- Email: [email protected]
Failure rates for general systems including structural components
Reliability Engineering 9 (1984) 229-242
Failure Rates for General Systems Including Structural Components R. R a c k w i t z c/o Technische Universit/it, Mfinchen Institut ffir Bauingenieurwesen 111, Lehrstfihl ffir Massivbau, 8000 Mfinchen 2, Postfach 202420, West Germany (Received: 28 February, 1984)
ABSTRACT At present, the methods oJ analysis oj the reliability oj' man-machinestructure systems appear inconsistent and difficult, particularly if both the results Jrom a classical and fi'om the structural analysis have to be combined. It is shown that the unconditional jailure rates in classical reliability theory have the same meaning as the outcrossing rates in structural reliability so that both approaches can be unified. Some practically important cases of systems, i.e. systems under the excitation oJ stationary Gaussian vector processes, are studied in more detail.
1
INTRODUCTION
Considerable progress has been achieved in the formulation and computation of structural reliability in recent years. The development of the so-called first-order reliability methodology ( F O R M ) is considered to be one of the major steps as concerns the computational aspects. Let the time-invariant vector of uncertainty variables be denoted by X and let a probability transformation X = T(U) exist with U a vector of independent standard normal variates.9 Further, let the componental failure domain be V = { X e F } = [ g ( X ) < 0 } . Then, a first-order estimate of its failure probability is given by Pf,~ q~(-fl)
with
fl=min{llul[}
for {u:g(T(u))<0}
(1)
229 Reliability Engineering 0143-8174/84/$03-00 © ElsevierApplied Science Publishers Ltd,
England, 1984. Printed in Great
Britain
R. Rackwitz
230
where ~bis the standard normal integral and fl is the so-called safety index. fl must be found by an appropriate optimisation algorithm.15 If the failure domain is given as an intersection of different componental failure domains, i.e. r/i
I/p= O lXcFi~ i=1
the formulation is1°
P~,~ ~ Om(-/~; R)
~2)
with /J the vector of safety indices and R = / a { . ~ s } a correlation coefficient matrix where ~ is the vector of direction cosines of the point in g/(T(u)) _< 0 for which fli = rain {llult }. ~bm is the m-dimensional normal integral. A similar formulation holds for the union of componental failure domains. Alternatively, probability bounds for the union of (small probability) events may be used, e.g.5
max {P( Vi) } <<-P(V1) + ~ max lO' P( Vi)-~2 P( Vi c~ Vj) j
i=2
< P(V) < P(V1) + ~ (P(Vi)
(3)
i~2
max i
{P(Vi c~ VJ)~) < ~~P(l/i) z._a i
Herein, the events V can be intersections of componental events and, thus, formulae(l) to (3) provide efficient tools to determine the probability content of so-called (minimal) cut sets of (failure) events, i.e. for p(v)
= P(c~ u v~j)
Interestingly, a corresponding asymptotic theory justifies, at least numerically, the FORM results. 2'8 However, in most cases, at least some of the components of X vary with time. Consequently, X(z) denotes the random vector process and interest lies in the probability distribution of the time to first system failure. This distribution appears extremely difficult to compute. An upper bound to
Failure rates Jbr general systems and structural components
231
the time-dependent failure probability is1 o Pf(t) _< Pf(O) + where
v(z) dz
(4)
v(z) is the so-called outcrossing rate for X(T) defined by 1
v(V;z)=lim x P(X(z)eF(z)mX(~ +A)eF(z+A))
(5)
A+0
If X is stationary and F(z) does not vary with time, the integral in eqn (4) is replaced by v(V)t. Pf(0) is the initial failure probability to be computed as before. A number of exact and approximate formulae have been proposed for various types of processes X(z) (see, for example, refs. 16, 4, 11 and 17) but, with the exception of refs. 16 and 6 with respect to differentiable Gaussian processes X(z) and ref. 14 with respect to pure Gaussian jump processes, system aspects have been neglected. Furthermore, a complete reliability analysis of a technical system additionally involves operative components such as electronic devices, various kinds of machinery and, last but not least, the human being as a user and/or operator. Those types of (boolean) system components are usually described by their distribution of time to failure or simply by probabilities of successful or adverse action. It is not the purpose here to describe in detail the modelling aspects of those non-structural components. Rather an attempt is made to put together a common framework for the analysis of general systems. The system is assumed to be discretised into components. The system failure event is represented by the (minimal) cut sets of componental failure events which have been formed, e.g. by a fault tree analysis v and subsequent reduction to an irreducible representation as V = w c~ Vi~(ref. 1). Since system states vary with time, the aim is to compute eqn (4), i.e. the outcrossing rates for structural components and the (unconditional) failure rates for the other components yielding the (unconditional) failure rate of the global system. For simplicity of presentation, the failure events of the operative components are assumed to be independent of each other and independent of the failure events of the structural components. Only operative components can be repaired. The times to failure and to successful repair are independent. Also, the system is considered to be in a stationary state, i.e. its failure rate does not depend on time. This implies a stationary load process and no deterioration of the structural system properties.
