Classical methods for calculating the reliability of systems
Classical methods include reliability models with serial, parallel, parallel-serial connections of elements, their various modifications.
Model with serial connection of elements. When calculating reliability, a connection of elements is called sequential, in which the failure of at least one of them leads to the failure of the entire connection as a whole. Serial connection in the above sense is not always the same as the physical series connection of elements. Failures of the elements are assumed to be independent, that is, the failure of any group of elements does not affect the probabilistic characteristics of the remaining elements in any way. The element is understood as one of the independent sections of the serial connection.
Serial connection of elements
In this case, the probability of failure-free operation of the system can be calculated by the formula:
where Рс is the probability of failure-free operation of the system; Р i (t) – probability of non-failure operation i - th element of the system
Model with parallel connection of elements(Fig. 2.2). When calculating reliability, parallel (redundant) is such a connection of elements in which the failure of the entire connection occurs when all elements of the system fail (the elements duplicate each other).
Parallel connection of elements
In this case, the reliability of the system P c is determined through the probabilities of element failure q 1 , q 2 , …, q n, which are related to the probability of failure-free operation by relations of the form q i (t) = 1 – P i (t)
The probability of failure of the entire system is equal to:
Then the probability of failure-free operation of the system with parallel connection of elements q 1 , q 2 , …, q n has the form
Model with parallel-serial connection of elements. When calculating reliability, parallel-series is such a connection of elements in which it is possible to draw up block diagrams of sections with both serial and parallel connection of elements
Parallel-serial connection of elements
For the system, the probability of failure-free operation of section 23 is first calculated:
P 23 \u003d 1 - (1 - P 2 (t)) × (1 - P 3 (t)),
then - section 123: P 123 (t) \u003d P 1 (t) × P 23 (t) \u003d P 1 (t) × (1 - (1 - P 2 (t)) × (1 - P 3 (t) )).
Final calculation formula has the form P with (t) = 1 - (1 - P 123 (t)) × (1 - P 4 (t)).
Models not reducible to parallel-series connections. This class includes systems with bridge and even more complex connections of elements (Fig. 2.4).
Element Bridging Example
The system is operational if the elements are operational:
It is expedient to evaluate the reliability of systems of this class by the logical-probabilistic method, using the apparatus of the algebra of logic.
Model using Markov processes. The model is specified in the form of states in which the system can be, and possible transitions from one state to another (Fig. 2.5).
When representing the IS using this model, the theory of Markov processes is used in the event that the location of the system does not depend on the state in which the IS was in the past.
The probabilistic graph of system states has the following states:
1. Both elements of the system work.
2. Failure of one of the elements.
3. Failure of two elements.
Probabilistic graph of system states
If the probabilities of the system transition from state i to state j b ij are given, then it is possible to determine the probabilities of the system being in i - m state P i (t), and hence the reliability indicators, composing and solving the Kolmogorov-Smirnov equation.
The derivative of the probability of the system being in the i-th state is equal to the algebraic sum of the products of the transition intensities and the probabilities of the corresponding states. Those works, which correspond to the arrows leaving this state, are assigned the sign "-", and the incoming ones - "+".
Thus, for this example system we have:
Having solved the system of equations, we will determine the probabilities of finding the system in i-th state Pi(t).
The probability function of the failure-free operation of the system in this case is equal to the probability of the system being in the 1st state: P c (t) = P 1 (t).
The method is based on the mathematical apparatus of the algebra of logic. The calculation of the reliability of the control system involves determining the relationship between difficult event(system failure) and the events on which it depends (failures of system elements). Consequently, reliability calculations are based on carrying out operations with events and statements, which are accepted as statements about the operability or failure of an element (system). Each element of the system is represented by a logical variable that takes the value 1 or 0.
Events and statements with the help of operations of disjunction, conjunction and negation are combined into logical equations corresponding to the condition of the system's operability. A logical health function is compiled. The calculation based on the direct use of logical equations is called logical-probabilistic and is performed in seven stages:
1. Verbal formulation of the conditions for the object's operability. The dependence of the health of the information system on the state of its individual elements is described.
2. Drawing up a logical function of health. It is a logical equation corresponding to the condition of the control system operability
which is expressed in disjunctive form, for example:
where x i is the operability condition i - th element Fl; X i = 1 is an operable state, X i = 0 is an inoperative state.
3. Bringing the logical function of health F L to an orthogonal non-repetitive form F L . A complex logical function of working capacity must be reduced to an orthogonal non-repetitive form.
A function of the form (2.2) is called orthogonal if all its members D i are pairwise orthogonal (that is, their product is equal to zero), and non-repetitive if each of its members D i consists of letters x i , with different numbers (that is, there are no repeated arguments ), for example: the product of elementary conjunctions x 1, x 2, x 4 and x 3, x 2 is zero, since one of them contains x2, and the other x2, hence they are orthogonal; D 1 \u003d x 1 ×x 2 ×x 2, where x2 and x 2 have the same number, so the term D 1 is not nonrepetitive.
– orthogonal non-repetitive form;
- orthogonal, but not non-repetitive form.
The function F l can be transformed to an orthogonal non-repetitive form F lo using the laws and rules for the transformation of complex statements. When calculating, the most common rules are:
4. Arithmetization F lo. The arithmetic function F a (2.3) is determined by the found orthogonal non-repetitive logical function of working capacity F LO.
where A i is the arithmetic form of the terms D i of the function F lo.
