Professional Documents
Culture Documents
Risk Assessment Methodologies in Maintenance Decision Making
Risk Assessment Methodologies in Maintenance Decision Making
a r t i c l e i n f o a b s t r a c t
Keywords: The risk assessment process performs an important role in maintenance decision making, through structuring
Asset failure the process of identifying, prioritizing, and thereafter formulating effective maintenance strategies. However,
Risk assessment the effectiveness of the implemented strategies is influenced by the extent to which asset failure dependencies
Dependability modelling
are taken into account during the risk assessment process. In the literature, several risk assessment methods are
Uncertainty
discussed that vary widely depending on factors such as modelling of failure dependencies in dynamic assets,
Maintenance decision making
and treating uncertainties associated with sparse reliability data. These factors invariably influence the extent to
which different risk assessment methods are applicable for maintenance decision making. This article reviews the
state-of-the-art knowledge on risk assessment in the context of maintenance decision making, with a particular
focus on dependability modelling methods. The review structures knowledge on dependability modelling ap-
proaches, treatment of uncertainty, and highlights important challenges researchers and practitioners are likely
to experience when performing risk assessment in the context of maintenance decision making. The challenges
highlighted include the resolution complexity of methods such as Bayesian networks, especially while assessing
risks of assets with complex failure dependencies.
© 2018 Elsevier Ltd. All rights reserved.
1. Introduction text of assessing risks of failure of power utility systems. The reviewed
methods, however, insufficiently addressed dependability modelling as-
In recent years, a wide range of methods have been developed and pects. In the context of maintenance decision making, Fraser et al.
applied for assessing risks and safety hazards in diverse sectors such as [8] reviewed methods for assessing equipment failure risks and useful
process industries, or power plant facilities [1]. In the maintenance deci- for deriving maintenance decisions. Notably the methods are evaluated
sion making domain, risk assessment is performed with a view of assist- considering two maintenance concepts; Risk based Maintenance (RBM)
ing practitioners systematically identify, analyse, evaluate, and mitigate and the Reliability Centered Maintenance (RCM). The RCM embeds the
failure risks in assets [2,3]. Among the most commonly applied methods FMEA which as mentioned, ignores failure dependency modelling as-
in this context include the Failure Mode and Effect Analysis (FMEA), pects. On the other hand, the RBM approach embeds fault trees, which
Fault Tree Analysis (FTA) and Bayesian network (BN). Of these, the although models asset failure dependencies, ignores temporal aspects
FMEA is widely used for prioritizing equipment failures and selecting ap- that are crucial for effective risk assessment, and optimal maintenance
propriate maintenance strategies [4]. However, the FMEA is associated planning. More recently, Aven [9] reviews trends and advances of risk
with important deficiencies, and in particular, the conventional form assessment methods where he evaluates foundational challenges asso-
of the risk priority number (RPN), an important metric for quantifying ciated with applicability of different methods for decision making. This
asset failure risk [5,6]. In addition, the FMEA ignores failure dependen- includes aspects such as treatment of uncertainty, however, failure de-
cies in assets, which in turn, negatively influences the risk assessment pendability modelling aspects are not explicitly addressed in the review.
process [5]. Smith [10] also reviews methods applicable for quantifying risks of op-
In the literature, several state-of-the-art reviews of risk assessment erable assets characterized with sub-optimal reliability and availability.
methods are presented. Examples includes Li [7] where methods such Examples of methods reviewed includes Hazard and Operability Anal-
as Markov models and Monte Carlo simulation are discussed in the con- ysis (HAZOP), and the Fault Tree Analysis (FTA). However, suitability
∗
Corresponding author.
E-mail addresses: peterkipruto.chemweno@kuleuven.be (P. Chemweno), liliane.pintelon@kuleuven.be (L. Pintelon), peter.muchiri@dkut.ac.ke (P.N. Muchiri),
adriaan.van.horenbeek@sas.com (A. Van Horenbeek).
https://doi.org/10.1016/j.ress.2018.01.011
Received 30 June 2016; Received in revised form 6 January 2018; Accepted 20 January 2018
Available online 6 February 2018
0951-8320/© 2018 Elsevier Ltd. All rights reserved.
P. Chemweno et al. Reliability Engineering and System Safety 173 (2018) 64–77
65
P. Chemweno et al. Reliability Engineering and System Safety 173 (2018) 64–77
Probability theory
Treatment of uncertainty
Hybrid fault tree and belief
Dependability approaches
Analytic approximation
Static Bayesian network
approach
Bayesian networks
Dynamic Bayesian network
Data augmentation approach
Depending on the inclusion of temporal aspects, the gates may be • Functional dependency (FD) gate which models instances where the
static or dynamic. In maintenance decision making, the static fault tree trigger failure event simultaneously leads to failure of dependent
is embedded in the risk based maintenance concept where several exam- systems;
ples are discussed in the literature, for instance, see [16–18]. Authors, • SPARE gate which models the failure events of redundant compo-
for instance, Wu [19] propose a formalism which integrates well-known nents;
methods such as the FMEA for modelling failure events. Such integrated • VOTING gate, which models a failure instance where at least k out
formalism are rather intuitive to users since resolving equipment failure on n dependent components/events occur.
probabilities is computationally feasible as compared to dependability
modelling methods discussed in latter sections of this review. Bhangu The use of dynamic fault trees for maintenance decision support
et al. [20] propose a static fault tree formalism for assessing the relia- is discussed in the literature. Notably, Ge and Yang [25] propose a
bility and failure risks of a thermal power plant installation where their modelling formalism based on dynamic binary decision trees where
approach relies on fault data and associated outage hours. Their study their methodology adapts the Shannon’s decomposition theorem, which
suggests alternative maintenance policies for optimizing power plant scales down the number of disjoint calculable cut sets, efficiently re-
availability. Choi and Chang [21] also apply the fault tree formalism for solving dynamic gates. Wang et al. [26] propose a dynamic fault tree
assessing the reliability of seabed storage tanks where their approach re- formalism for assessing the reliability of non-repairable systems. Their
lies on reliability data for modelling basic fault events. They also suggest formalism considers the impact of probabilistic failure dependencies on
alternative repair strategies for optimizing system availability. Taheriy- critical system components. Manno et al. [27] introduce a novel for-
oun and Moradinejad [22] integrate a Monte Carlo simulation approach malism, which they define as the Adaptive Transitions Systems. Their
to a fault tree formalism and apply the approach for modelling failure proposed formalism embeds efficient semantics for modelling failure de-
dependencies of water treatment equipment. Their approach considers pendencies of repairable systems.
human factor aspects as contributors to top event failures. McNelles More recently, Chiacchio et al. [28] propose a dynamic fault tree
et al. [23] compare static fault tree formalisms with the dynamic flow formalism which incorporates deterministic and stochastic dependen-
graph formalism, the latter, for modelling temporal dependencies. They cies influencing complex non-repairable systems. Their formalism in-
highlight the challenge of resolving cut-sets for static fault trees, espe- corporates hybrid basic failure events, of which their failure distribu-
cially for systems characterized with dynamic time steps. tion evolves with time. Salehpour–Oskouei and Pourgol–Mohammad
Furthermore, to cope with sparse reliability data, which is often an [29] propose a formalism exploiting the Priority AND gate for assess-
important pre-requisite for modelling static dependencies in technical ing the reliability of sensor components attached to equipment for col-
assets, static fuzzy fault trees are suggested, and described in several lecting health data. Their formalism exploits a Monte Carlo simulation
application cases, and discussed in more detail in Section 5. approach for quantifying the probability of the top event failure of a
Nonetheless, although considered intuitive for modelling failure de- steam turbine system.
pendencies in technical assets, in the static form, the fault trees are asso- For sparse reliability data, Tu et al. [30] propose a novel fuzzy
ciated with important deficiencies that are primarily linked to inclusion dynamic tree formalism for modelling the reliability of safety-critical
of temporal aspects inherent in dynamic systems. For this reason, dy- avionic components. Their formalism models uncertainties associated
namic fault trees are proposed where dynamic gates are incorporated. with sparse failure events, which are assigned fuzzy valued estimates.
In the literature, different dynamic logical gates are proposed [24]: Volk et al. [31] propose a novel formalism which exploits integrated
state-space reduction methods for efficiently resolving dynamic gates.
• Priority AND (PAND) gate which models the sequence in which de- Among the methods integrated in their formalism include Markov
pendent failures occur once a failure event is initiated, chains, which are applied for resolving the mean time to failures of com-
66
P. Chemweno et al. Reliability Engineering and System Safety 173 (2018) 64–77
67
P. Chemweno et al. Reliability Engineering and System Safety 173 (2018) 64–77
2.2.1. Static Bayesian networks failure and maintenance time distributions, which include, exponential,
Several studies demonstrate the potential use of static Bayesian net- normal and lognormal distributions. Nonetheless, despite the modelling
works for modelling failure dependencies of technical systems. In the flexibility of dynamic Bayesian networks, often the formalism requires
context of dependability modelling and maintenance decision support, high computational effort, especially for resolving the joint probabil-
Ferreiro et al. [51] propose a formalism where failure dependencies ity of complex system failure dependencies. This resolution complexity
of aircraft systems are modelled while incorporating prognostic in- arises where, for instance, the marginal probabilities representing inde-
formation. They evaluate the risk reduction potential of two mainte- pendent failure events are modelled via probability distributions belong-
nance strategies, i.e. preventive and corrective maintenance. Gran et al. ing to distinct families, e.g. Weibull or Lognormal. This aspect remains a
[52] incorporate organizational, human and technical risk factors into challenge, where exponential failure transition rates are often assumed
their Bayesian modelling formalism and consequently evaluating appro- for modelling dynamic failure transition, for instance as discussed in
priate maintenance interventions, which best mitigate oil leakages of Codetta-Raiteri and Portinale [66].
offshore facilities.
