNDANCY

I A system that is functioning if and only if at least k of its

n components is functioning is called a k-out-of-n
structure.
I A 1-out-of-n structure is a parallel structure.
 D EFINITIONS - Q UALITATIVE A NALYSIS

E NGINEERING
R ELIABILITY I A system with n components is called a system of order
n.
R ELIABILITY
B LOCK I xi denotes the state of component or subsystem i,
D IAGRAMS
RBD D EFINITION 
RBD S AND FAULT 1 the component is functioning
T REES
xi = , i = 1, . . . , n
S YSTEM S TRUCTURE
0 the component is failed
Q UALITATIVE
A NALYSIS
S TRUCTURE I x denotes the state of the entire system,
F UNCTIONS
PATHS AND C UTSETS 
Q UANTITATIVE 1 the system is functioning
A NALYSIS x=
R ELIABILITY
0 the system is failed
R EDUNDANCY

I The structure function is a function (x1 , . . . , xn )

associated with a given system, such that

x = (x1 , . . . , xn )
 S TRUCTURE F UNCTIONS

E NGINEERING
R ELIABILITY
I serial structure
R ELIABILITY
B LOCK
D IAGRAMS
(x1 , . . . , xn ) = x1 x2 xn
RBD D EFINITION
RBD S AND FAULT
T REES
I parallel structure
S YSTEM S TRUCTURE

Q UALITATIVE (x1 , . . . , xn ) = 1 (1 x1 ) (1 x2 ) (1 xn )
A NALYSIS Qn
S TRUCTURE
F UNCTIONS
=1 (1 xi )
PATHS AND C UTSETS i=1
Q UANTITATIVE
(x1 , . . . , xn ) = max xi
i{1,...,n}
A NALYSIS
R ELIABILITY
R EDUNDANCY I k-out-of-n structure
 Pn
1 Pi=1 xi k
(x1 , . . . , xn ) = n
0 i=1 xi < k
 C OHERENT S TRUCTURES

E NGINEERING
R ELIABILITY
I A component is irrelevant if it has no effect on the functioning
of the system, i.e., the ith component is irrelevant if
R ELIABILITY
B LOCK
D IAGRAMS (x1 , . . . xi1 , 0, xi+1 , . . . , xn ) = (x1 , . . . xi1 , 1, xi+1 , . . . , xn )
RBD D EFINITION
RBD S AND FAULT
T REES
S YSTEM S TRUCTURE
for all x1 , . . . xi1 , xi+1 , . . . , xn
Q UALITATIVE Otherwise it is called relevant.
A NALYSIS
S TRUCTURE
F UNCTIONS
I Assumption: the system will not run worse if a failed
PATHS AND C UTSETS component is replaced by a functional component
Q UANTITATIVE (x1 , . . . , xn ) is a nondecreasing function of each of the
A NALYSIS
R ELIABILITY variables x1 , . . . , xn .
R EDUNDANCY
I A system is coherent if all of its components are relevant and
its structure function is nondecreasing.
I By focusing on coherent structures we rule out certain
pathologies.
 PATHS AND C UTSETS

E NGINEERING I The set of components of a system of order n is

R ELIABILITY
C = {1, 2, . . . , n}
R ELIABILITY I A path set, P, is a subset of C which by functioning ensures that the
B LOCK
D IAGRAMS system is functioning. A path set is minimal if it cannot be reduced
RBD D EFINITION
without losing its status as a path set.
RBD S AND FAULT
T REES
I A cut set, K, is a subset of C which by failing causes the system to
S YSTEM S TRUCTURE

Q UALITATIVE fail. A cut set is minimal if it cannot be reduced without losing its
A NALYSIS
S TRUCTURE
status as a cut set.
F UNCTIONS
PATHS AND C UTSETS

