FTA PROYECTO (2017)Trabajo Inglés
Vista previa del texto
AVIONICA, POLITECHNICAL UNIVERSITY OF BARCELONA
Fault tree analysis
Luciano Colitti, Alba Martin Anna Reig
Juan David Rinc´on
Abstract—Nowadays airplanes do not work with the classical
force mechanisms that moved the airplane surfaces to be able
to guide it and control it. The fact that not all that glitters is
gold, the electrical systems that has replaced the old ones, isn’t
perfect and they can bring out the possibility of losing signal
with the surfaces or commands on it.
To do so the engineers must do a previous study to know what things are more delicate or could cause a major risk. In this paper we have studied the actuator system that is controlled by the joysticks in two different cases that we describe and solve below.
Index Terms—Barcelona, Catalunya April 15, 2017.
I. I NTRODUCTION The analysis method FTA (Fault tree analysis), is the most commonly used method to detect failures in many systems inside engineering world overall. In this paper we are discussing and discomposing the actuator system of a comercial airplane.
We have two joysticks , one from the pilot and the other from the co-pilot. We have two sensors for each joystick so there are less possibilities of losing the control of the plane. We are going to solve for two cases.
Fig. 1. First approach system The first case is shown in the figure 1 where we see that there is a central CPU joystick that controls the entrance and exit of the information buses that come from the different sensors and bring them to a command computer with two different CMU CPUS.
The second approach represented in figure 2 has the buses crossed respect the first approach. It also divides the CPU joystick into a CPU J1 and CPU J2.
We will see the final results to see whether the first option is better than the second one or revers.
To solve the problems we divided the work and started to plan with the FTA all the possibilities of fail that could happen in our system. An engineer always has to get in the worst scenario so you can have things under control as much as possible.
Once we get the Fault trees, we solve some questions to close the problem and knowing each probability and the bottle necks of the system.
Fig. 2. Second approach system 2 Fig. 3. FTA 1 AVIONICA, POLITECHNICAL UNIVERSITY OF BARCELONA AVIONICA, POLITECHNICAL UNIVERSITY OF BARCELONA 3 II. FAULT TREE ANALYSIS 1 A. Development In the previous page, we added the first approach of the first system. Now assigning a different letter to each different event.
We do this process to simplify the FTA: • • • • • • • • A=B+C C=D · E D=F+G E= H+I G=J+K+L H=L+M+N L=J+O M=A6 · A5 • • • • • • • • Fig. 4. Table of probability categories J=Q · R K=A7 + A8 Q=S+T R=U+V S=W+X T=Y+Z U=A1 + A2 V=A3 + A4 D. Which is the weakest point of the system? How do you see it on the FTA and on the Boolean equation? To check the weakest point, we should go to our new and simplified FTA which is in the following page. As we can see, we have after the ”No Actuator A1”, an OR with 4 different derivations.
Once the FTA is translated to the basic equations we start to combine them to simplify it.
A = B + D · E = B + (F + G) · E = B(F + G)(I + H) (1) A = B(F + K + J + L)(I + M + N + L) (2) To lose the CPU’s communications is harder as both CPU CM1 and CPU CM2 have to fail at the same time to happen. To lose both pilot and copilot communications is also hard because exactly as the previous case, both pilot and copilot communication have to fail together. Actuator A1 blocked doesn’t depend more than just a internal fail of it.
and simplifying B2 = F + K + J and B1 = I + M + N A = B + (B2 + L)(B1 + L) (3) A = B +L+B2 B1 = B +L+(F +K +J)(I +M +N ) (4) A = B + P + O + (F + K + J)(I + M + N ) (5) A = B + QR + O + (F + K + J)(I + M + N ) (6) A = B +(S +T )(U +V )+O +(F +K +J)(I +M +N ) (7) And the final and simplified equation remains: A = B + (W + X + Y + Z)(A1 + A2 + A3 + A4 ) + O + (F + K + J)(I + M + N ) (8) B. Biggest value the probability of failure of the CPU Joystick might have? To compute this, do a quantitative analysis of the FTA using the failure probabilities that are known form the other components.
As we can see in the diagram, the joystick fail is directly related to the fail of the actuator, if the joystick fails, everything goes down. In order to achieve a catastrophic A1 failure (which means a probability of failure of 10−9 ) the probability of failure of the CPU Joystick should be 6.7 · 10−6 as a maximum value.
C. If the CPU Joystick sub system has software inside, which is the category of the software that has to be developed? If we check our table of catastrophes and probabilities , we would say that the category would be around major and hazardous.
So the weakest point we find is the Failure CPU Joystick because a fail on that would break the system and we would have no control on the actuator.
We can also clearly see that in the boolean equations, the failure of the CPU joystick is letter O and it goes by its own so it depends only on itself to make the system fall.
E. Make two suggestions to improve the development of the system that will lead to a reduction of complexity and/or cost.
1) Our first choice would be to cross the busses so with this method we would improve the system as we can see in the following FTA in some following page.
2) Maybe another interesting thing is to add a new joystick so the system would be divided in two and in a simpler way.
In the following page we can see the simplified FTA of the first approach.
4 Fig. 5. FTA 1 simplified AVIONICA, POLITECHNICAL UNIVERSITY OF BARCELONA AVIONICA, POLITECHNICAL UNIVERSITY OF BARCELONA 5 III. FAULT TREE ANALYSIS 2 This is the fault tree analysis of the second type of system where we have things crossed and a non central Joystick CPU, but a two CPU joysticks.
A. Develop a qualitative FTA The process we followed to get the second FTA is exactly the same but this time as we discussed earlier, we need to change things a little bit because of the crossing. We can see the first FTA model of the second system detailed in the following page.
B. . Write the Boolean equation of 2.a.
• • • • • • • • • A=B+C C=D·E D=F+G+H E=H+I+J H1 = K1 · L1 H2 = K2 · L2 K1 =M+N+S K2 =M+R+S L1 = O + Q + T • • • • • • • • • L2 = O + P + T S=U·V U=Y+Z V=A1 + A2 S=(Y+Z)·(A1 + A2 ) T=W·X W=A3 + A4 X=A5 + A6 T=(A3 + A4 )(A5 + A6 ) A = B + D · E = B + (F + G + H1 )(H2 + I + J) (9) A = B + (F + G + (M + N + S)(O + Q + T )) ((M + R + S)(O + P + T ) + I + J) (10) A = B + (F + G + M O + M Q + M T + N O +N Q+N T +SO+SQ+ST )((M O+M P +M T +RO+RP + RT + SO + SP + ST + I + J) (11) A = B + M (O + T ) + S(O + T ) + (F + G+ Q(M + N + S) + N (O + T )) (I + J + P (M + R + S) + R(O + T )) (12) A = B + (M + S)(O + T ) + (F + G + Q(M + N + S) + N (O + T ))(I + J + P (M + R + S) + R(O + T )) (13) This last equation is not more simplified than the below equation, we can confirm that is not possible to simplify this system.
A = B + (F + G + (M + N + (Y + Z)(A1 + A2 )) (O + Q + (A3 + A4 )(A5 + A6 ))) ((M + R + (Y + Z)(A1 + A2 ))(O + P + (A3 + A4 ) (A5 + A6 )) + I + J) (14) C. Using the Boolean equation of 2.b. compute an equivalent Boolean equation of the FTA We tried as hard as possible to solve and find a simplified fault tree with the boolean equations but we have arrived to the conclusion that this tree is not possible to be reduced.
6 Fig. 6. FTA 2 AVIONICA, POLITECHNICAL UNIVERSITY OF BARCELONA ...