Dependability & Maintainability Theory and Methods Part 1: Introduction and definitions Andrea Bobbio Dipartimento di Informatica Università del Piemonte Orientale, “A. Avogadro” 15100 Alessandria (Italy) bobbio@unipmn.it - http://www.mfn.unipmn.it/~bobbio/IFOA IFOA, Reggio Emilia, June 17-18, 2003 A. Bobbio Reggio Emilia, June 17-18, 2003

Dependability: Definition Dependability is the property of a system to be dependable in time, i.e. such that reliance can justifiably be placed on the service it delivers. Dependability extends the interest on the system from the design and construction phase to the operational phase (life cycle). A. Bobbio Reggio Emilia, June 17-18, 2003

What dependability theory and practice wants to avoid A. Bobbio Reggio Emilia, June 17-18, 2003

Dependability: Taxonomy reliability availability maintainability safety security measures means fault forecasting fault tolerance fault removal fault prevention dependability threats faults errors failures A. Bobbio Reggio Emilia, June 17-18, 2003

Quantitative analysis The quantitative analysis aims at numerically evaluating measures to characterize the dependability of an item: Risk assessment and safety Design specifications Technical assistance and maintenance Life cycle cost Market competition A. Bobbio Reggio Emilia, June 17-18, 2003

Risk assessment and safety The risk associated to an activity is given proportional to the probability of occurrence of the activity and to the magnitute of the consequences. R = P  M A safety critical system is a system whose incorrect behavior may cause a risk to occur, causing undesirable consequences to the item, to the operators, to the population, to the environment. A. Bobbio Reggio Emilia, June 17-18, 2003

Design specifications Technological items must be dependable. Some times, dependability requirements (both qualitative and quantitative) are part of the design specifications: Mean time between failures Total down time A. Bobbio Reggio Emilia, June 17-18, 2003

Technical assistance and maintenance The planning of all the activity related to the technical assistance and maintenance is linked to the system dependability (expected number of failure in time). planning spare parts and maintenance crews; cost of the technical assistance (warranty period); preventive vs reactive maintenance. A. Bobbio Reggio Emilia, June 17-18, 2003

Market competition The choice of the consumers is strongly influenced by the perceived dependability. advertisement messages stress the dependability; the image of a product or of a brand may depend on the dependability. A. Bobbio Reggio Emilia, June 17-18, 2003

Purpose of evaluation Observation Operational environment Reasoning Understanding a system Observation Operational environment Reasoning Predicting the behavior of a system Need a model A model is a convenient abstraction Accuracy based on degree of extrapolation A. Bobbio Reggio Emilia, June 17-18, 2003

Methods of evaluation Measurement-Based Most believable, most expensive Not always possible or cost effective during system design Model-Based Less believable, Less expensive Analytic vs Discrete-Event Simulation Combinatorial vs State-Space Methods A. Bobbio Reggio Emilia, June 17-18, 2003

Measurement-Based Most believable, most expensive; Data are obtained observing the behavior of physical objects. field observations; measurements on prototypes; measurements on components (accelerated tests). A. Bobbio Reggio Emilia, June 17-18, 2003

Models Closed-form Answers Numerical Solution Analytic Simulation All models are wrong; some models are useful A. Bobbio Reggio Emilia, June 17-18, 2003

Methods of evaluation Measurements + Models data bank A. Bobbio Reggio Emilia, June 17-18, 2003

The probabilistic approach The mechanisms that lead to failure a technological object are very complex and depend on many physical, chemical, technical, human, environmental … factors. The time to failure cannot be expressed by a determin-istic law. We are forced to assume the time to failure as a random variable. The quantitative dependability analysis is based on a probabilistic approach. A. Bobbio Reggio Emilia, June 17-18, 2003

Reliability The reliability is a measurable attribute of the dependability and it is defined as: The reliability R(t) of an item at time t is the probability that the item performs the required function in the interval (0 – t) given the stress and environmental conditions in which it operates. A. Bobbio Reggio Emilia, June 17-18, 2003

