SENG SENG 637637 Dependability Reliability Dependability ...
Dependability Evaluation through Markovian model
description
Transcript of Dependability Evaluation through Markovian model
Dependability Evaluationthrough Markovian model
Markovian model
The combinatorial methods are unable to:
- take care easily of the coverage factor
- model the maintenance
The Markov model is an alternative to the combinatorial methods.
Two main concepts: - state
- state transition
State and state transitionsState: the state of a system represents all that must be
known to describe the system at any given instant of time
For the reliability/availability models each state represents a distinct combination of faulty and fault-free components
State transitions govern the changes if state that occur within a system
For the reliability/availability models each transition take place when one or more components change state for the event of a fault or for a repair action
State and state transitions (cnt.)
• State transitions are characterized by probabilities, such probability of fault, fault coverage and the probability of repair
• The probability of being in any given state, s, at some time,t+t depends both:– the probability that the system was in a state from which it could transit
to state state s given that the transition occurs during t – the probability that the system was in state s at instant t and there was
no event in the interval time t • The initial state should be any state, normally it is that representing all
fault-free components
• IMPORTANT: IN A MARKOV CHAIN THE PROBABILITY TRANSITION DEPEND ONLY BY THE ACTUAL STATE, i.e. THE STATE CAPTURES THE HISTORY OF THE OLD TRANSITIONS
TMR reliability evaluation
I O
C1
C2
C3
r/n
• There are 4 components (1 voter + computation module), therefore each state is represented by 4 bit:• if the component is fault-free then the bit value is 1• otherwise the bit value is 0.
• For example (1,1,1,1) represents the faut-free state• For example (0,0,0,0) represents all components faulty
TMR reliability evaluation: states diagram
1,1,1,1
1,1,0,1
0,1,1,1
0,0,1,1
0,1,1,00,0,1,0
1,0,1,11,0,1,0
0,1,0,0
0,0,0,01,1,1,0
1,0,0,0
1,1,0,01,0,0,1
0,0,0,1
0,1,0,1
Markov chain reliability evaluation methodology
• State transition probability evaluation:
• If the fault occurence of a component is exponentially distributed (e-t) with fault rate equal to (), then the probability that the fault-free component at istant t in the interval t become faulty is equal to:
• 1 – e-t
Probability property
Prob{there is a fault between t e t+t} =
= Prob{there is a fault before t+t/the component was fault-free at t} =
= Prob{there is a faul before t+t and the component was fault-free at t} Prob{the component was fault-free at t}
= Prob{there is a fault before t+t} Prob{there is a fault before t} =
Prob{the component was fault-free at t}
= (1 – e-(t+t)) (1 – e-t) 1 – e-(t+t) 1 + e-t = e-t e-t
Probability property
= e-t – e-(t+t) = e-t
= e-t _ e-(t+t) = 1 e-t
e-t e-t
If we expand the exponential part we have the
following series:
1 – e-t = 1 1 + (t) + (t)2 + … 2!
t (t)2 … 2!
For value of t << 1, we have the following good approximation:
1 – e-t t
TMR reliability evaluation: reduced states diagram
3e2,1
G
2e+v
3,1
v
State (3,1) (1,1,1,1)
State (2,1) (0,1,1,1) +
(1,0,1,1) + (1,1,0,1)
State (G) all the other states
Transition probability (in the interval between t and t+t): from state (3,1) to state (2,1) -> 3et ; from state (3,1) to state (G) -> vt ;from state(2,1) to state (G) -> 2et+vt .
TMR reliability evaluation
Transition probability (in the interval between t and t+t): from state (3,1) to state (2,1) -> 3et ; from state (3,1) to state (G) -> vt ;from state(2,1) to state (G) -> 2et+vt .
TMR reliability evaluation
Given the Markov process properties, i.e.the probability of being in any given state, s, at some time, t+t depends
both:– the probability that the system was in a state from which it could transit to
state state s given that the transition occurs during t – the probability that the system was in state s at instant t and there was no
event in the interval time t we have that
P(3,1) (t+t) = (1 3e t v t) P(3,1) (t)
P(2,1) (t+t) = 3e t P(3,1) (t) + (1 2e t v t) P(2,1) (t)
P(G) (t+t) = v t P(3,1) (t) + (2e t + v t) P(2,1) (t) + P(G) (t)
TMR reliability evaluation
With algebric operations:
t 0
P(3,1) (t+t) P(3,1) (t) = (3e + v) P(3,1) (t) = d P(3,1) (t)
t dt
t 0
P(2,1) (t+t) P(2,1) (t) = 3e P(3,1) (t) (2e + v) P(2,1) (t) = d P(2,1) (t)
t dt
t 0
P(G) (t+t) P(G) (t) = v P(3,1) (t) + (2e + v) P(2,1) (t) = d P(G) (t)
t dt
TMR reliability evaluation
i.e:P'3,1 (t) = (3e + v )P3,1 (t)P'2,1 (t) = 3e P3,1 (t) (2e + v )P2,1 (t)P'G (t) = v P3,1 (t) + (2e + v )P2,1 (t)
That in matrix notation can be expressed as:
(t) = (t) Q(t)
dt
(P'3,1 P'2,1 P'G) = (P3,1 P2,1 PG) * Q
TMR reliability evaluation
the reliability is the probability of being in any fault-free state, i.e, in this case of being in state (3,1) or (2,1).