Arithmetization of members D i , in general view containing the operations of disjunction, conjunction and negation, is carried out by replacing logical operations with arithmetic ones according to the rules:
5. Determining the probability of failure-free operation of the system.
The probability of failure-free operation of the system is set as the probability of the truth of the logical function of health, presented in an orthogonal non-repetitive form, and is calculated as the sum of the probabilities of truth of all orthogonal members of this function of the logic algebra. All events (statements) are replaced by their probabilities (probabilities of failure-free operation of the corresponding elements).
6. Calculation of the required indicators of the reliability of the control system according to the found indicator P c (t):
Probability of failure-free operation P c (t);
Failure probability Q c (t) = 1 – P c (t);
Failure rate
MTBF
7. Analysis of the compliance of the obtained reliability indicators with the given technical requirements of the system.
Assumptions made in the logical-probabilistic method: for the elements of the system, only two states are possible; the method is applicable to non-recoverable systems; failures of system elements must be independent.
Lecture 9
Topic: Reliability assessment by the method of paths and sections. Logical-probabilistic methods for the analysis of complex systems
Plan
1. The method of minimal paths and sections for calculating the reliability indicators of systems with a branched structure.
2. Basic definitions and concepts of logical-probabilistic methods of analysis and evaluation of IS reliability.
3. The essence of the method of the shortest path of successful operation and the minimum section of failures.
4. Calculation of the health function and failure function for the bridge structure.
5. Areas of application of these methods. Statistical modeling to assess the reliability of IS.
Keywords
Reliability indicators, branched IC structure, minimum path, cross section, logical-probabilistic method, bridge circuit, health function, shortest path for successful operation, minimum failure cross section, probability of failure-free operation, logic algebra function, structural diagram of reliability calculation.
There are structures and methods of organizing IS when redundancy takes place, but it cannot be represented by the scheme of serial and parallel inclusion of elements or subsystems. To analyze the reliability of such structures, the method of minimum paths and sections is used, which refers to approximate methods and allows you to determine the boundary estimates of reliability from above and below.
A path in a complex structure is a sequence of elements that ensure the functioning (operability) of the system.
A section is a set of elements whose failures lead to system failure.
The probability of failure-free operation of series-connected parallel circuits gives the upper estimate for the FBG of a system of this structure. The probability of failure-free operation of parallel-connected serial circuits of path elements gives a lower estimate for the FBG of a system of this structure. The actual value of the reliability indicator is between the upper and lower limits.
Consider a bridge circuit for connecting the elements of a system consisting of five elements (Fig. 1).
Rice. 1. Bridge circuit for connecting elements (subsystem)
Here, a set of elements forms a minimum path if excluding any element from the set causes the path to fail. It follows from this that within the limits of one path, the elements are in the main connection, and the paths themselves are connected in parallel. Set of minimum paths for bridging presented in fig. 2. Paths form element 1, 3; 2, 4; 1, 5, 4; 2, 5, 3.
Rice. 2. A set of minimal paths.
For all circuit elements, FBGs are known R 1 , R 2 , R 3 , R 4 , R 5 and their corresponding failure probabilities of the "open" typeQ 1 hour Q 5 , it is necessary to determine the probability of the presence of a chain between points a and in. Since the same element is included in two parallel paths, the result of the calculation is an upper reliability estimate.
R in = 1- Q 13 ∙ Q 24 ∙ Q 154 ∙ Q 253 = 1- (1-R 1 R 3)(1-R 2 R 4)(1-R 1 R 5 R 4)(1-R 2 R 5 R 3)
When determining the minimum cross sections, the selection of the minimum number of elements is carried out, the transfer of which from an operable state to an inoperable one causes a system failure.
With the correct selection of the section elements, the return of any of the elements to a working state restores the working state of the system.
Since the failure of each of the sections causes a system failure, the first ones are connected in series. In the limits of each section, the elements are connected in parallel, since for the system to work, it is sufficient to have an operable state of any of the section elements.
The diagram of the minimum cross sections for the bridge circuit is shown in fig. 3. Since the same element is included in two sections, the resulting estimate is a lower estimate.
Pn = P 12 ∙ P 34 ∙ P 154 ∙ P 253 = (1- q 1 q 2 )∙ (1- q 3 q 4 )∙ (1- q 1 q 5 q 4 )∙ (1- q 2 q 5 q 3 )
Rice. 3. Set of minimum sections
System uptime probability R s then evaluated by double inequality
R n ≤R with ≤R in
Thus, this method makes it possible to represent a system with an arbitrary structure in the form of parallel and series circuits. (When compiling the minimum paths and sections, any system is transformed into a structure with a parallel-serial or series-parallel connection of elements). The method is simple but requires exact definition all paths and sections. It has been widely used in calculating the reliability of APCS subsystems, especially in relation to protection and logic control systems. It is used in reactor power control systems, which provide for the possibility of switching from one faulty control circuit to another, which is in a standby state.
Logical and probabilistic methods for analyzing the reliability of systems
The essence of logical-probabilistic methods lies in the use of logic algebra functions (FAL) for analytical recording of system performance conditions and the transition from FAL to probabilistic functions (WF), which objectively express the system's reliability. Those. using the logical-probabilistic method, it is possible to describe IC circuits for calculating reliability using the apparatus of mathematical logic, followed by the use of probability theory in determining reliability indicators.
