Topological semi-Markov method for calculation of stationary parameters of reliability and functional safety of technical systems Текст научной статьи по специальности «Медицинские технологии»

TOPOLOGICAL SEMI-MARKOV METHOD FOR CALCULATION OF STATIONARY PARAMETERS OF RELIABILITY AND FUNCTIONAL SAFETY OF TECHNICAL SYSTEMS

Shubinsky Igor B. •

Doctor of Technical Sciences, professor, director of the company " IBtrans", The Public Corporation "RZD", Moscow, Russian Federation e-mail: igor-shubinsky@yandex.ru

Zamyshlyaev Alexey M. •

Ph.D., The Head of Scientific-Technical Complex of JSC "NIIAS", The Public Corporation "RZD", Moscow, Russian Federation e-mail: A.Zamyshlyaev@gismps.ru

ABSTRACT

The paper offers the method for calculation of reliability parameters and functional safety of technical systems, differing from known methods by an opportunity of obtaining strict formula expressions of stationary parameters directly from a system state graph. The method is suitable for solution of both Markov, and semi-Markov models of reliability and safety. In addition the paper presents some examples of determining safety and availability factors, as well as time parameters of safety and reliability of the two-channel safety related device.

Keywords: reliability, functional safety, parameters of reliability and safety, Markov and semi-Markov models of reliability, loop weight, graph breakdown weight.

1. Introduction

When solving problems of reliability and functional safety of technical systems mathematical tools of Markov and semi-Markov random processes are widely applied. Development and solution of Markov and semi-Markov reliability models by traditional methods in general terms is brought into making up a system of the homogeneous differential equations describing behavior of the investigated system, their operational transformation, solving system of equations in the operational form, inverse transformation and finding the required reliability parameters. Such a way is always fraught with mathematical difficulties, especially when the number of equations exceeds ten and is problematic to execute correctly inverse transformations of solutions of system equations obtained in the operational form. Therefore in the majority research people and, especially practical workers, are compelled to introduce a lot of assumptions which radically simplify solution of reliability models and allow obtaining reliability parameters of considered systems in the analytical or numerical form. However these results are already far from true and there is a natural question: whether it is necessary to aspire to realization of the traditional plan of construction and solving reliability models of systems.

In many problems of reliability calculation it is enough to be limited by stationary reliability and availability factors (parameters). In these cases it is necessary to switch over from the model of differential equations to the model of algebraic equations describing system behavior in the steady-state mode, to solve them, find stationary probabilities of staying system in each of possible states.

Then based on system failure criteria with the help of the specified probabilities probabilistic system availability and unavailability should be found. Thereafter stationary parameters of system non-failure operation and maintainability should be defined. Such problems are not connected with necessity of operational calculus application for development and solution of reliability models. The required stationary reliability parameters are calculated sufficiently strictly. However, alongside with the fact that the given plan does not provide definition of a full list of reliability parameters, there is also the unsolved problem of the big dimension of algebraic equations' model. Therefore even at rather small number of states it is not possible in many cases to analytically describe required reliability parameters of the system. This circumstance does not depend on a degree of system graph model connectivity. Dimensions of a system matrixes for algebraic equations representing reliability of investigated technical system model do not vary both with weak connectivity and with strong connectivity.

At the same time, graph models of complex systems' reliability, as a rule, are poorly connected. This circumstance has stimulated us to switch from the traditional plan of solving linear algebraic equations by Kramer's rule to the scheme of breakdown initial graph to the constituent sub graphs which are not containing single out nodes (for example, disabled states of model or states which are being on the way from one node to another, or an initial system state). At application of such a scheme (plan) it has turned out sufficient for solving the system of algebraic equations. Moreover it has turned out sufficient to be limited by finding ways and loops on the graph, what is now well formalized.

2. Problem definition

Stationary parameters of technical systems' reliability are factors of availability Kr and unavailability Kr, mean time to failure Tcp , dispersion of mean time to failure Dcp, an average time between failures T, mean idle time average of a Tnp. As functional dependence Kr = f (T,Tnp) is known methods of calculation of these three parameters are expedient for considering simultaneously. Similarly it is necessary to simultaneously consider methods for calculation of parameters Tcp andDcp.

