Abstract The fault tree methodology is appropriate when the component level failures (basic events) occur independently One situation where the conditions of independence are not met occurs when secondary failure events appear in the fault tree structure. Guidelines for fault tree construction that have been utilized for many years encourage the inclusion of secondary failures along with primary failures and command faults in the representation of the failure logic. The resulting fault tree is an accurate representation of the logic but may produce inaccurate quantitative results for the probability and frequency of system failure if methodologies are used that rely on independence. This paper illustrates how inaccurate these quantitative results can be. Alternative approaches are developed by which fault trees of this type of structure can be analysed.
[1]
Colin Dunglinson,et al.
Interval Reliability for Initiating and Enabling Events
,
1983,
IEEE Transactions on Reliability.
[2]
John D. Andrews,et al.
Dependability analysis of systems with on-demand and active failure modes, using dynamic fault trees
,
2002,
IEEE Trans. Reliab..
[3]
Ernest J. Henley,et al.
Reliability engineering and risk assessment
,
1981
.
[4]
John Andrews,et al.
Reliability and Risk Assessment
,
1994
.
[5]
John Andrews,et al.
Maintenance modelling for computer-based systems
,
2001
.