Reliability engineering probabilistic models and maintenance methods

Accordingly, let n be the number of components that make up the device and define the component status variables, x i, as i i=ìíî 10 if component is functioning if component is failed so

RELIABILITY ENGINEERING

Probabilistic Models and Maintenance Methods

Second Edition

RELIABILITY ENGINEERING

JOEL A NACHLAS

Probabilistic Models and Maintenance Methods

Second Edition

Boca Raton London New York

CRC Press is an imprint of the

Taylor & Francis Group, an informa business

Boca Raton, FL 33487-2742

© 2017 by Taylor & Francis Group, LLC

CRC Press is an imprint of Taylor & Francis Group, an Informa business

No claim to original U.S Government works

Printed on acid-free paper

Version Date: 20161019

International Standard Book Number-13: 978-1-4987-5247-3 (Pack - Book and Ebook)

This book contains information obtained from authentic and highly regarded sources Reasonable efforts have been made to publish reliable data and information, but the author and publisher cannot assume responsibility for the validity of all materials or the consequences of their use The authors and publishers have attempted to trace the copyright holders of all material reproduced in this publication and apologize to copyright holders if permission to publish in this form has not been obtained If any copyright material has not been acknowledged please write and let us know so we may rectify in any future reprint.

Except as permitted under U.S Copyright Law, no part of this book may be reprinted, reproduced, transmitted, or utilized in any form by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying, microfilming, and recording, or in any information stor- age or retrieval system, without written permission from the publishers.

For permission to photocopy or use material electronically from this work, please access right.com (http://www.copyright.com/) or contact the Copyright Clearance Center, Inc (CCC), 222 Rosewood Drive, Danvers, MA 01923, 978-750-8400 CCC is a not-for-profit organization that pro- vides licenses and registration for a variety of users For organizations that have been granted a photo- copy license by the CCC, a separate system of payment has been arranged.

www.copy-Trademark Notice: Product or corporate names may be trademarks or registered trademarks, and are

used only for identification and explanation without intent to infringe.