Stationary parameters of functional safety of safety related systems is a factor of safety K E , mean time to dangerous failure Ton, dispersion of time to dangerous failure Don, mean time to protective failure T3, dispersion of time to protective failure D3, mean time to dangerous (hazardous) failure Tn.

Methods of calculation of corresponding groups of reliability and functional safety parameters are identical. Difference is only in the separation of initial system states on efficient and disabled (concerning reliability) subsets and nonhazardous, hazardous and protective subsets of states (relating to functional safety). So in the study [1] the following formula of calculation of system availability factor which behavior is described by semi-Markov random process is determined

Z pt

Kr = ^-(i, j e S;Sp c S), (1)

Z PT

jeS

where Sp is a subset of efficient system' states , S is full set of system states; P; is a final probability of staying Markov chain in i-th state; T; is an expectancy of unconditional time of system staying in i-th state.

By turn, formulas of the calculation of mean time to failure (time between failures) and the average idle time of the system which behavior is described by semi-Markov random process, and

determined according to the study [2] are the following:

Z p T

T = ; (2)

Z P Z p*

jeSr

ZPT Z Pj Z Pj

_ V

jeSp

Tnp = —, (3)

- np

Pp

j

where it is implied, that transition from a subset Sp into a subset Sp can be carried out not from any working state capacity, but only from boundary conditions (subset) S+. Similarly transition from Sp into Sp can be carried out from a subset belonging to the subset of boundary disabled states S_.

Practical methods for calculation of functional safety parameters of recoverable safety related systems nowadays are poorly developed.

The purpose of this paper consists in development of practical methods of calculation listed above stationary parameters of reliability and functional safety of complex technical systems. It is a question of formalization of calculations on the basis of the graph theory.

3. Calculation of availability and safety factors

3.1. Topological concepts:

• Path - chain of consistently connected unidirectional arcs starting from a state i and ending in a state j, path weight l1' = ^PirP,j, where pir - probability of one step transition for i -

i,r, jgS

th state in a state r;

• Closed loop is a chain of consistently connected unidirectional arcs in which the output of final vertex in the chain is connected to starting vertex of the chain;

• Weight of j - th loop Cj = ^ P'Pji; self-loop is a special case of the closed loop

1, j^S

(entering and leaving arcs in self-loop merge into one arch), weight of a self-loop Cj = pjj;

• Graph decomposition - a graph part which is not containing assigned vertices and arcs connected with them; weight of a decomposition AG1 is calculated taking into account the exclusion from the graph a vertex i and the arcs connected with it; the weight of a decomposition

AG1— is calculated taking into account the additional exclusion from the graph the vertices of a set

Sp

of disabled states Sp and the arcs connected with them; the weight of a decomposition AG'k is

calculated taking into account the exclusion from the graph the vertex i, as well as the vertices located on k-th path from starting vertex into a vertex i and arcs connected with them;

• The decomposition weight (determinant) is calculated under Mason's formula

AG = 1 _ ZCj + ZCrCj _ ZCiCrCj +... (4)

j rj irj

Application of Mason's formula allows to considerably reducing labor input of calculations of minors on the rarefied matrixes, and matrix G, as a rule, is rarefied.

3.2. Topological formulas of calculation of availability andfunctional safety factors

The statement 1. If system reliability is modeled by means of the graph states and semi-Markov random process on this set of states, specified by transition probability matrix and a vector of unconditional expectances of staying time in each graph state the factor of system availability in the topological form is equal:

Z AG'T

Kr =

ieSp

ZAGT'

j^S

(5)

where AG'- decomposition weight of the graph without a state i, Ti - expectance of unconditional staying time of the system in states si.

Proof. The stationary probability of enclosed homogeneous Markov chain staying in a state ', is equal

Z Dj

j=1

where n - number of states in initial set of states of the system S

r

D = 2

n

1

2 ... n

1-Pl1 - Pl2 ... - Pin - P21 1-P22 • •-P2n

- Pn1 - Pn2 •• 1-Pn

V

and D' (Dj) - a minor obtained by deletion of i (j) line and of i (j) column in matrix D. In turn, both the determinant D and minors Di (Dj) can be strictly or with acceptable accuracy calculated under Mason's formula (4). Hence, the stationary probability of enclosed homogeneous Markov chain staying in a state', is equal to the following

P =

AG1

AG1

,J ZAG

j^S

(6)

shown.