Tian et al. [53] also model the failure dependencies of a subma- 2.3. Combined fault trees and Bayesian network modelling approaches
rine casing cutting tool using a static Bayesian network formalism, and
consequently, apply their formalism for diagnosing faults of the robot- Combined formalisms present a plausible framework for translat-
operated cutting tool. More recently, Liu et al. [54] propose an ap- ing systems modelled via fault trees to equivalent Bayesian network
proach for translating the GO-FLOW methodology into an equivalent models. Khakzad et al. [67] propose such a formalism where systems
static Bayesian network. The GO-FLOW methodology is commonly ap- modelled via dynamic fault tree gates are translated into equivalent dy-
plied for modelling system reliability such as, in their study, a pressur- namic network nodes, while avoiding generation of multi-dimensional
ized water reactor. conditional probability tables representing marginal probabilities of ba-
Askarian et al. [55] also apply a static Bayesian network formalism sic failure events. In Khakzad et al. [48], they extend their work and
for diagnosing technical faults in a chemical plant. Abbassi et al. [56] in- propose a modular Object-Oriented Bayesian network (OOBN) formal-
tegrate Bayesian networks into a quantitative risk assessment methodol- ism for modelling complex failure dependencies represented using fault
ogy, where the methodology is applied for estimating the failure proba- trees. Their formalism decomposes complex dynamic Bayesian networks
bilities of accident/failure scenarios, and associated consequences. How- into multiple modules, each of which is resolved independently. Kabir
ever, their approach fails to consider dependencies between system fail- et al. [68] propose a translation approach through which, stochastic fail-
ure events, and moreover, ignores temporal aspects, a limitation which ure dependencies of complex systems modelled via dynamic fault trees
is addressed using dynamic Bayesian networks reviewed discussed next. are also translated to equivalent dynamic Bayesian networks, and their
reliability assessed.
2.2.2. Dynamic Bayesian networks More recently, Mi et al. [69] propose an approach which translates
The versatility of dynamic Bayesian networks is demonstrated in sev- complex dependencies of electromechanical systems modelled through
eral studies. For instance, Cai et al. [57] modelled the failure dependen- dynamic fault tree. Their approach considers epistemic uncertainty
cies of a sub-sea blowout preventer system, where they explore causal which is expressed through bounded closed intervals, and which in-
relationships between imperfect repair processes, and common cause corporates multiple sources of evidences, e.g. field failure data, test
system failures. Hu et al. [58] evaluate the influence of an opportunis- and design data. A similar approach integrating multiple information
tic predictive maintenance strategy on system failure using a modelling sources via a Bayesian inference framework is discussed in Wang et al.
formalism, which integrates dynamic Bayesian networks and the Haz- [70]. However, their approach does not extend to applying a Bayesian
ard and Operability Analysis (HAZOP). More recently, Cózar and Gámez network formalism for modelling system failure dependencies. Barua
[59] demonstrate a modelling formalism which predicts anomalies of et al. [71] model the sequential dependencies between, on the one
complex dynamic systems, where the prediction forms the basis for trig- hand, operation-related parameters of chemical processes, and on the
gering predictive maintenance decisions. Zhu and Collette [60] propose other hand, aging components vulnerable to failure. The sequential de-
a Bayesian modelling formalism which they demonstrate for modelling pendencies are first modelled via dynamic fault tree and translated to
time-dependent failure mechanisms, such as fatigue crack growth. They equivalent dynamic Bayesian network. Darwish et al. [72] incorporate
also consider maintenance actions, where they integrate a reliability in- the Bayesian approach to fault trees, which allows experts assign impor-
dex (𝛽) for triggering inspection and maintenance actions. Although ap- tance ranking to basic failure events. Hence, by prioritizing basic events,
plied for structural systems, the applicability of their approach for mod- they consider a more optimal allocation of maintenance resources. Chen
elling low probability (rare failure events) is also evident for mechanical et al. [73] propose a translation approach where reliability block dia-
systems. A similar approach for assessing the reliability of deteriorating grams commonly used for modelling and assessing system reliability of
structural systems via a dynamic Bayesian modelling formalism is dis- complex dependable systems, are translated to Bayesian networks (BN).
cussed in Luque and Straub [61]. In recent years, software applications supporting this translation are dis-
More recently, Li et al. [62] integrate a dynamic Bayesian formalism cussed in the literature, for instance, the Reliability Analysis with Dy-
into the GO flow methodology for modelling feedback signals flows. The namic Bayesian networks (RADYBAN) [74].
inclusion of the Bayesian network model enhances the reliability assess-
2.4. Stochastic Petri-nets
ment potential of the GO flow methodology, where traditionally, depen-
dencies between system components are one-directional. Ramírez and
Stochastic Petri-net (SPN) also provides a formalism for modelling
Utne [63] also propose a formalism for assessing the reliability of ageing
system dependencies and embeds a Petri-net structure which graphically
systems while optimizing maintenance policies which include, correc-
depicts dependent systems through the tuple,𝑁 = (𝑃 , 𝑇 , 𝐼𝑡 , 𝑂𝑡 , 𝐻, 𝑔, 𝑀𝑜 ),
tive, condition based maintenance, and time-based maintenance strate-
where [75]:
gies. Salazar et al. [64] also propose a modelling formalism which inte-
grates both reliability and system control performance aspects. In their • P = a finite set of places containing some tokens with marked places,
study, failure dependencies are modelled through a dynamic Bayesian • T = a finite set of transitions,
network model, which allows assessment of system reliability. They • It = A finite set of input places,
suggest a strategy through which the control effort (for system perfor- • Ot = A finite set of output places,
mance) is redistributed until maintenance is undertaken, hence improv- • H = A set of inhibitors,
ing system availability. Liang et al. [65] proposed a formalism for as- • M0 = the initial system marking vector whose places contain a non-
sessing the reliability of warship systems where they consider varying negative number of tokens.
68
P. Chemweno et al. Reliability Engineering and System Safety 173 (2018) 64–77
Hybrid FTA-
BN; Stac FTA;
14 (13%) 17 (16%)
Stochasc
PN;
13 (12%) Dynamic
FTA;
25 (23%)
Dynamic
BN;
23 (21%) Stac BN;
15 (14%)
The Petri-net simulates dynamic system behaviour by firing token 4. Bayesian inferencing approaches
continuously from a set of input places (P1 ), through transitions (T)
to the output places (P), and the success of firing the tokens is based The Bayesian inferencing framework models quantitative reliability
on a set of enabling rules representing the modelled dependencies. For information via likelihood functions, while on the other, epistemic un-
maintenance decision making, Signoret et al. [76] propose a methodol- certainty is inferred from prior distribution functions, the latter, elicited
ogy which modularizes large Petri-net structures through a formalism from domain experts [85]. Both the likelihood and prior functions are
which embeds Reliability Block Diagrams (RBD), a well-known reliabil- combined in the Bayesian inference framework, from which, the proba-
ity assessment tool. Song et al. [77] propose a formalism which com- bility of asset failure is inferred from the posterior distribution. Hence,
bines stochastic fault trees and Petri-net models, and useful for diag- the posterior distribution provides a means of updating risk metrics with
nosing faults of pantograph systems. Flammini et al. [37] also propose the availability of new evidences of failure events. The Bayes theorem
a combined formalism synthesizing generalized Stochastic Petri-nets, is illustrated as shown in Eq. (7):
fault trees, and repairable fault trees. Their formalism is also applied 𝑙(𝑥∕𝜇)𝜋(𝜇)
for modelling failure dependencies of train control systems, and evalu- 𝜋(𝜇∕𝑥) = ∞ (7)
∫𝜇=0 𝑙(𝑥∕𝜇)𝜋(𝜇)𝑑𝜇
ating alternative preventive maintenance policies which mitigate com-
ponent degradation. Additional studies discussing Stochastic Petri-net Where 𝜋(𝜇) represents the prior distribution function; l(x/𝜇) the like-
formalisms may be found in articles, e.g. [47,78–82]. lihood function, and 𝜋(𝜇/x) the posterior distribution function. How-
Stochastic Petri-net modelling formalisms, however, have one no- ever, the posterior distribution is often computationally intensive to re-
table limitation – they rely on a simulation approach, which is com- solve. Hence, several methods are proposed for resolving such posterior
putationally intensive when modelling rare failure events [83]. In such distribution functions, and which are also embedded in Bayesian net-
cases, the Petri-net models often underestimates occurrence probabili- work modelling formalisms [86]:
ties of modelled failure events, hence yielding sub-optimal maintenance
(i) Analytical approximation method which includes, the numerical
strategies. Fig. 3 presents an overview of the reviewed dependability
integration and Laplace approximation methods,
methods as per percentage distribution.