Visit the Taylor & Francis Web site at

http://www.taylorandfrancis.com

and the CRC Press Web site at

http://www.crcpress.com

Dedicated to the memory of Betty Nachlas

Contents

Preface xiii

Author xv

1 Introduction 1

2 System Structures 5

2.1 Status Functions 5

2.2 System Structures and Status Functions 7

2.2.1 Series Systems 7

2.2.2 Parallel System 8

2.2.3 k-out-of-n Systems 10

2.2.4 Equivalent Structures 12

2.3 Modules of Systems 17

2.4 Multistate Components and Systems 18

Exercises 19

3 Reliability of System Structures 23

3.1 Probability Elements 23

3.2 Reliability of System Structures 24

3.2.1 Series Systems 24

3.2.2 Parallel Systems 25

3.2.3 k-out-of-n Systems 25

3.2.4 Equivalent Structures 26

3.3 Modules 31

3.4 Reliability Importance 32

3.5 Reliability Allocation 35

3.6 Conclusion 36

Exercises 37

4 Reliability over Time 39

4.1 Reliability Measures 39

4.2 Life Distributions 44

4.2.1 Exponential Distribution 45

4.2.2 Weibull Distribution 46

4.2.3 Normal Distribution 49

4.2.4 Lognormal Distribution 51

4.2.5 Gamma Distribution 52

4.2.6 Other Distributions 52

4.3 System-Level Models 54

Exercises 58

5 Failure Processes 61

5.1 Mechanical Failure Models 62

5.1.1 Stress–Strength Interference 62

5.1.2 Shock and Cumulative Damage 64

5.2 Electronic Failure Models 71

5.2.1 Arrhenius Model 71

5.2.2 Eyring Model 72

5.2.3 Power Law Model 72

5.2.4 Defect Model 72

5.3 Other Failure Models 73

5.3.1 Diffusion Process Model 73

5.3.2 Proportional Hazards 78

5.3.3 Competing Risks 80

Exercises 83

6 Age Acceleration 85

6.1 Age Acceleration for Electronic Devices 87

6.2 Age Acceleration for Mechanical Devices 89

6.3 Step Stress Strategies 92

6.4 Concluding Comment 93

Exercises 93

7 Nonparametric Statistical Methods 95

7.1 Data Set Notation and Censoring 96

7.2 Estimates Based on Order Statistics 98

7.3 Estimates and Confidence Intervals 99

7.4 Kaplan–Meier Estimates 102

7.4.1 Continuous Monitoring of Test Unit Status 102

7.4.2 Periodic Monitoring of Test Unit Status 105

7.5 Tolerance Bounds 107

7.6 TTT Transforms 109

7.6.1 Theoretical Construction 109

7.6.2 Application to Complete Data Sets 113

7.6.3 Application to Censored Data Sets 118

7.7 Nelson Cumulative Hazard Estimation Method 122

Exercises 124

8 Parametric Statistical Methods 129

8.1 Graphical Methods 129

8.2 Method of Moments 135

8.2.1 Estimation Expressions 136

8.2.2 Confidence Intervals for the Estimates 139

8.3 Method of Maximum Likelihood 143

8.4 Maximum Likelihood Method with Data Censoring 159

Contents

8.5 Special Topics 161

8.5.1 Method of Moments with Censored Data 161

8.5.2 Data Analysis under Step Stress Testing 164

Exercises 167

9 Repairable Systems I: Renewal and Instantaneous Repair 173

9.1 Renewal Processes 174

9.2 Classification of Distributions and Bounds on Renewal Measures 181

9.3 Residual Life Distribution 186

9.4 Conclusion 189

Exercises 190

10 Repairable Systems II: Nonrenewal and Instantaneous Repair 193

10.1 Minimal Repair Models 194

10.2 Imperfect Repair Models 200

10.3 Equivalent Age Models 203

10.3.1 Kijima Models 203

10.3.2 Quasi-Renewal Process 210

10.4 Conclusion 214

Exercises 214

11 Availability Analysis 217

11.1 Availability Measures 220

11.2 Example Computations 223

11.2.1 Exponential Case 223

11.2.2 Numerical Case 225

11.3 System-Level Availability 227

11.4 Nonrenewal Cases 232

11.4.1 Availability under Imperfect Repair 233

11.4.2 Availability Analysis for the Quasi-Renewal Model 235

11.5 Markov Models 239

Exercises 245

12 Preventive Maintenance 247

12.1 Replacement Policies 248

12.1.1 Elementary Models 248

12.1.2 Availability Model for Age Replacement 253

12.1.3 Availability Model for Block Replacement 255

12.1.4 Availability Model for Opportunistic Age Replacement 257

12.1.4.1 Failure Model 262

12.1.4.2 Opportunistic Failure Replacement Policy 265

12.1.4.3 Partial Opportunistic Age Replacement

Policy 268

12.1.4.4 Full Opportunistic Age Replacement Policy 271

12.1.4.5 Analysis of the Opportunistic Replacement Models 271

12.2 Nonrenewal Models 274

12.2.1 Imperfect PM Models 275

12.2.2 Models Based on the Quasi-Renewal Process 277

12.2.3 Models Based on the Kijima Model 281

12.3 Conclusion 283

Exercises 284

13 Predictive Maintenance 287

13.1 System Deterioration 288

13.2 Inspection Scheduling 289

13.3 More Complete Policy Analysis 290

13.4 Models and Analysis Based on Continuous Process Monitoring 294

13.4.1 Observable Degradation Processes 294

13.4.2 Unobservable Degradation Processes 297

13.4.2.1 Time Series Methods 298

13.4.2.2 Conditional Probability Methods 300

13.5 Conclusion 304

Exercises 305

14 Special Topics 307

14.1 Statistical Analysis of Repairable System Data 307

14.1.1 Data from a Single System 307

14.1.2 Data from Multiple Identical Systems 310

14.2 Warranties 314

14.2.1 Full Replacement Warranties 315

14.2.2 Pro Rata Warranties 317

14.3 Reliability Growth 319

14.4 Dependent Components 323

14.5 Bivariate Reliability 325

14.5.1 Collapsible Models 326

14.5.2 Bivariate Models 327

14.5.2.1 Stochastic Functions 327

14.5.2.2 Correlation Models 330

14.5.2.3 Probability Analysis 331

14.5.2.4 Failure and Renewal Models 335

Exercises 341

Contents

Appendix A: Numerical Approximations 343

Appendix B: Numerical Evaluation of the Weibull Renewal Functions 347

Appendix C: Laplace Transform for the Key Renewal Theorem 353

Appendix D: Probability Tables 355

References 359

Index 365

Preface

The motivation for the preparation of a second edition was my wish to expand the treatment of several topics while maintaining an integrated introductory resource for the study of reliability evaluation and maintenance planning The focus across all of the topics treated is the use of analytical methods to support the design of dependable and efficient equipment and the planning for the servicing of that equipment The orientation of the topical develop-ment is that probability models provide an effective vehicle for portraying and evaluating the variability that is inherent in the performance and lon-gevity of equipment

The book is intended to support either an introductory graduate course

in reliability theory and preventive maintenance planning or a sequence of courses that address these topics A fairly comprehensive coverage of the basic models and of various methods of analysis is provided An under-standing of the topics discussed should permit the reader to comprehend the literature describing new and advanced models and methods