The system can only be in two states: in a state of full operability ( at= 1) and in a state of complete failure ( at= 0). It is assumed that the action of the system is deterministically dependent on the action of its elements, i.e. at is a function X 1 , X 2 , … , x i, … , x n. Items can be also in only two incompatible states: full operability (x i = 1) and complete failure (x i = 0).
A function of the algebra of logic that relates the state of elements to the state of the system at (X 1 , X 2 ,…, x n) are called health function systemsF(y) = 1.
To assess the operable states of the system, two concepts are used:
1) the shortest path of successful operation (KPUF), which is such a conjunction of its elements, none of the components of which can be removed without violating the functioning of the system. Such a conjunction is written as the following FAL:
where i- belongs to multiple numbers
corresponding to this
l-mu way.
In other words, the KPUF of the system describes one of its possible operable states, which is determined by the minimum set of operable elements that are absolutely necessary to perform the functions specified for the system.
2) the minimum system failure cross section (MSF), which is such a conjunction of the negations of its elements, none of the components of which can be removed without violating the system inoperability conditions. Such a conjunction can be written as the following FAL:
where means the set of numbers corresponding to the given section.
In other words, the MCO of the system describes one of the possible ways to disrupt the system with the help of a minimum set of failed elements.
Every redundant system has a finite number of shortest paths (l= 1, 2,…, m ) and minimum cross sections (j= 1, 2,…, m).
Using these concepts, we can write down the conditions for the system to work.
1) in the form of a disjunction of all available shortest paths for successful functioning.
;
2) in the form of a conjunction of negations of all MCOs
;
Thus, the operability conditions of a real system can be represented as the operability conditions of some equivalent (in terms of reliability) system, the structure of which is a parallel connection of the shortest paths of successful operation, or another equivalent system, the structure of which is a combination of the negations of the minimum sections.
For example, for the bridge structure of the IC, the system health function using the KPUF will be written as follows:
;
the operability function of the same system through the MCO can be written in the following form:
With a small number of elements (no more than 20), a tabular method for calculating reliability can be used, which is based on the use of the addition theorem for the probabilities of joint events.
The probability of failure-free operation of the system can be calculated by the formula (through a probabilistic function of the form):
Logical-probabilistic methods (methods: cutting, tabular, orthogonalization) are widely used in diagnostic procedures when constructing fault trees and determining the basic (initial) events that cause the system to fail.
For the reliability of a computer system with a complex redundancy structure, a statistical modeling method can be used.
The idea of the method is to generate boolean variablesx i c given probability pi occurrence of a unit, which are substituted into the logical structural function of the simulated system in an arbitrary form, and then the result is calculated.
Aggregate X 1 , X 2 ,…, X nindependent random events that form a complete group is characterized by the probabilities of occurrence of each of the eventsp(x i), and .
To simulate this set of random events, a random number generator is used, uniformly distributed in the interval
Meaning pi is chosen equal to the probability of failure-free operationith subsystem. In this case, the calculation process is repeatedN 0 times with new, independent random argument valuesx i(this counts the numberN(t) single values of the logical structural function). AttitudeN(t)/ N 0 is a statistical estimate of the probability of uptime
where N(t) - the number of faultlessly working up to the point in timetobjects, with their original number.
Generating Random Boolean Variablesx iwith a given probability of occurrence of one R iis carried out on the basis of random variables uniformly distributed in the interval, obtained using standard programs included in the software of all modern computers.
test questions and tasks
1. What is the method for assessing the reliability of IS, where the probability of failure-free operation of the system is defined as R n ≤R with ≤R in.
2. To calculate the reliability of which systems, the method of paths and sections is used?
3. What method can be used to evaluate the reliability of bridge-type devices?
4. What methods for determining the reliability indicators of recoverable systems are known?
5. Structurally represent a bridge circuit as a set of minimal paths and sections.
6. Define the minimum path and the minimum section.
7. Write a health function for a branched device?
8. What is a performance function?
9. What is the shortest path to successful operation (KPUF). Write down the working conditions in the form of KPUF.
10. Where is the logical-probabilistic method of reliability assessment used?
Literature: 1, 2, 3, 5, 6, 8.
LOGIC-PROBABILITY METHODS OF RELIABILITY ANALYSIS
Any method of reliability analysis requires a description of the system performance conditions. Such conditions can be formulated on the basis of:
Structural diagram of the system functioning (reliability calculation scheme);
Verbal description of the functioning of the system;
Graph schemes;
Functions of the algebra of logic.
The logical-probabilistic method of reliability analysis makes it possible to formalize the definition and meaning of favorable hypotheses. The essence of this method is as follows.
The state of each element is encoded by zero and one:
In the functions of the algebra of logic, the states of elements are represented in the following form:
X i- good condition of the element, corresponding to code 1;
The failure state of the element, corresponding to code 0.
Using the functions of the algebra of logic, the condition of the system's operability is written through the operability (state) of its elements. The resulting system health function is a binary function of binary arguments.
The resulting FAL is transformed in such a way that it contains terms corresponding to favorable hypotheses for the correct operation of the system.
In FAL instead of binary variables x i and the probabilities are substituted, respectively, for failure-free operation p i and failure probability q i . The signs of conjunction and disjunction are replaced by algebraic multiplication and addition.
The resulting expression is the probability of failure-free operation of the system Pc(t).
