Build: 4.0.

3
Release Date: February, 2010
FTA-Pro
Dyadem International i
Please find your licensed copy of FTA-Pro
TM
enclosed.
To install the software on your computer system, see Installing FTA-Pro on a
Single Workstation on page 4.
For instructions on authorizing the license so that you can begin using the
software, see Authorizing Your License on page 16.
To register the software, please use our online registration form at
www.dyadem.com on the Web. During registration, you will require the serial
number of your software.
Please save this information as you will periodically need to refer to it:
Serial Number: ___________________________
Thank you for choosing software from Dyadem International Ltd.,
Protecting People and Profitability

.
FTA-Pro
Dyadem International ii
2005-2010 Dyadem International Ltd. All rights reserved.
The Dyadem name and related marks are registered trademarks of Dyadem
International Ltd. Protecting People and Profitability and FTA-Pro are all
trademarks of Dyadem International Ltd. All rights reserved. 2010.
FTA-Pro
TM
software is developed, manufactured and owned by Dyadem
International Ltd. All the information in this manual is proprietary to Dyadem
International Ltd.
The information in this document is subject to change without notice and does not
represent a commitment on the part of Dyadem International Ltd. No part of this
manual may be copied or reproduced without the express written consent of
Dyadem International Ltd., also referred to as Dyadem.
The persons, companies and products referred to for the purpose of practice
examples in this manual and in the FTA-Pro software sample are fictitious. Any
resemblance to real persons, companies and products is unintentional.
Disclaimer: The terms under which this manual may be used are contained within
the non-exclusive Software License Agreement concomitant with the FTA-Pro
software and is meant for only those who are the licensee under this Agreement.
Designed, developed and printed in Canada.
Microsoft, Windows, and Windows NT are registered trademarks of Microsoft
Corporation.
Other product and company names are registered trademarks or trademarks.
FTA4.0.3.1-02/10
FTA-Pro Preface
Dyadem International iii
PREFACE
Welcome to FTA-Pro
TM
, comprehensive software for conducting your Fault Tree
Analysis. This product is designed with the specific needs of manufacturers in
mind. It provides expert guidance for studying a full range of products to help
companies identify potential problems in order to eliminate them, or at least
reduce their likelihood of occurring and minimize their harmful effects.
Dyadem International Ltd. produces FTA-Pro, which has earned the reputation of
Protecting People and Profitability
TM
. Dyadem is a world leader in the creation of
software products that empower organizations to identify, assess and eliminate
risks. Users of Dyadem software include a long list of the worlds largest medical
equipment manufacturers, as well as pharmaceutical, chemical, petrochemical, oil
and gas, engineering and mining companies. Visit www.dyadem.com on the Web
to learn more about the companys other products, all of which are available as
free demos.
Dyadem conducts extensive market research before developing its software
products. The research identifies the goals of clients and the tasks they need to
perform to achieve their objectives. This diligence ensures that Dyadem delivers
products that fulfill the needs of clients.
Getting Software and Engineering Support on page iv.
Dyadem Software License Agreement on page v.
FTA-Pro Preface
Dyadem International iv
Getting Software and Engineering Support
Registered owners of FTA-Pro may contact Dyadem International Ltd. for
technical support for this product. Our support team includes software experts and
on-site engineers. As a result, you can expect the best software assistance as well
as methodology advice when you contact Dyadem. Technical support personnel
are available Monday to Friday between the hours of 8:30 a.m. and 6 p.m. eastern
time, excluding public holidays.
Web Site: www.dyadem.com/support/
E-Mail: [email protected]
Phone: Software Support: (416) 649-9224
General Inquiries: (416) 649-9200
Fax: (416) 649-9250
Mailing Address: Dyadem International Ltd.
155 Gordon Baker
North York, ON M2H 3N5
Canada
FTA-Pro Preface
Dyadem International v
Dyadem Software License Agreement
THIS SOFTWARE LICENSE AGREEMENT (THE "AGREEMENT") IS A
LEGAL AGREEMENT BETWEEN YOU (FOR AND ON BEHALF OF THE
PURCHASER OF THE LICENSE OF THE COPYRIGHTED SOFTWARE
PRODUCT PROVIDED WITH THIS LICENSE AGREEMENT), AS
"LICENSEE", AND DYADEM INTERNATIONAL LTD. ("DYADEM").