Notwithstanding the emphasis upon initial study, the text should also serve well as a resource for practicing engineers Engineers who are involved

in the design process should find a coherent explanation of the reliability and maintenance issues that will influence the success of the devices they create Similarly, engineers responsible for the analysis and verification of product reliability or for the planning of maintenance support of fielded equipment should find the material presented here to be relevant and easy

to access and use

In preparing this second edition, the treatment of statistical methods for evaluating reliability has been expanded substantially Several methods for constructing confidence intervals as part of the parametric estimation effort are described and methods for treating data derived from operating repair-able devices have also been added In addition, the analysis of nonstation-ary models of repairable equipment maintenance has been updated and expanded These expansions along with numerous other minor improve-ments to the text should make this book an even more useful resource for both students and practitioners

The background required of the reader is a sound understanding of ability This subsumes capability with calculus More specifically, the reader should have an understanding of distribution theory, Laplace transforms, convolutions, stochastic processes, and Markov processes It is also worth mentioning that the use of the methods discussed in this book often involves substantial computational effort, so facility with numerical methods and access to efficient mathematical software is desirable

prob-One caveat concerning the coverage here is that the treatment is strictly limited to hardware Reliability and maintenance models have been devel-oped for applications to software, humans, and services systems No criti-cism of those efforts is intended but the focus here is simply hardware.The organization of the text is reasonably straightforward The elemen-tary concepts of reliability theory are presented sequentially in Chapters 1

through 6 Following this, the commonly used statistical methods for uating component reliability are described in Chapters 7 and 8 Chapters

eval-9 through 13 treat repairable systems and maintenance planning models Here again the presentation is sequential in that simple failure models pre-cede those that include preventive actions and the renewal cases are treated before the more realistic nonrenewal cases In the final chapter, four inter-esting special topics, including warranties, are discussed It is worth noting that four appendices that address aspects of numerical computation are pro-vided These should be quite useful to the reader

Naturally, many people have contributed to the preparation of this text The principal factor in the completion of this book was the support and encouragement of my wife Beverley An important practical component of

my success was the support of Virginia Tech, especially during sabbaticals when progress with writing is so much easier

I acknowledge the significant computational capability provided to me by the Mathematica software Many of the analyses included in this text would have been much more taxing or even impossible without the strength and efficiency the Wolfram software provides

I also wish to extend my thanks directly to three of my students, each of whom contributed to my efforts Edvin Beqari stimulated my increased inter-est in and analysis of the diffusion models of degradation He also directed much of my analysis of that topic Elliott Mitchell-Colgan helped to expand the sets of exercises included at the end of the chapters Paul D’Agostino invested very many hours in verifying a majority of the complicated numeri-cal analyses used for examples or for exercise solutions

I express my profound gratitude to all of my graduate students who have taught me so much about these topics over the years May we all continue to learn and grow and to enjoy the study of this important subject

Author

Joel A Nachlas received his BES from Johns Hopkins University in 1970, his

MS in 1972 and his PhD in 1976, both from the University of Pittsburgh He served on the faculty of the Grado Department of Industrial and Systems Engineering at Virginia Tech for 41  years and retired in March 2016 His research interests are in the applications of probability and statistics to prob-lems in reliability and quality control In addition to his normal teaching activities during his time at Virginia Tech, he served as the coordinator for the department’s graduate program in operations research and for their dual master’s degree that is operated with École des Mines de Nantes in France From 1992 to 2011, he regularly taught reliability theory at the École Polytechnique de l’Université Nice Sophia Antipolis He is the coauthor of more than 50 refereed articles, has served in numerous editorial and referee capacities, and has lectured on reliability and maintenance topics through-out North America and Europe

We are fortunate to live at a time in which advances in the understanding

of materials and energy have resulted in the creation of an enormous variety

of sophisticated products and systems, many of which (1) were able 100 or 200 or even 20 years ago; (2) contribute regularly to our comfort, health, happiness, efficiency, or success; (3) are relatively inexpensive; and (4) require little or no special training on our part Naturally, our reliance

inconceiv-on these devices and systems is cinconceiv-ontinually increasing and we rarely think about failure and the consequences of failure

Occasionally, we observe a catastrophic failure Fatigue failures of the lage of aircraft [1], the loss of an engine by a commercial jet [1], the Three Mile Island [1] and Chernobyl [1] nuclear reactor accidents, and the Challenger [2] and Discovery [3] space shuttle accidents are all widely known examples of catastrophic equipment failures The relay circuit failure at the Ohio power plant that precipitated the August 2003 power blackout in the northeastern United States and in eastern Canada [4] is an example of a system failure that directly affected millions of people When these events occur, we are reminded dramatically of the fallibility of the physical systems on which

fuse-we depend

Nearly everyone has experienced less dramatic product failures such as that of a home appliance, the wear out of a battery, and the failure of a light bulb Many of us have also experienced potentially dangerous examples of product failures such as the blowout of an automobile tire