232 2
R. Rackwitz OUTCROSSING RATES FOR STRUCTURAL SYSTEMS-DIFFERENTIABLE LOAD EFFECT PROCESSES
Assume a structural system whose load effect processes can be described by a Gaussian vector process X(r) which, without loss of generality, is a zero mean, unit standard deviation process, i.e. E[X(r)] = 0 and var[X(-c)]=l. Moreover, the process is transformed such that E[X(r)] = 0 and the co-variance matrix -~xx = l_which implies E[J~(r)][= 0 whereas, in general, no special properties can be assumed for -~xx and ~xx. X(r) is the derivative process of X(r). A system c o m p o n e n t is said to function perfectly if X ( ~ ) ~ F and, according to Rice's formula, experiences an outcrossing if X(r) is on the failure surface G = g(x) = 0 and moves into F. v(V)=
f f0
JxxN(x, ,~N)d2s dx = f ( G ) E [2NIXe G ]
(6)
0
where f ( G ) = P ( X ( r ) ~ G ) at any time z and ku(r ) = - a ( x ) k ( r ) = t h e velocity of X(z) in the direction of the surface element AG in x. If g(x) = ~rx + fl = 0 and ~xx = 9, ~xx = diag {ax, }, a well-known result 16 is: v(V)=~0(fl) ~/.~-~
~ LJ
(7)
i=1
Under the same special conditions it has been shown 3'13 that, asymptotically (/~---, ~ ) , the t e r m f ( G ) in the case of a non-linear failure surface g(x) = 0 must be replaced by n - 1
f ( g ) ~- qo(fl) [ [ (1
-
[Jl,~i)-
12
(8)
& 31_ i=1
where the Ki values are the main curvatures in the fl-point. This suggests that again the fl-point, introduced before, is an optimal approximation (linearisation) point. At least to a first approximation this point enables a suitable linearisation in less general cases. Although the exact solution for crossings out of half-spaces for dependent processes X and X is known, 6 asymptotic arguments following refs. 3 and 8 suggest that it is
Failure rates .[or general systems and structural components
233
approximately possible to restrict the dependence of k N on x to the flpoint x* and, therefore,
v(V) ~- ~p(fl) E [kulX = x*l = ~p(fl)E + [Xulx*] 0
(9)
With (see ref. 6) m* = E[XNIx*] = E [ - ar/qx .1 = - ~d'_~xXX* var [XNIx*] = var [ - ~TXIx*]
(0"*) 2 =
= ~T(~_)~)~ _ _~Xx_~Tx)0t
(m,) (m*)
it is
E+[Xu[x* ] = m*~b ~ ; -
+ a*~p ~ ; -
(10)
It is i m p o r t a n t to note that the linearisation of the failure surface at an appropriate point is essential for the first-order considerations to come. We shall now study exits of X into the intersection of failure domains. In particular, we shall say that a redundant system fails if X is in the respective failure domains except for one and moves into the last failure domain. Such an event occurs if X is on the failure surface of the sth c o m p o n e n t and moves into F s but is already in all Fr, r # s. Clearly, the events X ~ G, are mutually exclusive. Therefore,
v(Vp)=~P({XeGs}mOr#~
{Xefr})E+[Xu'slX*]
(111
S=I
It is expected that a better point in the expectation is the c o m m o n point xv for which (cf. Fig. 1) flp=min{llxll}
for {x" (~ g ~ ( x ) < 0 } ~=1
In order to c o m p u t e the first term in eqn (11) we observe that in the case of linear failure surfaces, Z = ~ r X is a standard normal variate and hence
P ( Z + A <_ - 9) - P ( Z <_ - 9) A-~o A
P(X~G)=lim
a4,( -/~) ---q~(fl)
89
Therefore, we can interpret the probabilities in eqn (1 l) as the derivatives of the d o m a i n integral P((~ s=l
{Xc Fr}) = ~bm(-c; R)
234
R. R a c k w i t z
&] F i g . 1.
with respect to the safety indices of each failure domain. One obtains (see Appendix) for the first derivative m
~Om(-/~; _a)
P({XeG,}(~ ~ {XeF~})= r=2
~B1
=-~m l(d';8)(P(fl,) (12)
with coefficients d' explained in the Appendix. By an appropriate reordering one obtains all other derivatives. For a series system, with respect to the exits of X out of the K safe domains of its components, one has to observe that an exit out of the kth failure surface occurs ifX is on gk(x) = 0 and moves into F k but is in the safe domains of all other components. Therefore, K
v(VO =
P((Xe Gk) ~ (~ (Xe Fj))E~ [X~, k klx ' *]
(13)
j,1 k=1
j+k
which differs from eqn (11) only by the sate events ~i in the probabilities and the individual points x*. Alternatively, one may expand the probability in eqn (13) using the obvious identity P(A m B ) - P ( A ) P(A c~ B) and de Morgan's law. The probability becomes K
K
P((X~Gk)(~ ~ ( X ~ F j ) = P ( X E G k ) - P ( U j
1
j4=k
((X~Ki)(~(XcGk))) j=: 1 j+k
(14)
235
Failure rates Jbr general systems and structural components
The second term is a correction term. It can be bounded by using eqn (3). The lower bound reads K
P( U ((X 6 F2) n (X ~ Gk))) > P((X ~ F, ) n (X 6 Gk) ) j=l
j+k
K
+ )'
max {0, P((X~ 6 F~)n (X
Gk))
(1 5)
r=2
r+k
P(tX e
(X e F,) n (X e Gk)) /
s
The formulation can be extended to (minimal) cut set systems. Let M k ~ Q be the set of system components contained in the kth cut out of
the total set Q (q = 1. . . . . mo). Then we may write K
v(V) = ~
~P((XEGq)n n (XEFi)A n i~Mk i4-q
k=l q~Mk
U (XEfi'p))E +[xN,qlx " *]
j= 1 peMj j•q P~:q
(16)
In words: there is an outcrossing in the kth cut if X is in at least one safe domain in the other cuts. As before, the probability can be expanded: P((X~Gq)A
n (XEFi)A n U (XEf'p)) ieMk j = l PEMi igffq j+k p#:q K
=P((XeGq)n
N ieMk i~:q
(XeF~))-P(U
N
j= 1 r~M i.Mk
j#k r+q
(XeF,)n(X~Gq)) (17)
The computation of the correction term, even with the aid of eqn (3), is quite involved but may be simplified as far as possible in practical applications, e.g. by using some weaker forms of eqn (3). 6
3
O U T C R O S S I N G R A T E S - - P U R E R E C T A N G U L A R WAVE J U M P PROCESSES
Next, we assume that the time-variant part of X(z) is an n-directional rectangular wave renewal process. 4'~4 Renewals of the different