(ii) Data augmentation methods which includes the Expectation-
Maximization (E-M) algorithm,
(iii) Monte Carlo direct sampling,
3. Quantifying uncertainty in the risk assessment methods (iv) Markov chain Monte Carlo including the Metropolis-Hastings al-
gorithm (M-H) and the Gibbs sampling approaches.
Depending on the approach for modelling failure dependencies, un-
certainties associated with the risk assessment process may be treated 4.1. Analytical approximation approach
as either, aleatory or epistemic [84]. The aleatory uncertainty results
from the inherent randomness of input model parameters derived from The analytical approximation approach resolves posterior distri-
reliability data, while on the other hand, epistemic uncertainty may re- bution functions via a data sampling approach based on a simula-
sult from insufficient reliability data. Quantifying epistemic uncertainty tion framework, e.g. Monte Carlo simulation. This sampling approach
relies on expert domain knowledge. For treating aleatory uncertainty, draws samples from probability density functions of the modelled fail-
statistical failure models are often used, while quantifying epistemic un- ure events. Thereafter, uncertainties associated with the sampled data
certainty relies on models such as Interval Analysis, Fuzzy functions and are propagated through an appropriate mathematical model, e.g. the
Belief functions are applied [84]. For Bayesian networks, uncertainty Bayes equation, from which the posterior distribution is resolved [87].
associated with sparse reliability data is treated through a Bayesian in- Within Bayesian network modelling formalism, the analytical approx-
ferencing framework discussed next. imation approach is reported in studies, e.g. [88,89]. More recently,
69
P. Chemweno et al. Reliability Engineering and System Safety 173 (2018) 64–77
Wang et al. [90] applies a Monte Carlo simulation approach within for assessing the reliability of components characterized with multi-
a Bayesian network modelling formalism for assessing the reliability state, Markov degradation processes. In their study, the Gibbs sampler
of railway turnout systems exposed to weather-related elements, from is applied for resolving the posterior distributions generated from the
which, optimal maintenance intervention strategies are formulated. degradation processes. Other studies incorporating the Gibbs sampler
However, the simulation sampling approach has one important in Bayesian network formalisms are discussed in, e.g. [104–106].
drawback – assumes the existence of a closed-form posterior distribu- Some studies attempt to integrate the Gibbs sampler and M-H algo-
tion from which samples are drawn. This is, however, not the case, es- rithms within the same modelling formalism. Examples include Soliman
pecially where the prior and likelihood functions belong to different et al. [98], where a combined formalism is proposed for estimating the
families of distributions. This makes the posterior distribution function reliability of multi-component systems characterized with dependencies
computationally intensive to resolve [91]. Moreover, the analytic ap- modelled via a modified Weibull posterior distribution. More recently,
proximation approach often yields poor risk estimates, especially where the sampler is also discussed for modelling the influence of dependen-
reliability data is sparse. Hence, alternative resolution approaches such cies such as stress and component strength on system reliability [107].
as data augmentation are suggested. Zaidan et al. [108] also applies the approach for estimating the remain-
ing useful life of aerospace gas turbine engines.
4.2. Data augmentation approach Other authors have extended the hybrid McMC resolution approach
by allowing inclusion of parametric sensitivity analysis, for instance, see
The data augmentation approach works by augmenting observed [109–111]. Of particular interest, the resolution efficiency of McMC is
data with missing data which yields an augmented posterior density extended to analyzing rare failure events. In recent years, the McMC
function that is computationally tractable, and more efficiently resolved. resolution has evolved to software applications such as BUGS (Bayesian
The Expectation-Maximization (E-M) algorithm is widely applied for inference using Gibbs sampling) where applicability of the approach is
augmenting missing reliability data, and hence estimating the lifetime demonstrated for assessing asset failure risks, e.g. see [112–114].
distribution of repairable systems/assets. For Bayesian network for-
malisms, Mahmoud and Khalid [92] apply the approach for augmenting 5. Methods for quantifying epistemic uncertainty
censored fault data of electro-hydraulic rotational drive systems. Zhang
et al. [93] also apply the method within a dynamic Bayesian network Although the Bayesian inferencing framework is useful for combin-
formalism for estimating the remaining useful life (RUL) of systems char- ing evidences, both quantitative and qualitative, lack of, or insufficient
acterized with complex failure dependencies, where the influence of a reliability data may necessitate alternative methods for quantifying epis-
condition-based maintenance strategy is considered for degrading com- temic uncertainty. Such methods would allow expert elicitation to be
ponents. Zhang and Dong [94] also apply the approach within a dynamic considered in dependability modelling formalisms. Examples of meth-
Bayesian network formalism where they incorporate a Gaussian model ods for quantifying epistemic uncertainty include; (1) Theory of Fuzzy
for augmenting missing failure data. sets; (2) Interval Analysis; and (3) the Dempster–Shafer Theory of Evi-
More recently, Ratnapinda and Druzdzel [95] incorporate the E-M dence [115].
augmentation approach within Bayesian networks, and consider an ap-
plication scenario where continuous data streams are used to augment 5.1. Fuzzy approach for quantifying uncertainty
sparse reliability data. Other studies where the E-M method is embed-
ded in Bayesian network formalisms is discussed in studies, for instance, The fuzzy set concept was first suggested for modelling vague and im-
see Bacha et al. [96]. Nonetheless, despite its usefulness for augmenting precise information through membership functions, where the function
sparse reliability data, the E-M is constrained for modelling dependen- specify a degree of belonging in the continuous interval <0, 1> [116].
cies where the prior and likelihood functions belong to different families Ideally, a function of ‘0’ implies no membership, while conversely, a
of distributions [97]. Part of this constraint is addressed by the Markov function of ‘1’ implies full membership in the continuous interval. The
chain Monte Carlo method. fuzzy concept is applied within fault tree modelling formalisms, e.g. in
Purba et al. [117], for assessing the probability of failure of basic events
4.3. Markov chain Monte Carlo of a nuclear power plant facility. In the study, modelling the basic events
relied on fuzzy functions elicited from domain experts. The embedded-
The Markov chain Monte Carlo (McMC) approach works by simu- ness of fuzzy concept within static fault tree formalisms is also discussed
lating Markov chains within a given parameter space where the chains in studies, e.g. [118,119].
are constructed in such a way that the posterior distribution function For dynamic fault trees, the fuzzy concept is discussed in Tu et al.
converges to an asymptotic distribution. From this convergence, poste- [30] where the concept is applied for quantifying uncertainties asso-
rior statistical parameters (e.g. mean, standard deviation) are approx- ciated with sparse failure information of critical avionic systems. Kabir
imated from ergodic averages of the Markov chains [98–100]. A pri- et al. [120] also incorporate the concept while assessing the reliability of
mary advantage of the McMC compared to conventional Monte Carlo fuel distribution system of marine ships. More recently, a fuzzy fault tree
sampling approach, is its ability to estimate posterior distribution pa- analysis modelling formalism is discussed in Yazdi et al. [121] where im-
rameters for complex mathematical models having a large number of portantly, the formalism is applied for analysing failure risks associated
parametric values, and belonging to different distribution families [98]. with common cause failures. Assessing such risks is often challenging
This is in addition to enhancing the suitability of the method for dy- owing to sparse fault information. The concept is embedded in dynamic
namically updating risk metrics with emergence of new evidences of fault tree formalisms as discussed in studies, e.g. [122,123]. Recent at-
failure events. Commonly applied McMC inferencing methods include tempts are also seen in the literature where some authors integrate the
the Metropolis-Hastings (M-H) algorithm and Gibbs sampler [101]. The fuzzy concept to Bayesian network modelling formalisms, for instance,
latter is a rejection-sampling algorithm that generates a sequence of in He et al. [124] where fuzzy functions are assigned to failure probabil-
samples from any complicated probability density function. ity estimates of complex systems characterized with multi-state failures.