Consider the logical-probabilistic method with examples.
EXAMPLE 5.10. The block diagram of the system is the main (serial) connection of elements (Fig. 5.14).
On the block diagram x i , i = 1, 2,..., P- condition i-th element of the system, coded 0 if the element is in a failed state, and 1 if it is serviceable. In this case, the system is operational if all its elements are operational. Then FAL is a conjunction of logical variables, i.e. y \u003d x 1, x 2, ... .., x p, which is a perfect disjunctively normal form of the system.
Substituting instead of logical variables the probabilities of good states of elements and, replacing the conjunction with algebraic multiplication, we get:
EXAMPLE 5.11. The block diagram of the system is a duplicated system with non-equivalent, permanently switched on subsystems (Fig. 5.15).
On fig. 5.15 x 1 and x 2- states of system elements. Let's make a truth table of two binary variables (Table 5.2).
In the table 0 is the failure state of the element, 1 is the good state of the element. In this case, the system is operational if both elements (1,1) or one of them ((0,1) or (1,0)) are operational. Then the operable state of the system is described by the following logic algebra function:
This function is a perfect disjunctive normal form. Replacing the operations of disjunction and conjunction with the algebraic operations of multiplication and addition, and the logical variables with the corresponding probabilities of the state of the elements, we obtain the probability of the system fail-safe operation:
EXAMPLE 5.12. The block diagram of the system has the form shown in fig. 5.16.
Let's make a truth table (Table 53).
In this example, the system is operational if all its elements are operational or if the element is operational x i and one of the elements of the duplicated pair (x 2, x 3). Based on the truth table, the SDNF will look like:
Substituting the corresponding probabilities instead of binary variables, and algebraic multiplication and addition instead of conjunctions and disjunctions, we obtain the probability of the system fail-safe operation:
The function of the algebra of logic can be represented in a minimal form using the following transformations:
The absorption and gluing operations are not applicable in algebra. In this regard, it is impossible to minimize the obtained FAL, and then substitute the values of probabilities instead of logical variables. The probabilities of the states of the elements should be substituted into the SDNF, and simplified according to the rules of algebra.
The disadvantage of the described method is the need to compile a truth table, which requires enumeration of all operable system states.
5.3.2. Method of shortest paths and minimum sections
This method has been discussed previously. in section 5.2.3. Let us state it from the standpoint of the algebra of logic.
The operability function can be described with the help of the shortest paths of the walking functioning of the system and the minimum sections of its failure.
The shortest path is the minimum conjunction of workable:stations of elements that form a workable system.
The minimum section is the minimum conjunction of the inoperable states of the elements that form the inoperable state of the system.
EXAMPLE 5.13. It is necessary to form the system operability function, the block diagram of which is shown in fig. 5.17 using the method of shortest paths and minimum sections.
Solution. In this case, the shortest paths that form a workable system will be: x 1 x 2, x 3 x 4, x 1 x 5 x 4, x 3 x 5 x 2. Then the health function can be written as the following logic algebra function:
In accordance with this FAL, the block diagram of the system in Fig. 5.17 can be represented by the block diagram of fig. 5.18.
The minimum sections that form an inoperable system will be: x 1 x 3, x 2 x 4, x 1 x 5 x 4, x 3 x 5 x 2. Then the inoperability function can be written as the following logic algebra function:
In accordance with this FAL, the block diagram of the system will be presented in the form shown in Fig. 5.19.
It should be borne in mind that the block diagrams in Fig. 5.18 and fig. 5.19 are not reliability calculation schemes, and the expressions for the FAL of the operable and inoperable states are not expressions for determining the probability of failure-free operation and the probability of failure:
The main advantages of the FAL are that they allow one to obtain formally, without compiling a truth table, PDNF and CKNF (perfect conjunctive normal form), which make it possible to obtain the probability of failure-free operation (probability of failure) of the system by substituting in the FAL instead of logical variables the corresponding values of the probabilities of failure-free work, replacing the operations of conjunction and disjunction with the algebraic operations of multiplication and addition.
To obtain SDNF, it is necessary to multiply each disjunctive term of the FAL by, where x i- the missing argument, and expand the brackets. The answer is SDNF. Let's consider this method with an example.
EXAMPLE 5.14. It is necessary to determine the probability of failure-free operation of the system, the block diagram of which is shown in Fig. 5.17. The probabilities of failure-free operation of elements are equal to p 1, p 2, p 3, p 4, r 5 .
Solution. Let's use the shortest path method. The logic algebra function obtained by the shortest path method has the form:
We get the SDNF of the system. To do this, we multiply the disjunctive terms by the missing ones:
Expanding the brackets and performing transformations according to the rules of the algebra of logic, we obtain SDNF:
Substituting in SDNF instead of x 1, x 2, x 3 , x 4, x 5 uptime probabilities p 1, p 2, p 3, p 4, p 5 and using the ratios q i = 1–p i, we obtain the following expression for the probability of failure-free operation of the system.
From the above example, it can be seen that the method of shortest paths freed us from the definition of favorable hypotheses. The same result can be obtained using the method of minimum sections.
5.3.3. Slicing algorithm
The cutting algorithm makes it possible to obtain a FAL, substituting into which, instead of logical variables, the probability of failure-free operation (probability of failure) of elements, one can find the probability of failure-free operation of the system. It is not required to obtain a CDNF for this purpose.