236
R. Rackwitz
components of X occur independently with rate 2 i (i = 1 , . . . , n). Without loss of generality, the amplitude process is a zero mean, unit variance process. The cross correlation matrix is R. If the ith component jumps, there is serial correlation between X and X+ of magnitude p;. These serial correlation coeffÉcients must be chosen such that (X r, X+ )7 have positive definite correlation coefficient matrices. Finally, as before, the failure domain is defined by {~rX +/3 < 0}. A componental outcrossing occurs if X is in the safe domain before a j u m p of the ith component of X and is in the failure domain after the jump. Jumps of the components of X occur independently or, more precisely, are mutually exclusive for any small time interval. Here, we present only the results. n
v(v) = ~
(18)
2.;[4~(- b) - ~2( - b, - b; p;)]
i=1
with b =
fl/(~lR~)
and
;~ =
1 - :~; ~
%(&:- I)ij. + )/(ar_Ra)
j=l
If R = I and the p+ = O, eqn. (18) simplifies substantially since aTR~ = 1 and Pi = 1 -,x2. The generalisation to system outcrossings has been outlined in ref. 14. The result for a redundant system is n
v( Vpk ) = y j )~iP[Xi+ E q~M~ (~ F~) r~ (X 6 (~'\ q~u~ ~ Fq))] i=l
= ~ 2,tP[X+ ~ q~,~4k (~ Fq)] - P[(X+ E
G) n ( x c ~ G)] I q~ M k
q~ M k
i=1
t. ,~;[~bm(c, R) - 02m(d,t d'; _Ra)] i=1
19)
Failure rates Jor general systems and structural components
237
where c 'r = {-flr/(~,R~,)}
r-= 1, 2 . . . . , m
d' = [c', c'] r _K, =
r , s = 1,2, . . . , m
"el c%(pi
- p j, +)
r = 1, 2 . . . . , m
t = m + 1. . . . , 2 m
It is recognised that again the primary computational task is the evaluation of multinormal integrals. F o r completeness the formula for the (minimal) cut set system derived very much on the same lines as for differentiable processes is also given:
v(V) = - -
2i[P(X+ e ~
Fq)
q~Mk k=l
i=1 K
-P(U
(X+~ ~ j=1
rq) c~(X6 N
qeMk
F,))]
(20)
r~Mj,Mk
in which we see that when employing eqn (3) to the last correction term in eqn (20), only operations similar to those in eqn (19) are required. The corresponding formula for simple series systems is obtained from eqn (20) by substituting the event
N Fq by Fkand q~Mk
4
N
Fr
byFjnF k
reM j , M k
OUTCROSSING RATES FOR GENERAL SYSTEMS
The foregoing results are now generalised to vector processes in which the first n~ components of X(~) are j u m p processes, and the next n~ components of X(z) are differentiable processes of the kind discussed previously. The rest of the components up to n are time-invariant. These
238
R. Rackwitz
three different types of components may reasonably be assumed independent whereas interdependence within one type is admissible. The componental outcrossing rate is
I)(V) = 2
Ai[q~( -- b) - ¢ 2 ( - b, - b: pi)] -~- q)(/~)E+
[2~lx*]
(21)
i= l
recognising the fact that outcrossings can occur only if the first process j u m p s while the second process is at an arbitrary value in the safe domain and the last time-invariant process takes on arbitrary values in the safe domain. On the other hand, the second process can cause outcrossings only if the first process is at rest. It follows t h a t / / a n d x* are c o m p u t e d in the n-dimensional space. For the first process the second and the third process are treated as j u m p processes with zero renewal rate. Clearly, this scheme carries over to systems. The total outcrossing rate is simply the sum of the two contributions. Finally, we shall add operative, repairable c o m p o n e n t s to the system. Let f ( t ) be the failure density of the lifetime distribution F(t) of such a c o m p o n e n t and g(t) the corresponding repair density. F r o m the definition of the outcrossing rate, eqn(5), it follows that it is probabilistically equivalent to the unconditional failure intensity in classical reliability theory. This is given as the solution of the following system of equations:
v(t) = f i t ) + j o '['(t - u)(,J(u)du
(22)
u~(t) =
(23)
g(t ~---u)v(u)du 0
The unavailability of such a c o m p o n e n t is defined by
Q(t) - j,~ Iv(u) -- u)(u)]dt
(24)
A(t) = 1 - Q(t)
(25)
with
Failure ratesJbr generalsystemsand structuralcomponents
239
being the availability at time t. If, for example, f(t) = p exp [ - p t ] and g(t) = # e x p [ - # t ] , one determines (see books on classical reliability)"
v(t)
+ p2
p+#
P+#
exp [ - (p + #)t]
o9(0- p# p+#
- P# exp [ - (p + #)t] p+#
A(t) = ~ + p+#
P #+p
exp [ - ( p + #)t]
from which, for t ~ ~ , the corresponding stationary values can be obtained. It is emphasised that the condition that X(r) must be in the safe domain to cause an outcrossing in the next time interval is replaced here by the condition that it is available and then fails with rate v(t). With these assumptions a parallel system fails with rate l
v(Vpt) = ~ vl(t) ~ Qj(t)~Pm(C;R_) r=l
j=l
jOfr
+ II j=l
Qj(t)
[~)m-~(d~; _R)cp(B~)E+ [XN.olx*]l s=l
n,i.
+ > i 2,[~b,,(c'; Rc, ) - ~b2,.(d' , d'; _Ra,)] / ii i-I
The expression for the (minimal) cut set system is rather lengthy and is not given here. Its derivation follows exactly the same procedures as outlined before. It should be noted that the inclusion of operative c o m p o n e n t s is only slightly more complicated as long as the failure events of these c o m p o n e n t s are independent. It appears possible to use the same methodological framework to handle even more complex reliability problems. Examples now under study are intermittent load processes, the joint action of several different load processes of the same or different type, the dependence of all or part of the c o m p o n e n t a l failure events on c o m m o n uncertain sources and the case of stand-by redundancy of dependent operative components.