In the context of risk and reliability analysis, the Gibbs sampler
method is embedded in Bayesian network formalisms. For instance, Lin 5.2. Interval analysis
et al. [102] proposes a Gibbs sampler-based approach for estimating the
service lifetime distributions of locomotive wheels. Their approach con- In interval analysis, the uncertain and imprecise parameters of in-
siders factors such as wheel installation positioning, a factor influenc- terest are assumed to lie within the lower and upper interval bounds
ing wheel wear, and maintenance. Liu et al. [103] applied the method <a,b> [115]. Compared to the fuzzy approach where fuzzy membership
70
P. Chemweno et al. Reliability Engineering and System Safety 173 (2018) 64–77
Electronics/telecommunications 8%
functions are specified, in the interval analysis, domain experts assign towards the plausibility function (upper bound) while weak evidence
crisp lower and upper bound values to the uncertainty range the param- would suggest the contrary, i.e. a tendency towards the belief function
eters are judged to lie within [115]. For example, the failure probability (lower bound).
of a wind turbine gearbox may be specified as lying within the lower In the literature, the DSTE is discussed in Eldred et al. [115] where
and upper bounds <1 × 10−4 to 1 × 10−2 >. The interval analysis allows the authors use computational experiments to compare the DSTE and the
estimates from several experts to be combined within a probabilistic Interval Valued Probability (IVP) methods. The IVP segregates aleatory
framework described by the interval functions [125]. Although the in- and epistemic uncertainties, and allows nested operations to be per-
terval analysis is demonstrated to work well within Bayesian network formed [115]. Based on the experiments, the authors conclude that al-
formalisms, especially where reliability data is sparse, the analysis lacks though the DSTE and IVP approach produce comparable results, the
a concise mathematical structure or density function through which un- DSTE is sensitive to the number of input variables. As such, the compu-
certainty can be propagated [115,126]. To overcome this flaw, two al- tational effort increases in tandem with the number of input variables.
gorithms are suggested in the literature, and based on, (1) simulation Helton and Johnson [126] also compare the DSTE, the Interval Analysis
methods; and (2) surrogate models [115]. and the Fuzzy methodology and conclude that the DSTE is rather attrac-
For reliability analysis and probabilistic safety assessment, the in- tive in that; (i) it allows inclusion of more information compared to the
terval analysis method is gaining attention in the field of uncertainty Interval Analysis; and (ii) it requires fewer assumptions for specifying
quantification (UQ). In UQ, aleatory and epistemic uncertainties are input uncertainties as compared to both, the Interval Analysis and the
analysed through separate second-order distribution functions. This sep- Fuzzy set concept.
aration approach is suggested as useful for assessing the reliability of Although not applied within a dependability modelling formalism,
complex, high reliability safety-critical systems, e.g. aerospace systems Ding et al. [133] demonstrate how the DSTE may be applied for assess-
[127–129]. Within dependability modelling formalisms, the UQ separa- ing the reliability of early fire detection systems by aggregating multi-
tion approach is discussed recently in Novack et al. [130] for quanti- sensor information, e.g. smoke and light sensor information. For tech-
fying the epistemic uncertainty of basic failure events of space launch nical systems, Agaram [134] reviews recent applications of DSTE ap-
vehicles. Fig. 4 depicts the distribution of reviewed dependability ap- proaches which embeds concepts of information fusion for reliability
proaches as per the application domain. analysis, and fault diagnosis in the automotive industry. Notably, the
review highlights usefulness of the DSTE approach for early fault detec-
5.3. Dempster–Shafer evidence theory tion through combining multiple sources of evidences, including sensor
data, e.g. vibration, or ultrasound, and expert information on potential
The Dempster–Shafer Theory of Evidence (DSTE) is founded on two failure events.
ideals; (i) obtaining degree of beliefs for subjective probability estimates For dynamic fault tree analysis, Duan et al. [135] integrates an ev-
and; (ii) combining the degree of beliefs within a probabilistic frame- idential information network in which, component failure rates are ex-
work [131]. The DSTE provides an efficient framework for aggregating pressed through interval number estimates, with epistemic uncertainties
information from multiple sources, both qualitative and quantitative, associated with the sparse failure data modelled via the DSTE concept.
where this aggregation is achieved through the Dempster’s combina- Inclusion of interval valued probabilities to fault tree modelling formal-
tion rules [132]. In DSTE, estimates of the risk metrics of interest are ism is also discussed in Toppila and Salo [136], where the authors cau-
bounded within the belief (lower bound) and plausibility functions (up- tion of challenges upscaling such formalisms for assessing the reliability
per bound), expressed by the Equation [131]: of complex dependable systems. Zhang et al. [137] demonstrated how
linguistic information may be incorporated into an evidential network
Bel (𝐴) ≤ 𝑃 (𝐴) ≤ 𝑃 𝐿 (𝐴) (8) which is based on the DSTE method and a Bayesian network formal-
The exact position where the metric (e.g. probability of failure) lies ism. Flage et al. [138] also apply an approach which synthesizes the
depends on the degree of evidence or information available at the time DSTE and the fuzzy concept within a fault tree modelling formalism, for
of analysis [131]. Hence, strong evidence would suggest a tendency quantifying epistemic uncertainty of basic failure events of general sys-
71
P. Chemweno et al. Reliability Engineering and System Safety 173 (2018) 64–77
Table 1
Overview of methods for quantifying uncertainty in dependability modelling.
tems. More recently, Giuseppe et al. [139] apply an approach which also This challenge is particularly apparent for static and dynamic fault trees,
synthesizes the DSTE and Interval-Valued Probability estimates elicited as discussed in Gharahasanlou et al. [16].
from domain experts where similarly, their combined formalism is em- As regards user intuitiveness, integrated formalisms are seemingly
bedded in a fault tree modelling formalism and applied for assessing the attractive owing to the trade-off between intuitiveness, and modelling
reliability of systems with different configurations, i.e. parallel or series. complexity, especially when temporal aspects are considered. This is
In Bayesian network formalisms, authors such as Kabir et al. where fault tree formalisms are translated to equivalent Bayesian net-
[140] apply the DSTE for fusing censored failure data with expert es- works, hence seems to cope better with uncertainties associated with
timates where their approach is applied for assessing the reliability of sparse reliability data, or qualitative aspects such as operations risks, or
technical components of a water distribution system. Within Bayesian human-related factors, as seen in studies, e.g. Dongiovanni and Iesman-
network modelling formalism, DSTE is also discussed in [129,141–146]. tas [18]. However, it should be mentioned that despite the modelling
Table 1 summarizes the main methods for treating uncertainty in de- versatility introduced by the integrated formalisms, incorporating main-
pendability modelling approaches discussed in this review. tenance policies within the formalisms is seemingly a challenge. Effort
towards this direction is discussed for dynamic fault trees, and in par-
ticular, repairable dynamic fault trees suggested by authors e.g. Manno
6. Discussion
et al. [27]. However, repairable fault tree as discussed, excludes alterna-
tive maintenance such as optimized maintenance planning, or condition-
6.1. General insights, and implications of the review for research and
based maintenance. This omission also extends to incorporating prog-
practice
nostic information, such as inclusion of the remaining useful life to de-
pendability modelling formalisms. Although recent studies consider this
This review offers important insights for decision support in risk as-
aspect, nonetheless it is noted as an important gap which could be fur-
sessment, and more specifically, dependability analysis in maintenance
ther explored.
decision making. In particular, such insights could assist risk analysts
For static and dynamic Bayesian networks which constitute 35%
and maintenance practitioners assess equipment failure risks more ro-
of the reviewed approaches, an important trend towards more flexi-
bustly, and consequently, formulate effective maintenance strategies
ble modelling formalisms is seen. Importantly, apart from incorporating
that mitigate the effects of equipment failures. As depicted in Fig. 4,
temporal aspects, the Bayesian networks offers the advantage of updat-
performing risk assessment is especially an important consideration for
ing risk metrics with the emergence of new failure information. The for-
formulating maintenance strategies for safety-critical systems such as
malism also seems robust for incorporating qualitative information, such
nuclear power generation facilities, railway systems, and chemical pro-
as human-related maintenance errors. Such human aspects are often dif-
cess facilities. For such facilities, sub-optimal risk assessment may re-
ficult to quantify, yet are important contributors to equipment failures,
sult in failure events leading to catastrophic accidents, for instance, the
and accident events in safety-critical assets. Important human-related
Bhopal disaster, or recently, the Deepwater horizon spill event in the
performance shaping factors contributing to maintenance-related er-
Gulf of Mexico [147,148]. By structuring knowledge on dependabil-
rors includes fatigue, skill level, or not incorrect repair procedures. Al-
ity modelling, risk assessment, and maintenance decision making, it is
though inclusion of human factor aspects in Bayesian network modelling
expected that risk analysts and maintenance practitioners will better
formalisms are discussed, this is seemingly limited to safety and acci-
assess the relevance, and applicability of different dependability mod-
dent analysis, for instance, as discussed in Akhtar and Utne [149] and
elling methods.
Calviño, Grande [150].
From the review, significant research is seemingly directed towards
However, one important challenge of incorporating human factors
more versatile dependability modelling methods such as dynamic fault
within dependability modelling formalisms is the difficulty quantifying
trees, dynamic Bayesian networks, hybrid fault trees/Bayesian net-
the probability of errors linked to performance shaping factors associ-
works, and stochastic Petri-nets which overall, accounts for 69 % of
ated with human errors. Quantifying such errors requires use of scenario
the reviewed methods (see Fig. 3). Nonetheless, static dependability ap-
analysis where propagation of human errors to potential maintenance
proaches such as fault trees, and Bayesian networks constitute a notice-
errors is evaluated. Bayesian network formalisms are limited in this re-
able proportion of the reviewed approaches, which may be attributed to
gard. Noroozi et al. [151] proposes an alternative approach where Event
the intuitiveness of the methods by analysts and practitioners (31% of
trees are applied for scenario analysis, and quantifying the impact of hu-
reviewed methods). This contrasts to dynamic dependability modelling
man errors on equipment maintenance.
methods where equipment failure probabilities are primarily resolved
From the review, the important role of Bayesian network formalisms
through Markov models, and Monte Carlo simulation approaches.
for rare event analysis is also discussed. In particular, the data augmen-
However, apart from ignoring temporal aspects, the static fault tree
tation approach seems attractive for decision support in maintenance
is still limited to the extent to which basic failure events are modelled
since, often, availability of sufficient data for failure modelling is an
through varying empirically derived distribution functions, for instance,
important challenge. This is especially the case for high reliability and
Weibull or Lognormal functions. Largely, in the reviewed methods, ba-
safety-critical systems depicted in Fig. 4. A trend towards this direc-
sic events are assumed as exponentially distributed, an assumption con-
tion is discussed in studies, for instance, in [152,153]. An important
sidered for modelling simplicity. Although empirically derived distribu-
concern, however, for rare event analysis relates to validation concerns
tions would ideally mimic failure models expected in real-life, incorpo-
for formalisms integrating such analysis. This is an important challenge
rating such distributions within the reviewed formalisms is not straight-
neccesatitating future work in this direction.
forward, and presents additional resolution complexities of the methods.
