SYREPA '86: A package of programs for systems reliability evaluations

deposit_hagen

Publikationsserver der Universitätsbibliothek

Mathematik und

Informatik

Informatik-Berichte 62 – 07/1986

SYREPA '86

A package of programs for systems reliability

evaluations

SYREPA'86 - A PACKAGE OF PROGRAMS FOR SYSTEMS RELIABILITY EVALUATIONS

- *

w.

Schneeweiss M.

There exist world-wide a computer-aided methods for reliability analyses. Here is another one. It is the outgrowth of the senior author'swork in this field,which occupied him part-time during the last 15 years,together with refined PASCAL implementations of several algorithms by the junior author.

*

Chair of Computer Eng., Dept. of Math. & Comp, Sc.

Fernuniversität, Postfach 940, D-5800 Hagen

CONTENTS

1 Introduction (with notation) 2 Using SyRePa '86

page

2

5

3 Calculating a short disjunctive normal form of a Boolean function 7 4 Transforming a disjunctive normal form to one with pairwise

disjoint terms 11

5 Performing an approximate fault tree evaluation 14 6 Calculating system unavailability/unrealiability 17 7 Calculating mean times of binary system states 18

8 References 20

1 INTRODUCTION (WITH NOTATION)

SyRePa is planned to become a long-term investigation,with the last two decimals of the year of release added for better identification.

We plan to start with SyRePa'86.

SyRePa'86 will consist of programs (including subroutines) for the - transformation of a Boolean function Cf to a disjunctive normal

form (DNF), if the original 9'not a DNF, and production of an in- teger file for further processing

- calculation of an upper bound for the probability of p(~) being 1,by replacing in a DNF by p.=Pr{X.=1},

1 1 any disjunction (OR) by addition, and any conjunction (AND) by multiplication; also:

calculation of corresponding values of system MTTF and system MTTR.

If the approximations are not good enough:

- transformation of a DNF (of

f)

to a short surn-of-products form by the Shannon decomposi tion algori thm [ _1 ]

- calculation of exact numerical values of reliability parameters.

The user of SyRePa¹86 is assurned tobe aquainted with [ 1 ]. A fairly good knowledge of PASCAL is also assurned.

No help is, as yet, given for the construction of the fault tree or a corresponding reliability block diagram, the output of which is

f·

Of course,

p

can also be the function of any other event tree. Hence, we keep notation in the general framework of probabilistic Boolean

analysis.

As is discussed in detail in [ 2 ], any polynomial form of p~ (as a function of for any n component system) can be used to find the mean system failure frequency and, hence, mean time to

failure and mean time to repair for systems with stochastically independent x

1, ... ,xn.

As concerns computer-aided analysis of Markov models the reader is ad- vised to look for first help in the IEEE Transactions on Reliability.

The numerical evaluation of Riemann integrals, including convolution integrals (for cases of cold stand-by etc.) should be done by proper numeric subroutines.

Problems in the field of applied renewal theory are also not covered by SyRePa '86.

Note that this is a scientific report. It contains enough information for a private irnplernentation of the algorithrns discussed. For several reasons the cornputer code of our PASCAL irnplernentation is not given here. If you wish to obtain i t for your practical work, please con-

tact the authors.

NOTATION e. 1.

A. 1.

C. 1.

DDNF DNF E (R)

(MC)k Pr{ei}

Ptp

s

u. 1.

X. 1.

X

A

V

ff

MTTR MTTF

µ

=

II.

=

*

*

1/MTTR 1/MTTF

random event i availability of C.

l.

component i (of S)

DNF with pairwise disjoint terms disjunctive normal form

expected value of random variable R mincut k

probability of e.

1.

Pr{Xi=1}

Pr{'f =1}

system term i

unavailability of Ci

unreliability of C. at timet

J.

= 1, if Ci is bad (defective)}

O, if Ci is good (intact) (X1, ••. ,Xn) system state vector AND operator

OR operator

Boolean function

indicator variable for state of C. _{. J.}

mean time to repair (mean down-time) mean time to failure (mean up-time) repair rate

failure rate

In much of the literature this is replaced by MTBF.