Reliability engineering is the study of the longevity and failure of ment Principles of science and mathematics are applied to the investiga-tion of how devices age and fail The intent is that a better understanding

equip-of device failure will aid in identifying ways in which product designs can

be improved to increase life length and limit the adverse consequences of failure The key point here is that the focus is upon design New product and

system designs must be shown to be safe and reliable prior to their tion and use A dramatic example of a design for which the reliability was not properly evaluated is the well-known case of the Tacoma Narrows Bridge, which collapsed into the Puget Sound in November 1940, a few months after its completion [1].

fabrica-A more recent example of a design fault with significant consequences is the 2013 lithium-ion battery fire that occurred on a new Boeing 787 aircraft while it was parked at the Boston airport [5] Fortunately, the plane was empty, so no one was injured, but the fire and two subsequent fires of the same type resulted in all 787s being grounded until a modification to the battery containment was made The cost to the airlines using the planes was estimated to be $1.1 million per day

The study of the reliability of an equipment design also has important nomic implications for most products As Blanchard [6] states, 90% of the life cycle costs associated with the use of a product are fixed during the design phase of a product’s life

eco-Similarly, an ability to anticipate failure can often imply the opportunity

to plan for an efficient repair of equipment when it fails or even better to form preventive maintenance in order to reduce failure frequency

per-There are many examples of products for which system reliability is far better today than it was previously One familiar example is the television set, which historically experienced frequent failures and which, at present, usually operates without failure beyond its age of obsolescence Improved television reliability is certainly due largely to advances in circuit technol-ogy However, the ability to evaluate the reliability of new material sys-tems and new circuit designs has also contributed to the gains we have experienced

Perhaps the most well-recognized system for which preventive nance is used to maintain product reliability is the commercial airplane Regular inspection, testing, repair, and even overhaul are part of the nor-mal operating life of every commercial aircraft Clearly, the reason for such intense concern for the regular maintenance of aircraft is an appreciation of the influence of maintenance on failure probabilities and thus on safety

mainte-On a personal level, the products for which we are most frequently sible for maintenance are our automobiles We are all aware of the inconve-nience associated with an in-service failure of our cars and we are all aware

respon-of the relatively modest level respon-of effort required to obtain the reduced failure probability that results from regular preventive maintenance

It would be difficult to overstate the importance of maintenance and cially preventive maintenance It is also difficult to overstate the extent to which maintenance is undervalued or even disliked Historically, repair and especially preventive maintenance have often been viewed as inconvenient overhead activities that are costly and unproductive Very rarely have the significant productivity benefits of preventive maintenance been recognized and appreciated Recently, there have been reports [7–9] that suggest that

Introduction

it is common experience for factory equipment to lose 10%–40% of ductive capacity to unscheduled repairs and that preventive maintenance could drastically reduce these losses In fact, the potential productivity gains associated with the use of preventive maintenance strategies to reduce the frequency of unplanned failures constitute an important competitive oppor-tunity [9] The key to exploiting this opportunity is careful planning based

pro-on cost and reliability

This book is devoted to the analytical portrayal and evaluation of ment reliability and maintenance As with all engineering disciplines, the language of description is mathematics The text provides an exploration

equip-of the mathematical models that are used to portray, estimate, and ate device reliability and those that are used to describe, evaluate, and plan equipment service activities In both cases, the focus is on design The models

evalu-of equipment reliability are the primary vehicle for recognizing deficiencies

or opportunities to improve equipment design Similarly, using reliability

as a basis, the models that describe equipment performance as a function

of maintenance effort provide a means for selecting the most efficient and effective equipment service strategies

These examples of various failures share some common features and they also have differences that are used here to delimit the extent of the analyses and discussions Common features are that (1) product failure is sufficiently important that it warrants engineering effort to try to understand and con-trol it and (2) product design is complicated, so the causes and consequences

of failure are not obvious

There are also some important differences among the examples Taking

an extreme case, the failure of a light bulb and the Three Mile Island tor accident provide a defining contrast The Three Mile Island accident was precipitated by the failure of a physical component of the equipment The progress and severity of the accident were also influenced by the response

reac-by humans to the component failure and reac-by established decision policies

In contrast, the failure of a light bulb and its consequences are not usually intertwined with human decisions and performance The point here is that there are very many modern products and systems for which operational performance depends upon the combined effectiveness of several of (1) the physical equipment, (2) human operators, (3) software, and (4) management protocols

It is both reasonable and prudent to attempt to include the evaluation of all four of these factors in the study of system behavior However, the focus of this text is analytical and the discussions are limited to the behavior of the physical equipment