72
P. Chemweno et al. Reliability Engineering and System Safety 173 (2018) 64–77
To address some of the validation concerns for rare failure events, Other plausible approaches may include alternative formalisms, such
the Markov chain Monte Carlo (McMC) simulation approach is discussed as use of dynamic event trees for instances where information on fault
where apart from efficiently resolving complex posterior distributions, incidences modelled via fault trees is limited. This approach is discussed
the approach addresses validity concerns for sparse data sets. This is in Ibánez et al. [158] where they argue that the DET formalism avoids
achieved partly through computing the Deviance Information Crite- the need for exploring all potential system failure configurations or de-
rion (DIC) which is embedded in software applications such as BUGS pendencies. A similar trend towards using the DET modelling formalism
(Bayesian Inference Using Gibbs Sampler). Although a useful resolution is also seen in Karanki et al. [159] where uncertainties associated with
approach for posterior distributions, and addressing model validity con- stochastic failure probabilities and modelling parameters are incorpo-
cerns, its usage is limited to fairly simple systems with straightforward rated within DET’s.
dependencies. Extending the McMC for modelling more complex depen- For integrating sparse information to dependability formalisms, in-
dencies such as maintenance policies, and human-related maintenance formation fusion architectures are suggested. For instance, Guo et al.
errors is an interesting direction for future work. [160] propose an approach where information from both expert and
Although demonstrated as applicable for rare event analysis, data sources are integrated via a Bayesian inferencing framework. Their
Stochastic Petri-net applies enabling rules within a simulation modelling approach importantly uses linear and geometric pooling methods, hence
framework which also introduces model validity concerns, for instance, allowing importance weights to be assigned to the prior failure infor-
as discussed in Paolieri et al. [154]. Moreover, the formalism may not mation. This diversifies the characteristics of possible prior that may
be intuitive to maintenance practitioners as compared to methods such be integrated in the Bayesian inferencing framework. A Naives Bayes
as fault trees, or Bayesian network formalisms, hence its seemingly low approach for handling missing or unsynchronized is also proposed re-
proportion as compared to other reviewed dependability modelling ap- cently in Dabrowski et al. [161], and integrated in a dynamic Bayesian
proaches. network modelling formalism. Hence such recent formalisms indicate
For quantifying epistemic uncertainty, integrating fuzzy and DSTE an interesting trend towards more data driven dependability modelling
concepts within dependability modelling formalisms, such as the static approaches.
and dynamic fault trees is an interesting observation (45% of uncer- For rare failure analysis, a notable constraint is the reliance on both
tainty quantification methods, see Table 1). This is because, in absence numerical reliability data and expert analysis, which necessitates nu-
of sufficient data for modelling basic failure events, eliciting fuzzy esti- merous modelling assumptions for augmenting subjective estimates. To
mates from domain experts is an intuitive approach for addressing data mitigate the impact of such assumptions, authors such as Khorsandi
availability challenges. However, the fuzzy concept raises model valid- and Aven [162] propose inclusion of the ‘assumption deviation risk’
ity concerns which is partly addressed by Bayesian updating. The DSTE for mitigating modelling uncertainties. Inclusion of such aspects to de-
method also provides a useful platform for augmenting sparse reliabil- pendability modelling may further enhance treatment of uncertainty,
ity information with expert estimates, for instance, discussed in stud- hence, an interesting area of future work. Combined formalisms such as,
ies, e.g. Khalaj et al. [155], and Flage et al. [138]. In particular, the such as the generalized stochastic Pertinets integrated with fault trees is
DSTE integrates a useful data fusion framework which allows synthesis demonstrated for rare failure/accident analysis. Talebberrouane, Khan
of maintenance-related information from multiple sources, e.g. condi- [80] demonstrates that such formalisms provides more information on
tion monitoring sensor data such as vibration and ultrasound. The fusion fault occurrences at different operational states and dependability se-
further extends to integrating information elicited from domain experts quences, and may consider alternative maintenance and repair strate-
within the modelling formalism. gies. A similar Petrinet/fault tree formalism is also discussed recently
in Yan et al. [163] for assessing the reliability of complex automated
guided vehicle systems while considering optimal inspection and main-
6.2. General directions for future work tenance timings.
Data-driven machine learning approaches, and the DSTE method
From the above discussion, dependability modelling formalisms also seems to provide a plausible data fusion platform. For instance,
present interesting prospects for future research within the maintenance integrating methods such as the Least square Support Vector Machine
decision making domain. Firstly, there is need to extend the modelling (SVM) in dependability modelling is widely discussed method for diag-
flexibility of fault tree and Bayesian network formalisms such that em- nosing faults of technical assets, e.g. see [164,165].
pirical failure models are integrated in the formalisms. This deviates Thirdly, the combinatorial explosion problem remains an important
from the traditional assumption in dynamic fault trees where basic fail- challenge for upscaling graphical-oriented dependability methods dis-
ure events are assumed as exponentially distributed. Incorporating such cussed in this review, i.e. fault trees, stochastic Petri-net, and Bayesian
empirically derived failure models may pave way for more flexible for- network. This is especially a challenge for modelling systems with com-
malisms where the reliability of complex electromechanical systems, plex dependencies owing to multiple interconnected components ex-
such as collaborative robots is more practically assessed. Often such hibiting varying failure mechanics. Although object-oriented modelling
robots systems constitute components exhibiting varying failure mech- approaches try to address this concern by modularizing complex de-
anisms, such as random failures (electronic components) or Weibull or pendability formalisms, the decomposition limits the extent to which
Gamma distributed failures (mechanical systems) [156]. reliability, and maintenance-related aspects are integrated into such for-
Secondly, mapping failure dependencies objectively in the for- malisms. Invariably, this limits the robustness of the risk assessment
malisms discussed in this review is challenging. Often, the failure depen- process, and maintenance decision making, the latter linked to selecting
dencies are mapped qualitatively, either based on expert knowledge on optimal maintenance strategies. Hence, exploring more efficient decom-
associations between failure mechanisms, or based on the system config- position schemes forms an interesting prospect for future work. In addi-
uration. The latter considers how components are interconnected, and tion to decomposition schemes, application of more efficient algorithms
presumes that failure dependencies are aligned to the system configura- for reducing storage necessary for constructing modular schemes such
tion. Data exploration methods combined with data fusion approaches as Bayesian network may assist upscale dependability models. Recent
may provide a plausible platform for objectively mapping dependencies work in this direction is discussed in Tien and Der Kiureghian [166].
between failure events, for instance, discussed in Chemweno et al. [3]. Alternative integrated formalisms may also allow upscaling of de-
In particular, information fusion may allow synthesizing data from sys- pendability models, and overcome the challenge of traditional ap-
tems of similar configuration or design. This approach is discussed in proaches which so far focus on simple systems with limited dependen-
Raz et al. [157] where Information Fusion System architecture is sug- cies. Recent application of continuous-time Markov chain seems promis-
gested. ing in this regard, for instance, proposed in Liang et al. [167]. Func-
73
P. Chemweno et al. Reliability Engineering and System Safety 173 (2018) 64–77
74
P. Chemweno et al. Reliability Engineering and System Safety 173 (2018) 64–77
[33] Ge D, Lin M, Yang Y, Zhang R, Chou Q. Quantitative analysis of dynamic fault [67] Khakzad N, Khan F, Amyotte P. Risk-based design of process systems using dis-
trees using improved Sequential Binary Decision Diagrams. Reliab Eng Syst Saf crete-time Bayesian networks. Reliab Eng Syst Saf 2013;109:5–17.
2015;142:289–99. [68] Kabir S, Walker M, Papadopoulos Y. Reliability analysis of dynamic systems by
[34] Ge D, Li D, Chou Q, Zhang R, Yang Y. Quantification of highly coupled dynamic translating temporal fault trees into Bayesian networks. Model-Based Saf Assess:
fault tree using IRVPM and SBDD. Qual Reliab Eng Int 2016;32:139–51. Springer 2014:96–109.