2 USING SYREPA '86

Obviously, not in all conceivable applications of SyRePa'86 will all of its parts be needed. Details for selecting proper parts are given by the flowchart of fig. 1.

( start)

Execute program PRO DNF

Is an approximate ana-

ysis desired?

no

Execute program SHANEX yes

Execute program SYSPAR

Are approxi- results good enough ? ¹>

Execute program SYSPAR

1 yes

-F---

c

^{stop )}

Fig. 1: Flowchart for using parts or all of SyRePa'86.

Program PRO_DNF produces a disjunctive normal form (DNF) for a given Boolean function

f.

Program SHANEX transforms a given DNF to one with mutually disjoint terms. Program SYSPAR calculates numerical values of the more important reliability parameters, viz. unavailability, MTTF, and MTTR.

Nöte that the program PRO_DNF needs an algebraic description of the fault tree, and that program SYSPAR needs the failure rates ~i and the repair rates µ. of all system components C ..

1 1

1) Detailsare discussed in section 5.

The linking of the different prograrns of SyRePa'86 to forma single

"super" prograrn as indicated in fig. 1 is left to the user. Since i t is a program without loops, this should pose no difficulties.

The extraction of

<p

frorn a graphically given fault tree should also be a fairly simple task. After defining suitable auxiliary indicator variables, i t will be easy to find

<p

in a top-down fashion as shown in the following exarnple.

EXAMPLE 2-1 : SIMPLE FAULT TREE

Here,frorn fig. 2 (in PASCAL notation andin the correct order) X7 := X1 AND X2 ;

X9 := XS OR X6 ; X8 := X4 AND X9 ; PHI:= X7 OR X3 OR X8

Fig. 2 Example fault tree.

x

₇ ,

x

₈,

x

₉ are auxiliary variables.

3 CALCULATING A SHORT DISJUNCTIVE NORMAL FORM OF A BOOLEAN FUNCTION In case the mincuts (minimal sets of components, whose combined

failure means system failure) are known, the production of a disjunc- tive normal form (DNF) of the given system's redundancy structure function x₈= f(~) is trivial : Each mincut (MC)k={Ci,cj, ... } corres- ponds to a DNF term Tk=X.X .... , for if C.

,c., ...

are down (faulty),

J. J J. J

by definition of the components' indicator variables, Xi=1, Xj=1, ...

and hence Tk=1, so that x₈=1, meaning system failure.

However, on many occasions fault trees, i.e. functions (f(~),.are far from being DNFs, and since several modern algorithms for reliability evaluation start with a DNF and the Bonferroni inequalities also need them, there are enough good reasons to first transform any given

Boolean function

r

of n variables

x

₁, ••• ,Xn to a DNF. Needless to say, a short one (with few short terms) is most desirable. In SyRePa'86 all this is done by the program 'PRO DNF' (short for PRO- DUCTION OF A SHORT DNF).

EXAMPLE 3-1 (EX. 2-1 CONTD.) Let, originally,

The proper output of 'PRO DNF' is 1 2

3 -4 -5 -6

where the k-th line corresponds to the k-th term of the DNF.

~ -

EXTENDED COMMENTS ON THE PASCAL PROGRAM 'PRO_DNF'

*************************************************

THE PROGRAM 'PRO_DNF' CAN BE SEPERATED IN FIVE PARTS!

1) LEXICAL ANALYSIS OF THE GIVEN BOOLEAN FUNCTION

2) SYNTAX ANALYSIS.

3) EXECUTION OF ALL NEGATIONS, EXCEPT WITH SINGLE VARIABLES, 4) COMPUTING ALL BRACKET-LEVELS,

5) BUILDING THE INTEGER-FILE,

WHICH CAN BE USED BY THE RELIABILITY PROGRAMS,

TO 1) t

LEXICAL ANALYSIS RESIDES IN THE PROCEDURE 'INREAD', THE PROCEDURE RECOGNIZES THE ALLOWED SYMBOLS

AND FORMS A SPECIAL INTEGER-CODE!

