Fault Tree Analysis (FTA)

Fault Tree Analysis is a well-established methodology that relies on solid theories such as Boolean logic and Probability Theory. Boolean logic is used to reduce the Fault Tree structure into the combinations of events leading to failure of the system, generally referred to as Minimal Cut Sets, many of which are typically found. Probability Theory is then used to determine probabilities that the system will fail during a particular mission, or is unavailable at a particular point in time, given the probability of the individual events. Additionally, probabilities are computed for individual Minimal Cut Sets, forming the basis for their ranking by importance with respect to their reliability and safety impact.

Using this detailed information, efforts to improve system safety and reliability can be highly focused, and tailored to your individual system. Possible design changes and other risk-mitigating actions can be evaluated for their impact on safety and reliability, allowing for a better-informed decision making process and improved system reliability. This type of analysis is especially useful when analyzing large and complex systems where manual methods of fault isolation and analysis are not viable.

A Fault Tree is a graphical representation of events in a hierarchical, tree-like structure. It is used to determine various combinations of hardware, software, and human error failures that could result in a specified risk or system failure. System failures are often referred to as top events. A deductive analysis using a Fault Tree begins with a general conclusion or hazard, which is displayed at the top of a hierarchical tree. This deductive analysis is the final event in a sequence of events for which the Fault Tree is used to determine if a failure will occur or, alternatively, can be used to stop the failure from occurring. The remainder of the Fault Tree represents parallel and sequential events that potentially could cause the conclusion or hazard to occur and the probability of this conclusion. This is often described as a "top down" approach.

Fault Trees are composed of events and logical event connectors (OR-gates, AND-gates, etc.). Each event node's sub-events (or children) are the necessary pre-conditions that could cause this event to occur. These conditions can be combined in any number of ways using logical gates. Events in a Fault Tree are continually expanded until basic events are created for which you can assign a probability.

Sample Fault Tree

The top level event must be described precisely. Defining the top event too broadly leads to an open-ended tree, showing no specific cause or causes for failure. Similarly, defining the top event too narrowly leads to possible cause omissions. An FTA needs to include all possible weaknesses, faults or failures present in the system that could cause safety hazards or reliability problems. Hardware, software, and human components of the system must be included in the Fault Tree Analysis. All interactions between the system components and elements must be fully described in the FTA.

An FTA provides a method to:

  • Calculate unreliability and unavailability
  • Analyze Uncertainty and Sensitivity
  • Analyze Common Cause Failure (CCF)
  • Produce minimal cut set
  • Fault Tree Sequencing, Initiator and Enabler, Initiator Only, Enabler Only
  • Define event failure models
  • Determine the importance of elements in a system