Time-Dependent System Reliability (Analytical)

In the RBDs and Analytical System Reliability chapter, different system configuration types were examined, as well as different methods for obtaining the system's reliability function analytically. Because the reliabilities in the problems presented were treated as probabilities (e.g., $$P(A)\,\!$$,  $${{R}_{i}}\,\!$$ ), the reliability values and equations presented were referred to as static (not time-dependent). Thus, in the prior chapter, the life distributions of the components were not incorporated in the process of calculating the system reliability. In this chapter, time dependency in the reliability function will be introduced. We will develop the models necessary to observe the reliability over the life of the system, instead of at just one point in time. In addition, performance measures such as failure rate, MTTF and warranty time will be estimated for the entire system. The methods of obtaining the reliability function analytically remain identical to the ones presented in the previous chapter, with the exception that the reliabilities will be functions of time. In other words, instead of dealing with $${{R}_{i}}\,\!$$, we will use  $${{R}_{i}}(t)\,\!$$. All examples in this chapter assume that no repairs are performed on the components. Repairable systems analysis will be introduced in a subsequent chapter.

Analytical Life Predictions
The analytical approach presented in the prior chapter involved the determination of a mathematical expression that describes the reliability of the system, expressed in terms of the reliabilities of its components. So far we have estimated only static system reliability (at a fixed time). For example, in the case of a system with three components in series, the system's reliability equation was given by:


 * $${{R}_{s}}={{R}_{1}}\cdot {{R}_{2}}\cdot {{R}_{3}} \ $$

The values of $${{R}_{1}}\,\!$$,  $${{R}_{2}}\,\!$$  and  $${{R}_{3}}\,\!$$  were given for a common time and the reliability of the system was estimated for that time. However, since the component failure characteristics can be described by distributions, the system reliability is actually time-dependent. In this case, the equation above can be rewritten as:


 * $${{R}_{s}}(t)={{R}_{1}}(t)\cdot {{R}_{2}}(t)\cdot {{R}_{3}}(t)$$

The reliability of the system for any mission time can now be estimated. Assuming a Weibull life distribution for each component, the first equation above can now be expressed in terms of each component's reliability function, or:


 * $${{R}_{s}}(t)={{e}^{-{{\left( \tfrac{t}{{{\eta }_{1}}} \right)}^}}}\cdot {{e}^{-{{\left( \tfrac{t}{{{\eta }_{2}}} \right)}^}}}\cdot {{e}^{-{{\left( \tfrac{t}{{{\eta }_{3}}} \right)}^}}}$$

In the same manner, any life distribution can be substituted into the system reliability equation. Suppose that the times-to-failure of the first component are described with a Weibull distribution, the times-to-failure of the second component with an exponential distribution and the times-to-failure of the third component with a normal distribution. Then the first equation above can be written as:


 * $${{R}_{s}}(t)={{e}^{-{{\left( \tfrac{t}{{{\eta }_{1}}} \right)}^}}}\cdot {{e}^{-{{\lambda }_{2}}t}}\cdot \left[ 1-\Phi \left( \frac{t-{{\mu }_{3}}} \right) \right]$$

It can be seen that the biggest challenge is in obtaining the system's reliability function in terms of component reliabilities, which has already been discussed in depth. Once this has been achieved, calculating the reliability of the system for any mission duration is just a matter of substituting the corresponding component reliability functions into the system reliability equation.

Advantages and Disadvantages
The primary advantage of the analytical solution is that it produces a mathematical expression that describes the reliability of the system. Once the system's reliability function has been determined, other calculations can then be performed to obtain metrics of interest for the system. Such calculations include:


 * Determination of the system's pdf.


 * Determination of warranty periods.


 * Determination of the system's failure rate.


 * Determination of the system's MTTF.

In addition, optimization and reliability allocation techniques can be used to aid engineers in their design improvement efforts. Another advantage in using analytical techniques is the ability to perform static calculations and analyze systems with a mixture of static and time-dependent components. Finally, the reliability importance of components over time can be calculated with this methodology.

The biggest disadvantage of the analytical method is that formulations can become very complicated. The more complicated a system is, the larger and more difficult it will be to analytically formulate an expression for the system's reliability. For particularly detailed systems this process can be quite time-consuming, even with the use of computers. Furthermore, when the maintainability of the system or some of its components must be taken into consideration, analytical solutions become intractable. In these situations, the use of simulation methods may be more advantageous than attempting to develop a solution analytically. Simulation methods are presented in later chapters.

Looking at a Simple "Complex" System Analytically
The complexity involved in an analytical solution can be best illustrated by looking at the simple complex system with 15 components, as shown below.



The system reliability for this system (computed using BlockSim) is shown next. The first solution is provided using BlockSim's symbolic solution. In symbolic mode, BlockSim breaks the equation into segments, identified by tokens, that need to be substituted into the final system equation for a complete solution. This creates algebraic solutions that are more compact than if the substitutions were made.


