# FTA PROYECTO (2017)

Trabajo InglésUniversidad | Universidad Politécnica de Cataluña (UPC) |

Grado | Ingeniería de Aeronavegación - 3º curso |

Asignatura | Aviónica |

Año del apunte | 2017 |

Páginas | 6 |

Fecha de subida | 03/07/2017 |

Descargas | 3 |

Subido por | areig |

### Vista previa del texto

AVIONICA, POLITECHNICAL UNIVERSITY OF BARCELONA
1
Fault tree analysis
Luciano Colitti, Alba Martin Anna Reig
Juan David Rinc´on
Abstract—Nowadays airplanes do not work with the classical
force mechanisms that moved the airplane surfaces to be able
to guide it and control it. The fact that not all that glitters is
gold, the electrical systems that has replaced the old ones, isn’t
perfect and they can bring out the possibility of losing signal
with the surfaces or commands on it.

To do so the engineers must do a previous study to know
what things are more delicate or could cause a major risk. In
this paper we have studied the actuator system that is controlled
by the joysticks in two different cases that we describe and
solve below.

Index Terms—Barcelona, Catalunya April 15, 2017.

I. I NTRODUCTION
The analysis method FTA (Fault tree analysis), is the
most commonly used method to detect failures in many
systems inside engineering world overall. In this paper we
are discussing and discomposing the actuator system of a
comercial airplane.

We have two joysticks , one from the pilot and the
other from the co-pilot. We have two sensors for each
joystick so there are less possibilities of losing the control of
the plane. We are going to solve for two cases.

Fig. 1. First approach system
The first case is shown in the figure 1 where we see
that there is a central CPU joystick that controls the entrance
and exit of the information buses that come from the different
sensors and bring them to a command computer with two
different CMU CPUS.

The second approach represented in figure 2 has the
buses crossed respect the first approach. It also divides the
CPU joystick into a CPU J1 and CPU J2.

We will see the final results to see whether the first option is
better than the second one or revers.

To solve the problems we divided the work and started
to plan with the FTA all the possibilities of fail that could
happen in our system. An engineer always has to get in the
worst scenario so you can have things under control as much
as possible.

Once we get the Fault trees, we solve some questions
to close the problem and knowing each probability and the
bottle necks of the system.

Fig. 2. Second approach system
2
Fig. 3. FTA 1
AVIONICA, POLITECHNICAL UNIVERSITY OF BARCELONA
AVIONICA, POLITECHNICAL UNIVERSITY OF BARCELONA
3
II. FAULT TREE ANALYSIS 1
A. Development
In the previous page, we added the first approach of the first
system. Now assigning a different letter to each different event.

We do this process to simplify the FTA:
•
•
•
•
•
•
•
•
A=B+C
C=D · E
D=F+G
E= H+I
G=J+K+L
H=L+M+N
L=J+O
M=A6 · A5
•
•
•
•
•
•
•
•
Fig. 4. Table of probability categories
J=Q · R
K=A7 + A8
Q=S+T
R=U+V
S=W+X
T=Y+Z
U=A1 + A2
V=A3 + A4
D. Which is the weakest point of the system? How do you
see it on the FTA and on the Boolean equation?
To check the weakest point, we should go to our new
and simplified FTA which is in the following page. As we
can see, we have after the ”No Actuator A1”, an OR with 4
different derivations.

Once the FTA is translated to the basic equations we start
to combine them to simplify it.

A = B + D · E = B + (F + G) · E = B(F + G)(I + H) (1)
A = B(F + K + J + L)(I + M + N + L)
(2)
To lose the CPU’s communications is harder as both
CPU CM1 and CPU CM2 have to fail at the same time to
happen. To lose both pilot and copilot communications is
also hard because exactly as the previous case, both pilot
and copilot communication have to fail together. Actuator A1
blocked doesn’t depend more than just a internal fail of it.

and simplifying B2 = F + K + J and B1 = I + M + N
A = B + (B2 + L)(B1 + L)
(3)
A = B +L+B2 B1 = B +L+(F +K +J)(I +M +N ) (4)
A = B + P + O + (F + K + J)(I + M + N )
(5)
A = B + QR + O + (F + K + J)(I + M + N )
(6)
A = B +(S +T )(U +V )+O +(F +K +J)(I +M +N ) (7)
And the final and simplified equation remains:
A = B + (W + X + Y + Z)(A1 + A2 + A3 + A4 )
+ O + (F + K + J)(I + M + N ) (8)
B. Biggest value the probability of failure of the CPU
Joystick might have? To compute this, do a quantitative
analysis of the FTA using the failure probabilities that are
known form the other components.