The slicing algorithm is based on the following logic algebra theorem: the logic algebra function y(x b x 2 ,...,x n) can be presented in the following form:
Let us show the applicability of this theorem on three examples:
Applying the second distributive law of the algebra of logic, we get:
EXAMPLE 5.15. Determine the probability of failure-free operation of the system, the block diagram of which is shown in fig. 5.16 using the slicing algorithm.
Solution. Using the shortest path method, we get the following FAL:
Let's apply the cutting algorithm:
Substituting now instead of logical variables the probabilities and replacing the operations of conjunction and disjunction with algebraic multiplication and addition, we get:
EXAMPLE 5.16. Determine the probability of failure-free operation of the system, the block diagram of which is shown in fig. 5.17. Use the cutting algorithm.
Solution. The logic algebra function obtained by the method of minimal sections has the form:
We implement the cutting algorithm with respect to X 5:
We simplify the resulting expression using the rules of the algebra of logic. We simplify the expression in the first brackets using the bracketing rule:
Then FAL will look like:
This expression corresponds to the block diagram of Fig. 5.20.
The resulting scheme is also a reliability calculation scheme, if the logical variables are replaced by the probabilities of failure-free operation p 1, p 2, p 3, p 4, p 5, and the variable is the probability of failure q 5 . From fig. 5.20 it can be seen that the block diagram of the system is reduced to a series-parallel circuit. The probability of failure-free operation is calculated by the following formula:
The formula does not need to be explained, it is written directly according to the block diagram.
5.3.4. Orthogonalization algorithm
The orthogonalization algorithm, like the cutting algorithm, allows formal procedures to form a function of the algebra of logic, substituting into which probabilities instead of logical variables, and algebraic addition and multiplication instead of disjunctions and conjunctions, to obtain the probability of trouble-free operation of the system. The algorithm is based on the transformation of logic algebra functions into orthogonal disjunctive normal form (ODNF), which is much shorter than SDNF. Before describing the methodology, we formulate a number of definitions and give examples.
Two conjunctions called orthogonal, if their product is identically zero. Disjunctive normal form called orthogonal, if all its terms are pairwise orthogonal. SDNF is orthogonal, but the longest of all orthogonal functions.
Orthogonal DNF can be obtained using the following formulas:
These formulas are easy to prove using the second distributive law of the algebra of logic and De Morgan's theorem. The algorithm for obtaining an orthogonal disjunctive normal form is the following function transformation procedure y(x 1, x 2,..., x n) in ODNF:
Function y(x 1, x 2,..., x n) converted to DNF using the method of shortest paths or minimum sections;
The orthogonal disjunctive-normal form is found using formulas (5.10) and (5.11);
The function is minimized by equating to zero the orthogonal terms of the ODNF;
Boolean variables are replaced by the probabilities of failure-free operation (failure probabilities) of the elements of the system;
The final solution is obtained after simplifying the expression obtained in the previous step.
Let's consider the technique with an example.
EXAMPLE 5.17. Determine the probability of failure-free operation of the system, the block diagram of which is shown in fig. 5.17. Apply the orthogonalization method.
Solution. In this case, the functioning of the system is described by the following logic algebra function (method of minimal sections):
Denote K 1= x 1 x 2, K 2= x 3 x 4, K 3= x 1 x 5 x 4, K 4 \u003d x 3 x 5 x 2. Then ODNF will be written in the following form:
Values , i= 1,2,3, based on formula (5.10) will have the form:
Substituting these expressions into (5.12), we obtain:
Replacing the logical variables in this expression with the corresponding probabilities and performing the algebraic operations of addition and multiplication, we obtain the probability of the system fail-safe operation:
The answer is the same as in Example 5.14.
The example shows that the orthogonalization algorithm is more productive than the methods discussed earlier. In more detail, the logical-probabilistic methods of reliability analysis are described in. The logical-probabilistic method, like any other, has its advantages and disadvantages. Its merits have been mentioned before. Let's point out its shortcomings.
The initial data in the logical-probabilistic method are the probabilities of failure-free operation of the elements of the structural diagram of the system. However, in many cases this data cannot be obtained. And not because the reliability of the elements is unknown, but because the operating time of the element is a random variable. This takes place in the case of redundancy by replacement, the presence of failure aftereffect, the non-simultaneity of the operation of elements, the presence of restoration with a different service discipline, and in many other cases.
Let us give examples illustrating these shortcomings. The block diagram of the system has the form shown in fig. 5.21, where the following designations are accepted: x i- logical variables with values 0 and 1, corresponding to the failure and proper operation of the element, x i = 1, 2, 3.
In this case, the logical variable ds 3 is 0 until the time τ of failure of the main element and 1 during the time (t-τ), where t- the time during which the probability of failure-free operation of the system is determined. Time τ is a random value, so the value р(τ) unknown. In this case, it is impossible to compile a FAL, and even more so an SDNF. None of the logical-probabilistic methods we have considered allows us to find the probability of the system fail-safe operation.
Here is another typical example. The power system consists of a voltage regulator R n and two parallel generators G 1 and G 2 . The block diagram of the system is shown in fig. 5.22.
If one of the generators fails, the remaining serviceable generator works one common load. Its failure rate is increasing. If before the moment τ of failure of one of the generators, the intensity of its failure was equal to λ , then after rejection λ1 > λ2. Since the time τ is random, then Р(τ) unknown. Here, as in the case of redundancy by replacement, logical-probabilistic methods are powerless. Thus, these shortcomings of logical-probabilistic methods reduce their practical application in calculating the reliability of complex systems.
