Negative Faults |
|
Marry, sir, they praise me and make an ass of me; |
now my foes tell me plainly I am an ass: so that by |
my foes, sir, I profit in the knowledge of myself, |
and by my friends, I am abused: so that, |
conclusions to be as kisses, if your four negatives |
make your two affirmatives, why then, the worse for |
my friends and the better for my foes. |
Shakespeare |
|
Suppose the logic for opening a certain valve is as shown below. |
|
|
|
The basic events denoted by C and E represent sensed values, at least one of which must be valid and in a certain range to enable the valve to be commanded open via the left branch of the logic. The events B and D represent the validities of the sensed values respectively. The left branch also requires that at least two of the four Aj values must be true. We represent this by the symbol A. If neither of the signals C and E are valid (meaning B and D are both false), then the right hand branch can enable the valve to be commanded open if A and some other condition F are true. Ordinarily, in a non-failed state in which the valve should be commanded open, all of the events A through F are true. |
|
We wish to construct a fault tree for the possibility of the valve not being commanded open when it should. For this purpose we can simply negate the top event |
|
|
|
using Boolean logic to give |
|
|
|
Now, since B and D are validity events, which typically have probabilities very close to 1 (such as 0.99999), they could be omitted from the expression without significantly affecting the results. Thus we could construct the fault tree based on the Boolean expression |
|
|
|
It’s worth noting that, in the logical sense, once we have deleted B and D from those 3-factor terms, leaving the 2-factor terms dc, ec, and be (using lower case for negated elements), we might logically apply the absorptive property and reduce the last term in the above expression to just bdf. (Another alternative would have been to replace B with 1−b, etc.) However, those 3-factor terms could all be of comparable magnitude, so it’s legitimate to retain them in the probability calculation, even though if f is small they will be small adjustments to the corresponding 2-factor terms. |
|
Recall that event A consists of any two of the four events A1, A2, A3, A4, so we have |
|
|
|
and the application of Boolean logic then gives the negation |
|
|
|
which shows that the negation of A is any three of the four negations of Aj. Combining these results, we arrive at the fault tree shown below. |
|
|
|
For compoleteness we’ve shown the B and D inputs, although (as discussed above) those would not be significant contributors, because they represent the probabilities of signals being valid, which is typically close to 1. |
|