[35] Simeu-Abazi Z, Lefebvre A, Derain J-P. A methodology of alarm filtering using [69] Mi J, Li Y-F, Yang Y-J, Peng W, Huang H-Z. Reliability assessment of com-
dynamic fault tree. Reliab Eng Syst Saf 2011;96:257–66. plex electromechanical systems under epistemic uncertainty. Reliab Eng Syst Saf
[36] Codetta Raiteri D. Integrating several formalisms in order to increase Fault Trees’ 2016;152:1–15.
modeling power. Reliab Eng Syst Saf 2011;96:534. [70] Wang L, Pan R, Wang X, Fan W, Xuan J. A Bayesian reliability evaluation
[37] Flammini F, Marrone S, Iacono M, Mazzocca N, Vittorini V. A multiformalism method with different types of data from multiple sources. Reliab Eng Syst Saf
modular approach to ERTMS/ETCS failure modeling. Int J Reliab Qual Saf Eng 2017;167:128–35.
2014;21:145. [71] Barua S, Gao X, Pasman H, Mannan MS. Bayesian network based dynamic opera-
[38] Turan O, Lazakis I, Judah S, Incecik A. Investigating the reliability and criticality tional risk assessment. J Loss Prev Process Ind 2016;41:399–410.
of the maintenance characteristics of a diving support vessel. Qual Reliab Eng Int [72] Darwish M, Almouahed S, De Lamotte F. The integration of expert-defined im-
2011;27:931–46. portance factors to enrich Bayesian Fault Tree Analysis. Reliab Eng Syst Saf
[39] Rauzy A, Blériot-Fabre C. Towards a sound semantics for dynamic fault trees. Reliab 2017;162:81–90.
Eng Syst Saf 2015;142:184–91. [73] Chen S, Qi Z, Chen D, Guo L, Peng W. Investigation of Bayesian network for relia-
[40] Chiacchio F, D’Urso D, Manno G, Compagno L. Stochastic hybrid automaton model bility analysis and fault diagnosis of complex systems with real case applications.
of a multi-state system with aging: Reliability assessment and design consequences. Adv Mech Eng 2017;9:10.
Reliab Eng Syst Saf 2016;149:1–13. [74] Codetta-Raiteri D, Portinale L. Approaching dynamic reliability with predictive and
[41] Yevkin O. An efficient approximate markov chain method in dynamic fault tree diagnostic purposes by exploiting dynamic Bayesian networks. Proc Inst Mech Eng
analysis. Qual Reliab Eng Int 2015;32:1509–20. Part O: J Risk Reliab 2014;228:488–503.
[42] Merle G, Roussel JM, Lesage JJ. Quantitative analysis of dynamic fault trees based [75] Sadou N, Demmou H. Reliability analysis of discrete event dynamic systems with
on the structure function. Qual Reliab Eng Int 2014;30:143–56. Petri nets. Reliab Eng Syst Saf 2009;94:1848–61.
[43] Chiacchio F, Cacioppo M, D’Urso D, Manno G, Trapani N, Compagno L. A Weibul- [76] Signoret J-P, Dutuit Y, Cacheux P-J, Folleau C, Collas S, Thomas P. Make your Petri
l-based compositional approach for hierarchical dynamic fault trees. Reliab Eng nets understandable: Reliability block diagrams driven Petri nets. Reliab Eng Syst
Syst Saf 2013;109:45–52. Saf 2013;113:61–75.
[44] Zhu P, Han J, Liu L, Lombardi F. A stochastic approach for the analysis of dynamic [77] L-l Song, T-y Wang, X-w Song, Xu L, Song D-g. Research and application of FTA
fault trees with spare gates under probabilistic common cause failures. IEEE Trans and petri nets in fault diagnosis in the pantograph-type current collector on CRH
Reliab 2015;64:878–92. EMU trains. Math Prob Eng 2015:1–12.
[45] Chiacchio F, Compagno L, D’Urso D, Manno G, Trapani N. Dynamic fault trees [78] Sharma RK, Sharma P. Integrated framework to optimize RAM and cost decisions
resolution: A conscious trade-off between analytical and simulative approaches. in a process plant. J Loss Prev Process Ind 2012;25:883–904.
Reliab Eng Syst Saf 2011;96:1515–26. [79] Wang Z, Atli M, Kondo Adjallah H. Coloured stochastic Petri nets modelling for
[46] Lindhe A, Norberg T, Rosén L. Approximate dynamic fault tree calculations for the reliability and maintenance analysis of multi-state multi-unit systems. J Manuf
modelling water supply risks. Reliab Eng Syst Saf 2012;106:61–71. Technol Manag 2014;25:476–90.
[47] Nguyen TK, Beugin J, Marais J. Method for evaluating an extended Fault Tree [80] Talebberrouane M, Khan F, Lounis Z. Availability analysis of safety critical systems
to analyse the dependability of complex systems: Application to a satellite-based using advanced fault tree and stochastic Petri net formalisms. J Loss Prev Process
railway system. Reliab Eng Syst Saf 2015;133:300–13. Ind 2016;44:193–203.
[48] Khakzad N, Khan F, Amyotte P. Quantitative risk analysis of offshore drilling op- [81] Leigh JM, Dunnett SJ. Use of Petri nets to model the maintenance of wind turbines.
erations: A Bayesian approach. Saf Sci 2013;57:108–17. Qual Reliab Eng Int 2016;32:167–80.
[49] Nielsen TD, JENSEN FV. Bayesian networks and decision graphs. Springer; 2009. [82] Zhang D, Hu H, Roberts C. Rail maintenance analysis using Petri nets. Struct In-
[50] Liu Z, Liu Y, Cai B, Zhang D, Zheng C. Dynamic Bayesian network modeling of frastruct Eng 2017;13:783–93.
reliability of subsea blowout preventer stack in presence of common cause failures. [83] Zio E. Integrated deterministic and probabilistic safety assessment: concepts, chal-
J Loss Prev Process Ind 2015;38:58–66. lenges, research directions. Nucl Eng Des 2014;280:413–19.
[51] Ferreiro S, Arnaiz A, Sierra B, Irigoien I. Application of Bayesian networks in prog- [84] He Y, Mirzargar M, Kirby RM. Mixed aleatory and epistemic uncertainty quantifi-
nostics for a new Integrated Vehicle Health Management concept. Expert Syst Appl cation using fuzzy set theory. Int J Approximate Reasoning 2015;66:1–15.
2012;39:6402–18. [85] Bolstad WM. Introduction to Bayesian statistics. John Wiley & Sons; 2013.
[52] Gran B, Bye R, Nyheim O, Okstad E, Seljelid J, Sklet S, et al. Evaluation of the Risk [86] Thodi P, Khan F, Haddara M. Risk based integrity modeling of offshore pro-
OMT model for maintenance work on major offshore process equipment. J Loss cess components suffering stochastic degradation. J Qual Maint Eng 2013;19:
Prev Process Ind 2012;25:582–93. 157–180.
[53] Tian X, Liu Y, Zhang Y, Lin R, Xi Y. Fault diagnosis research of submarine casing [87] Scott SL, Blocker AW, Bonassi FV, Chipman HA, George EI, McCulloch RE. Bayes
cutting robot for abandoned oil wellhead. Int J Secur Appl 2014;8:213–24. and big data: The consensus Monte Carlo algorithm. Int J Manag Sci Eng Manag
[54] Liu Z, Liu Y, Wu X, Yang D, Cai B, Zheng C. Reliability evaluation of auxiliary 2016;11:78–88.
feedwater system by mapping GO-FLOW models into Bayesian networks. ISA Trans [88] Peng W, Li Y-F, Yang Y-J, Mi J, Huang H-Z. Leveraging degradation testing and
2016;64:174–83. condition monitoring for field reliability analysis with time-varying operating mis-
[55] Askarian M, Zarghami R, Jalali‐Farahani F, Mostoufi N. Fault diagnosis of chemi- sions. IEEE Trans Reliab 2015;64:1367–82.
cal processes considering fault frequency via Bayesian network. Can J Chem Eng [89] Yontay P, Pan R. A computational Bayesian approach to dependency assessment in
2016;94:2315–25. system reliability. Reliab Eng Syst Saf 2016;152:104–14.
[56] Abbassi R, Bhandari J, Khan F, Garaniya V, Chai S. Developing a quantitative [90] Wang G, Xu T, Tang T, Yuan T, Wang H. A Bayesian network model for pre-
risk-based methodology for maintenance scheduling using Bayesian network. Chem diction of weather-related failures in railway turnout systems. Expert Syst Appl
Eng Trans 2016;48:235–40. 2017;69:247–56.
[57] Cai B, Liu Y, Fan Q, Zhang Y, Yu S, Liu Z, et al. Performance evaluation of subsea [91] Troffaes MC, Walter G, Kelly D. A robust Bayesian approach to modeling epistemic
BOP control systems using dynamic Bayesian networks with imperfect repair and uncertainty in common-cause failure models. Reliab Eng Syst Saf 2014;125:13–21.
preventive maintenance. Eng Appl Artif Intell 2013;26:2661–72. [92] Mahmoud MS, Khalid HM. Expectation maximization approach to data-based fault
[58] Hu J, Zhang L, Liang W. Opportunistic predictive maintenance for complex mul- diagnostics. Inf Sci 2013;235:80–96.
ti-component systems based on DBN-HAZOP model. Process Saf Environ Prot [93] Zhang X, Kang J, Jin T. Degradation modeling and maintenance decisions based
2012;90:376–88. on Bayesian belief networks. IEEE Trans Reliab 2014;63:620–33.