Several authors have defined analytical approaches to modeling the effects

of humans [10] and of software [11] on system reliability The motivation for doing this is the view that humans cause more system failures than does equipment This view seems quite correct Nevertheless, implementation of the existing mathematical models of human and software reliability requires

the acceptance of the view that probability models appropriately represent dispersion in human behavior In the case of software, existing models are based on the assumption that probability models effectively represent hypothesized evolution in software performance over time The appropri-ateness of both of these points of view is subject to debate It is considered here that the human operators of a system do not comprise a homogeneous population for which performance is appropriately modeled using a proba-bility distribution Similarly, software and operating protocols do not evolve

in a manner that one would model using probability functions As the focus

of this text is the definition of representative probability models and their analysis, the discussion is limited to the physical devices

The space shuttle accidents serve to motivate our focus on the physical behavior of equipment The 1986 Challenger accident has been attributed to the use of the vehicle in an environment that was more extreme than the one for which it was designed The 2002 Discovery accident is believed to have been the result of progressive deterioration at the site of damage to its heat shield Thus, the physical design of the vehicles and the manner in which they were operated were incompatible and it is the understanding of this interface that we obtain from reliability analysis

The text is organized in four general sections The early chapters describe

in a stepwise manner the increasingly complete models of reliability and failure These initial discussions include the key result that our understand-ing of design configurations usually implies that system reliability can be studied at the component level This is followed by an examination of statis-tical methods for estimating reliability A third section is comprised of five chapters that treat increasingly more complicated and more realistic models

of equipment maintenance activities Finally, several advanced topics are treated in the final chapter

It is hoped that this sequence of discussions will provide the reader with

a basis for further exploration of the topics treated The development of new methods and models for reliability and maintenance has expanded our understanding significantly and is continuing The importance of preventive maintenance for safety and industrial productivity is receiving increased attention The literature that is comprised of reports of new ideas is expand-ing rapidly This book is intended to prepare the reader to understand and use the new ideas as well as those that are included here

As a starting point, note that it often happens that technical terms are created using words that already have colloquial meanings that do not cor-respond perfectly with their technical usage This is true of the word reli-ability In the colloquial sense, the word reliable is used to describe people who meet commitments It is also used to describe equipment and other inanimate objects that operate satisfactorily The concept is clear but not par-ticularly precise In contrast, for the investigations we undertake in this text, the word reliability has a precise technical definition This definition is the departure point for our study

2

System Structures

The point of departure for the study of reliability and maintenance planning

is the elementary definition of the term reliability As mentioned in Chapter

1, the technical definition of reliability is similar to the colloquial definition but is more precise Formally, the definition is as follows:

Definition 2.1

Reliability is the probability that a device properly performs its intended function over time when operated within the environment for which it is designed

Observe that there are four specific attributes of this definition of reliability The four attributes are (1) probability, (2) proper performance, (3) qualifica-tion with respect to environment, and (4) time All four are important Over this and the next several chapters, we explore a series of algebraic models that are used to represent equipment reliability We develop the models suc-cessively by sequentially including in the models each of the four attributes identified in the previous definition To start, consider the representation of equipment performance to which we refer as function

2.1 Status Functions

The question of what constitutes proper operation or proper function for a particular type of equipment is usually specific to the equipment Rather than attempt to suggest a general definition for proper function, we assume that the appropriate definition for a device of interest has been specified and

we represent the functional status of the device as

f =ìíî

10

if the device functions properly

if the device is failed

Note that this representation is intentionally binary We assume here that the status of the equipment of interest is either satisfactory or failed There are many types of equipment for which one or more derated states are possible Discussion of this possibility is postponed until the end of this chapter.

We presume that most equipment is comprised of components and that the status of the device is determined by the status of the components

Accordingly, let n be the number of components that make up the device and define the component status variables, x i, as

i

i=ìíî

10

if component is functioning

if component is failed

so the set of n components that comprise a device is represented by the

com-ponent status vector

tus function” or simply as a “structure.” In all cases, the intent is to reflect the dependence of the system state upon the states of the components that com-prise the system A parenthetical point is that the terms “device” and “sys-tem” are used here in a generic sense and may be interpreted as appropriate

An observation concerning the component status vector is that it is defined

here as a vector of binary elements so that an n component system has 2 n sible component status vectors For example, a three-component system has

pos-23 = 8 component status vectors They are

System Structures

From a purely mathematical point of view, there is no reason to limit the definition of the system status function so forms that have no practical inter-pretation can be constructed In order to avoid any mathematically correct but practically meaningless forms for the system status function, we limit

our attention to coherent systems.