THE SOFTWARE PRODUCT INCLUDES COMPUTER SOFTWARE, DATA
AND INFORMATION STORED ON THE ASSOCIATED MEDIA OR MADE
AVAILABLE FOR DOWNLOAD (COLLECTIVELY, THE "SOFTWARE").
"DOCUMENTATION" MEANS, COLLECTIVELY, THE USER MANUALS
AND/OR TECHNICAL PUBLICATIONS, AS APPLICABLE, SUPPLIED
WITH THE SOFTWARE RELATING TO THE INSTALLATION, USE AND
ADMINISTRATION OF THE SOFTWARE. ANY USE OF THE SOFTWARE
OR DOCUMENTATION IN ANY WAY WHATSOEVER IS SUBJECT TO THE
TERMS AND CONDITIONS OF THIS AGREEMENT, AND BY PRESSING "I
ACCEPT THE TERMS OF THIS LICENSE AGREEMENT", YOU
ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTAND, ACCEPT AND
INTEND FOR LICENSEE TO BE LEGALLY BOUND BY THIS
AGREEMENT. THE RIGHT TO USE THE SOFTWARE AND
DOCUMENTATION IS CONDITIONAL UPON ACCEPTANCE OF THIS
AGREEMENT. IF YOU DO NOT AGREE WITH OR ARE UNWILLING TO
BIND LICENSEE TO ANY OF THE TERMS OR CONDITIONS OF THIS
AGREEMENT, YOU MUST NOT DOWNLOAD, INSTALL, COPY OR USE
THE SOFTWARE IN ANY WAY WHATSOEVER.
THE SOFTWARE AND DOCUMENTATION IS PROTECTED BY
COPYRIGHT LAWS AND INTERNATIONAL COPYRIGHT TREATIES, AS
WELL AS OTHER INTELLECTUAL PROPERTY LAWS AND TREATIES.
THE SOFTWARE IS LICENSED, NOT SOLD. When used in this Agreement,
the term "Parties" refers collectively to Licensee and Dyadem, and "Party" refers
to either of them.
The general terms of this Agreement are set out below, and if Licensee is
purchasing support services, the Support Services Terms and Conditions set out in
Schedule A shall also be applicable. If Licensee desires to purchase additional
professional services from Dyadem beyond support services for the Software, a
separate professional services agreement and Statement of Work shall be entered
FTA-Pro Preface
Dyadem International vi
into by the Parties with respect to such services, or in the absence of such separate
agreement, the Professional Services Terms and Conditions set out in Schedule B
shall be applicable and govern the provision of such services.
The quote prepared by Dyadem (the "Quote") and/or any purchase order executed
by Licensee and accepted by Dyadem for this Software (a "Purchase Order")
shall identify (a) the specific Software licensed, (b) the license fees and any
applicable support services fees; and (c) the number of personal computer licenses
or network user licenses purchased, and such terms and conditions shall form part
of and are hereby incorporated by reference into this Agreement. Any purchase
order provisions not expressly relating to the foregoing matters that add to,
or conflict with, this Agreement are deemed void, and the terms and
conditions of this Agreement shall govern over any such provisions. In
addition, to the extent a Purchase Order is inconsistent with the Quote, the terms
of the Quote shall govern.
BY PRESSING "I ACCEPT THE TERMS OF THIS LICENSE
AGREEMENT", LICENSEE CONFIRMS THAT THIS AGREEMENT IS
THE COMPLETE AND EXCLUSIVE AGREEMENT BETWEEN THE
PARTIES RELATING TO THE LICENSING AND USE OF THE
SOFTWARE.
GENERAL TERMS
The parties hereby agree as follows:
1.0 GRANT AND USE OF LICENSE
1.1 License Grant. Subject to compliance with the terms and conditions of
this Agreement, Dyadem grants Licensee a perpetual, non-exclusive, non-
transferable (except as otherwise expressly provided in this Agreement),
worldwide license to use the Software (the "License"). The License consists of
the following rights:
1.1.1 to install and use the Software, subject to the terms and conditions of this
Agreement, including without limitation the License Restrictions and User
Restrictions set out in Section 1.2 and Section 1.3 below;
FTA-Pro Preface
Dyadem International vii
1.1.2 to use the Documentation for the sole purpose of supporting Licensee's
use of the Software; and
1.1.3 to make copies of the Software as reasonably required for back-up,
archival or disaster recovery purposes.