 * $$\begin{align}

{{R}_{System}}= & D2\cdot D3\cdot {{R}_{L}} \\ D3= & +{{R}_{K}}\cdot IK \\ IK= & +{{R}_{I}}\cdot {{R}_{J}}\cdot {{R}_{O}}\cdot {{R}_{G}}\cdot {{R}_{F}}\cdot {{R}_{H}}-{{R}_{I}}\cdot {{R}_{J}}\cdot {{R}_{O}}\cdot {{R}_{G}}\cdot {{R}_{F}} \\ & -{{R}_{I}}\cdot {{R}_{J}}\cdot {{R}_{F}}\cdot {{R}_{H}}-{{R}_{I}}\cdot {{R}_{O}}\cdot {{R}_{F}}\cdot {{R}_{H}} \\ & -{{R}_{J}}\cdot {{R}_{G}}\cdot {{R}_{F}}\cdot {{R}_{H}}+{{R}_{I}}\cdot {{R}_{O}}\cdot {{R}_{F}} \\ & +{{R}_{I}}\cdot {{R}_{F}}\cdot {{R}_{H}}+{{R}_{J}}\cdot {{R}_{F}}\cdot {{R}_{H}}+{{R}_{J}}\cdot {{R}_{G}} \\ D2 = & +{{R}_{A}}\cdot {{R}_{E}}\cdot IE \\ IE = & -D1\cdot {{R}_{M}}\cdot {{R}_{N}}+{{R}_{M}}\cdot {{R}_{N}}+D1 \\ D1 = & +{{R}_{D}}\cdot ID \\ ID = & -{{R}_{B}}\cdot {{R}_{C}}+{{R}_{B}}+{{R}_{C}} \end{align}$$

Substituting the terms yields:


 * $$\begin{align}

{{R}_{System}}= & {{R}_{A}}\cdot {{R}_{E}}\cdot {{R}_{L}}\cdot {{R}_{K}} \\ & \cdot \{({{R}_{D}}\cdot {{R}_{B}}\cdot {{R}_{C}}+{{R}_{B}}+{{R}_{C}})\cdot {{R}_{M}}\cdot {{R}_{N}} \\ & +{{R}_{M}}\cdot {{R}_{N}}-{{R}_{D}}\cdot {{R}_{B}}\cdot {{R}_{C}}+{{R}_{B}}+{{R}_{C}}\} \\ & \cdot \{{{R}_{I}}\cdot {{R}_{J}}\cdot {{R}_{O}}\cdot {{R}_{G}}\cdot {{R}_{F}}\cdot {{R}_{H}}-{{R}_{I}}\cdot {{R}_{J}}\cdot {{R}_{O}}\cdot {{R}_{G}}\cdot {{R}_{F}} \\ & -{{R}_{I}}\cdot {{R}_{J}}\cdot {{R}_{F}}\cdot {{R}_{H}}-{{R}_{I}}\cdot {{R}_{O}}\cdot {{R}_{F}}\cdot {{R}_{H}} \\ & -{{R}_{J}}\cdot {{R}_{G}}\cdot {{R}_{F}}\cdot {{R}_{H}}+{{R}_{I}}\cdot {{R}_{O}}\cdot {{R}_{F}} \\ & +{{R}_{I}}\cdot {{R}_{F}}\cdot {{R}_{H}}+{{R}_{J}}\cdot {{R}_{F}}\cdot {{R}_{H}}+{{R}_{J}}\cdot {{R}_{G}}\} \end{align}$$

BlockSim's automatic algebraic simplification would yield the following format for the above solution:


 * $$\begin{align}

{{R}_{System}}= & (({{R}_{A}}\cdot {{R}_{E}}(-({{R}_{D}}(-{{R}_{B}}\cdot {{R}_{C}}+{{R}_{B}}+{{R}_{C}})){{R}_{M}}\cdot {{R}_{N}} \\ & +{{R}_{M}}\cdot {{R}_{N}} \\ & +({{R}_{D}}(-{{R}_{B}}\cdot {{R}_{C}}+{{R}_{B}}+{{R}_{C}})))) \\ & ({{R}_{K}}({{R}_{I}}\cdot {{R}_{J}}\cdot {{R}_{O}}\cdot {{R}_{G}}\cdot {{R}_{F}}\cdot {{R}_{H}} \\ & -{{R}_{I}}\cdot {{R}_{J}}\cdot {{R}_{O}}\cdot {{R}_{G}}\cdot {{R}_{F}}-{{R}_{I}}\cdot {{R}_{J}}\cdot {{R}_{F}}\cdot {{R}_{H}} \\ & -{{R}_{I}}\cdot {{R}_{O}}\cdot {{R}_{F}}\cdot {{R}_{H}}-{{R}_{J}}\cdot {{R}_{G}}\cdot {{R}_{F}}\cdot {{R}_{H}} \\ & +RI\cdot {{R}_{O}}\cdot {{R}_{F}} \\ & +{{R}_{I}}\cdot {{R}_{F}}\cdot {{R}_{H}}+{{R}_{J}}\cdot {{R}_{F}}\cdot {{R}_{H}}+{{R}_{J}}\cdot {{R}_{G}})){{R}_{L}}) \ \end{align}$$

In this equation, each $${{R}_{i}}\,\!$$  represents the reliability function of a block. For example, if $${{R}_{A}}\,\!$$  has a Weibull distribution, then each  $${{R}_{A}}(t)={{e}^{-{{\left( \tfrac{t}{{{\eta }_{A}}} \right)}^}}}$$  and so forth. Substitution of each component's reliability function in the last $${{R}_{System}}\,\!$$ equation above will result in an analytical expression for the system reliability as a function of time, or $${{R}_{s}}(t)\,\!$$, which is the same as  $$(1-cd{{f}_{System}}).\,\!$$

Obtaining Other Functions of Interest
Once the system reliability equation (or the cumulative density function, cdf) has been determined, other functions and metrics of interest can be derived.