R(t) = P3,1 (t) + P2,1 (t) = 1 PG (t)
with the initial conditionP3,1(0) = 1
aaTMR reliability evaluation
where: (3e+v) 3e v
Q = 0 (2e+v) (2e+v)
0 0 0
P = Q + I Q = P I
1(3e+v) 3e v
P = 0 1(2e+v) (2e+v)
0 0 1
Properties of Laplace’s transformation
Markov Processes for maintenable systems
Two kind of events:- fault of a component (module or voter)- repair of the system (of a module or the voter or both)
Hypothesis: the maintenance process is exponentially distributed with repair rate equal to
3e
2,1
G
2e+v
3,1
v
Availability evaluation of TMR system
3e
2,1
G
2e+v
3,1
v
P3,1(t) + P2,1(t) + PG(t) = 1 P3,1(0) = 1
P’3,1(t) = (3e + v ) P3,1(t) + P2,1(t) + PG(t)
P’2,1(t) = 3e P3,1(t) (2e + v + ) P2,1(t)
P’G(t) = v P3,1(t) + (2e + v) P2,1(t) PG(t)
d(t) = (t) Q(t) dt
i.e. (P'3,1 P'2,1 P'G) = (P3,1 P2,1 PG) * Q
Availability evaluation of TMR system
(3e+v) 3e v
Q
= (2e+v+
)
(2e+v)
0
Q = P I P = Q + I
1 (3e+v) 3e v
P
= 1
(2e+v+)(2e+v)
0 1
Istantaneous Availability evaluation of TMR system
the Istantaneous Availability is the probability of being in any fault-free state, i.e, in this case of being in state (3,1) or (2,1).
A(t) = P3,1 (t) + P2,1 (t) = 1 PG (t)
with the initial conditionP3,1(0) = 1
Limiting or steady state Availability evaluation of TMR system
P3,1(t) + P2,1(t) + PG(t) = 1 P3,1(0) = 1
with t we have thatP’(t) = 0
P’3,1(t) = 0 = (3e + v ) P3,1(t) + P2,1(t) + PG(t)
P’2,1(t) = 0 = 3e P3,1(t) (2e + v + ) P2,1(t)
P’G(t) = 0 = v P3,1(t) + (2e + v) P2,1(t) PG(t)
Limiting or steady state Availability evaluation of TMR system
P3,1(t) + P2,1(t) + PG(t) = 1 P3,1(0) = 1
with t we have thatP’(t) = 0 and P(t) = P
P’3,1(t) = 0 = (3e + v ) P3,1 + P2,1 + PG
P’2,1(t) = 0 = 3e P3,1 (2e + v + ) P2,1
P’G(t) = 0 = v P3,1 + (2e + v) P2,1(t) PG
Limiting or steady state Availability evaluation of TMR system
P3,1 + P2,1 + PG= 1
P3,1 =
P2,1 =
PG =
Safety evaluation
Four kind of events:- fault of a component (module or voter) correcttly diagnoticated - fault of a component not detected- correct repair of the system (of a module or the voter or both)- uncorrect repair of the system
fault rate
repair rateCg fault detection coverage factor
Cr correct repair coverage factor
Single component Safety evaluation
Cg
GS
GI
(1-Cr)
0
(1-Cg)
Cr
0 fault free state
GS safe fault state
GI unsafe fault state
Hypothesis:- if a fault is not well diagnosticated then
it will never be detected
- If a reconfiguration is not wel done
then it will be never detected
Therefore GI is an absorbing state
Single component Safety evaluation
Safety = probability to stay in state 0 or GS
PO(t) + PGS(t) = 1 PGI(t) PO(0) = 1
P’O(t) = ((1 Cg) + Cg)) PO(t) + Cr PGS(t)
P’GS(t) = Cg PO(t) ((1 Cr)+ Cr) PGS(t)
P’GI(t) = (1 Cg) PO(t) + ((1 Cr)PGS(t)
Single component Safety evaluation
Cg (1-Cg)
Q
=
Cr (1-Cr)
0 0 0
d(t) = (t) Q(t) dt
i.e. (P'3,1 P'2,1 P'G) = (P3,1 P2,1 PG) * Q
Performability
Index taking into account even the performance of the system given its state (related to the number of fault-free components)
f(z(t))
t
fmin
S1
S2
We will discuss it when we will know how evaluate the performance of a system
I OC21
C23
C22
C111
C12
C112
C11
C1 C2
R 11 = R 111 . R 112
R 1 = 1 - (1 - R 11) . (1 - R 12) R 2 = 1 - (1 - R 21) . (1 - R 22) . (1 - R 23)
R = R 1 . R 2
Reliability/Availability/Safety evaluation of complex system