Basic Definitions: cdf Let X be the random variable representing the time to failure of an item. The cumulative distribution function (cdf) F(t) of the r.v. X is given by: F(t) = Pr { X  t } F(t) represents the probability that the item is already failed at time t (unreliability) . A. Bobbio Reggio Emilia, June 17-18, 2003

Basic Definitions: cdf Equivalent terminoloy for F(t) : CDF (cumulative distribution function) Probability distribution function Distribution function A. Bobbio Reggio Emilia, June 17-18, 2003

Basic Definitions: cdf F(t) 1 F(b) F(a) a b t F(0) = 0 lim F(t) = 1 t F(t) = non-decreasing A. Bobbio Reggio Emilia, June 17-18, 2003

Basic Definitions: Reliability Let X be the random variable representing the time to failure of an item. The survivor function (sf) R(t) of the r.v. X is given by: R (t) = Pr { X > t } = 1 - F(t) R(t) represents the probability that the item is correctly working at time t and gives the reliability function . A. Bobbio Reggio Emilia, June 17-18, 2003

Basic Definitions Equivalent terminology for R(t) = 1 -F(t) : Reliability Complementary distribution function Survivor function A. Bobbio Reggio Emilia, June 17-18, 2003

Basic Definitions: Reliability R(t) 1 R(a) a b t R(0) = 1 lim R(t) = 0 t R(t) = non-increasing A. Bobbio Reggio Emilia, June 17-18, 2003

Basic Definitions: density Let X be the random variable representing the time to failure of an item and let F(t) be a derivable cdf: The density function f(t) is defined as: d F(t) f (t) = ——— dt f (t) dt = Pr { t  X < t + dt } A. Bobbio Reggio Emilia, June 17-18, 2003

Basic Definitions: Density f (t) t a b b  f(x) dx = Pr { a < X  b } = F(b) – F(a) a A. Bobbio Reggio Emilia, June 17-18, 2003

Basic Definitions: Density f (t) 1 t A. Bobbio Reggio Emilia, June 17-18, 2003

Basic Definitions Equivalent terminology: pdf probability density function density function density f(t) = For a non-negative random variable A. Bobbio Reggio Emilia, June 17-18, 2003

Quiz 1: The higher the MTTF is, the higher the item reliability is. Correct Wrong The correct answer is wrong !!! A. Bobbio Reggio Emilia, June 17-18, 2003

Hazard (failure) rate h(t) t = Conditional Prob. system will fail in (t, t + t) given that it is survived until time t f(t) t = Unconditional Prob. System will fail in (t, t + t) A. Bobbio Reggio Emilia, June 17-18, 2003

The Failure Rate of a Distribution is the conditional probability that the unit will fail in the interval given that it is functioning at time t. is the unconditional probability that the unit will fail in the interval Difference between the two sentences: probability that someone will die between 90 and 91, given that he lives to 90 probability that someone will die between 90 and 91 A. Bobbio Reggio Emilia, June 17-18, 2003

(infant mortality – burn in) Bathtub curve h(t) (infant mortality – burn in) (wear-out-phase) CFR Constant fail. rate (useful life) DFR IFR t Decreasing failure rate Increasing fail. rate A. Bobbio Reggio Emilia, June 17-18, 2003

Infant mortality (dfr) Also called infant mortality phase or reliability growth phase. The failure rate decreases with time. Caused by undetected hardware/software defects; Can cause significant prediction errors if steady-state failure rates are used; Weibull Model can be used; A. Bobbio Reggio Emilia, June 17-18, 2003

Useful life (cfr) The failure rate remains constant in time (age independent) . Failure rate much lower than in early-life period. Failure caused by random effects (as environmental shocks). A. Bobbio Reggio Emilia, June 17-18, 2003

Wear-out phase (ifr) The failure rate increases with age. It is characteristic of irreversible aging phenomena (deterioration, wear-out, fatigue, corrosion etc…) Applicable for mechanical and other systems. (Properly qualified electronic parts do not exhibit wear-out failure during its intended service life) Weibull Failure Model can be used A. Bobbio Reggio Emilia, June 17-18, 2003