240
R. Rackwitz
We comment rather briefly on the physical meaning of the set operations introduced for the structural components. This is, in fact, one of the most difficult problems in structural reliability, depending on the mechanical model adopted and the structural state defined as being just safe. A structure may be considered as failed if the load effects exceed some 'yield' surface in any of its control points. This is a pure series system in a reliability sense. If the structure can become unstable the corresponding failure event forms an additional component in this system. A less conservative concept is to investigate those combinations of exceedances of control point yield surfaces which either produce kinematic mechanisms or cause instability failure, but no load redistribution has yet been taken into account. This is perhaps the practically most feasible method and leads exactly to a representation of system failure in terms of the minimal cut set of componental failure events. At least for dynamic systems and for quasi-static systems with almost brittle components this appears to be a way of modelling close to reality. The least conservative, most realistic but also most tedious way of structural modelling is to pursue carefully all possibilities of load redistribution under due consideration of structural instability. In the end structural collapse can occur in various failure modes (sometimes in an enormous number). Each failure mode represents a component in a series system (in the reliability sense). Further research has still to clarify some important aspects which cannot be discussed herein.
5
CONCLUSIONS
Formulae for the computation of failure rates in the context of first-order reliability methods (FORM) for (linear) structural systems loaded by differentiable and/or pure jump Gaussian processes are derived. The system failure event is either the union, the intersection or a combination thereof of the componental failure events. It is shown that the computation essentially reduces to standard operation in FORM. Differential and jump processes can be included simultaneously as well as operative, repairable system components. The system failure rate can be used to determine an upper bound to the system failure probability. The majority of results is believed to be derived here for the first time. The results merge concepts of classical and structural reliability in order to establish a unified theory applicable to general man-machine-structure systems.
Failure rates Jor general systems and structural components
241
APPENDIX
Derivative with respect to one integration limit of the multinormal integral Suppose that with Z s = ~7= 1 asiXi, where the Xi are independent standard normal variables, ?n
Ps=P(~
{ Z s + c s _ < 0 } ) = ~ m ( - e ; 81
s=l
Let Z s = ~ = ~asjV~. the Rosenblatt transformation of Z s. Then, for Z 1,
m
,~c-~,P( ~ {zs
+ c s < 0}) -
~4m(--C; R_)
s= 1
~C 1
(?cl :
~, P(Os=2 { Z ~ + c ~ < O I Z I =r})qg(r)dr
--P( ~
{Z s -}-Cs~O}lZ 1 :
-c1
})(P(Cl)
s:2
j=1
= - ~ m - ~ ( d ' ; 8)q(c~) with bsj = as+ 1,j+ 1/Ns d~ = (-Cs+ , + C l a s + l , l ) / U s s ~---
as+ 1.j+ 1 j=l
and by rearranging the Z~ for all other arguments.
REFERENCES 1. Barlow, R. E. and Proschan, F. Statistical Theory oj Reliability and Lije Testing, Holt, Rinehart and Winston, 1975. 2. Breitung, K. Asymptotic approximations for multinormal domain integrals, J. Eng. Mech. Div., ASCE, 110 (1984), pp. 357-366.
242
R. Rackwitz
3. Breitung, K. Asymptotic approximations for multivariate domain and surface integrals, Proc. 4th lnt. ConJl on Applications o! Statistics and Probability in Soil and Structural Engineering (ICASP-4), Universitli di Firenze (Florence, Italy), 1983, pp. 775 7. 4. Breitung, K. and Rackwitz, R., Non-linear combination of Poisson renewal load processes, J. Struct. Mech., 10(2) (1982), pp. 145 66. 5. Ditlevsen, O. Narrow reliability bounds for structural systems, J. Struct. Mech., 7(4) (1979), pp. 453-~72. 6. Ditlevsen, O. Gaussian outcrossings from safe convex polyhedrons, J. End'. Mech., ASCE, 109(1) (1983), pp. 127 148. 7. Henley, E. J. and Kumamoto, H., Reliabilio' Engineering and Risk Assessment, Prentice Hall Inc., Englewood Cliffs, New York, 198[. 8. Hohenbichler, M., An asymptotic formula for the probability of intersections, Berichte zur Zuverliissigkeitstheorie der Bauwerke, Heft 69, TU M~nchen (SFB 96), 1984. 9. Hohenbichler, M. and Rackwitz, R. Non-normal dependent vectors in structural reliability, J. Eng. Mech. Div., ASCE, 107 (1981), pp. 1227 38. 10. Hohenbichler, M. and Rackwitz, R. First-order concepts in system reliability, Struct. SaJ~,ty, 1(3), pp. 177-88. 11. Larrabee, R. D. and Cornell, C. A. Upcrossing rate solution for load combinations, J. Struct. Div., ASCE, 105(STI)(1979), pp. 125-32. 12. Madsen, H. O. Load models and load combination, Struct. Res. Lab., Techn Univ. of Denmark, kyngby, Report R113, 1979. 13. Lindgren, G. Extreme value and crossings for the Z2-process and other functions of multidimensional Gaussian processes with reliability applications, Adv. Appl. Prob.. 12 (1980), pp. 746 774. 14. Rackwitz, R. Reliability of systems under renewal pulse loading, J. Eng. Mech. Dit'., A S C E (submitted for publication). 15. Rackwitz, R. and Fiessler, B. Structural reliability tinder combined random sequences, Comp. & Struct., 9 (1978), pp. 484 94. 16. Veneziano, D., Grigoriu, M. and Cornell, A. C. Vector process models for system reliability, J. Eng. Mech. Dit., ASCE, 103(EM3) (1977), pp. 441 60. 17. Wen, Y. K. A clustering model for correlated load processes, J. Struct. Diz'.. ASCE, 107 ( 1981 ).