-1 FOR NEGATION -2 FOR OPEN BRACKET -3 FOR CLOSED BRACKET -4 FOR BOOLEAN 'AND' -5 FOR BOOLEAN 'OR'

i FORA NUMBER i > ⁰

BECAUSE THE INPUT FILE ISA TEXT-FILE AND THE IHTERNAL REPRESENTATJON ISA LIST OF INTEGERS, THE PROCEDURE 'INREAD' HAS TO TRANSLATE

A SEQUENCE OF CHARACTERS 0 •• 9 INTO AN INTEGER-VALUE, BESIDE THIS, SOME ERRORS ARE RECOGNIZED,

NOTATION ON THE FILE

rs:

n FOR Xn; - FOR BOOLEAN NEGATION; A FOR AND; 0 FOR DR FOR EXAMPLE THE TEXTFILE!

-(3011A(1204)) BECOMES:

-1 -2 3 -5 11 -4 -2 12 -5 4 -3 -3

THE USE OF A DOUBLE LINKED LIST AND NOT AN ARRAY OF INTEGER HAS EFFICIENCY REASONS. CHANGING PARTS OF THE BOOLEAN FUNCTION AS IN 'EXECUTE_NEGATIONS' COSTS A LONG SHIFTING FOR AN ARRAY, BUT ONLY THE CHANGE OF SOME POINTERS FOR THE LIST,

TO 2):

THE SYNTAX-ANALYSIS RESIDES IN PROCEDURE 'SYNTAX_CHECK',

THIS PROCEDURE IS BASED ON THE SYNTAX OF NORMAL BOOLEAN ALGEBRA,

TO 3):

TO EXECUTE ALL NEGATIONS, THE PROCEDURE 'EXECUTE_NEGAT!ONS' IS USED.

THE MAIN PROBLEM IS, THAT MOST EXPRESSIOHS HAVE IMPLIED~

BUT NOT EXPLICIT SPECIFIED BRACKETS,

BECAUSE 'AND' HAS HIGHER PRIORITY THAN 'OR',

SO, BEFORE USING THE SHANNON-RULE TO NEGATE AN EXPRESSION, ONE HAS TO INSERT SOME NEW BRACKETS! <EXCEPT THE OUTERMOST BRACKETS)

-BEHIND EVERY OPEN BRACKET A NEW OPEN BRACKtT.

-BEFORE EVERY· CLOSED BRACKET A NEW CLOSED BRACKET, -BEFORE EVERY 'OR' A CLOSED BRACKET AND

BEHIND EVERY 'OR' AN OPEN BRACKET.

AFTER THIS, THE SHANNON-RULE CAN BE EMPLOYED.

AT LAST ALL USELESS BRACKETS CAN BE DELETED,

IN THE PROCEDURE THE FIRST TWO JOBS, INSERTING BRACKETS AND EMPLOYING SHANNON-RULE, ARE DONE PARALELL WHILE WORKING ON THE EXPRESSION

TO NEGATE FROM LEFT TO RIGHT.

IF A NEW NEGATION APPEARS IN THE EXPRESSION, THE PROCEDURE CALLS ITSELF RECURSIVELY.

SO, THE EXAMPLE OF 1+ WOULD YIELD LIKE AFTER APPLYING THE SHANNON-RULE: <N=127; NOT(Xi>!=N+i}

(130) A (138 0 ((139) A (131>>>

**

AND AFTER DELETING USELESS BRACKETS!

130 A (138 0 (139 A 131))

**

<** NOTICE: THESE REPRESENTATIONS ARE ONLY FOR GREATER CLEARNESS.

TO 4)!

INTERN THIS EXPRESSION ISA DOUBLE LINKED LIST AS EXPLAINED IN 1.}

AFTER THE EXECUTION OF ALL NEGATIONS THE PROGRAM HAS TO COMPUTE ALL BRACKETS, TO GET A DNF.

FOR THAT, THE PROCEDURE 'RECURSIVE' EXAMINES THE BOOLEAN FUNCTION FROM LEFT TO RIGHT,

THE RESULT OF PROCEDURE 'RECURSIVE' ISA LINEAR LIST OF TERMS (TYPE SETLIST)

BEFORE RETURNING TO THE CALLER,'RECURSIVE' DELETES ALL

USELESS TERMS THROUGH PROCEDURE ABSORB, IN ORDER TO MAKE THE RESULT-LIST AS SHORT AS POSSIBLE,

IN DETAIL 'RECURSIUE' WORKS AS FOLLOWS!