Consider the following simple system:



Furthermore, assume that component 1 follows an exponential distribution with a mean of 10,000 ($$\mu =10,000,\,\!$$  $$\lambda =1/10,000)\,\!$$  and component 2 follows a Weibull distribution with  $$\beta =6\,\!$$  and  $$\eta =10,000\,\!$$. The reliability equation of this system is:


 * $$\begin{align}

{{R}_{S}}(t)= & {{R}_{1}}(t)\cdot {{R}_{2}}(t) \\ = & {{e}^{-\lambda t}}\cdot {{e}^{-{{\left( \tfrac{t}{\eta } \right)}^{\beta }}}} \\ = & {{e}^{-\tfrac{1}{10,000}t}}\cdot {{e}^{-{{\left( \tfrac{t}{10,000} \right)}^{6}}}} \ \end{align}$$

The system cdf is:


 * $$\begin{align}

{{F}_{S}}(t)= & 1-({{R}_{1}}(t)\cdot {{R}_{2}}(t)) \\ = & 1-\left( {{e}^{-\lambda t}}\cdot {{e}^{-{{\left( \tfrac{t}{\eta } \right)}^{\beta }}}} \right) \\ = & 1-\left( {{e}^{-\tfrac{1}{10,000}t}}\cdot {{e}^{-{{\left( \tfrac{t}{10,000} \right)}^{6}}}} \right) \end{align}$$

System pdf
Once the equation for the reliability of the system has been obtained, the system's pdf can be determined. The pdf is the derivative of the reliability function with respect to time or:


 * $${{f}_{s}}(t)=-\frac{d({{R}_{s}}(t))}{dt} \ $$

For the system shown above, this is:


 * $$\begin{align}

{{f}_{s}}(t)= & -\frac{d}{dt}\left( {{e}^{-\tfrac{1}{10,000}t}}\cdot {{e}^{-{{\left( \tfrac{t}{10,000} \right)}^{6}}}} \right) \\ = & -\frac{d}{dt}\left( {{e}^{-\tfrac{1}{10,000}t}} \right)\cdot {{e}^{-{{\left( \tfrac{t}{10,000} \right)}^{6}}}} \\ & +{{e}^{-\tfrac{1}{10,000}t}}\left[ -\frac{d}{dt}\left( {{e}^{-{{\left( \tfrac{t}{10,000} \right)}^{6}}}} \right) \right] \\ = & {{f}_{1}}(t)\cdot {{R}_{2}}(t)+{{f}_{2}}(t)\cdot {{R}_{1}}(t) \end{align}$$

The next figure shows a plot of the pdf equation.



Conditional Reliability
Conditional reliability is the probability of a system successfully completing another mission following the successful completion of a previous mission. The time of the previous mission and the time for the mission to be undertaken must be taken into account for conditional reliability calculations. The system's conditional reliability function is given by:


 * $$R(T,t)=\frac{R(T+t)}{R(T)}$$

Equation above gives the reliability for a new mission of duration $$t$$  having already accumulated  $$T\,\!$$  hours of operation up to the start of this new mission. The system is evaluated to assure that it will start the next mission successfully.

For the simple two-component system, the reliability for mission of $$t=1,000\,\!$$  hours, having an age of  $$T=500\,\!$$  hours, is:


 * $$\begin{align}

{{R}_{S}}(T=500,t=1000)= & \frac{R(T+t)}{R(T)} \\ = & \frac{R(1500)}{R(500)} \\ = & \frac{{{e}^{-\tfrac{1500}{10,000}}}\cdot {{e}^{-{{\left( \tfrac{1500}{10,000} \right)}^{6}}}}}{{{e}^{-\tfrac{500}{10,000}t}}\cdot {{e}^{-{{\left( \tfrac{500}{10,000} \right)}^{6}}}}} \\ = & 0.9048=90.48% \end{align}$$

Conditional Reliability for Components
Now in this formulation, it was assumed that the accumulated age was equivalent for both units. That is, both started life at zero and aged to 500. It is possible to consider an individual component that has already accumulated some age (used component) in the same formulation. To illustrate this, assume that component 2 started life with an age of T = 100. Then the reliability equation of the system, as given in $${{R}_{S}}(t)= {{R}_{1}}(t)\cdot {{R}_{2}}(t)$$, would need to be modified to include a conditional term for 2, or:


 * $${{R}_{S}}(t)={{R}_{1}}(t)\cdot \frac{{{R}_{2}}({{T}_{2}}+t)}{{{R}_{2}}({{T}_{2}})} \ $$

In BlockSim, the start age input box may be used to specify a starting age greater than zero.