5.4. Topological methods of reliability analysis
We will call topological methods that allow you to determine the reliability indicators either by the state graph or by the structural diagram of the system, without compiling or solving equations. A number of works are devoted to topological methods, which describe various ways of their practical implementation. This section outlines methods to determine the reliability indicators from the state graph.
Topological methods make it possible to calculate the following reliability indicators:
- P(t)- probability of non-failure operation during, time t;
- T1, - mean time of non-failure operation;
- K g (t)- readiness function (probability that the system is operational at any arbitrary point in time t);
- K g= - readiness factor;
T- time between failures of the restored system.
Topological methods have the following features:
Simplicity of computational algorithms;
High clarity of procedures for determining the quantitative characteristics of reliability;
Possibility of approximate estimates;
No restrictions on the type of block diagram (systems, recoverable and non-recoverable, non-redundant and redundant with any type of redundancy and any multiplicity).
This chapter will discuss the limitations of topological methods:
The failure and recovery rates of the elements of a complex system are constant values”;
Time indicators of reliability, such as the probability of failure-free operation and the availability function, are determined in Laplace transforms;
Difficulties, in some cases insurmountable, in the analysis of the reliability of complex systems described by a multiply connected state graph.
The idea of topological methods is as follows.
The state graph is one of the ways to describe the functioning of the system. It determines the type of differential equations and their number. The intensities of transitions, which characterize the reliability of elements and their recoverability, determine the coefficients of differential equations. The initial conditions are chosen by coding the nodes of the graph.
The state graph contains all the information about the reliability of the system. And this is the reason to believe that reliability indicators can be calculated directly from the state graph.
5.4.1. Determining the probabilities of system states
Probability of finding the recoverable system in a state i at a fixed point in time t in the Laplace transform can be written in the following form:
where ∆(s)- the main determinant of the system of differential equations written in Laplace transformations; Δi(s) is a private determinant of the system.
It can be seen from expression (5.13) that Pi(s) will be determined if the degrees are found from the state graph type of polynomials of the numerator and denominator, as well as the coefficients Bij (j = 0,1,2,..., m) and A i(i = 0,1, 2,..., n-1).
Let us first consider the method of determining Pi(s) the state graph of only such systems, in the state graph of which there are no transitions through states. These include all non-redundant systems, redundant systems with general redundancy with integer and fractional multiplicity, redundant systems of any structure with maintenance of failed devices in the reverse order of their receipt for repair. This class of systems also includes some redundant systems with equally reliable devices with different disciplines for their maintenance.
The functioning of the system is described by differential equations, the number of which is equal to the number of graph nodes. This means that the main determinant of the system ∆(s) in general will be a polynomial n th degree, where n is the number of state graph nodes. It is easy to show that the denominator polynomial does not contain an intercept. Indeed, since then the denominator of the function Pi(s) must contain s as a factor, otherwise the final probability Pi (∞) will be equal to zero. The exception is when the number of repairs is limited.
Degree of the numerator polynomial∆ i found from the expression:
m i \u003d n - 1 - l i,
where n- number of nodes of the state graph; l i- the number of transitions from the initial state of the system, determined by the initial conditions of its functioning, to the state i along the shortest path.
If the initial state of the system is the state when all devices are operational, then l i- state level number i, i.e. l i is equal to the minimum number of failed system devices in the state i. Thus, the degree of the probability numerator polynomial P i (s) stay of the system in i-th state depends on the state number i and from the initial conditions. Since the number of transitions l i maybe 0,1,2,..., n-1, then the degree of the polynomialΔi(s) based on (5.14) can also take the values m i = 0,1,2,..., n-1.
The method is based on the mathematical apparatus of the algebra of logic. The calculation of the reliability of the control system involves determining the relationship between a complex event (system failure) and the events on which it depends (failures of system elements). Consequently, reliability calculations are based on carrying out operations with events and statements, which are accepted as statements about the operability or failure of an element (system). Each element of the system is represented by a logical variable that takes the value 1 or 0.
Events and statements with the help of operations of disjunction, conjunction and negation are combined into logical equations corresponding to the condition of the system's operability. A logical health function is compiled. The calculation based on the direct use of logical equations is called logical-probabilistic and is performed in seven stages:
1. Verbal formulation of the conditions for the object's operability. The dependence of the health of the information system on the state of its individual elements is described.
2. Drawing up a logical function of health. It is a logical equation corresponding to the condition of the control system operability
which is expressed in disjunctive form, for example:
where x i is the operability condition i - th element Fl; X i = 1 is an operable state, X i = 0 is an inoperative state.
3. Bringing the logical function of health F L to an orthogonal non-repetitive form F L . A complex logical function of working capacity must be reduced to an orthogonal non-repetitive form.
A function of the form (2.2) is called orthogonal if all its members D i are pairwise orthogonal (that is, their product is equal to zero), and non-repetitive if each of its members D i consists of letters x i , with different numbers (that is, there are no repeated arguments ), for example: the product of elementary conjunctions x 1, x 2, x 4 and x 3, x 2 is zero, since one of them contains x2, and the other x2, hence they are orthogonal; D 1 \u003d x 1 ×x 2 ×x 2, where x2 and x 2 have the same number, so the term D 1 is not nonrepetitive.