[59] Cózar J, Gámez JMPJA. An application of dynamic bayesian networks to condition [94] Zhang Z, Dong F. Fault detection and diagnosis for missing data systems with
monitoring and fault prediction in a sensored system: a Case Study. 2017;10:176– a three time-slice dynamic Bayesian network approach. Chemom Intell Lab Syst
95. 2014;138:30–40.
[60] Zhu J, Collette M. A dynamic discretization method for reliability inference in dy- [95] Ratnapinda P, Druzdzel MJ. Learning discrete Bayesian network parameters from
namic bayesian networks. Reliab Eng Syst Saf 2015;138:242–52. continuous data streams: What is the best strategy? J Appl Logic 2015;13:628–42.
[61] Luque J, Straub D. Reliability analysis and updating of deteriorating systems with [96] Bacha A, Benhra J, Sabry AH. A CNC machine fault diagnosis methodology based
dynamic Bayesian networks. Struct Saf 2016;62:34–46. on bayesian networks and data acquisition. Commun Appl Electron 2016;5:41–8.
[62] Li K, Ren Y, Fan D, Liu L, Wang Z, Ma Z. Enhance GO methodology for reliabil- [97] Sengupta A, Cressie N. Hierarchical statistical modeling of big spatial datasets using
ity analysis of the closed-loop system using Cyclic Bayesian Networks. Mechanical the exponential family of distributions. Spatial Stat 2013;4:14–44.
systems and signal processing. In Press; 2017. [98] Soliman AA, Abd-Ellah AH, Abou-Elheggag NA, Ahmed EA. Modified Weibull
[63] Ramírez PAP, Utne IB. Use of dynamic Bayesian networks for life extension assess- model: A Bayes study using MCMC approach based on progressive censoring data.
ment of ageing systems. Reliab Eng Syst Saf 2015;133:119–36. Reliab Eng Syst Saf 2012;100:48–57.
[64] Salazar JC, Weber P, Nejjari F, Sarrate R, Theilliol D. System reliability aware [99] Andrieu C, Vihola M. Convergence properties of pseudo-marginal Markov chain
model predictive control framework. Reliab Eng Syst Saf 2017;167:663–72. Monte Carlo algorithms. Ann Appl Probab 2015;25:1030–77.
[65] Liang XF, Wang HD, Yi H, Li D. Warship reliability evaluation based on dynamic [100] Doucet A, Pitt M, Deligiannidis G, Kohn R. Efficient implementation of Markov
bayesian networks and numerical simulation. Ocean Eng 2017;136:129–40. chain Monte Carlo when using an unbiased likelihood estimator. Biometrika
[66] Codetta-Raiteri D, Portinale L. Generalized Continuous Time Bayesian Networks as 2015;102 295-13.
a modelling and analysis formalism for dependable systems. Reliab Eng Syst Saf [101] Van Dyk DA, Jiao X. Metropolis-Hastings within partially collapsed Gibbs samplers.
2017;167:639–51. J Comput Graph Statist 2015;24:301–27.
75
P. Chemweno et al. Reliability Engineering and System Safety 173 (2018) 64–77
[102] Lin J, Asplund M, Parida A. Reliability analysis for degradation of locomotive [140] Kabir G, Demissie G, Sadiq R, Tesfamariam S. Integrating failure prediction mod-
wheels using parametric Bayesian approach. Qual Reliab Eng Int 2014;30:657–67. els for water mains: Bayesian belief network based data fusion. Knowl-Based Syst
[103] Liu Y, Lin P, Li Y-F, Huang H-Z. Bayesian reliability and performance assessment 2015;85:159–69.
for multi-state systems. IEEE Trans Reliab 2015;64:394–409. [141] Chen Y, Chen Y-W, Xu X-B, Pan C-C, Yang J-B, Yang G-K. A data-driven approxi-
[104] Aslett LJ, Coolen F, Wilson SP. Bayesian inference for reliability of systems and mate causal inference model using the evidential reasoning rule. Knowl-Based Syst
networks using the survival signature. Risk Anal 2015;35 1640-51. 2015;88:264–72.
[105] Wang H, Yajima A, Castaneda H. Bayesian modeling of external corrosion in under- [142] Yang J, Huang H-Z, He L-P, Zhu S-P, Wen D. Risk evaluation in failure mode and
ground pipelines based on the integration of Markov chain Monte Carlo techniques effects analysis of aircraft turbine rotor blades using Dempster–Shafer evidence
and clustered inspection data. Comput‐Aided Civil Infrastruct Eng 2015;30:300–16. theory under uncertainty. Eng Fail Anal 2011;18:2084–92.
[106] Bassamzadeh N, Ghanem R. Multiscale stochastic prediction of electricity demand [143] Compare M, Zio E. Genetic algorithms in the framework of Dempster-Shafer
in smart grids using Bayesian networks. Appl Energy 2017;193:369–80. theory of evidence for maintenance optimization problems. IEEE Trans Reliab
[107] Nadar M, Kızılaslan F. Estimation of reliability in a multicomponent stress-strength 2015;64:645–60.
model based on a Marshall-Olkin Bivariate Weibull distribution. IEEE Trans Reliab [144] Yuan K, Xiao F, Fei L, Kang B, Deng Y. Modeling sensor reliability in fault diagnosis
2016;65:370–80. based on evidence theory. Sensors 2016;16:113.
[108] Zaidan MA, Harrison RF, Mills AR, Fleming PJ. Bayesian Hierarchical Models for [145] Certa A, Hopps F, Inghilleri R, La Fata CM. A Dempster-Shafer theory-based ap-
aerospace gas turbine engine prognostics. Expert Syst Appl 2015;42:539–53. proach to the failure mode, effects and criticality analysis (FMECA) under epis-
[109] Vergé C, Morio J, Del Moral P. An island particle algorithm for rare event analysis. temic uncertainty: application to the propulsion system of a fishing vessel. Reliab
Reliab Eng Syst Saf 2016;149:63–75. Eng Syst Saf 2017;159:69–79.
[110] Tee KF, Khan LR, Li H. Application of subset simulation in reliability estimation of [146] Shah H, Hosder S, Winter T. Quantification of margins and mixed uncer-
underground pipelines. Reliab Eng Syst Saf 2014;130:125–31. tainties using evidence theory and stochastic expansions. Reliab Eng Syst Saf
[111] Compare M, Baraldi P, Bani I, Zio E, Mc Donnell D. Development of a Bayesian 2015;138:59–72.
multi-state degradation model for up-to-date reliability estimations of working in- [147] Goh YM, Tan S, Lai KC. Learning from the Bhopal disaster to improve process safety
dustrial components. Reliab Eng Syst Saf 2016;166:25–40. management in Singapore. Process Saf Environ Prot 2015;97:102–8.
[112] Hamada M, Wilson A, Weaver B, Griffiths R, Martz H. Bayesian binomial assurance [148] Labib A. Learning (and unlearning) from failures: 30 years on from Bhopal to
tests for system reliability using component data. J Qual Technol 2014;46:24. Fukushima an analysis through reliability engineering techniques. Process Saf En-
[113] Kim Y-J, Ahn K-U, Park C-S. Decision making of HVAC system using Bayesian viron Prot 2015;97:80–90.
Markov chain Monte Carlo method. Energy Build 2014;72:112–21. [149] Akhtar MJ, Utne IB. Human fatigue’s effect on the risk of maritime groundings – A
[114] Alzbutas R, Iešmantas T. Application of Bayesian methods for age‐dependent reli- Bayesian network modeling approach. Saf Sci 2014;62:427–40.
ability analysis. Qual Reliab Eng Int 2014;30:121–32. [150] Calviño A, Grande Z, Sánchez‐Cambronero S, Gallego I, Rivas A, Menéndez JM.
[115] Eldred MS, Swiler LP, Tang G. Mixed aleatory-epistemic uncertainty quantification A Markovian–Bayesian network for risk analysis of high speed and conven-
with stochastic expansions and optimization-based interval estimation. Reliab Eng tional railway lines integrating human errors. Comput‐Aided Civil Infrast Eng
Syst Saf 2011;96:1092–113. 2016;31:193–218.
[116] Zadeh LA. Fuzzy sets as a basis for a theory of possibility. Fuzzy Sets Syst [151] Noroozi A, Khakzad N, Khan F, MacKinnon S, Abbassi R. The role of human error
1978;1:3–28. in risk analysis: Application to pre- and post-maintenance procedures of process
[117] Purba JH, Lu J, Zhang G, Pedrycz W. A fuzzy reliability assessment of basic events facilities. Reliab Eng Syst Saf 2013;119:251–8.
of fault trees through qualitative data processing. Fuzzy Sets Syst 2014;243:50–69. [152] Yang M, Khan F, Lye L, Amyotte P. Risk assessment of rare events. Process Saf
[118] Rajakarunakaran S, Kumar AM, Prabhu VA. Applications of fuzzy faulty tree anal- Environ Prot 2015;98:102–8.
ysis and expert elicitation for evaluation of risks in LPG refuelling station. J Loss [153] Yu H, Khan F, Veitch B. A flexible hierarchical Bayesian modeling technique for
Prev Process Ind 2015;33:109–23. risk analysis of major accidents. Risk Anal 2017;37:1668–82.
