Common-mode failures in redundancy systems

There can be no doubt that difficulties have been generally experienced in assessing the impact of common-mode failures (CMFs) on the reliability of safety systems involving redundancy. This certainly became clear in a review of the available literature carried out as part of the study of CMFs. Consequent to studying CMFs in the nuclear, aviation, and chemical industries, it was possible to generally define CMFs and to produce a comprehensive scheme of classification. The latter has been used in the analysis of data from these industries, concentrating on particular redundant nuclear safety and aircraft systems. It has been shown that design and maintenance errors are the predominant causes of CMFs. This is important since these reflect on the tasks and organizations that produce the redundancy systems. The large differences between nuclear safety and aircraft system CMF rates are also shown to be generally explicable and illuminating in connection with the means of preventing or reducing the probability of CMFs. These undoubtedly require serious consideration if the reliability of nuclear safety systems is not to be dominated by CMFs. The study reported has led to further work relating CMF control and modeling that is described elsewhere and is also still inmore » progress.« less