1.2 License Restrictions. The License is subject to the certain restrictions.
Licensee shall not, directly or indirectly, do any of the following:
1.2.1 reverse engineer, disassemble, compile or decompile the Software, or
otherwise attempt to derive the source code of the Software;
1.2.2 distribute or provide access or allow the use of the Software by any
individual who is not an Authorized User (as defined in Section 1.3 below);
1.2.3 use the Software any reason other than internal business purposes,
including without limitation developing commercially competitive products;
1.2.4 use the Software other than in accordance with its documentation and
applicable law;
1.2.5 modify, translate or create derivative works of the Software;
1.2.6 other than as expressly permitted by Section 1.1.3 above, copy, reproduce
or duplicate the Software or any part of it;
1.2.7 rent, lease, lend, sublicense, or grant other rights in the Software
including rights on a membership or subscription basis;
1.2.8 other than as expressly permitted in this Agreement, transfer or assign the
Software or Licensee's rights in the Software;
1.2.9 provide use of the Software in a computer service business, commercial
time-sharing, outsourcing facility or service, service bureau or similar
arrangement to any of the foregoing;
1.2.10 run and/or access the Software through a hardware or software terminal
server or emulator such as "Citrix" or comparable servers or technology, unless
Licensee has expressly licensed such use or access from Dyadem, as expressly
indicated on the Quote or Purchase Order or other instrument executed in writing
by the Parties;
1.2.11 alter, remove or fail to reproduce any copyright, trademark or other
proprietary notices or symbols on any and all copies of the Software or
Documentation, or use any trademark or service mark of Dyadem for any reason
whatsoever;
FTA-Pro Preface
Dyadem International viii
1.2.12 publish or disclose any results of any benchmark tests run on the
Software;
1.2.13 ship, transfer or export the Software into any country, or use it in any
manner, which would be prohibited by the United States Export Administration
Act or other applicable export laws, restrictions or regulations; or
1.2.14 use or permit the use of the Software other than in accordance with the
applicable User Restrictions set out in Section 1.3 below.
1.3 User Restrictions. The following user restrictions are applicable to the
License:
1.3.1 The Software may only be used by individuals who are Authorized Users,
as defined below. In order to be an "Authorized User", an individual must be an
employee of either: (a) Licensee or of an affiliate of Licensee, or (b) a third party
contractor to Licensee or an affiliate of Licensee, provided that such third party
contractor may not host or modify the Software and shall only be entitled to use
the Software through Licensee's web-based user interface, and solely in
connection with such third party's performance of services for Licensee or its
affiliate and not for such third party's own account. Notwithstanding the
foregoing, individuals employed by, or acting for or on behalf of, a direct
competitor of Dyadem cannot be Authorized Users and are expressly prohibited
from accessing or using the Software in any way whatsoever. Upon Licensee's
request, Dyadem shall confirm whether any particular entity is a direct competitor
of Dyadem.
1.3.2 If the License is not a network license, as indicated in the Quote and
Purchase Order, the Software may be installed solely on a single computer.
1.3.3 If the License is a network license, as indicated in the Quote and Purchase
Order, Licensee may install one copy of the Software on a computer file server
within Licensee's internal network, provided that the total number of Authorized
Users who concurrently use or access the Software shall not at any time exceed
the number of network user licenses specified in the Quote and Purchase Order.
The maximum number of Authorized Users may be modified by purchasing
additional network user licenses through subsequent purchase orders accepted by
Dyadem.
1.3.4 Purchasers of Support Services may transfer installed Software to a
different computer of Licensee with the assistance of Dyadem support personnel,
provided that the Software is completely uninstalled and removed from the first
FTA-Pro Preface
Dyadem International ix
computer so that Licensee complies at all times with the user restrictions set out in
this Section 1.3.