Failure Rates for General Systems Including Structural Components R. R a c k w i t z c/o Technische Universit/it, Mfinchen Institut ffir Bauingenieurwesen 111, Lehrstfihl ffir Massivbau, 8000 Mfinchen 2, Postfach 202420, West Germany (Received: 28 February, 1984)
ABSTRACT At present, the methods oJ analysis oj the reliability oj' man-machinestructure systems appear inconsistent and difficult, particularly if both the results Jrom a classical and fi'om the structural analysis have to be combined. It is shown that the unconditional jailure rates in classical reliability theory have the same meaning as the outcrossing rates in structural reliability so that both approaches can be unified. Some practically important cases of systems, i.e. systems under the excitation oJ stationary Gaussian vector processes, are studied in more detail.
1
INTRODUCTION
Considerable progress has been achieved in the formulation and computation of structural reliability in recent years. The development of the so-called first-order reliability methodology ( F O R M ) is considered to be one of the major steps as concerns the computational aspects. Let the time-invariant vector of uncertainty variables be denoted by X and let a probability transformation X = T(U) exist with U a vector of independent standard normal variates.9 Further, let the componental failure domain be V = { X e F } = [ g ( X ) < 0 } . Then, a first-order estimate of its failure probability is given by Pf,~ q~(-fl)
with
fl=min{llul[}
for {u:g(T(u))<0}
(1)
229 Reliability Engineering 0143-8174/84/$03-00 © ElsevierApplied Science Publishers Ltd,
England, 1984. Printed in Great
Britain
R. Rackwitz
230
where ~bis the standard normal integral and fl is the so-called safety index. fl must be found by an appropriate optimisation algorithm.15 If the failure domain is given as an intersection of different componental failure domains, i.e. r/i
I/p= O lXcFi~ i=1
the formulation is1°
P~,~ ~ Om(-/~; R)
~2)
with /J the vector of safety indices and R = / a { . ~ s } a correlation coefficient matrix where ~ is the vector of direction cosines of the point in g/(T(u)) _< 0 for which fli = rain {llult }. ~bm is the m-dimensional normal integral. A similar formulation holds for the union of componental failure domains. Alternatively, probability bounds for the union of (small probability) events may be used, e.g.5
max {P( Vi) } <<-P(V1) + ~ max lO' P( Vi)-~2 P( Vi c~ Vj) j
i=2
< P(V) < P(V1) + ~ (P(Vi)
(3)
i~2
max i
{P(Vi c~ VJ)~) < ~~P(l/i) z._a i
Herein, the events V can be intersections of componental events and, thus, formulae(l) to (3) provide efficient tools to determine the probability content of so-called (minimal) cut sets of (failure) events, i.e. for p(v)
= P(c~ u v~j)
Interestingly, a corresponding asymptotic theory justifies, at least numerically, the FORM results. 2'8 However, in most cases, at least some of the components of X vary with time. Consequently, X(z) denotes the random vector process and interest lies in the probability distribution of the time to first system failure. This distribution appears extremely difficult to compute. An upper bound to
Failure rates Jbr general systems and structural components
231
the time-dependent failure probability is1 o Pf(t) _< Pf(O) + where
v(z) dz
(4)
v(z) is the so-called outcrossing rate for X(T) defined by 1
v(V;z)=lim x P(X(z)eF(z)mX(~ +A)eF(z+A))
(5)
A+0
If X is stationary and F(z) does not vary with time, the integral in eqn (4) is replaced by v(V)t. Pf(0) is the initial failure probability to be computed as before. A number of exact and approximate formulae have been proposed for various types of processes X(z) (see, for example, refs. 16, 4, 11 and 17) but, with the exception of refs. 16 and 6 with respect to differentiable Gaussian processes X(z) and ref. 14 with respect to pure Gaussian jump processes, system aspects have been neglected. Furthermore, a complete reliability analysis of a technical system additionally involves operative components such as electronic devices, various kinds of machinery and, last but not least, the human being as a user and/or operator. Those types of (boolean) system components are usually described by their distribution of time to failure or simply by probabilities of successful or adverse action. It is not the purpose here to describe in detail the modelling aspects of those non-structural components. Rather an attempt is made to put together a common framework for the analysis of general systems. The system is assumed to be discretised into components. The system failure event is represented by the (minimal) cut sets of componental failure events which have been formed, e.g. by a fault tree analysis v and subsequent reduction to an irreducible representation as V = w c~ Vi~(ref. 1). Since system states vary with time, the aim is to compute eqn (4), i.e. the outcrossing rates for structural components and the (unconditional) failure rates for the other components yielding the (unconditional) failure rate of the global system. For simplicity of presentation, the failure events of the operative components are assumed to be independent of each other and independent of the failure events of the structural components. Only operative components can be repaired. The times to failure and to successful repair are independent. Also, the system is considered to be in a stationary state, i.e. its failure rate does not depend on time. This implies a stationary load process and no deterioration of the structural system properties.