System Failure Rate
Once the distribution of the system has been determined, the failure rate can also be obtained by dividing the pdf by the reliability function:


 * $${{\lambda }_{s}}\left( t \right)=\frac{{{f}_{s}}\left( t \right)}{{{R}_{s}}\left( t \right)}  \ $$

For the simple two-component system:


 * $$\begin{align}

{{\lambda }_{s}}\left( t \right)= & \frac{-\tfrac{d}{dt}\left( {{e}^{-\tfrac{1}{10,000}t}}\cdot {{e}^{-{{\left( \tfrac{t}{10,000} \right)}^{6}}}} \right)}{{{e}^{-\tfrac{1}{10,000}t}}\cdot {{e}^{-{{\left( \tfrac{t}{10,000} \right)}^{6}}}}} \\ = & \frac{-\tfrac{d}{dt}\left( {{e}^{-\tfrac{1}{10,000}t}} \right)}+\frac{-\tfrac{d}{dt}\left( {{e}^{-{{\left( \tfrac{t}{10,000} \right)}^{6}}}} \right)} \\ = & \frac+\frac \\ = & {{\lambda }_{1}}+{{\lambda }_{2}}  \ \end{align}$$

The following figure shows a plot of the equation.



BlockSim uses numerical methods to estimate the failure rate. It should be pointed out that as $$t\to \infty \,\!$$, numerical evaluation of the first equation above is constrained by machine numerical precision. That is, there are limits as to how large $$t\,\!$$  can get before floating point problems arise. For example, at $$t=5,000,000\,\!$$  both numerator and denominator will tend to zero (e.g.,  $${{e}^{-\tfrac{5,000,000}{10,000}}}=7.1245\times {{10}^{-218}}\,\!$$ ). As these numbers become very small they will start looking like a zero to the computer, or cause a floating point error, resulting in a $$\tfrac{0}{0}$$  or  $$\tfrac{X}{0}\,\!$$  operation. In these cases, BlockSim will return a value of "$$N/A\,\!$$" for the result. Obviously, this does not create any practical constraints.

System Mean Life (Mean Time To Failure)
The mean life (or mean time to failure, MTTF) can be obtained by integrating the system reliability function from zero to infinity:


 * $$MTTF=\int_{0}^{\infty }{{R}_{s}}\left( t \right)dt  \ $$

The mean time is a performance index and does not provide any information about the behavior of the failure distribution of the system.

For the simple two-component system:


 * $$\begin{align}

MTTF= & \int_{0}^{\infty }\left( {{e}^{-\tfrac{1}{10,000}t}}\cdot {{e}^{-{{\left( \tfrac{t}{10,000} \right)}^{6}}}} \right)dt \\ = & 5978.9 \end{align}$$

Warranty Period and BX Life
Sometimes it is desirable to know the time value associated with a certain reliability. Warranty periods are often calculated by determining what percentage of the failure population can be covered financially and estimating the time at which this portion of the population will fail. Similarly, engineering specifications may call for a certain BX life, which also represents a time period during which a certain proportion of the population will fail. For example, the B10 life is the time in which 10% of the population will fail. This is obtained by setting $${{R}_{S}}(t)\,\!$$  to the desired value and solving for  $$t.\,\!$$

For the simple two-component system:


 * $${{R}_{s}}\left( t \right)={{e}^{-\tfrac{1}{10,000}t}}\cdot {{e}^{-{{\left( \tfrac{t}{10,000} \right)}^{6}}}}$$

To compute the time by which reliability would be equal to 90%, equation above is recast as follows and solved for $$t.\,\!$$


 * $$0.90={{e}^{-\tfrac{1}{10,000}t}}\cdot {{e}^{-{{\left( \tfrac{t}{10,000} \right)}^{6}}}}$$

In this case, $$t=1053.59\,\!$$. Equivalently, the B10 life for this system is also 1053.59. Except for some trivial cases, a closed form solution for $$t\,\!$$  cannot be obtained. Thus, it is necessary to solve for $$t\,\!$$  using numerical methods. BlockSim uses numerical methods.

Examples
Components in Series

Components in Parallel

Approximating the System cdf
In many cases, it is valuable to fit a distribution that represents the system's times-to-failure. This can be useful when the system is part of a larger assembly and may be used for repeated calculations or in calculations for other systems. In cases such as this, it can be useful to characterize the system's behavior by fitting a distribution to the overall system and calculating parameters for this distribution. This is equivalent to fitting a single distribution to describe $${{R}_{S}}(t)\,\!$$. In essence, it is like reducing the entire system to a component in order to simplify calculations.

For the system shown below:


 * $${{R}_{S}}(t)={{e}^{-\tfrac{1}{10,000}t}}\cdot {{e}^{-{{\left( \tfrac{t}{10,000} \right)}^{6}}}}$$

To compute an approximate reliability function for this system, $${{R}_{A}}(t)\simeq {{R}_{S}}(t)$$, one would compute  $$n$$  pairs of reliability and time values and then fit a single distribution to the data, or:


 * $$\begin{align}

{{R}_{S}}(t= & 10,396.7)=10% \\ {{R}_{S}}(t= & 9,361.9)=20% \\ & ... \\ {{R}_{S}}(t= & 1,053.6)=90% \end{align}$$

A single distribution, $${{R}_{A}}(t)\,\!$$, that approximates  $${{R}_{S}}(t)\,\!$$  can now be computed from these pairs using life data analysis methods. If using the Weibull++ software, one would enter the values as free-form data.