2.0 COPYRIGHT AND OTHER INTELLECTUAL PROPERTY
RIGHTS
The Software and Documentation and any copies thereof are owned by Dyadem
or its licensors. Except for the License to use the Software and Documentation in
accordance with the terms and conditions of this Agreement, this Agreement does
not grant Licensee any intellectual property rights in the Software or
Documentation. Without limiting the generality of the foregoing, Licensee
acknowledges and agrees that: (i) Dyadem and/or its licensors retain all right, title
and interest, including all intellectual property and other proprietary rights, in and
to the Software and Documentation and in and to all enhancements, revisions,
updates, upgrades, and modifications thereto, and Licensee acknowledges and
agrees that it does not acquire any express or implied rights in or to any of the
foregoing, except the License specifically granted by this Agreement; (ii) if
Licensee suggests any new features, functionality, or performance for the
Software that Dyadem subsequently incorporates into the Software, the Software
incorporating such new features, functionality, or performance, and all intellectual
property related thereto, shall be the sole and exclusive property of Dyadem.
Licensee agrees to allow Dyadem to incorporate into the Software or any
commercial products derived from the Software any suggested improvements,
without compensation and without Licensee retention of any proprietary claims.
3.0 PAYMENT
Unless otherwise specifically agreed in writing, the license fee for the Software
(the "License Fee"), as set out in the Quote, is due and payable within thirty (30)
days after delivery of the invoice by Dyadem. If Licensee fails to pay the License
Fee or any other applicable charges under this Agreement when due, then, without
prejudice to its other remedies, Dyadem's obligations under this Agreement and
the License shall be suspended and unpaid amounts shall be subject to interest at
the then applicable RBC prime rate +2% from such due date until such invoice is
paid. Prices are exclusive of all federal, state, municipal and other governmental
excise, sales, use, customs, occupational or other taxes.
FTA-Pro Preface
Dyadem International x
4.0 WARRANTIES AND LIMITATIONS
4.1 Software Warranty. Dyadem warrants to Licensee that the Software will
perform substantially in accordance with the Documentation for the ninety day
(90) following shipment of the Software ("Warranty Period"), when installed
and used in accordance with the Documentation. If the Software does not perform
as warranted during the Warranty Period, Dyadem shall use commercially
reasonable efforts to correct any reproducible nonconformities of the Software
with its Documentation reported during the Warranty Period or, at Dyadem's
option, refund the License Fee for the non-conforming Software whereupon this
Agreement and the License shall automatically terminate. Dyadem's entire
liability for breach of warranty, and Licensee's exclusive remedy, shall be limited
to the foregoing. Dyadem shall not be responsible to the extent Software failures
or nonconformities with the Documentation are caused by: (a) Licensee's failure
to use the Software in accordance with the Documentation; or (b) modifications to
the Software by anyone other than Dyadem personnel.
4.2 DISCLAIMER. EXCEPT FOR THE FOREGOING WARRANTY AND
FOR THE OBLIGATION OF DYADEM TO INDEMNIFY LICENSEE FOR
THIRD PARTY INFRINGEMENT CLAIMS AS SET OUT IN SECTION 4.3,
DYADEM EXPRESSLY DISCLAIMS ALL OTHER WARRANTIES,
CONDITIONS, REPRESENTATIONS OR TERMS, EXPRESS OR IMPLIED,
WHETHER BY STATUTE, COMMON LAW, CUSTOM, USAGE OR
OTHERWISE AS TO ANY OTHER MATTERS, INCLUDING
PERFORMANCE, MERCHANTABILITY, OR FITNESS FOR ANY
PARTICULAR PURPOSE. LICENSEE MAY HAVE CERTAIN STATUTORY
RIGHTS TO WHICH THESE EXCLUSIONS DO NOT APPLY.
4.3 Infringement Warranty. Dyadem warrants that the use of the Software
in accordance with its Documentation and the terms of this Agreement will not
infringe any patent, copyright or other proprietary right of any third party.