– orthogonal non-repetitive form;
- orthogonal, but not non-repetitive form.
The function F l can be transformed to an orthogonal non-repetitive form F lo using the laws and rules for the transformation of complex statements. When calculating, the most common rules are:
1) x 1 × x 2 \u003d x 2 × x 1;
4. Arithmetization F lo. The arithmetic function F a (2.3) is determined by the found orthogonal non-repetitive logical function of working capacity F LO.
where A i is the arithmetic form of the terms D i of the function F lo.
The arithmetization of the terms D i , in general form containing the operations of disjunction, conjunction and negation, is carried out by replacing logical operations with arithmetic ones according to the rules:
5. Determining the probability of failure-free operation of the system.
The probability of failure-free operation of the system is set as the probability of the truth of the logical function of health, presented in an orthogonal non-repetitive form, and is calculated as the sum of the probabilities of truth of all orthogonal members of this function of the logic algebra. All events (statements) are replaced by their probabilities (probabilities of failure-free operation of the corresponding elements).
LVM arose as a result of research into the security problems of complex systems. It can be used to estimate the probability of failure of a complex system.
LVM refers to axiomatic methods of decision making under conditions of stochastic uncertainty. It allows to reduce this uncertainty with its evidence-based approach and experimental results - the probabilistic characteristics of alternatives.
In the manual, LVM is considered on the example of solving the problem of choosing the most reliable information system.
Let the set of alternatives be the set of information system (IS) risk indicators. It is required to find such an IS, the risk of which is minimal.
Under system risk the sum of the risks of the resources of which it consists is considered:
where R i- risk i-th resource, n- the amount of resources. Each resource is associated with a set of dangerous states (OS), the implementation of which leads to the failure of this resource.
Examples of IP resources can be information resources, services, physical or hardware resources, software. One example of an information resource is an IP database.
Under i-th resource risk the sum of risks associated with the implementation of dangerous states of a given resource is understood:
where r i j– realization risk j-th dangerous state i-th resource, ; M i– number of dangerous states i-th resource.
Examples of OS for the resource "DB" are violation of confidentiality of information, complete or partial loss of information due to failure of the storage medium, violation of access.
Under the risk of the j-th dangerous state of the i-th resource is understood as the product of probability P ij and cost of losses C ij from the realization of this dangerous state of the resource:
.
Thus, the task of system risk assessment can be divided into the following stages:
1. description of the structure of the system resources;
2. description of the set of dangerous states of the system resources;
3. estimation of probabilities P ij implementation of dangerous states, including the identification of the measure of influence of threats on the implementation of dangerous states;
4. estimate the cost of losses C ij from the realization of dangerous states.
The main provisions of the logical-probabilistic method
The logical-probabilistic method for analyzing the safety of complex technical systems was proposed in the 70s of the 20th century
I. A. Ryabinin. The main idea of this method is to combine logical and probabilistic approaches in assessing the reliability indicators of complex technical, economic, social systems and other systems.
In the LVM, the concepts are used as basic dangerous system state and danger – the ability of the system to go into a dangerous state. The description of the dangerous state of the system begins with the compilation danger scenario (OS), which is built using the operations disjunction and conjunction over initiating conditions and events .
Failures of one or more elements of the system act as initiating conditions and events. Each element of the system is associated boolean variable x k() with two possible states (for example, operability/failure, readiness/unavailability, etc.) with given probabilistic parameters of these states p k and q k =1-p k.
The scenario is the basis for compiling a logical function, or a function of the algebra of logic (FAL), describing the dangerous state of the system.
The next step is to transform the logic algebra function into a probabilistic function, which is further used to obtain a quantitative estimate of the probability of a dangerous state being realized.
Thus, on the one hand, the method provides a mechanism for formalizing a set of dangerous states of the system, and, on the other hand, a theoretically substantiated approach to the quantitative risk assessment of the system.
For a system consisting of various resources, the LVM is used to obtain quantitative estimates of the probabilities of dangerous states for each type of resource. In turn, each resource in the LVM is also considered as a separate system.
Statement of the problem of estimating the probabilities of the realization of dangerous states of the resource
Given:
1. Resource with number i, for which dangerous states are highlighted Sij, , where m is the number of possible states.
2. OS structure and probabilities of initiating events (threats) x k, .
Required to find:
Probabilities P ij implementation of dangerous states Sij, .
Solution algorithm
Step 1: Scripting a Dangerous Condition Sij.
Step 2: Building the Boolean Algebra Function (FAL) 
using conjunction and disjunction operations based on a dangerous state scenario Sij.
Step 3. Building a probability function (WF) 
based on the function of the algebra of logic.
Step 4. Probability Calculation P ij realization of a dangerous state with the help of a probabilistic function.
At present, mathematical logic and probability theory are combined on the basis of the logical-probabilistic calculus. It is assumed that the probability theory makes it possible to quantify the reliability or safety of systems whose structure is described by means of mathematical logic.
The main problem in practical application The LVM is the transformation of arbitrary FAL to the forms of transition to complete replacement (FPPZ). In order to make this transformation standard and mathematically rigorous, it is necessary to turn to a special theoretical apparatus, the basic concepts and theorems of which will be given below.