232 2
R. Rackwitz OUTCROSSING RATES FOR STRUCTURAL SYSTEMS-DIFFERENTIABLE LOAD EFFECT PROCESSES
Assume a structural system whose load effect processes can be described by a Gaussian vector process X(r) which, without loss of generality, is a zero mean, unit standard deviation process, i.e. E[X(r)] = 0 and var[X(-c)]=l. Moreover, the process is transformed such that E[X(r)] = 0 and the co-variance matrix -~xx = l_which implies E[J~(r)][= 0 whereas, in general, no special properties can be assumed for -~xx and ~xx. X(r) is the derivative process of X(r). A system c o m p o n e n t is said to function perfectly if X ( ~ ) ~ F and, according to Rice's formula, experiences an outcrossing if X(r) is on the failure surface G = g(x) = 0 and moves into F. v(V)=
f f0
JxxN(x, ,~N)d2s dx = f ( G ) E [2NIXe G ]
(6)
0
where f ( G ) = P ( X ( r ) ~ G ) at any time z and ku(r ) = - a ( x ) k ( r ) = t h e velocity of X(z) in the direction of the surface element AG in x. If g(x) = ~rx + fl = 0 and ~xx = 9, ~xx = diag {ax, }, a well-known result 16 is: v(V)=~0(fl) ~/.~-~
~ LJ
(7)
i=1
Under the same special conditions it has been shown 3'13 that, asymptotically (/~---, ~ ) , the t e r m f ( G ) in the case of a non-linear failure surface g(x) = 0 must be replaced by n - 1
f ( g ) ~- qo(fl) [ [ (1
-
[Jl,~i)-
12
(8)
& 31_ i=1
where the Ki values are the main curvatures in the fl-point. This suggests that again the fl-point, introduced before, is an optimal approximation (linearisation) point. At least to a first approximation this point enables a suitable linearisation in less general cases. Although the exact solution for crossings out of half-spaces for dependent processes X and X is known, 6 asymptotic arguments following refs. 3 and 8 suggest that it is
Failure rates .[or general systems and structural components
233
approximately possible to restrict the dependence of k N on x to the flpoint x* and, therefore,
v(V) ~- ~p(fl) E [kulX = x*l = ~p(fl)E + [Xulx*] 0
(9)
With (see ref. 6) m* = E[XNIx*] = E [ - ar/qx .1 = - ~d'_~xXX* var [XNIx*] = var [ - ~TXIx*]
(0"*) 2 =
= ~T(~_)~)~ _ _~Xx_~Tx)0t
(m,) (m*)
it is
E+[Xu[x* ] = m*~b ~ ; -
+ a*~p ~ ; -
(10)
It is i m p o r t a n t to note that the linearisation of the failure surface at an appropriate point is essential for the first-order considerations to come. We shall now study exits of X into the intersection of failure domains. In particular, we shall say that a redundant system fails if X is in the respective failure domains except for one and moves into the last failure domain. Such an event occurs if X is on the failure surface of the sth c o m p o n e n t and moves into F s but is already in all Fr, r # s. Clearly, the events X ~ G, are mutually exclusive. Therefore,
v(Vp)=~P({XeGs}mOr#~
{Xefr})E+[Xu'slX*]
(111
S=I
It is expected that a better point in the expectation is the c o m m o n point xv for which (cf. Fig. 1) flp=min{llxll}
for {x" (~ g ~ ( x ) < 0 } ~=1
In order to c o m p u t e the first term in eqn (11) we observe that in the case of linear failure surfaces, Z = ~ r X is a standard normal variate and hence
P ( Z + A <_ - 9) - P ( Z <_ - 9) A-~o A
P(X~G)=lim
a4,( -/~) ---q~(fl)
89
Therefore, we can interpret the probabilities in eqn (1 l) as the derivatives of the d o m a i n integral P((~ s=l
{Xc Fr}) = ~bm(-c; R)
234
R. R a c k w i t z
&] F i g . 1.
with respect to the safety indices of each failure domain. One obtains (see Appendix) for the first derivative m
~Om(-/~; _a)
P({XeG,}(~ ~ {XeF~})= r=2
~B1
=-~m l(d';8)(P(fl,) (12)
with coefficients d' explained in the Appendix. By an appropriate reordering one obtains all other derivatives. For a series system, with respect to the exits of X out of the K safe domains of its components, one has to observe that an exit out of the kth failure surface occurs ifX is on gk(x) = 0 and moves into F k but is in the safe domains of all other components. Therefore, K
v(VO =
P((Xe Gk) ~ (~ (Xe Fj))E~ [X~, k klx ' *]
(13)
j,1 k=1
j+k
which differs from eqn (11) only by the sate events ~i in the probabilities and the individual points x*. Alternatively, one may expand the probability in eqn (13) using the obvious identity P(A m B ) - P ( A ) P(A c~ B) and de Morgan's law. The probability becomes K
K
P((X~Gk)(~ ~ ( X ~ F j ) = P ( X E G k ) - P ( U j
1
j4=k
((X~Ki)(~(XcGk))) j=: 1 j+k
(14)
235
Failure rates Jbr general systems and structural components
The second term is a correction term. It can be bounded by using eqn (3). The lower bound reads K
P( U ((X 6 F2) n (X ~ Gk))) > P((X ~ F, ) n (X 6 Gk) ) j=l
j+k
K
+ )'
max {0, P((X~ 6 F~)n (X
Gk))
(1 5)
r=2
r+k
P(tX e
(X e F,) n (X e Gk)) /
s
The formulation can be extended to (minimal) cut set systems. Let M k ~ Q be the set of system components contained in the kth cut out of
the total set Q (q = 1. . . . . mo). Then we may write K
v(V) = ~
~P((XEGq)n n (XEFi)A n i~Mk i4-q
k=l q~Mk
U (XEfi'p))E +[xN,qlx " *]
j= 1 peMj j•q P~:q
(16)
In words: there is an outcrossing in the kth cut if X is in at least one safe domain in the other cuts. As before, the probability can be expanded: P((X~Gq)A
n (XEFi)A n U (XEf'p)) ieMk j = l PEMi igffq j+k p#:q K
=P((XeGq)n
N ieMk i~:q
(XeF~))-P(U
N
j= 1 r~M i.Mk
j#k r+q
(XeF,)n(X~Gq)) (17)
The computation of the correction term, even with the aid of eqn (3), is quite involved but may be simplified as far as possible in practical applications, e.g. by using some weaker forms of eqn (3). 6
3
O U T C R O S S I N G R A T E S - - P U R E R E C T A N G U L A R WAVE J U M P PROCESSES
Next, we assume that the time-variant part of X(z) is an n-directional rectangular wave renewal process. 4'~4 Renewals of the different