Duty Cycle
Components of a system may not operate continuously during a system's mission, or may be subjected to loads greater or lesser than the rated loads during system operation. To model this, a factor called the Duty Cycle ( $${{d}_{c}}\,\!$$ ) is used. The duty cycle may also be used to account for changes in environmental stress, such as temperature changes, that may effect the operation of a component. The duty cycle is a positive value, with a default value of 1 representing continuous operation at rated load, and any values other than 1 representing other load values with respect to the rated load value (or total operating time). A duty cycle value higher than 1 indicates a load in excess of the rated value. A duty cycle value lower than 1 indicates that the component is operating at a load lower than the rated load or not operating continuously during the system's mission. For instance, a duty cycle of 0.5 may be used for a component that operates only half of the time during the system's mission.

The reliability metrics for a component with a duty cycle are calculated as follows. Let $${{d}_{c}}\,\!$$  represent the duty cycle during a particular mission of the component,  $$t\,\!$$  represent the mission time and  $${t}'\,\!$$  represent the accumulated age. Then:


 * $${t}'={{d}_{c}}\times t$$

The reliability equation for the component is:


 * $$R({t}')=R({{d}_{c}}\times t)$$

The component pdf is:


 * $$f({t}')=-\frac{d(R({t}'))}{dt}=-\frac{d(R({{d}_{c}}\times t))}{dt}={{d}_{c}}f({{d}_{c}}\times t)$$

The failure rate of the component is:


 * $$\lambda ({t}')=\frac{f({t}')}{R({t}')}=\frac{{{d}_{c}}f({{d}_{c}}\times t)}{R({{d}_{c}}\times t)}={{d}_{c}}\lambda ({{d}_{c}}\times t)$$

Load Sharing
As presented in earlier chapters, a reliability block diagram (RBD) allows you to graphically represent how the components within a system are reliability-wise connected. In most cases, independence is assumed across the components within the system. For example, the failure of component A does not affect the failure of component B. However, if a system consists of components that are sharing a load, then the assumption of independence no longer holds true.

If one component fails, then the component(s) that are still operating will have to assume the failed unit's portion of the load. Therefore, the reliabilities of the surviving unit(s) will change. Calculating the system reliability is no longer an easy proposition. In the case of load sharing components, the change of the failure distributions of the surviving components must be known in order to determine the system's reliability.

To illustrate this, consider a system of two units connected reliability-wise in parallel as shown below.

Assume that the units must supply an output of 8 volts and that if both units are operational, each unit is to supply 50% of the total output. If one of the units fails, then the surviving unit supplies 100%. Furthermore, assume that having to supply the entire load has a negative impact on the reliability characteristics of the surviving unit. Because the reliability characteristics of the unit change based on whether both or only one is operating, a life distribution along with a life-stress relationship (as discussed in A Brief Introduction to Life-Stress Relationships) will be needed to model each component.

To illustrate the steps needed, we will create the model starting from raw data. Assume that a total of 20 units were tested to failure at 7, 10 and 15 volts. The test data set is presented in the next table.

For this example, Units 1 and 2 are the same component. Therefore, only one set of data was collected. However, it is possible that the load sharing components in a system may not be the same. If that were the case, data would need to be collected for each component.

The data set was analyzed using ReliaSoft's ALTA software (as shown in the figure below) with the Inverse Power Law as the underlying life-stress relationship and Weibull as the life distribution.



The estimated model parameters, $$\beta \,\!$$,  $$K\,\!$$  and  $$n\,\!$$ , are shown next.


 * $$\begin{align}

\beta = & 1.9239 \\ K= & 3.2387\times {{10}^{-7}} \\ n= & 3.4226 \end{align}$$

Or:


 * $$\begin{align}

{{R}_{1}}(t,{{S}_{1}})= & {{e}^{-{{\left( KS_{1}^{n}t \right)}^{\beta }}}} \\ = & {{e}^{-{{\left( 3.2387\times {{10}^{-7}}S_{1}^{3.4226}t \right)}^{1.9239}}}} \ \end{align}$$.


 * $${{f}_{1}}(t,{{S}_{1}})=\beta KS_{1}^{n}{{\left( KS_{1}^{n}t \right)}^{\beta -1}}{{e}^{-{{\left( KS_{1}^{n}t \right)}^{\beta }}}} \ $$

And for this case:


 * $$\begin{align}

{{R}_{1}}(t,{{S}_{1}})= & {{R}_{2}}(t,{{S}_{2}}) \\ {{f}_{1}}(t,{{S}_{1}})= & {{f}_{2}}(t,{{S}_{2}}) \end{align}$$

The figure below shows a plot of $${{R}_{1}}(t,{{S}_{1}})={{e}^{-{{\left( KS_{1}^{n}t \right)}^{\beta }}}} = {{e}^{-{{\left( 3.2387\times {{10}^{-7}}S_{1}^{3.4226}t \right)}^{1.9239}}}}\ $$.