ZDj YjAGj

j=i j=i

Substituting the formula (6) in the expression (1) we obtain the formula (5), as was to be

The consequence 1. If SH e S- a subset of nonhazardous states of safety related system. The system safety factor is determined as the following

1

KR = 5-— (7)

jeS

The formula (7) is obtained by analogy to the formula (5) concerning set of nonhazardous

states.

4. Topological formulas for calculation of stationary time parameters of reliability

Mean time to system failure

¿agt

70 ^¿agT^ <8)

ieS+ jeSr

Average idle time of a system

ZAG7

Tnp = ^--(9)

- np

¿L Pi

jgs_ ieSP

Formulas (8) and (9) are obtained from formulas (2) and (3) by substitution in them the formula (6).

Mean time between hazardous failures

TjAG'T

T = ^eSl -, (10)

SAG' SPv ' ' '

ieS1+ jeSi

where S1 - a subset of nonhazardous states, Si- a subset of hazardous states S1 U Si = S, S1+ - a subset of boundary nonhazardous states (S1+ e S1).

Mean time to system failure and dispersion of mean time to failure

With a view of development of the formalized engineering methods for determining these parameters we shall prove the following statement.

The statement 2. If system reliability is modeled by means of the graph states and semi-Markov random process on this set of states then the confidence curve to system failure in Laplace transformations at i-th initial state is determined by the following expression

^ SS i" (z) -AG I (z)

O. (z) = ^^-~-, (11)

AGp (z)

where (z) - k-th path in Laplace transformations, leading from an efficient state of the graph i e Sp into the failure state j e Sp; AGkj (z) - graph decomposition weight in Laplace transformations without j-th vertex and the graph vertices located on the k-th path; AG- (z) -without vertices, graph decomposition weight of a set of failure states

Proof

In the study [1] it is shown, that the function of time distribution of system staying in a set of efficient conditions Sp in Laplace transformations can be obtained from the following equation

O/(S)-IQj(s) Oj(S) = IQn(S).

jeSP leSP

Let's transform this equation to a matrix form, keeping in mind, that the right part of the equation is a vector-column of free terms of semi-Markov transitions' probabilities for one step from vertices i, j,...z e Sp into the vertexl e Sp .

O(S) - Q(S) 0(S) = Q*(S),

where Q(S) = Q (S))- is a matrix of semi-Markov probabilities; Q*(S) = (Qa (S))- is a vector-column.

In system of the equations the unknown elements are those of the vector-column 0(S). After their grouping in the left part we shall obtain

®(S)[/ - Q(S)J= Q*(S).

Then by Kramer's rule we can find O, (S) = ^-(S), where A(S) = I - Q(S), and A, (S) -

A(S) ' W ^

the determinant, obtained by replacement of i-th column in the matrix I - Q(S) on a vector-

column of free terms Q * (S) provided that A t (S) and A( S) are not equal to zero.

The determinant A t (S) differs from the determinant A(S) = AGs by the fact that in the

column i the element rpij (S) is replaced with the element pa (S) where i, j e Sp, and l e Sp. As a result we obtain the following

A,(S) = AG^ =III"(S) AG[(S).

leSP k

Hence,

~ II ? (S) -AGk (S) o i (S) =

_ lk leSp k

AGS

and at replacement of an index l on j the required result is obtained. The statement is proved.

From the formula (11) follows - Mean time to system failure at initial state i=1

TCP _--~- z_0; (12)

dz

- Dispersion of the mean time to system failure at initial state i=1

D„ =

a2o!(z)

P dz 2 =0

aOi( z)

dz

(13)

2

z=0

Consequence 2 The function of time distribution (confidence curve) to system hazardous failure in Laplace transformations at i-th initial state is determined by the following expression

where (z) - k-th path in Laplace transformations leading from a nonhazardous state of the graph i e SH into hazardous failure state j e SH ;

SS H (z) -AGkj (z)

, -

iO

k

0!0 (z) _ JeSg k . ~ „-, (14)

AGSr (z)

From the formula (14) follows

■ Mean time to system failure at an initial state i=1

ho dz

■ A dispersion mean time to system failure at an initial state i=1

_ ao1Q (zy . (15)