Dyadem will defend Licensee against any third party infringement claim arising
from Licensee's use of the Software in accordance with its Documentation and the
terms of this Agreement and pay all damages awarded, including reasonable legal
fees, provided that (a) Licensee promptly notifies Dyadem in writing of the claim,
and (b) allows Dyadem to control, and cooperates with Dyadem in, the defense or
any related settlement negotiations. If such a claim is made or appears possible,
Dyadem may at its option secure for Licensee the right to continue to use the
Software; modify or replace the Software so it is non-infringing; or, if neither
FTA-Pro Preface
Dyadem International xi
option is reasonably available in Dyadem's judgment, terminate this Agreement
and the License and refund the unamortized or unexpensed License Fees paid by
Licensee for the infringing Software depreciated on a straight-line basis over a
five-year period. Notwithstanding the foregoing, Dyadem shall have no liability
and have no obligation to Licensee to the extent any infringement claim is due to
(i) modifications to the Software that were not performed by Dyadem; (ii) use of
the Software other than in accordance with its Documentation or in combination
with other items not provided by Dyadem or otherwise indicated in the
Documentation to be usable with the Software. THIS SECTION STATES
DYADEM'S ENTIRE OBLIGATION TO LICENSEE AND LICENSEE'S SOLE
AND EXCLUSIVE REMEDY WITH RESPECT TO ANY INFRINGEMENT
CLAIM.
4.4 Limitations of Liability.
4.4.1 Except for claims under Section 4.3, the maximum liability of Dyadem to
Licensee for all other claims under this Agreement, in warranty, contract, tort, or
otherwise, shall not exceed the total amount of all charges paid to Dyadem by
Licensee during the twelve month period preceding the occurrence of the event
leading to such liability.
4.4.2 NEITHER PARTY SHALL BE LIABLE TO THE OTHER PARTY FOR
ANY CONSEQUENTIAL, PUNITIVE, SPECIAL OR OTHER INDIRECT
DAMAGES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
POTENTIAL LOSS OR DAMAGE.
4.4.3 Notwithstanding the foregoing, the limitations of liability in this Section
4.4 shall not apply to claims based upon breaches of a party's intellectual property
rights by the other party.
5.0 TERMINATION
If Licensee: (a) breaches any payment obligation to Dyadem, or breaches any
intellectual property rights of Dyadem, and such breach has not been cured (if
capable of being cured) and is still outstanding for sixty (60) days; or (b) if
Licensee ceases doing business as a going concern, is adjudged bankrupt or has a
petition filed by or against it under any applicable bankruptcy or insolvency law,
makes an assignment or composition with creditors, or if a receiver, trustee in
bankruptcy, or similar officer is appointed to take charge of all or part of its
property, then in any such case Dyadem, in addition to other legal remedies it may
have, may terminate this Agreement and the License upon providing written
FTA-Pro Preface
Dyadem International xii
notice to Licensee. Upon any such termination, Licensee shall immediately
discontinue use of the Software and destroy or return to Dyadem all copies of the
Software in its possession.
6.0 GENERAL PROVISIONS
6.1 Verification of Compliance with License. At Dyadem's request,
Licensee shall within thirty (30) days fully document and certify to Dyadem in
writing that all Software is being used in accordance with the terms and conditions
of this Agreement. No more than once annually, Dyadem may appoint its own
personnel or an independent third party to audit during regular business hours, at
Dyadem's, expense, Licensee's use of the Software to confirm such compliance. If
an audit reveals that Licensee has underpaid applicable fees and/or charges to
Dyadem, Licensee shall be invoiced for such underpaid fees based on the then
current prices in effect and Dyadem's reasonable costs of conducting the audit.
6.2 Assignment. Licensee may not assign this Agreement without Dyadem's
prior written consent. The Agreement may be transferred in connection with a
sale of all or substantially all of the shares or assets of Licensee provided that: (a)
the acquiring or successor entity is not a competitor of Dyadem, (b) Licensee
provides written notice to Dyadem at least thirty (30) days prior to any such
proposed assignment, Dyadem shall have the right to assign or subcontract the
benefits or obligations of this Agreement at any time upon providing written
notice to Licensee.
6.3 Severability. If any part of this Agreement is determined to be invalid or
unenforceable, it will not affect the validity of the balance of the Agreement,
which shall remain valid and enforceable according to its terms.
6.4 U.S. Government Restricted Rights Legend. The Software is a
"commercial item" as defined in 48 C.F.R. 2.101 (October 1995) consisting of
"commercial computer software" and "commercial computer software
documentation" as used in 48 C.F.R. 227.7202-1, 227.7202-3 and 227.7202-4
(June 1995), if Licensee is the U.S. Government, its agencies or instrumentalities,
the Software is licensed under this Agreement (i) solely as a commercial item, and
(ii) with solely those rights as are granted to all other licensees pursuant to this
Agreement. Manufacturer is Dyadem International Ltd. 155 Gordon Baker Road,
Suite 401, North York, Ontario, M2H 3N5.