Definition 2.2

A coherent system is one for which the system structure function is

nonde-creasing in each of its arguments

This means that for each element of the component status vector, x i, there exists a realization of the vector for which

f( , ,x1 … x i- 1, ,0 x i+ 1, , )… x n <f( , ,x1… x i- 1, ,1x i+ 1, , )… x n (2.2)Throughout our study of reliability, we will limit our attention to algebraic forms that comply with this restriction

Generally, we expect that the physical relationships among the nents determine the algebraic form of the system status function, ϕ

compo-2.2 System Structures and Status Functions

Among reliability specialists, it is generally accepted that there are four generic types of structural relationships between a device and its compo-

nents These are (1) series, (2) parallel, (3) k out of n, and (4) all others Consider

each of these forms in sequence

2.2.1 Series Systems

The simplest and most commonly encountered configuration of components

is the series system The formal definition of a series system is as follows:

Definition 2.3

A series system is one in which all components must function properly in

order for the system to function properly

The conceptual analog to the series structure is a series-type electrical circuit However, unlike a series circuit, it is specifically not implied here that the components must be physically connected in sequence Instead, the point

of emphasis is the requirement that all components function An example of

a series system in which the components are not physically connected is the

set of legs of a three-legged stool Another is the set of tires on an automobile

In both examples, the components are not physically connected to each other

in a linear configuration Nevertheless, all of the components must function properly for the system to operate

The concept of a series circuit is commonly used to define a graphical resentation of a series structure For the three components, this is presented

rep-in Figure 2.1

In general, representations of system structures such as the one in Figure 2.1

are referred to as reliability block diagrams They are often helpful in standing the relationships between components

under-For the series structure, the requirement that all components must tion in order for the system to function implies that a logical algebraic form for the system structure function is

n

=

=

Õ1

The second type of structure is the parallel structure The conceptual analog

is again the corresponding electrical circuit and the definition is as follows:

Definition 2.4

A parallel system is one in which the proper function of any one component

implies system function

FIGURE 2.1

Reliability block diagram for a series system.

System Structures

It is again emphasized that no specific physical connections among the components are implied by the definition or by the reliability block dia-gram The reliability block diagram for a three-component parallel system

is shown in Figure 2.2

One example of a parallel system is the set of two engines on a engine airplane As long as at least one engine functions, flight is sustained However, this example implies that simply maintaining flight corresponds

two-to proper function It is a worthwhile debate two-to discuss when it is and when

it is not an appropriate example of a parallel system

Another example that is more appealing is the fact that the nications satellites presently in use have triple redundancy for each communications channel That is, three copies of each set of transmit-ting components are installed in the satellite and arranged in parallel in order to assure continued operation of the channel In view of the fact that this implies significant weight increases over the use of only single- configuration transmitters, the satellite provides an example of the impor-tance of reliability as well as one of a parallel structure

commu-In a similar manner to that for the series system, the structure function for the parallel system may be defined as

The inverted product symbol, Π, is called “ip” and is defined as

i

n

i i

Before leaving the discussion of parallel structures, it is appropriate

to mention the fact that the parallel arrangement of components is often referred to as “redundancy.” This is because the proper function of any

of the parallel components implies proper function of the structure Thus, the additional components are redundant until a component fails Frequently, parallel structures are included in product designs specifi-cally because of the resulting redundancy Often but not always, the par-allel components are identical At the same time, there are actually several ways in which the redundancy may be implemented A distinction is made between redundancy obtained using a parallel structure in which all components function simultaneously and that obtained using parallel components of which one functions and the other(s) wait as standby units until the failure of the functioning unit Models that describe the reliabil-ity of active redundancy and of standby redundancy are presented at the end of Chapter 4

2.2.3 k-out-of-n Systems

The third type of structure is the k-out-of-n structure There is no obvious

conceptual analog for this structure A formal definition of it is as follows:

Definition 2.5

A k-out-of-n system is one in which the proper function of any k of the n

com-ponents that comprise the system implies proper system function

System Structures

The usual approach to constructing the reliability block diagram for the

k -out-of-n system is to show a parallel diagram and to provide an additional indication that the system is k out of n.

An example of a k-out-of-n system is the rear axle of a large tractor trailer

on which the functioning of any three out of the four wheels is sufficient to

assure mobility Another example is the fact that some (1 – k) electronic

mem-ory arrays are configured so that the operation of any 126 of the 128 memmem-ory addresses corresponds to satisfactory operation

The algebraic representation of the structure function for a k-out-of-n

sys-tem is not as compact as those for series and parallel syssys-tems Given the nition of the relationship between component and system status, the most compact algebraic form for the structure function is

defi-f( )x i x i k

n

ìíïî

ï1 å=

0

1

ifotherwise

n -aligned independent components that fail when k or more consecutive ponents fail The k-out-of-n:G system functions when k or more consecutive

com-components function These two realizations of the consecutive system have been shown to be mirror images so it is sufficient to analyze either of them

Examples of the k-out-of-n:F system have been provided by Chiang and

Niu [13] One of those examples is an oil pipeline in which each of the equally

spaced pumps is capable of pushing the oil to a distance equal to k pumping

points so a failed pump does not fail the system as the next pump will

main-tain flow If k consecutive pumps fail, the system fails.