7On _--1- z_0. (15)

^ _

a2 ©1O (z)

on ~ 2 z _0

dz

(z)

dz

z_0

(16)

5. Examples

Example 1

The two-channel device is analyzed. It contains two identical and independent channels, as well as diagnostics tools which check with acceptable frequency for good safety the functioning state of each channel and compare their output results. Failures of channels are asymmetrical. When diagnostics tools are sound the fact of failure of any one channel is detected and then the device transition in a state of protective failure is carried out. In the case of diagnostics tools' failure only a nonhazardous failure of the device can occur. The subsequent behind this event failure of a channel leads to hazardous failure of the device.

Graph states of reliability and safety of the two-channel device with diagnostics tools without channels' restart is shown on fig. 1.

The description of states:

1 - Serviceable state;

2 - Diagnostics tool failure;

3 - protective failure of the device caused by detected failure of one of the channels; detection was carried by regular diagnostics tools with probability v;

4 - Not detected failure of one of the channels, owing to failure or insufficient efficiency of diagnostics tools (hazardous failure of the device).

For presentation of an illustration of opportunities of the offered method we assume, that failure and recovery flows, as well as a flow of detected failures of one channel are the simple flows with rates A, Xd, Restoration is carried out in the state of protective failure 2.

Graph edges on fig. 1 are marked by following parameters: Xd - failure rate of diagnostics tools; 2A - failure rate of the two working channels; u - recovery rate of failures by one repair team.

Transition from a hazardous state 3 into initial state 0 is shown. The edge 3-0 is marked by parameter cj - recovery rate of hazardous failure of the device, where the factorO < c < 1. If for the

2

elimination of hazardous failure there is no need to update the device then c=1 and the rate of hazardous failure elimination is equal to recovery rate of the device. If it is required to update the

device depending on duration of updating time z the given factor will have the value c = J/ which

is much less 1. The opportunity of failure of one more channel when the device is in the condition 3, is not considered, as hazardous failure has already taken place and either one channel or two channels are subjects to recovery.

rn /'

Figure 1. Graph of safety states of the two-channel device without channels' restart

The model of reliability and functional safety of the two-channel device on fig. 1 provides the following logic of device operation: an initial state 0 (all elements of the device are serviceable). In case of diagnostics tools failure there is a transition into a state 1. If at serviceable diagnostics tools any one channel (a state 2) has failed, and the channel failure is detected in due time out with probability vthe device is transferred into a state of protective failure (the device does not function, the channel is under repair). At the latent failure of the channel probability 1 - v or at failure of one channel after the failure of diagnostics tools (the path 0 - 1 - 3) there is a transition into transition a state 3 of hazardous failure.

Failure criterion: Sp = {0,1} Sp = {2,3} Sp U Sp = S.

Hazardous failure criterion: SH = {0,1,2}Sh = {3} SH U Sh = S.

It is required by means of formulas (5) and (7) to determine availability and functional safety factors of the two-channel device

Solution

- Initial parameters should be defined:

T0 = J exp[-(2A + At) • t ]dt 1

0

TO

p01 =| Al exp[-(2A + Al) • t]dt -

• T = —• T = —• T = —

, 1 ' 1 n' 2 ' 3 '

2A + A, 2A ¡1 cju

A

2A + A,

; = 2vA ; = 2(1 -v)A

• p02 = I- ; p03 = '

2A + A,

2A+A,

pi3 p 20 p30 1

AG0 = 1; AG1 = 1 - P02 p20 - P03 P30 = 1 - P02 - P03;AG 2 = 1 - P01 - P03;

AG 3=1 - P0

- Find availability factor

V AGT

r ife ' AG 0To + AG lT1

K r _

r YjAG1T] AG 0T0 + AG 1T1 + AG 2T2 + AG 3T3

jeS

1 + ^

2A + Ad 2A(2A + Ad)

1 Ad 2vA 2(1 - v)A + Ad

-+-d-+-+ —----

2A + Ad 2A(2A + Ad) ß(2A + Ad) cß(2A + Ad)

(2A + Ad) • cß

cj(2A + Ad) + 4A2 (1 - v(1 - c)) + 2AAd

If for elimination of hazardous failure there is no need to update the device then the factor c=1 and expression for availability factor of the device will be transformed in to the following form:

Kr =-JL_. 2A + u

- Find safety factor of the device

V AGT

_

IESH _ AG 0T0 + AG 7 + AG 2T2

E V AGT AG 0T0 + AG 1T1 + AG 2T2 + AG 3T3

jeS

1 Ad 2vA

+-d-+ -

2A + Ad 2A(2A + Ad) u(2A + Ad)

1 Ad 2vA 2(1 - v)A + Ad

-+-d-+-+ —----

2A + Ad 2A(2A + Ad) u(2A + Ad) cj(2A + Ad) At c=1 the safety factor of the device is determined by means of the following expression:

kb =-j- + A

2A + u (2A + u) - (2A + Ad)

If the two-channel system is inefficient (in extreme casev = 0) the safety factor of the device is equal, as one would expect, to its availability factor.

Example 2

In conditions of the example 1 it is required by means of formulas (11), (12), (14), (15) to determine time parameters of reliability and functional safety of the two-channel device

Solution

From the formula (11) follows, that functions of time distribution to system failure at an initial state 0 in operational transformations has the following form:

® 0( z)_

f 01 ( z)~ 13 (z) + 03 (z) + ~ 02

(z)

1

where ~03 (z) _~01 (z)~13 (z); ~2°3 _ P03 (z); AG3 (z) _ 1; AG| _ 1; aG^ (z) _ 1.

In Laplace transformations at exponential distributions of random variables

* œ œ n

p01(z) = Je-ztdF0(t) = Je-ztd[1 -e-(2A+A»H] =-A-

^01W 2A + V0 J0 2A + Ad + z ;

5

œ œ 2 A pa( z) = J e - ztdFi(t ) = J e - ztd [1 - e ^ ] = --

0 0 2A +z ;

P°3( z) = J e-ztdF0 (t ) = J e - ztd[1 - e] = AA^

2A + Aà 0 0 2A + Aà + z

* œ œ

P02 (z) = AA J e"ztdF0 (t) = J e"ztd[1 - e~(2A+Ag) ' t ] =

~ n rjj rjj r.

— f e -ztdF0 (t) = f e -ztd[1 - e -(2A+A) ' t ] =-—-

2A + Aà l 0 2A + Aà + z

œ œ

_~2o ( z) = f e - ztdF2(t ) = f e - ztd[1 - e ^

l o V +z .

Hence,

£ (z) = 2A _ z)■ = ± W o(z) 2A + zTcP dz |z_l 2A '

The formula of function of time distribution to system failure in Laplace transformations under conditions of the given example has the following form:

® 00 (z) =

.T 01 ( z)p 13 ( z) + 03

(z)

1 -P 02(z) • P20 (z)

as conditions 0,1 and 2 are non hazardous and AG- _ 1 - p02 (z) • ~ 20 (z) Hence,

2A • [Ag + (1 - v)(2A + z )](u + z )

O0O (z) =-

[2A-(2A + Ag -vu) + (2A + Ag)z + zz]- (2A + z)

From here

T = gp0o (z)i = 2A-(u + 2Av) +AgU on dz |z=0 2Aj- [2A(1 -v) + AJ.

If to take into account, that A << u; Ad << A, with an margin error less than the first infinitesimal order then the following expression is true

T „_1_

on 2A(1 - v) + Ad

At high efficiency of detection of hazardous failures on the basis of two-channel architecture of the device (v = 1) its safety depends only on the reliability of the built in diagnostics tools and the comparator (i.e. on failure rate Ad).

The conclusion

The offered topological semi-Markov method for calculation of reliability and safety parameters of technical systems allows determining directly on the states' graph the strict or approximates formula expressions of typical reliability and safety parameters of technical systems which behavior is described by both Markov, and semi-Markov random processes. Mathematical

positions of the method are illustrated by examples which show simplicity and rigor of finding out the required reliability and safety parameters.

The literature

1. Korolyuk V.S., Turbins A.F. Semi-Markov processes and their applications. - Kiev: Naukova dumka, 1976, 179 p..

2. Rainshke K., Ushakov I.A. Estimation of system reliability with use of graphs /under under the editorship of. I.A.Ushakov.-M.: Radio and communication, p.p.1988.-209.