FTA-Pro Preface
Dyadem International xiii
6.5 Dispute Resolution; Governing Law. The Parties shall first attempt to
amicably resolve any disputes that may arise under or relate to this Agreement. If
the Parties are unable to do so within fourteen (14) days after written notice of any
dispute, subject to the qualifications below, the Parties shall submit the dispute to
binding arbitration in English, under the rules of the Ontario Arbitration Act, by a
single arbitrator appointed in accordance with such rules, in Toronto, Ontario,
Canada or such other mutually agreeable arbitration rules and/or location. This
Agreement shall be governed by the substantive laws of the Province of Ontario
and the laws of Canada applicable in Ontario. Notwithstanding the foregoing,
nothing in this Agreement will be interpreted to prevent a Party from instituting
legal proceedings with respect to matters or disputes requiring injunctive or
equitable relief.
6.6 Language. This Agreement is in the English language only, which
language shall be controlling in all respects. If another language version is created
for convenience, the English language version governs.
6.7 Entire Agreement; Modification. This Agreement constitutes the entire
Agreement between the parties with respect to the Software and the subject matter
hereof, and expressly supersedes or governs any prior or contrary proposals,
negotiations, and communications, whether oral or written, between the Parties
with respect to the subject matter of this Agreement, including any terms and
conditions attached to the Purchase Order or any other Licensee purchase order or
other instrument. This Agreement may only be modified by an instrument in
writing signed by both Parties and which expressly states their intention to modify
this Agreement.
6.8 Notice. Notices shall be in writing and sent by registered mail, courier,
confirmed facsimile or confirmed email, to the party's address last made known
by it to the other party. All notices shall be deemed received the date delivery is
confirmed. Unless otherwise specified in writing by Dyadem, notices to Dyadem
shall be sent to:
FTA-Pro Preface
Dyadem International xiv
Dyadem International Ltd.
155 Gordon Baker Road, Suite 401
Toronto, ON Canada M2H 3N5
Attention: Chief Financial Officer and General Counsel
Fax: 416.649.9257
6.9 Third-Party Beneficiaries. Licensee acknowledges that Dyadem's
licensors may be third party beneficiaries of this Agreement, with the right to
enforce the obligations set forth in this Agreement with respect to the respective
technology of such licensors.
6.10 Survival. Sections 1.2, 1.3, 2, 4.2, 4.4, 5 and 6 shall survive the
termination of this Agreement for any reason whatsoever.

FTA-Pro Preface
Dyadem International xv
SCHEDULE A
SUPPORT SERVICES TERMS AND CONDITIONS
1.0 DEFINITIONS
"Enhancement" means any change or addition that improves the Software and is
not solely an Error Correction.
"Error" means any failure of the Software to conform in any material respect to
its Documentation.
"Error Correction" means a change or addition to the Software, or a procedure
or routine that corrects an Error by bringing the Software into material conformity
with its Documentation.
"Event of Force Majeure" means delays or failure to perform caused by fire,
flood, earthquake, elements of nature or acts of God; acts of war, terrorism, riots,
civil disorders, rebellions or revolutions, or any other similar events beyond the
control of such Party, which cannot reasonably be circumvented by the non-
performing Party through the use of alternate sources, work-around plans or other
means.
"Service Charges" mean fees and charges for the provision of the Support
Services.
"Support Services" means the support services provided by Dyadem for the
Software as set out in Section 3.0 of this Schedule.
"Update" means an update to the Software released by Dyadem to provide
Enhancements and/or Error Corrections.
"Version Release" means a means a generally available Update to the Software
that primarily provides Enhancements and which is designated by Dyadem as a
new version of the Software and given a distinct version number.
FTA-Pro Preface
Dyadem International xvi
Capitalized terms used in this Schedule and not otherwise defined shall have the
respective meanings given to such terms in the Agreement.
2.0 CONDITION
Licensee may elect to purchase Support Services for a term of one or more years.