We will assume that each element of the system is assigned boolean variable x k ,() with two possible states (health/failure, ready/not ready, etc.) with given probabilistic parameters of these states p k and q k =1-p k :
In addition, it is assumed that all events x k are independent in the aggregate and that on the considered time interval of the system operation, the initial parameters of the laws of distributions of elements do not change.
Expression of the form 
called elementary conjunction
K rank r. An expression of the form , where are elementary conjunctions of different ranks, is called disjunctive normal form
(DNF). If the function is written in DNF, and the rank of each elementary conjunction is equal to n, then such a DNF is called perfect disjunctive normal form
(SDNF).
Expression of the form 
called elementary disjunction
rank r.
The two elementary conjunctions are called orthogonal , if their product is equal to zero (example: and ).
DNF is called orthogonal disjunctive normal form (ODNF) if all its members are pairwise orthogonal.
Repetitive DNF(BDNF) is a DNF in which each logical variable occurs exactly once.
De Morgan rules allow logical multiplication to be expressed through the negation of the logical sum of inversions of statements, and the logical sum through the negation of the logical product of inverse statements. In the future, they will be used to bring the FAL to a special form:
and 
Probabilistic function(WF) we will call the probability of the truth of the FAL:
P(f(x 1 , x 2 , …, x h)=1 )
Functions of the algebra of logic that allow a direct transition to a probabilistic function by replacing logical variables with probabilities, and logical operations with the corresponding ones arithmetic operations, let's call forms of transition to substitution (FPZ).
Forms of transition to full replacement(FPZ) are called FPZ, in which the replacement of all logical variables is performed simultaneously.
boolean difference functions 
by argument x k called
where the symbol “ ” denotes the logical operation “sum modulo two”.
Function 
called monotonous
, if for any sets ( a 1 , …, a h) and ( b 1 , …, b h), such that , ( k=1,2,…,h) there is a relation f(a 1 , …, a h) f(b 1 , …, b h). Next, we consider a number of basic theorems.
Theorem 1. The partial derivative of the probability of the truth of a monotonic FAL with the probability of the truth of the argument x k is numerically equal to the probability of the truth of the Boolean difference of this function with respect to the argument x k:
Theorem 2. The probability of the truth of an arbitrary FAL, represented in the ODNF, is equal to the sum of the probabilities of truth of all orthogonal members of this FAL:
,
where Oh u are not only elementary conjunctions of ODNF, but also any FAL, pairwise orthogonal.
Theorem 3. The disjunction of orthogonal non-repetitive forms in the conjunction-negation basis is a form of transition to complete substitution.
At present, there are several FFPPs known: perfect disjunctive normal form (PDNF), orthogonal disjunctive normal form (ODNF) and non-repetitive FALs (BFALs) in the conjunction-negation basis.
If the FAL is represented in the FPPZ, then the transition to the probabilistic function is carried out according to the following rules:
1. Each logical variable in the FFPP is replaced by the probability of its being equal to one:
, ;
2. The negation of a function is replaced by the difference between unity and the probability that this function is equal to one;
3. The operations of logical multiplication and addition are replaced by the operations of arithmetic multiplication and addition.
Scripting a Dangerous Condition
Compiling a scenario for a dangerous state of the IS can be represented as the following sequence of steps:
1. selection of the final event - a dangerous state (failure),
2. selection of intermediate events leading to the realization of a dangerous state and obtained as a combination of two or more initiating events,
3. selection of initiating events-threats.
An event or failure tree is used to represent the dangerous state.
On fig. 5.2 shows an example of a dangerous state scenario in the form of a tree of events.
Rice. 5.2. An example of an event tree for describing a dangerous system state
Building a Boolean Algebra Function
Using the event tree, a logic algebra function is compiled that describes the conditions for the transition of the system to a dangerous state.
To describe the conditions for the transition of the system to a dangerous state, the concept " shortest path to dangerous operation » (KPOF), which is understood as the conjunction of the minimum set of system elements that together ensure the transition of the system to a dangerous state:
,
where Kwl is the set of numbers of variables corresponding to the given path.
Condition for the transition of the system to a dangerous state can be represented as a disjunction of all available KPOF:
.
Example. Let the event tree have the form shown in Fig. 5.2.
Then KPOF are: , , , .
The condition for the transition of the system to a dangerous state has the form:
Construction of a probability function
At the previous stage, the FAL was received 
, which describes the dangerous state of the system as a disjunction of all KPOFs. The next step is the conversion of FAL to FPPP - SDNF, ODNF or non-repetitive FAL in the conjunction-negation basis (BFAL).
The construction of a probabilistic function based on the FPP is carried out according to the rules described above. The result of this stage is the probability function
Calculation of the estimate of the probability of the realization of a dangerous state
Substituting values 
in the WF obtained at the previous stage, we obtain an estimate of the probability of the realization of a dangerous state P ij.
Example
Let us consider an example of using the LVM to assess the risk of the implementation of the dangerous state "Violation of the confidentiality of the IS database (IS DB)".
Step 1. Scripting a dangerous state of the resource (Fig. 5.3).
Rice. 5.3. Scenario OS "Violation of the confidentiality of the DB IS"
Step 2 Building a logic algebra function. According to the described scenario, the logic function takes the form:
F=X 1 X 2 X 3 X 4 X 5 X 6 X 7 X 8 X 9 X 10 X 11 X 12 X 13 X 14 X 15 X 12 X 13 X 14 X 15