Now that the failure properties have been determined using the test data, the reliability of the system at some time, $$t\,\!$$, can be calculated using the following equation:


 * $$\begin{align}

R(t,S)= & {{R}_{1}}(t,{{S}_{1}})\cdot {{R}_{2}}(t,{{S}_{2}}) \\ & +\underset{o}{\overset{t}{\mathop \int }}\,{{f}_{1}}\left( x,{{S}_{1}} \right)\cdot {{R}_{2}}(x,{{S}_{2}})\cdot \left( \frac{{{R}_{2}}({{t}_{1e}}+(t-x),S)}{{{R}_{2}}({{t}_{1e}},S)} \right)dx \\ & +\underset{o}{\overset{t}{\mathop \int }}\,{{f}_{2}}\left( x,{{S}_{2}} \right)\cdot {{R}_{1}}(x,{{S}_{1}})\cdot \left( \frac{{{R}_{1}}({{t}_{2e}}+(t-x),S)}{{{R}_{1}}({{t}_{2e}},S)} \right)dx \end{align}$$

where:


 * $$\begin{align}

{{S}_{1}}= & {{P}_{1}}S \\ {{S}_{2}}= & {{P}_{2}}S \end{align}$$

And:


 * $$S\,\!$$ is the total load (or required output).


 * $${{P}_{1}}\,\!$$ and  $${{P}_{2}}$$  are the portion of the total load that each unit supports when both units are operational.  In this case,  $${{P}_{1}}={{P}_{2}}=0.5=50%.\,\!$$


 * $${{S}_{1}}\,\!$$ and  $${{S}_{2}}$$  represent the portions of the load that Unit 1 and Unit 2 must support when both units are operational.


 * $${{t}_}\,\!$$ is the equivalent operating time for Unit 1 if it had been operating at  $$S$$  instead of  $${{S}_{1}}\,\!$$ .  A graphical representation of the equivalent time is shown in the following figure, where the curve marked by L represents the low stress (load) and the curve marked by H represents the high stress (load).




 * $${{t}_{1e}}\,\!$$ can be calculated by:


 * $$\begin{align}

{{R}_{1}}(t)= & {{R}_{1}}({{t}_{1e}}) \\ {{e}^{-{{(tKS_{1}^{n})}^{\beta }}}}= & {{e}^{-{{({{t}_{1e}}K{{S}^{n}})}^{\beta }}}} \\ tS_{1}^{n}= & {{t}_{1e}}{{S}^{n}} \\ {{t}_{1e}}= & t{{\left( \frac{{{S}_{1}}}{S} \right)}^{n}},\text{    }{{S}_{1}}={{P}_{1}}S \\ \therefore & {{t}_{1e}}=tP_{1}^{n} \end{align}$$


 * $${{t}_{2e}}\,\!$$ can be calculated the same way, or:


 * $$\begin{align}

{{R}_{2}}(t)= & {{R}_{2}}({{t}_{2e}}) \\ \therefore & {{t}_{2e}}=tP_{2}^{n} \end{align}$$

In this example, the reliability equations for Unit 1 and Unit 2 are the same since they are the same type of component and demonstrate the same failure properties. In addition, the total output is divided equally between the two units (when both units are operating), so $${{t}_{1e}}\,\!$$  and  $${{t}_{2e}}\,\!$$  will also be the same.

The next step is to determine the reliability of the system after 8,760 hours, $$R(t=8,760)\,\!$$. Using
 * $$\begin{align}

R(t,S)= & {{R}_{1}}(t,{{S}_{1}})\cdot {{R}_{2}}(t,{{S}_{2}}) \\ & +\underset{o}{\overset{t}{\mathop \int }}\,{{f}_{1}}\left( x,{{S}_{1}} \right)\cdot {{R}_{2}}(x,{{S}_{2}})\cdot \left( \frac{{{R}_{2}}({{t}_{1e}}+(t-x),S)}{{{R}_{2}}({{t}_{1e}},S)} \right)dx \\ & +\underset{o}{\overset{t}{\mathop \int }}\,{{f}_{2}}\left( x,{{S}_{2}} \right)\cdot {{R}_{1}}(x,{{S}_{1}})\cdot \left( \frac{{{R}_{1}}({{t}_{2e}}+(t-x),S)}{{{R}_{1}}({{t}_{2e}},S)} \right)dx \end{align}$$

the system reliability is found to be:


 * $$\begin{align}

R(t=8760)= & 0.8567 \\ = & 85.67% \end{align}$$

Load Sharing in BlockSim
BlockSim uses this formulation when computing reliabilities of units in a load sharing configuration. When using the System Reliability Equation window, BlockSim returns a single token for the reliability of units in a load sharing configuration (as well as in the case of standby redundancy, discussed in the next section). As an example, consider the following RBD with Unit 1 in series with a container that includes two load sharing units.



BlockSim will return the system equation as:


 * $${{R}_{System}}=+{{R}_{LS}}\cdot {{R}_{1}}$$

where $${{R}_{LS}}\,\!$$  implies a form similar to:


 * $$\begin{align}

R(t,S)= & {{R}_{1}}(t,{{S}_{1}})\cdot {{R}_{2}}(t,{{S}_{2}}) \\ & +\underset{o}{\overset{t}{\mathop \int }}\,{{f}_{1}}\left( x,{{S}_{1}} \right)\cdot {{R}_{2}}(x,{{S}_{2}})\cdot \left( \frac{{{R}_{2}}({{t}_{1e}}+(t-x),S)}{{{R}_{2}}({{t}_{1e}},S)} \right)dx \\ & +\underset{o}{\overset{t}{\mathop \int }}\,{{f}_{2}}\left( x,{{S}_{2}} \right)\cdot {{R}_{1}}(x,{{S}_{1}})\cdot \left( \frac{{{R}_{1}}({{t}_{2e}}+(t-x),S)}{{{R}_{1}}({{t}_{2e}},S)} \right)dx \end{align}$$

BlockSim allows for k-out-of-n units in a load sharing configuration.

