ASSINGMENT

ON TOTAL QUALITY MANAGEMENT (MGT 401)

Topic- FAULT TREE ANALYSIS (FTA)

SUBMITTED BY Name-Ahyulo kent Roll no- NU/MN-04/11

Fault Tree Analysis

Introduction: History: H A watson of bell laboratories in connection with an US Air Force contract to study the minuteman launch control system first concived fault tree analysis. Dave Haasl, then at the Boeing Company recognized the value of it and led a team that applied FTA to the enitre minuteman missile system. Other division with Boeing saw the results from the progress and began using FTA during the design of commercial aircraft. In 1965 Boeing and university of Washington sponsored the first system safty conference, at this conference several papers were presented on FTA, marking the begining of worldwide interest in FTA. What is Fault tree analysis? FTA is a deductive failure analysis which focuses on one particular undesired event and provides a method for determing causes of this event. It is a top-down system evaluation procedure in which a qualitative model for a particular undesired event is formed and then evaluated. The anaysis beging with an undesired top level hazard event and systematically determines functional blocks at the next lower level which could cause this event. The analysis proceeds down through successively more detailed i.e lower levels of the design untill the top level hazard event requirement has been satisfied. Fault tree analysis is a graphical representation of the major faults or critical failures associated with a product, the causes for the faults, and potential countermeasures. The tool helps identify areas of concern for new product design or for improvement of existing products. It also helps identify corrective actions to correct or mitigate problems. Definition: A technique by which conditons and factors that can contribute to a specfied undesired event are identified and organized in a logical manner and represented in a pictorially.

SYMBOLS use in FTA

An Event / Fault: This can be a intermediate event (or) a top event. They are a result logical combination of lower level events. E.g. Both transmitters fail, Run away reaction Basic Event: A lower most event that can not be further developed. E.g. Relay failure, Switch failure etc., OR Gate: Either one of the bottom event results in occurrence of the top event. E.g. Either one of the root valve is closed, process signal to transmitter fails.

AND Gate: For the top event to occur the entire bottom events should occur. E.g. Fuel, Oxygen and Ignition source has to be present for fire.

Incomplete Event: An event which has scope for further development but not done usually because of insufficient data. E.g. Software malfunction, Human Error etc., External Event: An event external to the system which can cause failure. E.g. Fire. Inhibit Gate: The top event occurs only if the bottom event occurs and the inhibit condition is true. E.g. False trip of unit on maintenance override not ON.

FTA process
1. Define the undesired event to study Definition of the undesired event can be very hard to catch, although some of the events are very easy and obvious to observe. An engineer with a wide knowledge of the design of the system or a system analyst with an engineering background is the best person who can help define and number the undesired events. Undesired events are used then to make the FTA, one event for one FTA; no two events will be used to make one FTA. 2. Obtain an understanding of the system Once the undesired event is selected, all causes with probabilities of affecting the undesired event of 0 or more are studied and analyzed. Getting exact numbers for the probabilities leading to the event is usually impossible for the reason that it may be very costly and time consuming to do so. Computer software is used to study probabilities; this may lead to less costly system analysis. System analysts can help with understanding the overall system. System designers have full knowledge of the system and this knowledge is very important for not missing any cause affecting the undesired event. For the selected event all causes are then numbered and sequenced in the order of occurrence and then are used for the next step which is drawing or constructing the fault tree. 3. Construct the fault tree After selecting the undesired event and having analyzed the system so that we know all the causing effects (and if possible their probabilities) we can now construct the fault tree. Fault tree is based on AND and OR gates which define the major characteristics of the fault tree.

4. Evaluate the fault tree After the fault tree has been assembled for a specific undesired event, it is evaluated and analyzed for any possible improvement or in other words study the risk management and find ways for system improvement. This step is as an introduction for the final step which will be to control the hazards identified. In short, in this step we identify all possible hazards affecting in a direct or indirect way the system. 5. Control the hazards identified This step is very specific and differs largely from one system to another, but the main point will always be that after identifying the hazards all possible methods are pursued to decrease the probability of occurrence.

FTA structure

Fig.1. fault tree analysis of email sever down

Why FTA is carried out

To exhaustively identify the causes of a failure To identify weaknesses in a system To assess a proposed design for its reliability or safety To identify effects of human errors To prioritize contributors to failure To identify effective upgrades to a system

 To quantify the failure probability and contributors To optimize tests and maintenances

Benefits of FTA:
o Provides a visual description of system functions that lead to undesired outcomes. o Identifies failure potentials which may otherwise be overlooked. o Identifies design features that preclude occurrence of a top level fault event. o Identifies manufacturing and processing faults. o Determines where to place emphasis for further testing and analysis. o Directs the analyst deductively to accident-related events. o Can help identify design, procedural, and external conditions which can cause problems under normal operations. o Often identifies common faults or inter-related events which were previously unrecognized as being related. o Excellent for ensuring interfaces are analyzed as to their contribution to the top undesired event. o Can easily include design flaws, human and procedural errors which are sometimes difficult to quantify (and therefore, often ground-ruled out of quantitative analysis).

Disadvantages of FTA:
Requires a separate fault tree for each top event and makes it difficult to analyze complex systems. Fault trees developed by different individuals are usually different in structure; producing different cut set elements and results. The same event may appear in different parts of the tree, leading to some initial confusion.

Reference:
https://en.wikipedia.org/wiki/Fault_tree_analysis
www.hq.nasa.gov/office/codeq/risk/docs/ftacourse.pdf www.fault-tree.net/papers/andrews-fta-tutor.pdf www.faulttree.org/