236
R. Rackwitz
components of X occur independently with rate 2 i (i = 1 , . . . , n). Without loss of generality, the amplitude process is a zero mean, unit variance process. The cross correlation matrix is R. If the ith component jumps, there is serial correlation between X and X+ of magnitude p;. These serial correlation coeffÉcients must be chosen such that (X r, X+ )7 have positive definite correlation coefficient matrices. Finally, as before, the failure domain is defined by {~rX +/3 < 0}. A componental outcrossing occurs if X is in the safe domain before a j u m p of the ith component of X and is in the failure domain after the jump. Jumps of the components of X occur independently or, more precisely, are mutually exclusive for any small time interval. Here, we present only the results. n
v(v) = ~
(18)
2.;[4~(- b) - ~2( - b, - b; p;)]
i=1
with b =
fl/(~lR~)
and
;~ =
1 - :~; ~
%(&:- I)ij. + )/(ar_Ra)
j=l
If R = I and the p+ = O, eqn. (18) simplifies substantially since aTR~ = 1 and Pi = 1 -,x2. The generalisation to system outcrossings has been outlined in ref. 14. The result for a redundant system is n
v( Vpk ) = y j )~iP[Xi+ E q~M~ (~ F~) r~ (X 6 (~'\ q~u~ ~ Fq))] i=l
= ~ 2,tP[X+ ~ q~,~4k (~ Fq)] - P[(X+ E
G) n ( x c ~ G)] I q~ M k
q~ M k
i=1
t. ,~;[~bm(c, R) - 02m(d,t d'; _Ra)] i=1
19)
Failure rates Jor general systems and structural components
237
where c 'r = {-flr/(~,R~,)}
r-= 1, 2 . . . . , m
d' = [c', c'] r _K, =
r , s = 1,2, . . . , m
"el c%(pi
- p j, +)
r = 1, 2 . . . . , m
t = m + 1. . . . , 2 m
It is recognised that again the primary computational task is the evaluation of multinormal integrals. F o r completeness the formula for the (minimal) cut set system derived very much on the same lines as for differentiable processes is also given:
v(V) = - -
2i[P(X+ e ~
Fq)
q~Mk k=l
i=1 K
-P(U
(X+~ ~ j=1
rq) c~(X6 N
qeMk
F,))]
(20)
r~Mj,Mk
in which we see that when employing eqn (3) to the last correction term in eqn (20), only operations similar to those in eqn (19) are required. The corresponding formula for simple series systems is obtained from eqn (20) by substituting the event
N Fq by Fkand q~Mk
4
N
Fr
byFjnF k
reM j , M k
OUTCROSSING RATES FOR GENERAL SYSTEMS
The foregoing results are now generalised to vector processes in which the first n~ components of X(~) are j u m p processes, and the next n~ components of X(z) are differentiable processes of the kind discussed previously. The rest of the components up to n are time-invariant. These
238
R. Rackwitz
three different types of components may reasonably be assumed independent whereas interdependence within one type is admissible. The componental outcrossing rate is
I)(V) = 2
Ai[q~( -- b) - ¢ 2 ( - b, - b: pi)] -~- q)(/~)E+
[2~lx*]
(21)
i= l
recognising the fact that outcrossings can occur only if the first process j u m p s while the second process is at an arbitrary value in the safe domain and the last time-invariant process takes on arbitrary values in the safe domain. On the other hand, the second process can cause outcrossings only if the first process is at rest. It follows t h a t / / a n d x* are c o m p u t e d in the n-dimensional space. For the first process the second and the third process are treated as j u m p processes with zero renewal rate. Clearly, this scheme carries over to systems. The total outcrossing rate is simply the sum of the two contributions. Finally, we shall add operative, repairable c o m p o n e n t s to the system. Let f ( t ) be the failure density of the lifetime distribution F(t) of such a c o m p o n e n t and g(t) the corresponding repair density. F r o m the definition of the outcrossing rate, eqn(5), it follows that it is probabilistically equivalent to the unconditional failure intensity in classical reliability theory. This is given as the solution of the following system of equations:
v(t) = f i t ) + j o '['(t - u)(,J(u)du
(22)
u~(t) =
(23)
g(t ~---u)v(u)du 0
The unavailability of such a c o m p o n e n t is defined by
Q(t) - j,~ Iv(u) -- u)(u)]dt
(24)
A(t) = 1 - Q(t)
(25)
with
Failure ratesJbr generalsystemsand structuralcomponents
239
being the availability at time t. If, for example, f(t) = p exp [ - p t ] and g(t) = # e x p [ - # t ] , one determines (see books on classical reliability)"
v(t)
+ p2
p+#
P+#
exp [ - (p + #)t]
o9(0- p# p+#
- P# exp [ - (p + #)t] p+#
A(t) = ~ + p+#
P #+p
exp [ - ( p + #)t]
from which, for t ~ ~ , the corresponding stationary values can be obtained. It is emphasised that the condition that X(r) must be in the safe domain to cause an outcrossing in the next time interval is replaced here by the condition that it is available and then fails with rate v(t). With these assumptions a parallel system fails with rate l
v(Vpt) = ~ vl(t) ~ Qj(t)~Pm(C;R_) r=l
j=l
jOfr
+ II j=l
Qj(t)
[~)m-~(d~; _R)cp(B~)E+ [XN.olx*]l s=l
n,i.
+ > i 2,[~b,,(c'; Rc, ) - ~b2,.(d' , d'; _Ra,)] / ii i-I
The expression for the (minimal) cut set system is rather lengthy and is not given here. Its derivation follows exactly the same procedures as outlined before. It should be noted that the inclusion of operative c o m p o n e n t s is only slightly more complicated as long as the failure events of these c o m p o n e n t s are independent. It appears possible to use the same methodological framework to handle even more complex reliability problems. Examples now under study are intermittent load processes, the joint action of several different load processes of the same or different type, the dependence of all or part of the c o m p o n e n t a l failure events on c o m m o n uncertain sources and the case of stand-by redundancy of dependent operative components.