Exponential Distribution Failure rate is age-independent (constant). Cumul. distribution function: Reliability : Density Function : Failure Rate (CFR): Mean Time to Failure: A. Bobbio Reggio Emilia, June 17-18, 2003

The Cumulative Distribution Function of an Exponentially Distributed Random Variable With Parameter  = 1 F(t) 1.0 F(t) = 1 - e -  t 0.5 1.25 2.50 3.75 5.00 t A. Bobbio Reggio Emilia, June 17-18, 2003

The Reliability Function of an Exponentially Distributed Random Variable With Parameter  = 1 R(t) 1.0 R(t) = e -  t 0.5 1.25 2.50 3.75 5.00 t A. Bobbio Reggio Emilia, June 17-18, 2003

Exponential Density Function (pdf) f(t) MTTF = 1/  A. Bobbio Reggio Emilia, June 17-18, 2003

Memoryless Property of the Exponential Distribution Assume X > t. We have observed that the component has not failed until time t Let Y = X - t , the remaining (residual) lifetime A. Bobbio Reggio Emilia, June 17-18, 2003

Memoryless Property of the Exponential Distribution (cont.) Thus Gt(y) is independent of t and is identical to the original exponential distribution of X The distribution of the remaining life does not depend on how long the component has been operating An observed failure is the result of some suddenly appearing failure, not due to gradual deterioration A. Bobbio Reggio Emilia, June 17-18, 2003

Quiz 3: If two components (say, A and B) have independent identical exponentially distributed times to failure, by the “memoryless” property, which of the following is true? 1. They will always fail at the same time 2. They have the same probability of failing at time ‘t’ during operation 3. When these two components are operating simultaneously, the component which has been operational for a shorter duration of time will survive longer A. Bobbio Reggio Emilia, June 17-18, 2003

Weibull Distribution Distribution Function: Density Function: Reliability: A. Bobbio Reggio Emilia, June 17-18, 2003

Weibull Distribution Dfr Cfr Ifr  : shape parameter;  : scale parameter. Failure Rate: Dfr Cfr Ifr A. Bobbio Reggio Emilia, June 17-18, 2003

Failure Rate of the Weibull Distribution with Various Values of  A. Bobbio Reggio Emilia, June 17-18, 2003

Weibull Distribution for Various Values of  Cdf density A. Bobbio Reggio Emilia, June 17-18, 2003

Failure-Rate Multiplier Failure Rate Models We use a truncated Weibull Model Infant mortality phase modeled by DFR Weibull and the steady-state phase by the exponential Figure 2.34 Weibull Failure-Rate Model 7 6 5 4 3 2 1 Failure-Rate Multiplier 2,190 4,380 6,570 8,760 10,950 13,140 15,330 17,520 Operating Times (hrs) A. Bobbio Reggio Emilia, June 17-18, 2003

Failure Rate Models (cont.) This model has the form: where: steady-state failure rate is Weibull shape parameter Failure rate multiplier = A. Bobbio Reggio Emilia, June 17-18, 2003

Failure Rate Models (cont.) There are several ways to incorporate time dependent failure rates in availability models The easiest way is to approximate a continuous function by a piecewise constant step function 7 6 5 4 3 2 1 Discrete Failure-Rate Model Failure-Rate Multiplier 2,190 4,380 6,570 8,760 10,950 13,140 15,330 17,520 Operating Times (hrs) A. Bobbio Reggio Emilia, June 17-18, 2003

Failure Rate Models (cont.) Here the discrete failure-rate model is defined by: A. Bobbio Reggio Emilia, June 17-18, 2003

A lifetime experiment X 1 1 X 2 2 X 3 3 X 4 4 X N N t = 0 N i.i.d components are put in a life test experiment. A. Bobbio Reggio Emilia, June 17-18, 2003

A lifetime experiment 1 X 1 2 X 2 3 X 3 4 X 4 X N N A. Bobbio Reggio Emilia, June 17-18, 2003