- IF AN OPEN BRACKET APPEARS, THE PROCEDURE CALLS ITSELF RECURSIVELY.

- IF THE NEXT CHARACTER ISA CLOSED BRACKET,'RECURSIVE' RETURNS TO THE CALLING PROCEDURE WITH THE LIST OF TERMS,

- IF AN 'OR' APPEARS, THE ¹0LD¹ TERMS, WHICH START WITH 'LEFT' AND ARE THE RESULT OF EARLIER, NOT FINISHED OPERATIONS, CAN BE FINISHED.

THE NEXT Xi IS PART OF A NEW TERM+

- IF AN 'AND' APPEARS, THE ¹0LD¹ TERMS MUST BE ¹MULTIPLIED¹ WITH THE NEXT Xi OR WITH THE RESULT OF A DEEPER CALL TO 'RECURSIVE', IF THE NEXT CHARACTER IS AN OPEN BRACKET,

THE OPERATION IS NOT FINISHED BECAUSE THE NEXT OPERATOR CAN ALSO BE AN 'AND',

1MULTIPLICATION¹ OF TWO LISTS OF TERMS, WHICH MEANS COMPUTING THE EXPRESSION: <TERMv ••••• vTERM) AND <TERMv, •••• vTERM) IS DONE

IN PROCEDURE 'MULT'.

THE EXAMPLE OF 3): 130 A <138 0 (139 A 131)) IS COMPUTED AS FOLLOWS:

-FIRST Xi IS 130 --> FIRST TERM= C130J

-NEXT COMES 'A' --> THE RESULT OF THE FOLLOWING MUST BE MULTIPLIED WITH C130J

-NEXT COMES AN OPEN BRACKET--> CALL 'RECURSIVE' -FIRST TERM= C138J

-NEXT COMES O --> FIRST TERM IS FINISHED, NO ¹MULTIPLICATION¹ WITH FOLLOWING RESULTS IS NECESSARY,

-NEXT COMES AN OPEN BRACKET--> CALL 'RECURSIVE' -FIRST TERM =C139J

-NEXT COMES 'A'

-->

RESULT OF THE FOLLOWING MUST BE

"MULTIPLIED• WITH C139J.

-NEXT COMES 131

-->

MULT (139,131>-->

RESULT IS THE TERM [131,139]

-NEXT COMES CLOSED BRACKET--> RETURN -RESULT ARE THE TWO TERMS C138J ,C131,139J -NEXT COMES CLOSED BRACKET -->RETURN

-MULTIPLIE C130J WITH THE TWO TERMS C138J,C131,139J -RESULT ARE THE TERMS C130,138J,C130,131,139J

-NEXT COMES CLOSED BRACKET -->RETURN= END OF BOOLEAN FUNCTION, -RESULT OF THE GIVEN FUNCTION

rs:

-3 -11 -3 -4 -12 TO 5 > :

BUILDING THE RESULT-FILES IS DONE IN PROCEDURE 'PRINT'

4 TRANSFORMING A DISJUNCTIVE NORMAL FORM TO ONE WITH PAIRWISE DISJOINT TERMS

A Boolean function f(X

1, ••• ,Xn) given as a disjunctive normal form ( DNF) , i. e. as

r=

_i=1

^V

m ^{T. , l. X. ,} J

~ -

X. E {X. , X. } ,

J J J ^{( 4-1 )}

wnere Ii is an index s e t : Ii c {1, ... ,n}, is usually transformed

before its probability Pf of being 1 is calculated. If this is not done,

Pf

can only be found by the Poincaree-Sylvester method of in- clusion-exclusion [3], i.e. by calculating p~ as the lengthy sum

m m m-1

Pr{ U ei} =

I

Pr{ei} -

I

i=1 i=1 i=1

m

l

Pr{ei

n

eJ·}-+ ...