Q UANTITATIVE
A NALYSIS 1 2
R ELIABILITY
R EDUNDANCY

a 5 b

3 4
 D EFINITIONS - Q UANTITATIVE A NALYSIS

E NGINEERING
R ELIABILITY

R ELIABILITY
B LOCK
D IAGRAMS
I A system with n components is called a system of order
RBD D EFINITION
RBD S AND FAULT
n.
T REES
S YSTEM S TRUCTURE I Ai denotes the event that the component or subsystem
Q UALITATIVE
A NALYSIS
i, i = 1, . . . , n is functioning at time t.
S TRUCTURE
F UNCTIONS
I A denotes the event that the entire system is
PATHS AND C UTSETS
functioning at time t.
Q UANTITATIVE
A NALYSIS
R ELIABILITY
I P (Ai ) = Ri (t) is the reliability of the ith subsystem.
R EDUNDANCY
I P (A) = R (t) is the reliability of the entire system.
 S ERIES S TRUCTURE

E NGINEERING
R ELIABILITY

R ELIABILITY
B LOCK I Note:
D IAGRAMS
RBD D EFINITION
I A = A1 A2 An Ac = Ac1 Ac2 Acn
RBD S AND FAULT
T REES
I A Ai , i = 1, . . . , n R (t) Ri (t)
S YSTEM S TRUCTURE
I A serial system reliability is no greater than the
Q UALITATIVE
A NALYSIS reliability of any subsystem!
S TRUCTURE
F UNCTIONS
PATHS AND C UTSETS
I Suppose that the failure events Ai are mutually
Q UANTITATIVE independent, then
A NALYSIS
R ELIABILITY Yn Yn
R EDUNDANCY
R (t) = P (A) = P (ni=1 Ai ) = P (Ai ) = Ri (t)
i=1 i=1
 PARALLEL S TRUCTURE

E NGINEERING
R ELIABILITY

R ELIABILITY
B LOCK
D IAGRAMS I A = A1 A2 An
RBD D EFINITION
RBD S AND FAULT
I If the subsystem failure events are independent:
T REES
S YSTEM S TRUCTURE I Ac = Ac1 Ac2 Acn
Q UALITATIVE I P (Ac ) = P (Ac1 ) P (Ac2 ) Q
P (Acn )
A NALYSIS n Qn
S TRUCTURE
I P (A) = 1P (A ) = 1 i=1 P (Aci ) = 1 i=1 [1 P (Ai )]
c
F UNCTIONS
PATHS AND C UTSETS I Consequently, for independent events:
Q UANTITATIVE
A NALYSIS Yn
R ELIABILITY R (t) = 1 (1 Ri (t))
R EDUNDANCY i=1
 k- OUT- OF -n S TRUCTURES

E NGINEERING
R ELIABILITY

R ELIABILITY I Consider identical components,

B LOCK
D IAGRAMS I The probability failure of failure over a specified time period for a
RBD D EFINITION
single component is p, so the component reliability is r = 1 p,
RBD S AND FAULT
T REES
I Let M denote the number of components that fail in the specified
S YSTEM S TRUCTURE

Q UALITATIVE
time period, then
A NALYSIS
S TRUCTURE P (M = m) = Cmn pm (1 p)nm = Cmc (1 r)m rnm
F UNCTIONS |{z} |{z} | {z }
PATHS AND C UTSETS
# ways to m nm
get m/n failures survivers
Q UANTITATIVE
A NALYSIS
R ELIABILITY I The k/n system will survive if there are no more than n k failures,
R EDUNDANCY
so Xnk
R= Cmn (1 r)m rnm
m=0
 D EFINITIONS

E NGINEERING
R ELIABILITY

I Redundancy is the duplication of critical components in

R ELIABILITY
B LOCK
a system in order to improve reliability.
D IAGRAMS
RBD D EFINITION
I Redundancy is normally a parallel connection of
RBD S AND FAULT
T REES identical components can be active or standby
S YSTEM S TRUCTURE

Q UALITATIVE
A NALYSIS
S TRUCTURE
F UNCTIONS
1 1
PATHS AND C UTSETS

Q UANTITATIVE
A NALYSIS a b a b
R ELIABILITY
R EDUNDANCY

2 2

Active parallel Standby parallel

 R ELIABILITY OF ACTIVE AND S TANDBY
S YSTEMS
E NGINEERING
R ELIABILITY

I Consider a redundant (parallel) combination of two

R ELIABILITY
B LOCK identical components.
D IAGRAMS
RBD D EFINITION I Let T1 , T2 , T denote the failure times of component 1,
RBD S AND FAULT
T REES component 2, and the system, respectively.
S YSTEM S TRUCTURE
I the units are identical, so R1 (t) = R2 (t)
Q UALITATIVE
A NALYSIS I assume the failures of the two units are independent
S TRUCTURE
F UNCTIONS events.
PATHS AND C UTSETS