Standby Components
In the previous section, the case of a system with load sharing components was presented. This is a form of redundancy with dependent components. That is, the failure of one component affects the failure of the other(s). This section presents another form of redundancy: standby redundancy. In standby redundancy the redundant components are set to be under a lighter load condition (or no load) while not needed and under the operating load when they are activated.

In standby redundancy the components are set to have two states: an active state and a standby state. Components in standby redundancy have two failure distributions, one for each state. When in the standby state, they have a quiescent (or dormant) failure distribution and when operating, they have an active failure distribution.

In the case that both quiescent and active failure distributions are the same, the units are in a simple parallel configuration (also called a hot standby configuration). When the rate of failure of the standby component is lower in quiescent mode than in active mode, that is called a warm standby configuration. When the rate of failure of the standby component is zero in quiescent mode (i.e., the component cannot fail when in standby), that is called a cold standby configuration.

Simple Standby Configuration
Consider two components in a standby configuration. Component 1 is the active component with a Weibull failure distribution with parameters $$\beta = 1.5\,\!$$ and  $$\eta  = 1,000 \,\!$$. Component 2 is the standby component. When Component 2 is operating, it also has a Weibull failure distribution with $$\beta  = 1.5\,\!$$ and  $$\eta  = 1,000 \,\!$$. Furthermore, assume the following cases for the quiescent distribution.


 * Case 1: The quiescent distribution is the same as the active distribution (hot standby).


 * Case 2: The quiescent distribution is a Weibull  distribution with  $$\beta = 1.5\,\!$$ and  $$\eta = 2000\,\!$$ (warm standby).


 * Case 3: The component cannot fail in quiescent mode (cold standby).

In this case, the reliability of the system at some time, $$t\,\!$$, can be obtained using the following equation:


 * $$R(t)={{R}_{1}}(t)+\underset{0}{\overset{t}{\mathop \int }}\,{{f}_{1}}(x)\cdot {{R}_{2;SB}}(x)\cdot \frac{{{R}_{2;A}}({{t}_{e}}+t-x)}{{{R}_{2;A}}({{t}_{e}})}dx  \ $$

where:


 * $${{R}_{1}}\,\!$$ is the reliability of the active component.


 * $${{f}_{1}}\,\!$$ is the pdf of the active component.


 * $${{R}_{2;SB}}\,\!$$ is the reliability of the standby component when in standby mode (quiescent reliability).


 * $${{R}_{2;A}}\,\!$$ is the reliability of the standby component when in active mode.


 * $${{t}_{e}}\,\!$$ is the equivalent operating time for the standby unit if it had been operating at an active mode, such that:


 * $$\begin{align}

{{R}_{2;SB}}(x)={{R}_{2;A}}({{t}_{e}}) \end{align}$$

The second equation above can be solved for $${{t}_{e}}\,\!$$  and substituted into the first equation above. The following figure illustrates the example as entered in BlockSim using a standby container.



The active and standby blocks are within a container, which is used to specify standby redundancy. Since the standby component has two distributions (active and quiescent), the Block Properties window of the standby block has two pages for specifying each one. The following figures illustrate these pages.

The system reliability results for 1000 hours are given in the following table:

Note that even though the $$\beta $$  value for the quiescent distribution is the same as in the active distribution, it is possible that the two can be different. That is, the failure modes present during the quiescent mode could be different from the modes present during the active mode. In that sense, the two distribution types can be different as well (e.g., lognormal when quiescent and Weibull when active).

In many cases when considering standby systems, a switching device may also be present that switches from the failed active component to the standby component. The reliability of the switch can also be incorporated into $$R(t)={{R}_{1}}(t)+\underset{0}{\overset{t}{\mathop \int }}\,{{f}_{1}}(x)\cdot {{R}_{2;SB}}(x)\cdot \frac{{{R}_{2;A}}({{t}_{e}}+t-x)}{{{R}_{2;A}}({{t}_{e}})}dx  \ $$

as presented in the next section.

BlockSim's System Reliability Equation window returns a single token for the reliability of units in a standby configuration. This is the same as the load sharing case presented in the previous section.

Reliability of Standby Systems with a Switching Device
In many cases when dealing with standby systems, a switching device is present that will switch to the standby component when the active component fails. Therefore, the failure properties of the switch must also be included in the analysis.