J=i+1

for random events ei := (Ti= 1) such that

u

m

i=1

m

ei = (

V

Ti= 1), i=1

e. n e.

l. ^J

However, if all the ei are pairwise disjoint with e. n e. = !Z) ~ (T. T. -:/- 1) <.=;> (T. T. = 0),

l. J l.J l.J

then (4-2) becomes simply

m

=

I

^Pr{ei},

i=1 which corresponds to

(4-2)

(4-3)

( 4-4)

(4-5)

m

=

I

i=1

Pr{T.=1}

l

m

=

I

i=1

E (T.) • l

Hence, changing (4-1) to m'

<p= V

i=1

T.' l U T . ' T . ' =O , ( m'

V J. J

(4-6)

~ m) (4-7)

is highly desirable unless the trouble to get (4-7) from (4-1) is greater than that of applying (4-2). Of the numerous methods for finding the Ti' the Shannon decomposition method described in detail in [1] is used here.

EXTENDED COMMENTS ON THE PASCAL PROGRAM 'SHANEX'

************************************************

THE PROGRAM IS BASED ON THE 'SHANNON EXPANSION ALGORITHM'.

SOME FAMILIARITY WITH THIS ALGORITHM IS PRESUMED IN THE FOLLOWING, THERE ARE THREE MAIN SECTIONS IN THE PROGRAM:

1) READING AN EXTERNAL INPUT-FILE WITH A DNF ^ON IT, 2) EXECUTING THE ABOVE ALGORITHM.

3) PRINTING OF THE RESULT, A DNF OF DISJOINT TERMS (DDNF),

THE FIRST AND LAST SECTIONS ARE CONCEPTUALLY VERY SIMPLEI

1) THE PROCEDURE 'INREAD' READS THE EXTERNAL FILE AND PRODUCES A SIMPLE CONCATENATED LIST OF INDEX-SETS, WHICH CORRESPOND TO THE TERMS OF THE DNF GIVEN.

THE INDEX SETS IN THE LIST ARE ORDERED BY RISING LENGTH, HENCE, THE SHORTEST TERM

<=

SHORTEST INDEX-SET) IS INSERTED AT THE START OF THE LIST, THE LONGEST TERM AT THE END.

THIS SORTING IS NECESSARY TO LIMIT THE GROWTH OF THE DDNF IN THE ALGORITHM OF SECTION 2.

3) IN THE PROCEDURE 'PRINT', THE RESULT OF THE ALGORITHM, A DDNF IS PRINTED ^ON A COMPUTER-TERMINAL, AND A FILE IS PRODUCED FOR LATER USE.

2) THE IMPLEMENTATION OF THE ABOVE ALGORITHM IS MORE INVOLVED+

IT IS BASED ^ON THE RECURSIVE PROCEDURE 'DISJOINT', WHICH SPLITS AN EXPRESSION INTO TWO DISJOINT PARTS, HEADED BY Xi AND NOTCXi) RESPECTIVELY,

THE PROPER Xi IS SELECTED FROH THE FIRST, I.E, THE SHORTEST TERM PRODUCED BY INREAD',

IF NECESSARY 'DISJOINT' CALLS ITSELF RECURSIVELY FOR BOTH PARTS, IN DETAIL, THE PROCEDURE 'DISJOINT' HAS SEVEN SUB-PROCEDURES, WHICH DO THE FOLLOWING WORK:

(1) PROCEDURE 'COPY' DUPLICATES THE EXPRESSION FOR THE DNF, WHICH ISA LIST OF INDEX-SETS, AND STORES IT BEHIND THE ORIGINAL ONE,

(2) AFTER THIS, IN PROCEDURE 'SEPARATE', THE PROPER Xi IS SELECTED AND BOTH PARTS ARE PROCESSED WITH:

Xi=TRUE FOR THE ORIGINAL DNF

NOTCXi)=TRUE FOR THE DUPLICATED DNF

FOR THAT, THE PROCEDURE 'DELETE' IS NECESSARY TO DELETE INDEX-SETS <=TERMS> OUT OF THE LIST. FOR EXAMPLE IF ONE OF THE TERMS BECOMES ALWAYS FALSE WITH NOT(Xi>=TRUE,

NOW, THERE ARE TWO DIFFERENT EXPRESSIONS, AND THE FOLLOWING PROCEDURES MUST BE USED ON BOTH.