[119] Mhalla A, Collart Dutilleul S, Craye E, Benrejeb M. Estimation of failure proba- [154] Paolieri M, Horvath A, Vicario E. Probabilistic model checking of regenerative con-
bility of milk manufacturing unit by fuzzy fault tree analysis. J Intell Fuzzy Syst current systems. IEEE Trans Softw Eng 2016;42:153–69.
2014;26:741–50. [155] Khalaj M, Makui A, Tavakkoli-Moghaddam R. Risk-based reliability assessment un-
[120] Kabir S, Walker M, Papadopoulos Y, Rüde E, Securius P. Fuzzy temporal fault tree der epistemic uncertainty. J Loss Prev Process Ind 2012;25:571–81.
analysis of dynamic systems. Int J Approximate Reasoning 2016;77:20–37. [156] Fazlollahtabar H, Niaki STA. A modified branching process for the reliability anal-
[121] Yazdi M, Nikfar F, Nasrabadi M. Failure probability analysis by employing fuzzy ysis of complex systems: multiple-robot systems. Commun Stat-Theory Methods
fault tree analysis. Int J Syst Assur Eng Manag 2017:1–17. 2017:1–12.
[122] Duan R, Fan J. Dynamic diagnosis strategy for redundant systems based on relia- [157] Raz AK, Kenley CR, DeLaurentis DA. A System-of-Systems perspective for informa-
bility analysis and sensors under epistemic uncertainty. J Sens 2015:1–14. tion fusion system design and evaluation. Inf Fusion 2017;35:148–65.
[123] Yuyan C, Ting L, Jian W, Rong X, Xinmin W. Fuzzy dynamic fault tree analysis for [158] Ibánez L, Hortal J, Queral C, Gómez-Magán J, Sánchez-Perea M, Fernández I,
electro-mechanical actuator based on algebraic model with common-cause failures. et al. Application of the integrated safety assessment methodology to safety mar-
Autom Control Comput Sci 2016;50:80–90. gins. Dynamic event trees, damage domains and risk assessment. Reliab Eng Syst
[124] He Q, Yabing Z, ZHAng R, Sun Q, Liu T. Reliability analysis for multi-state system Saf 2016;147:170–93.
based on triangular fuzzy variety subset bayesian networks. Eksploatacja I Nieza- [159] Karanki DR, Rahman S, Dang VN, Zerkak O. Epistemic and aleatory uncertainties
wodnosc 2017;19:158. in integrated deterministic and probabilistic safety assessment: Tradeoff between
[125] Urbina A. Quantification of margins and uncertainties of complex systems in the accuracy and accident simulations. Reliab Eng Syst Saf 2017;162:91–102.
presence of aleatoric and epistemic uncertainty. Reliab Eng Syst Saf 2011;96:1114. [160] Guo J, Li ZS, Jin JJ. System reliability assessment with multilevel information using
[126] Helton JC, Johnson JD. Quantification of margins and uncertainties: alternative the Bayesian melding method. Reliab Eng Syst Saf 2018;170:146–58.
representations of epistemic uncertainty. Reliab Eng Syst Saf 2011;96:1034–52. [161] Dabrowski JJ, de Villiers JP, Beyers C. Naïve Bayes switching linear dynamical
[127] WestIV TK, Hosder S, Winter T. Quantification of margins and uncertainties for system: A model for dynamic system modelling, classification, and information
integrated spacecraft systems models. J Spacecraft Rockets 2015;52:450–61. fusion. Inf Fusion 2018;42:75–101.
[128] WestIV TK, Hosder S. Uncertainty quantification of hypersonic reentry flows with [162] Khorsandi J, Aven T. Incorporating assumption deviation risk in quantitative risk
sparse sampling and stochastic expansions. J Spacecraft Rockets 2015;52:120–33. assessments: A semi-quantitative approach. Reliab Eng Syst Saf 2017;163:22–32.
[129] Shah H, Hosder S, Winter T. A mixed uncertainty quantification approach using [163] Yan R, Jackson LM, Dunnett SJ. Automated guided vehicle mission reliability mod-
evidence theory and stochastic expansions. Int J Uncertainty Quantif 2015;5 51-48. elling using a combined fault tree and Petri net approach. Int J Adv Manuf Technol
[130] Novack SD, Rogers J, Al Hassan M, Hark F. Characterizing epistemic uncertainty 2017:1–13.
for launch vehicle designs. 2016. [164] Benkedjouh T, Medjaher K, Zerhouni N, Rechak S. Health assessment and life
[131] Shafer G, Logan R. Implementing Dempster’s rule for hierarchical evidence. Artif prediction of cutting tools based on support vector regression. J Intell Manuf
Intell 1987;33:271–98. 2015;26:213–23.
[132] Lin G, Liang J, Qian Y. An information fusion approach by combining multigranu- [165] Tang B, Song T, Li F, Deng L. Fault diagnosis for a wind turbine transmission system
lation rough sets and evidence theory. Inf Sci 2015;314:184–99. based on manifold learning and Shannon wavelet support vector machine. Renew-
[133] Ding Q, Peng Z, Liu T, Tong Q. Multi-sensor building fire alarm system with infor- able Energy 2014;62:1–9.
mation fusion technology based on DS evidence theory. Algorithms 2014;7:523–37. [166] Tien I, Der Kiureghian A. Algorithms for Bayesian network modeling and reliability
[134] Agaram V. Reliability of multi-sensor fusion for next generation cars and trucks. assessment of infrastructure systems. Reliab Eng Syst Saf 2016;156:134–47.
SAE 2014:1–10. [167] Liang Z, Parlikad AK, Srinivasan R, Rasmekomen N. On fault propagation in dete-
[135] Duan R, Hu L, Lin Y. Fault diagnosis for complex systems based on dynamic ev- rioration of multi-component systems. Reliab Eng Syst Saf 2017;162:72–80.
idential network and multi-attribute decision making with interval numbers. Ek- [168] Fazlollahtabar H, Niaki STA. Binary state reliability computation for a complex sys-
sploatacja I Niezawodnosc 2017;19:580. tem based on extended Bernoulli trials: Multiple autonomous robots. Qual Reliab
[136] Toppila A, Salo A. Selection of risk reduction portfolios under interval-valued prob- Eng Int 2017;33:1709–18.
abilities. Reliab Eng Syst Saf 2017;163:69–78. [169] Li Y-F, Valla S, Zio E. Reliability assessment of generic geared wind turbines by GT-
[137] Zhang X, Mahadevan S, Deng X. Reliability analysis with linguistic data: An evi- ST-MLD model and Monte Carlo simulation. Renewable Energy 2015;83:222–33.
dential network approach. Reliab Eng Syst Saf 2017;162:111–21. [170] Zwirglmaier K, Straub D, Groth KM. Capturing cognitive causal paths in hu-
[138] Flage R, Baraldi P, Zio E, Aven T. Probability and possibility‐based representations man reliability analysis with Bayesian network models. Reliab Eng Syst Saf
of uncertainty in fault tree analysis. Risk Anal 2013;33:121–33. 2017;158:117–29.
[139] Giuseppe C, Maria GG, La Fata CM. A Dempster-Shafer theory-based approach to [171] Dezfuli H, Kelly D, Smith C, Vedros K, Galyean W. Bayesian inference for NASA
compute the birnbaum importance measure under epistemic uncertainty. Int J Appl probabilistic risk and reliability analysis. Washington, DC: NASA; 2009.
Eng Res 2016;11:10574–85.
76
P. Chemweno et al. Reliability Engineering and System Safety 173 (2018) 64–77
[172] Zhou D. The Application of Bayesian Networks in System Reliability. Arizona State [177] Liu H-C, You J-X, Duan C-Y. An integrated approach for failure mode and effect
University; 2014. analysis under interval-valued intuitionistic fuzzy environment. Int J Prod Econ
[173] Roy A, Srivastava P, Sinha S. Risk and reliability assessment in chemical process 2017 In Press.
industries using Bayesian methods. Rev Chem Eng 2014;30:479–99. [178] Duan R, Fan J. Dynamic diagnosis strategy for redundant systems based on relia-
[174] Vergé C, Morio J, Del Moral P. An island particle algorithm for rare event analysis. bility analysis and sensors under epistemic uncertainty. J Sens 2015;1–14.
Reliab Eng Syst Saf 2016;149:63–75. [179] Abdo H, Flaus J. Monte Carlo simulation to solve fuzzy dynamic fault tree. IFAC–
[175] Pan Z, Balakrishnan N. Reliability modeling of degradation of products with mul- PapersOnLine 2016;49:1886–91.
tiple performance characteristics based on gamma processes. Reliab Eng Syst Saf [180] Eldred MS, Swiler LP, Tang G. Mixed aleatory-epistemic uncertainty quantification
2011;96:949–57. with stochastic expansions and optimization-based interval estimation. Reliab Eng
[176] Jee TL, Tay KM, Lim CP. A new two-stage fuzzy inference system-based ap- Syst Saf 2011;96:1092–113.
proach to prioritize failures in failure mode and effect analysis. IEEE Trans Reliab [181] Helton JC, Johnson JD. Quantification of margins and uncertainties: alternative
2015;64:869–77. representations of epistemic uncertainty. Reliab Eng Syst Saf 2011;96:1034–52.
77