DPL 9 Fault Tree
Combining Fault Trees with DPL's Power Decision Tree Analytics
DPL FAULT TREE provides users the ability to graphically depict large-scale systems gracefully in order to gain an understanding of the risks involved in a system and how they relate to one another. This leads to a more accurate risk assessment and the ability to build a quantitative model that can accurately assess risk reduction actions.
A fault tree is a structured model used to analyze the risk in a system. A fault tree enumerates the system components liable to failure, and expresses how each contributes to the robustness of the system. Fault trees are used in numerous applications including analyzing the safety of nuclear power plants, the reliability of launch vehicles and the security of computer networks. DPL Fault Tree offers all of the power and features of DPL Professional, plus a rich set of operators, including:
- Basic events
- AND gates (any number of inputs)
- OR gates (any number of inputs)
- NOT gates (to build noncoherent fault trees)
- Probability value nodes
- Dependent events
- Embedded modules (subtree libraries)
For more advanced modelling, DPL helps you build up complex fault tree structures from simple modules. DPL's fault tree modules act like custom gates, and you can include as many as you like in your fault tree. You can even create libraries of common modules in separate project files, so they can be shared among the members of a workgroup. In the figure shown, the DPL Fault Tree analyzes the risk of a power failure at a critical industrial site. One of the events that could affect the reliability of the power system is a failure of transmission controls (bottom left corner). The Controls event in the Power Failure fault tree will depend on a module reference to the Utility Control System (UCntrl) fault tree (inset).
A circuit diagram is an alternative way of looking at the structure of a fault tree. The system will fail if the "circuit" is broken -- that is, if all the lines from the "power source" on the right to the "light bulb" on the left are cut. A circuit diagram provides a graphical view of the qualitative aspects of the system, such as redundancies and single points of failure.
In DPL, you can switch between the tree and circuit diagram views of a fault tree at the press of a button.
Minimal Cut Sets
The central fault tree analysis is the calculation of the minimal cut sets. A cut set is a list of component failures that would result in system failure; it is minimal if it doesn't contain any unnecessary failures. DPL Fault Tree has a fast, proprietary algorithm for calculating minimal cut sets. Once calculated, the minimal cut sets can be displayed in tabular or circuit diagram format. However you view them, you'll be able to see both the probability of occurence and the cost of each cut set. In a security context, sorting the cut sets by cost allows you to focus on the "cheapest" failure points, that is, the ways an adversary could most easily attack the system.
A fault tree is a mathematical function which takes a set of basic events as inputs and gives the probability of failure as output. The partial derivatives of this function with respect to each of its inputs give a useful comparative sensitivity analysis specific to fault trees. An event's probability and its partial derivative give its maximum impact on the likelihood of system failure. Efforts to improve the robustness of the system should be focused on high-impact events. DPL provides the automated ability to calculate and graphically display the partial derivatives of the fault tree.