(3) THE PROCEDURE 'INTERSECTION' COMPUTES THE INTERSECTION OF ALL TERMS IN THE EXPRESSION, AND ADDS THE RESULT AS A FACTOR TO Xi OR NOT(Xi).

(4) TO REDUCE THE EXPRESSION MORE, THE PROCEDURE 'ABSORB' DELETES ALL TERMS, WHICH ARE USELESS BECAUSE OF THE RULE:

IF Ti<=TJ THEN DELETE TJ <Ti=TERM NUMBER i)

(5) NOW, IN ORDER TO PRESERVE THE ORDER BY RISING LENGTH OF THE TERMS IN THE LIST, THE EXPRESSION IS SORTED BY A SIMPLE EXCHANGE-SORT IN THE PROCEDURE 'SORT',

IF THE REMAINING EXPRESSION CONSISTS OF MORE THAN ONE TERM, 'DISJOINT' CALLS ITSELF RECURSIVELY,

(6) AFTER RETURNING FROH A POSSIBLE RECURSIVE CALL, THE FACTOR MUST BE ADDED TO ALL TERMS IN THE EXPRESSION WITH THE

PROCEDURE 'ADD_FACTOR',

(7) AT LAST, BEFORE RETURNING TO THE CALLER, BOTH PARTS MUST BE JOINED TOGETHER, AND THIS WHOLE EXPRESSION CONSISTS OF ONLY DISJOINT TERMS.

5 PERFORMING AN APPROXIMATE FAULT TREE EVALUATION

Traditionally many approximations consist of just replacing m

Cf= ^V

^T.

i=1 1.

by

T.

=

l.

/\

jEI.

l.

X. J ( 5-1 )

(5-2)

where Ikp is the set of terms of

Cf

of at most k-th order and then of using the first Bonferroni inequality [3]

Pr{~ ei} ~ ~ Pr{ei}.

l. l.

EXAMPLE 5-1 DELETING TERMS OF MORE THAN THIRD ORDER

~3 0

=

x,x2 V X1X3X5 .

r '

Hence, for s-independent X.

l.

(5-3)

The problem with this primitive type of approximation is that one does not know if

uS,k,O ~ US or us,k,O > US •

The next approximation consists of applying (5-3) to (4-1) yielding

m

~

I

i=1

Pr{T.=1}

1.

m

= I

i=1

E (T,).

1. (5-4)

To getan idea of the quality of this approximation (sometimes) the second Bonferroni inequality

m m-1 m

Pr{U e.}

' 1.

1.

~

l

Pr{ei} -

l

i=1 i=1

I

j=i+1

Pr {e. n e.}.

1. J (5-5)

is applied. (For an extended proof see e.g. [4].) The application of (5-5) to (4-1) yields

m m-1 m

~

l

E(Ti) -

I I

E(TiTj).

i=1 i=1 j=i+1

Obviously, by (5-4) m-1

e1 ⁼ =

I

i=1

m

I

j=i+1

E(T.T.)

1. J

is an upper bound for the error of this approximation.

(5-6)

( 5-7)

If

e

₁ > e , the maximum allowed error,one can use further Bonfer- max

roni inequalities to find a sufficiently good approximation. Unfor- tunately,this process can be rather burdonsome as to the necessary combinatorial calculations. Hence,our advice is to calculate ~

1 first. If

e

₁ ^{> e} , then the following procedure is recommended

max

APPROXIMATE FAULT TREE EVALUATION (AFTE)

1) Given a DNF of

<f,

calculate all the E (Ti) . 2) Order the E(Ti) according to ascending values.

3) Add the smaller E(T.) as long as their sum is smaller than e

1. max

Let e be the final sum; e ~ e max

4) Delete all the Ti processed in step 3 from

f

(which is still Boolean)

<fr·

call the rest of

r

5) Process Pr according to section 4 of this report.

A discussion of this AFTE including proofs and a hand-calculated

example can be found in [5]. Note that AFTE is not included in SyRePa '86.