240
R. Rackwitz
We comment rather briefly on the physical meaning of the set operations introduced for the structural components. This is, in fact, one of the most difficult problems in structural reliability, depending on the mechanical model adopted and the structural state defined as being just safe. A structure may be considered as failed if the load effects exceed some 'yield' surface in any of its control points. This is a pure series system in a reliability sense. If the structure can become unstable the corresponding failure event forms an additional component in this system. A less conservative concept is to investigate those combinations of exceedances of control point yield surfaces which either produce kinematic mechanisms or cause instability failure, but no load redistribution has yet been taken into account. This is perhaps the practically most feasible method and leads exactly to a representation of system failure in terms of the minimal cut set of componental failure events. At least for dynamic systems and for quasi-static systems with almost brittle components this appears to be a way of modelling close to reality. The least conservative, most realistic but also most tedious way of structural modelling is to pursue carefully all possibilities of load redistribution under due consideration of structural instability. In the end structural collapse can occur in various failure modes (sometimes in an enormous number). Each failure mode represents a component in a series system (in the reliability sense). Further research has still to clarify some important aspects which cannot be discussed herein.
5
CONCLUSIONS
Formulae for the computation of failure rates in the context of first-order reliability methods (FORM) for (linear) structural systems loaded by differentiable and/or pure jump Gaussian processes are derived. The system failure event is either the union, the intersection or a combination thereof of the componental failure events. It is shown that the computation essentially reduces to standard operation in FORM. Differential and jump processes can be included simultaneously as well as operative, repairable system components. The system failure rate can be used to determine an upper bound to the system failure probability. The majority of results is believed to be derived here for the first time. The results merge concepts of classical and structural reliability in order to establish a unified theory applicable to general man-machine-structure systems.
Failure rates Jor general systems and structural components
241
APPENDIX
Derivative with respect to one integration limit of the multinormal integral Suppose that with Z s = ~7= 1 asiXi, where the Xi are independent standard normal variables, ?n
Ps=P(~
{ Z s + c s _ < 0 } ) = ~ m ( - e ; 81
s=l
Let Z s = ~ = ~asjV~. the Rosenblatt transformation of Z s. Then, for Z 1,
m
,~c-~,P( ~ {zs
+ c s < 0}) -
~4m(--C; R_)
s= 1
~C 1
(?cl :
~, P(Os=2 { Z ~ + c ~ < O I Z I =r})qg(r)dr
--P( ~
{Z s -}-Cs~O}lZ 1 :
-c1
})(P(Cl)
s:2
j=1
= - ~ m - ~ ( d ' ; 8)q(c~) with bsj = as+ 1,j+ 1/Ns d~ = (-Cs+ , + C l a s + l , l ) / U s s ~---
as+ 1.j+ 1 j=l
and by rearranging the Z~ for all other arguments.
REFERENCES 1. Barlow, R. E. and Proschan, F. Statistical Theory oj Reliability and Lije Testing, Holt, Rinehart and Winston, 1975. 2. Breitung, K. Asymptotic approximations for multinormal domain integrals, J. Eng. Mech. Div., ASCE, 110 (1984), pp. 357-366.
242
R. Rackwitz
3. Breitung, K. Asymptotic approximations for multivariate domain and surface integrals, Proc. 4th lnt. ConJl on Applications o! Statistics and Probability in Soil and Structural Engineering (ICASP-4), Universitli di Firenze (Florence, Italy), 1983, pp. 775 7. 4. Breitung, K. and Rackwitz, R., Non-linear combination of Poisson renewal load processes, J. Struct. Mech., 10(2) (1982), pp. 145 66. 5. Ditlevsen, O. Narrow reliability bounds for structural systems, J. Struct. Mech., 7(4) (1979), pp. 453-~72. 6. Ditlevsen, O. Gaussian outcrossings from safe convex polyhedrons, J. End'. Mech., ASCE, 109(1) (1983), pp. 127 148. 7. Henley, E. J. and Kumamoto, H., Reliabilio' Engineering and Risk Assessment, Prentice Hall Inc., Englewood Cliffs, New York, 198[. 8. Hohenbichler, M., An asymptotic formula for the probability of intersections, Berichte zur Zuverliissigkeitstheorie der Bauwerke, Heft 69, TU M~nchen (SFB 96), 1984. 9. Hohenbichler, M. and Rackwitz, R. Non-normal dependent vectors in structural reliability, J. Eng. Mech. Div., ASCE, 107 (1981), pp. 1227 38. 10. Hohenbichler, M. and Rackwitz, R. First-order concepts in system reliability, Struct. SaJ~,ty, 1(3), pp. 177-88. 11. Larrabee, R. D. and Cornell, C. A. Upcrossing rate solution for load combinations, J. Struct. Div., ASCE, 105(STI)(1979), pp. 125-32. 12. Madsen, H. O. Load models and load combination, Struct. Res. Lab., Techn Univ. of Denmark, kyngby, Report R113, 1979. 13. Lindgren, G. Extreme value and crossings for the Z2-process and other functions of multidimensional Gaussian processes with reliability applications, Adv. Appl. Prob.. 12 (1980), pp. 746 774. 14. Rackwitz, R. Reliability of systems under renewal pulse loading, J. Eng. Mech. Dit'., A S C E (submitted for publication). 15. Rackwitz, R. and Fiessler, B. Structural reliability tinder combined random sequences, Comp. & Struct., 9 (1978), pp. 484 94. 16. Veneziano, D., Grigoriu, M. and Cornell, A. C. Vector process models for system reliability, J. Eng. Mech. Dit., ASCE, 103(EM3) (1977), pp. 441 60. 17. Wen, Y. K. A clustering model for correlated load processes, J. Struct. Diz'.. ASCE, 107 ( 1981 ).