In most cases when the reliability of a switch is to be included in the analysis, two probabilities can be considered. The first and most common one is the probability of the switch performing the action (i.e., switching) when requested to do so. This is called Switch Probability per Request in BlockSim and is expressed as a static probability (e.g., 90%). The second probability is the quiescent reliability of the switch. This is the reliability of the switch as it ages (e.g., the switch might wear out with age due to corrosion, material degradation, etc.). Thus it is possible for the switch to fail before the active component fails. However, a switch failure does not cause the system to fail, but rather causes the system to fail only if the switch is needed and the switch has failed. For example, if the active component does not fail until the mission end time and the switch fails, then the system does not fail. However, if the active component fails and the switch has also failed, then the system cannot be switched to the standby component and it therefore fails.

In analyzing standby components with a switching device, either or both failure probabilities (during the switching or while waiting to switch) can be considered for the switch, since each probability can represent different failure modes. For example, the switch probability per request may represent software-related issues or the probability of detecting the failure of an active component, and the quiescent probability may represent wear-out type failures of the switch.

To illustrate the formulation, consider the previous example that assumes perfect switching. To examine the effects of including an imperfect switch, assume that when the active component fails there is a 90% probability that the switch will switch from the active component to the standby component. In addition, assume that the switch can also fail due to a wear-out failure mode described by a Weibull distribution with $$\beta = 1.7\,\!$$ and  $$\eta = 5000\,\!$$.

Therefore, the reliability of the system at some time, $$t\,\!$$, is given by the following equation.


 * $$\begin{align}

R(t)= & {{R}_{1}}(t) \\ & +\underset{0}{\overset{t}{\mathop \int }}\,\{{{f}_{1}}(x)\cdot {{R}_{2;SB}}(x) \\ & \cdot \frac{{{R}_{2;A}}({{t}_{e}}+t-x)}{{{R}_{2;A}}({{t}_{e}})}\cdot {{R}_{SW;Q}}(x)\cdot {{R}_{SW;REQ}}(x)\}dx \end{align}$$

where:


 * $${{R}_{1}}\,\!$$ is the reliability of the active component.


 * $${{f}_{1}}\,\!$$ is the pdf of the active component.


 * $${{R}_{2;SB}}\,\!$$ is the reliability of the standby component when in standby mode (quiescent reliability).


 * $${{R}_{2;A}}\,\!$$ is the reliability of the standby component when in active mode.


 * $${{R}_{SW;Q}}\,\!$$ is the quiescent reliability of the switch.


 * $${{R}_{SW;REQ}}\,\!$$ is the switch probability per request.


 * $${{t}_{e}}\,\!$$ is the equivalent operating time for the standby unit if it had been operating at an active mode.

This problem can be solved in BlockSim by including these probabilities in the container's properties, as shown in the figures below. In BlockSim, the standby container is acting as the switch.



Note that there are additional properties that can be specified in BlockSim for a switch, such as Switch Restart Probability, No. of Restarts and Switch Delay Time. In many applications, the switch is re-tested (or re-cycled) if it fails to switch the first time. In these cases, it might be possible that it switches in the second or third, or $${{n}^{th}}\,\!$$ attempt.

The Switch Restart Probability specifies each additional attempt's probability of successfully switching and the Finite Restarts specifies the total number of attempts. Note that the Switch Restart Probability specifies the probability of success of each trial (or attempt). The probability of success of $$n\,\!$$  consecutive trials is calculated by BlockSim using the binomial distribution and this probability is then incorporated into equation above. The Switch Delay Time property is related to repairable systems and is considered in BlockSim only when using simulation. When using the analytical solution (i.e., for a non-repairable system), this property is ignored.

Solving the analytical solution (as given by the above equation), the following results are obtained.

From the table above, it can be seen that the presence of a switching device has a significant effect on the reliability of a standby system. It is therefore important when modeling standby redundancy to incorporate the switching device reliability properties. It should be noted that this methodology is not the same as treating the switching device as another series component with the standby subsystem. This would be valid only if the failure of the switch resulted in the failure of system (e.g., switch failing open). In equation above, the Switch Probability per Request and quiescent probability are present only in the second term of the equation. Treating these two failure modes as a series configuration with the standby subsystem would imply that they are also present when the active component is functioning (i.e., first term of equation above). This is invalid and would result in the underestimation of the reliability of the system. In other words, these two failure modes become significant only when the active component fails.

As an example, and if we consider the warm standby case, the reliability of the system without the switch is 70.57% at 1000 hours. If the system was modeled so that the switching device was in series with the warm standby subsystem, the result would have been:


 * $$\begin{align}

{{R}_{S}}(1000)= & {{R}_{Standby}}(1000)\cdot {{R}_{sw,Q(1000)}}\cdot {{R}_{sw,req}} \\ = & 0.7057\cdot 0.9372\cdot 0.9 \\ = & 0.5952 \end{align}$$

In the case where a switch failure mode causes the standby subsystem to fail, then this mode can be modeled as an individual block in series with the standby subsystem.

Note Regarding Numerical Integration Solutions
Load sharing and standby solutions in BlockSim are performed using numerical integration routines. As with any numerical analysis routine, the solution error depends on the number of iterations performed, the step size chosen and related factors, plus the behavior of the underlying function. By default, BlockSim uses a certain set of preset factors. In general, these defaults are sufficient for most problems. If a higher precision or verification of the precision for a specific problem is required, BlockSim's preset options can be modified and/or the integration error can be assessed using the Integration Parameters option for each container. For more details, you can refer to the documentation on the Algorithm Setup window in the BlockSim 8 help file.