6 CALCULATING SYSTEM UNAVAILABILITY/UNRELIABILITY Given a DDNF

m'

rt = I

i=1

T.' l

i t is well-known that

: = Pr{

<f

^{=1} = E (Cf)}

= I

^m'

i=1

Pr {T. ¹ =1}

l

= l

m' ^E(Ti').

i=1

( 6-1)

If all the X.

J are s-independent, every x.

J of the Ti's has simply tobe replaced by pj , including pj:=1-pj for the Xj. In short :

-

For f(~) in polynomial form (not only as a DDNF)

( 6-2) EXAMPLE 6-1 : 2-0UT-OF-3 SYSTEM

As is well known or easily verified, for the 2-out-of-3 system e.g.

(6-3) By (6-2)

Pf = P1P2 + P1P2P3

-

+ P1P2P3 , ^(6-4)

or in fault tree notation

( 6-5)

7 CALCULATING MEAN TIMES OF BINARY SYSTEM STATES

In general, calculating mean times of binary system states is rather difficult. Detailsare discussed in [6]. However, for s-independent X. this is very easily done; see [2]. The main rule for getting

J

from a DDNF of

<f

is the following

1) Calculate p'f (as a function of the p. and p.).

J J

2) Multiply each term p.p .... _{1 J}

pkPo••·

_,{.. ^{by (µ.} ₁ ^{+ µ.} _J ^{+ ...}

Here

1/µi is the mean time of a state 1/t... ^{II II II II II II II}

1

Hence, for

pi= Ui (unavailability of Ci), pi= Ai (availability of Ci) we have (as usual):

µi is the repair rate of C. ,

1

Ai is the failure rate of Ci.

EXAMPLE 7-1 2-0UT-OF-3 SYSTEM From ( 6-5)

with Xi=1,

II Xi =O.

Instead of "EXTENDED COMMENTS ON THE PASCAL PROGRAM SYSPAR" two little examples follow:

EXAMPLE: 2-0UT-OF-3 SYSTEM

**************************

MULTILINEAR ~ORM (DDNF): X1X2 v X1-X2X3 v -X1X2X3 WITH 'PROB.DAT' IN THE FORMAT:

Rl:1 R2:1 R3:1

Fl!0.0001 F2:0,0001 F3!0.0001

'SYSPAR' YIELDS THE FOLLOWING RESULT:

SYSTEM UNAVAILABILITY rs: o.000000029992001 SYSTEM MTTR IS: 0.500016666666667

SYSTEM MTTF rs: 16671666.666666670000000

EXAMPLE: ARPA-NET

*****************

MULTILINEAR FORM CDDNF):

X6X7 v X3X5X6-X7 v X1X2X3-X6 v X1-X2X4-X6X7 v

X1X2X3-X5X6-X7 v X1X2-X3X4-X6X7 v

-X1X2X3X4-X5X6-X7 v X1X2-X3-X4X5-X6X7 v

X1-X2X3X4X5-X6-X7

WITH Ri=1 AND Fi=0.0001 IN 'PROB,DAT'~

'SYSPAR' YIELDS THE FOLLOWING RESULT:

SYSTEM UNAVAILABILITY IS: 0.000000010000999 SYSTEM MTTR IS! 0.499925036241061

SYSTEM MTTF IS: 49987506.872918880000000

9 REFERENCES

[1] Schneeweiss W.: Disjoint Boolean products via Shannon's expansion. Trans. IEEE vol. R-33 (1984) 329-332.

[2] Schneeweiss W.: Addendum to computing failure frequency, MTBF &

MTTR via mixed products of availabilities and unavaila- bilities. Trans. IEEE vol. R-32 (1983) 461-462.

[3] Feller W.: An introduction to probability theory and its appli- cations. New York : Wiley 1957.

[4] Schneeweiss W.: Zuverlässigkeits-Systemtheorie. Köln text-Verlag 1980.

Datakon-

[5] Schneeweiss

w.:

Approximate fault-tree analysis with prescribed accuracy. Trans. IEEE-R (to appear 1986/87).

[6] Schneeweiss

w.:

The time-specific failure frequency of repairable systems with stochastically independent components. Hagener Informatik-Ber. 53 (2/1985).