Q UANTITATIVE
I The system reliability of the active parallel structure is
A NALYSIS
R ELIABILITY
R EDUNDANCY
Ra (t) = P (T1 > t T2 > t)
= P (T1 > t) + P (T2 > t) P (T1 > t) P (T2 > t)
Ra (t) = R1 (t) + R2 (t) R1 (t) R2 (t)
 R ELIABILITY OF ACTIVE AND S TANDBY
S YSTEMS 2
E NGINEERING
R ELIABILITY
I The standby system does not start operating until the
R ELIABILITY primary unit fails.
B LOCK
D IAGRAMS I The system can survive until time t if the primary unit
RBD D EFINITION survives until time t or the primary unit fails before time
RBD S AND FAULT
T REES t, but the second unit survives until time t:
S YSTEM S TRUCTURE

Q UALITATIVE Rs (t) = P (T2 > t |T2 > T1 ) = P (T1 > t) + P (T1 < t T2 > t)
A NALYSIS
S TRUCTURE
F UNCTIONS
I The two possibilities can be restated as T1 > t or T1
PATHS AND C UTSETS
occurs at < t and T2 > t . Notice that
Q UANTITATIVE
A NALYSIS P ( < T1 < + d ) = f1 ( ) d
R ELIABILITY
R EDUNDANCY
P ( < T1 < + d RT2 > t) = R2 (t ) f1 ( ) d
t
P (T1 < t T2 > t) = 0 R2 (t ) f1 ( ) d
Z t
Rs (t) = R1 (t) + R2 (t ) f1 ( ) d
0
 E XAMPLE : C ONSTANT FAILURE R ATE

E NGINEERING
R ELIABILITY I Components with constant failure rate have reliability

R (t) = et
R ELIABILITY
B LOCK
D IAGRAMS
I An active parallel structure has reliability
RBD D EFINITION
RBD S AND FAULT
T REES
Ra (t) = 2et e2t
S YSTEM S TRUCTURE
I A standby parallel structure has reliability
Q UALITATIVE
A NALYSIS
S TRUCTURE Rs (t) = (1 + t) et
F UNCTIONS
PATHS AND C UTSETS
RHtL
Q UANTITATIVE 1
A NALYSIS Standby
parallel
R ELIABILITY 0.8
R EDUNDANCY
0.6
Active
parallel
0.4

Single
0.2 component

t
0.5 1 1.5 2 2.5 3
 H IGH - AND L OW-L EVEL R EDUNDANCY

E NGINEERING
R ELIABILITY

1 2 3
R ELIABILITY
B LOCK
D IAGRAMS High (SYSTEM)-level
RBD D EFINITION Redundancy
RBD S AND FAULT
T REES
S YSTEM S TRUCTURE

Q UALITATIVE 1 2 3
A NALYSIS
S TRUCTURE
F UNCTIONS
PATHS AND C UTSETS 1 2 3
Q UANTITATIVE
A NALYSIS
R ELIABILITY
R EDUNDANCY

1 2 3

Low (COMPONENT)-level

Redundancy
 S TRUCTURE F UNCTIONS R EVISITED

E NGINEERING
R ELIABILITY

R ELIABILITY
B LOCK I Consider a system with state vector x = {x1 , . . . , xn } and structure
D IAGRAMS
RBD D EFINITION
function 1 (x), and a second system with state vector
RBD S AND FAULT y = {y1 , . . . , ym } and structure function 2 (y).
T REES
S YSTEM S TRUCTURE I if these systems are connected in series then the whole system is
Q UALITATIVE of order n + m, and its structure function is
A NALYSIS
S TRUCTURE
F UNCTIONS (x, y) = 1 (x) 2 (y)
PATHS AND C UTSETS