As we can see in the diagram, the joystick fail is directly
related to the fail of the actuator, if the joystick fails, everything goes down. In order to achieve a catastrophic A1
failure (which means a probability of failure of 10−9 ) the
probability of failure of the CPU Joystick should be 6.7 · 10−6
as a maximum value.

C. If the CPU Joystick sub system has software inside, which
is the category of the software that has to be developed?
If we check our table of catastrophes and probabilities ,
we would say that the category would be around major and
hazardous.

So the weakest point we find is the Failure CPU Joystick
because a fail on that would break the system and we would
have no control on the actuator.

We can also clearly see that in the boolean equations,
the failure of the CPU joystick is letter O and it goes by its
own so it depends only on itself to make the system fall.

E. Make two suggestions to improve the development of the
system that will lead to a reduction of complexity and/or
cost.

1) Our first choice would be to cross the busses so with
this method we would improve the system as we can
see in the following FTA in some following page.

2) Maybe another interesting thing is to add a new joystick
so the system would be divided in two and in a simpler
way.

In the following page we can see the simplified FTA of the
first approach.

4
Fig. 5. FTA 1 simplified
AVIONICA, POLITECHNICAL UNIVERSITY OF BARCELONA
AVIONICA, POLITECHNICAL UNIVERSITY OF BARCELONA
5
III. FAULT TREE ANALYSIS 2
This is the fault tree analysis of the second type of system
where we have things crossed and a non central Joystick CPU,
but a two CPU joysticks.

A. Develop a qualitative FTA
The process we followed to get the second FTA is exactly
the same but this time as we discussed earlier, we need to
change things a little bit because of the crossing. We can
see the first FTA model of the second system detailed in the
following page.

B. . Write the Boolean equation of 2.a.

•
•
•
•
•
•
•
•
•
A=B+C
C=D·E
D=F+G+H
E=H+I+J
H1 = K1 · L1
H2 = K2 · L2
K1 =M+N+S
K2 =M+R+S
L1 = O + Q + T
•
•
•
•
•
•
•
•
•
L2 = O + P + T
S=U·V
U=Y+Z
V=A1 + A2
S=(Y+Z)·(A1 + A2 )
T=W·X
W=A3 + A4
X=A5 + A6
T=(A3 + A4 )(A5 + A6 )
A = B + D · E = B + (F + G + H1 )(H2 + I + J)
(9)
A = B + (F + G + (M + N + S)(O + Q + T ))
((M + R + S)(O + P + T ) + I + J) (10)
A = B + (F + G + M O + M Q + M T + N O
+N Q+N T +SO+SQ+ST )((M O+M P +M T +RO+RP
+ RT + SO + SP + ST + I + J) (11)
A = B + M (O + T ) + S(O + T ) + (F + G+
Q(M + N + S) + N (O + T ))
(I + J + P (M + R + S) + R(O + T )) (12)
A = B + (M + S)(O + T ) + (F + G + Q(M + N + S)
+ N (O + T ))(I + J + P (M + R + S) + R(O + T )) (13)
This last equation is not more simplified than the below
equation, we can confirm that is not possible to simplify this
system.

A = B + (F + G + (M + N + (Y + Z)(A1 + A2 ))
(O + Q + (A3 + A4 )(A5 + A6 )))
((M + R + (Y + Z)(A1 + A2 ))(O + P + (A3 + A4 )
(A5 + A6 )) + I + J) (14)
C. Using the Boolean equation of 2.b. compute an equivalent
Boolean equation of the FTA
We tried as hard as possible to solve and find a simplified
fault tree with the boolean equations but we have arrived to
the conclusion that this tree is not possible to be reduced.

6
Fig. 6. FTA 2
AVIONICA, POLITECHNICAL UNIVERSITY OF BARCELONA
...