As indicated earlier, the fourth class of component configurations is the set

of all others that are conceivable This statement is not intended to be leading Instead, it is intended to imply that we can establish an equivalence

mis-between any arbitrary component configuration and one based on series and parallel structures The process of constructing equivalent structures is explained in the next section and is illustrated with a classic example.

2.2.4 Equivalent Structures

The selection of a component configuration is usually made by the device designer in order to assure a specific functional capability The configuration selected may not match one of the classes discussed earlier In such a case, there are two ways by which we can obtain equivalent structural forms that may be easier to analyze than the actual one The two ways are to use either minimum path or minimum cut analyses of the network representation of the system

As a vehicle for illustrating the two methods, we use the Wheatstone bridge The reliability block diagram for the bridge is shown in Figure 2.3

Notice that the bridge structure is not series, parallel, or k out of n Thus,

the earlier algebraic representations cannot be used directly to provide a statement of the system status function

We can obtain a system status function for the bridge in several ways One obvious approach is to enumerate all of the component status vectors, to determine the system status for each vector and to construct a table of system status values For the five-component bridge structure, this is readily done and the result is shown in Table 2.1

On the other hand, systems having a greater number of components not be handled so easily

can-The use of minimum paths will permit us to analyze the bridge structure and other larger systems as well Start with some definitions:

Definition 2.6

A path vector, x, is a component status vector for which the corresponding

system status function has a value of 1

System Structures

Definition 2.7

A minimum path vector, x, is a path vector for which any vector y < x has a

cor-responding system status function with a value of 0

Definition 2.8

A minimum path set, P j , is the set of indices of a minimum path vector for

which the component status variable has a value of 1

These definitions identify the component status vectors that correspond to system function and those vectors that are minimal in the sense that any reduction in the number of functioning components implies system failure For the bridge structure, the minimum path vectors and minimum path sets are

Next, consider the elements of a minimum path and define a status tion for each minimum path That is, represent the functional status of each path using the functions ρ(x) Since all of the components in a minimum

func-path must function in order for the func-path to represent proper function, the components in a minimum path may be viewed as a series system Hence,

Now, observe that the original system will function if any of the mum paths is functioning Therefore, we may view the system as a parallel arrangement of the minimum paths Algebraically, this means

mini-f( )x rj( )x x i

i P j

ÎÕ

a system that is equivalent to the original system The graphical realization

of this equivalence for the bridge structure is presented in Figure 2.4

It is appropriate to emphasize here the fact that the equivalent ture has exactly the same status function value as the original structure

System Structures

for all realizations of the component status vector Consequently, the minimum path analysis permits us to identify a form for the system sta-tus function that can be computed using only series and parallel alge-braic forms

There is a comparable construction using the idea of cut vectors rather than path vectors The method based on cut vectors may also be used for the bridge and other structures Again, start with some definitions:

Definition 2.9

A cut vector, x, is a component status vector for which the corresponding

sys-tem status function has a value of 0

Definition 2.10

A minimum cut vector, x, is a cut vector for which any vector y > x has a

cor-responding system status function with a value of 1

Definition 2.11

A minimum cut set, C k , is the set of indices of a minimum cut vector for which

the component status variable has a value of 0

These definitions identify the component status vectors that correspond

to system failure and those vectors that are minimal in the sense that any increase in the number of functioning components implies satisfactory

system function For the bridge structure, the minimum cut vectors and minimum cut sets are

Here again, it is appropriate to emphasize the fact that the equivalent ture and the original structure have the same status function value for each component status vector Thus, the system status may be calculated using only the simple series and parallel forms

struc-One further observation concerning the equivalent structures is that one may use either the minimum cut or the minimum path method Both yield equivalent expressions for the system status so we may use the one that appears easier or preferable for some other reason

in a personal computer, and 600 components in a medium-size automobile Even with minimum paths or minimum cuts, evaluating the status function for sys-tems of this scale is too difficult However, it is also common to find that a com-plicated system such as a television is actually comprised of subsystems called modules A television usually has a power management module, a video signal reception module, an audio signal reception module, a sound production mod-ule, a video projection module, and some sort of system control module Thus, the system may be viewed as comprised of “super components” called modules System status may be defined as a function of the status modules and the status

of each module should be a function of the components that comprise it

To formalize this idea algebraically, assume that the n components that comprise a system can be partitioned into m sets of components correspond- ing to m modules Let ψl (x) represent the module status function for module

l where l = 1, …, m Then,

y( ) { ( ),x = y1x y2( ), ,x … ym( )}x

is a vector of binary module status values and the system status is defined as

f( )x =f y( ( ))x (2.12)Naturally, the module status functions may be evaluated using minimum paths or cuts and the system status may be analyzed by treating the modules

as components and applying the minimum path or minimum cut methods

Of course, the partition of the set of components may be performed at eral levels if that is appropriate The principle remains the same Any mean-ingful decomposition of the system components may be used to simplify the representation and analysis of the system status.