Q UANTITATIVE I if these systems are connected in parallel then the whole system is
A NALYSIS of order n + m, and its structure function is
R ELIABILITY
R EDUNDANCY
(x, y) = max {1 (x) , 2 (y)}
 S YSTEM L EVEL VS C OMPONENT L EVEL
R EDUNDANCY
E NGINEERING
R ELIABILITY
I Suppose the two systems in the parallel structure are identical, i.e.,
we have a system level redundant configuration. In this case,
R ELIABILITY
B LOCK
D IAGRAMS S (x, y) = max {1 (x) , 1 (y)} 1 (x1 y1 , . . . , xn yn )
RBD D EFINITION
RBD S AND FAULT I Consider a component level redundant configuration of system one,
T REES
S YSTEM S TRUCTURE the structure function is
Q UALITATIVE
A NALYSIS C (x, y) = 1 (max {x1 , y1 } , . . . , max {xn , yn })
S TRUCTURE
F UNCTIONS
PATHS AND C UTSETS But, for coherent systems,
Q UANTITATIVE
A NALYSIS 1 (max {x1 , y1 } , . . . , max {xn , yn }) 1 (x1 y1 , . . . , xn yn )
R ELIABILITY
R EDUNDANCY
So,
C (x, y) S (x, y)
I Thus, in general, we get a better (more reliable?) system through
component redundancy rather than system redundancy.
 S YSTEM L EVEL VS . C OMPONENT L EVEL
R EDUNDANCY 2
E NGINEERING
R ELIABILITY
a A1 A2 AK b

R ELIABILITY
B LOCK
D IAGRAMS A1 B1 A1 B2 A1 B3 A1 BK
RBD D EFINITION
RBD S AND FAULT A B1
2
A2 B2 A2 B3 A2 BK
T REES
A3 B1 A3 B2 A3 B3 A3 BK

    
S YSTEM S TRUCTURE

Q UALITATIVE
A NALYSIS A B AK B2 AK B3 AK BK
S TRUCTURE
K 1
F UNCTIONS
PATHS AND C UTSETS

Q UANTITATIVE
A NALYSIS I Consider a system with K minimal cutsets, A1 , A2 , . . . , AK .
R ELIABILITY I For a system level redundant configuration, place an identical
R EDUNDANCY
system with cutsets labeled B1 , B2 , . . . , BK in parallel with the
original. The redundant system cutsets are all combinations Ai Bj ,
i, j = 1, . . . , K.
I A component level redundant system has cut sets Ai Bi ,
i = 1, . . . , K.
I Consequently, RC RS .
 E XAMPLE : S YSTEM VS C OMPONENT
R EDUNDANCY
E NGINEERING
R ELIABILITY
a2
{a1} , {a2 , a3 }
a a1 b
R ELIABILITY
B LOCK a3
D IAGRAMS
RBD D EFINITION
a2
RBD S AND FAULT
T REES
a1
S YSTEM S TRUCTURE

Q UALITATIVE
a3 {a1 , b1} , {a1 , b2 , b3 } ,
a b
A NALYSIS {b1 , a2 , a3 } , {a2 , a3 , b2 , b3 }
S TRUCTURE b2
F UNCTIONS
PATHS AND C UTSETS b1
a2
Q UANTITATIVE b3
A NALYSIS
R ELIABILITY a1 b2
R EDUNDANCY
a b

{a1 , b1 } , {a2 , a3 , b2 , b3 } b1 a3

b3
 R EDUNDANCY L IMITATIONS

E NGINEERING
R ELIABILITY

R ELIABILITY I Common-mode failures are caused by dependencies

B LOCK
D IAGRAMS that cause redundant components to fail
RBD D EFINITION
RBD S AND FAULT
simultaneously.
T REES
S YSTEM S TRUCTURE
I common power supply
Q UALITATIVE
I shared environmental stresses
A NALYSIS I common maintenance issues
S TRUCTURE
F UNCTIONS
PATHS AND C UTSETS
I Load sharing can cause reliability degradation in active
Q UANTITATIVE parallel systems.
A NALYSIS
R ELIABILITY
I failure of one unit can cause increased stress on
R EDUNDANCY remaining units, e.g., engines, pumps, etc.,
I switching failures can occur in standby parallel systems