sev-A final point here is that systems generally have only one of each module and usually require that all modules function properly in order for the sys-tem to operate satisfactorily Thus, while it is not always the case, the mod-ules often comprise a series structure Consequently, the analysis of system behavior in terms of modules can be quite efficient

2.4 Multistate Components and Systems

The treatment of component and system status throughout most of this text

is limited to the case in which system state and component states are binary Nevertheless, it should be recognized that for some equipment, multiple states may be meaningful It is reasonable to define derated or otherwise incomplete levels of performance for some equipment It may even be appro-priate for some devices to define a continuous state variable on the interval [0, 1] Algebraic models for system state using multistate components and for multistate systems with binary components have been studied The key references for this work are the papers by Natvig [14] and by Barlow and Wu [15] In each case, the key to the construction is the algebraic representation

of the effect of component state on system state

Both Natvig and Barlow and Wu start by defining the state space for the

components as {0, 1, …, m} where x i = j represents the condition that component

i is in state j, the state 0 corresponds to component failure, and the state m

cor-responds to perfect functioning The interpretation of the intermediate states depends upon the physical characteristics of the specific component Using this basic format, there are two immediately apparent approaches to defining the system state as a function of the states of the components of a system.One approach is to define a binary system state by partitioning all of the possible component status vectors into two subsets, one for which system performance is acceptable and the other for the case that system-level per-formance is unacceptable Naturally, this cannot be done in general as the selection of members of the two subsets depends upon the particular system

An alternate, and more general, approach is to define the system state to

also be an element of the set {0, 1, …, m} and to define the value of the system

state using minimum path and minimum cut concepts To do this, we first specify that as in the case of the binary state space, the state of a series system

of multistate components is the minimum of the component state values Thus, Equation 2.3 applies:

f( ) minx x

Then for more general structures, we use the min paths or min cuts to define

f( ) max minx x min max x

î

üý

þ= { { } }

This general formulation may be tailored to nearly any application For example, one can restrict some of the components to only a subset of

the m  + 1 states One may also incorporate the multistate status

mea-sure within a modular decomposition in whatever manner is meaningful Finally, this formulation has the appealing feature that it subsumes the binary case

Exercises

2.1 Construct the system structure function for the following system:

4 3

2 1

5 3

2 1

7 6

2.2 Construct the minimum path and minimum cut equivalent structures for a 2-out-of-3 system

2.3 Construct the minimum path and minimum cut equivalent structures for a three-component series system

2.4 Construct the minimum path and minimum cut equivalent structures for a three-component parallel system

2.5 Show that the status function value of any system structure is bounded below by the state of the series system comprised of the same components and is bounded above by the state of the parallel system comprised of the same components That is, show that

i

n

i i

2

2.10 Consider a structure having status function f( )x and define the parallel and series composition operations as component by component That

is, let xy=(x1y1, ,… x ny n) and Õxy= (x y1 1, ,… x y n n) Show that (a) f(xy)³ ( )fxf( ) and (b) fy ( Õxy)£ ( ) ( )f fx y Then, use (a) to interpret the relationships of Problem 2.9

2.11 Consider the following 6-component system in which components 1 and 6 are identical and components 2 and 3 are identical

1

6

4 5

3 2

Identify the min paths, the min paths equivalent system and the ture function for the equivalent system

struc-Then, identify the min cuts, the min cut equivalent system and the structure function for the equivalent system

2.12 Suggest a system structure model for a bicycle Indicate which component failures could occur without putting the rider in danger

2.13 For the system structure in Problem 2.6, suggest a structural tation using modules

represen-2.14 Identify the primary modules of an automobile

2.15 Identify three systems that are appropriately viewed as multistate systems because the systems or their components are sometimes operated at reduced levels

3

Reliability of System Structures

The next logical step in our construction of mathematical models of ity is to enhance the system structure models by the addition of probabil-ity—the second of the attributes of the definition of reliability As we do this,

reliabil-we will refer to the probabilities as reliabilities despite the fact that reliabil-we have not yet included all four attributes in our models Naturally, we expect that the reliability of a system will be represented as a function of the reliabilities

of its constituent components

3.1 Probability Elements

Keeping in mind the fact that we represent system state as a binary variable,

ϕ, define the system reliability, R s, to be the probability that the system is functioning:

where, because of the fact that the x i are binary, it is again the case that the

reliability and expected value correspond For a system comprised of n

com-ponents, we take

r = { , , , }r r1 2 … r n

to be the vector of component reliability values Given the defined notation,

it is reasonable to expect that the system reliability can be expressed as a