Service Charges for purchased Support Services are payable in advance in
accordance with Section 4.0 of this Schedule. Provided that Licensee has paid all
applicable Services Charges and is otherwise in compliance with the Agreement,
Dyadem shall provide the Support Services set out in Section 3.0 of this Schedule.
3.0 THE SUPPORT SERVICES
3.1 Dyadem shall provide Updates to Licensee at no charge.
3.2 Dyadem will use commercially reasonable efforts to provide Licensee
with technical assistance to resolve problems encountered with the use of the
Software in accordance with the resolution timetable chart set out below::
Severity Definition
Target
Response
Target Resolution
1
The software has
ceased to work,
which prevents
performance of
critical day-to-day
business
activities.
2 Business
Hours
Dyadem will use commercially
reasonable efforts to provide an
acceptable solution within 48
hours. The solution may include
a workaround or a custom
release of the product.
2
The software use
is severely
impacted in that
an essential
function of the
software has
ceased to work.
4 Business
Hours
Dyadem will use commercially
reasonable efforts to provide an
acceptable solution within 5
business days after reproducing
the problem. The solution may
consist of a commitment to
implement a fix into a future
release or develop a
workaround.
3
The software is
causing a problem
that is only having
a minor impact on
normal operating
activities.
8 Business
Hours
Dyadem will use commercially
reasonable efforts to provide an
acceptable solution or
workaround within 20 business
days after reproducing the
problem. The solution may
consist of a change to the
product code in a future release
at the discretion of Dyadem. It
may also consist of a
workaround.
FTA-Pro Preface
Dyadem International xvii
Support Contact and Hours Information. Support shall be available from the
following sources:
Email: [email protected]
World Wide Web: www.dyadem.com/support
Telephone (US and Canada): 416-649-9200
Fax (USA and Canada): 416-649-9250
Support is available in the US and Canada between the hours of 8 a.m. and 6 p.m.
eastern time Monday to Friday each week, with the exception of statutory
holidays.
3.3 Dyadem shall provide release notes highlighting changes in any Update.
3.4 Support Services do not include on-site support, support of applications
written by Licensee or any third party, support of custom products or support for
Version Releases that Dyadem is no longer supporting as set out Section 3.5 of
this Schedule. The Support Services also do not cover any Software failures,
Errors or other problems to the extent caused by: (a) the negligence or willful
misconduct by Licensee, (b) computer hardware, (c) other software or technology
not licensed from Dyadem; (d) the use of the Software other than in accordance
with its Documentation.
3.5 Dyadem shall continue to offer Support Services for the most current
Version Release of the Software and the immediately preceding Version Release
of the Software. Dyadem may, at its discretion, cease to offer Support Services
support for older Version Releases of the Software that Dyadem elects to
discontinue, provided that Dyadem shall provide Licensee with at least thirty (30)
days notice in writing prior to such discontinuance and that any such
discontinuance shall not be effective until the expiry of any prepaid term for the
Support Services.
4
Product questions
(general) or
enhancements.
12
Business
Hours
Dyadem will use commercially
reasonable efforts to provide an
answer within 10 business days.
The solution may consist of
providing answers to questions,
submitting feature requests to
product management, and/or
making changes to future
releases of the product.
Severity Definition
Target
Response
Target Resolution
FTA-Pro Preface
Dyadem International xviii
4.0 PAYMENT FOR SERVICES
4.1 Service Charges for the initial term shall begin on the Effective Date and
are payable in advance.
4.2 After any prepaid term for Support Services, Dyadem may change the
Service Charges upon ninety (90) days' written notice, provided that: (a) no such
change shall be effective prior to the expiration of the then current term; (b) any
such increase shall be of a general nature and applicable to all licensees of the
Software and not just Licensee; and (c) Licensee shall have thirty (30) days
following the date of the notice in which to reject such an increase and instead
terminate the Support Services upon the effective date of the price increase.
5.0 RENEWAL/TERMINATION
5.1 The initial Support Services term begins on the Effective Date and
continues for the prepaid period elected by Licensee. Support Services for the
Software shall automatically be renewed for successive one year renewal terms
unless Licensee provides Dyadem with at least thirty (30) days' written notice
prior to the end of the then applicable term.
5.2 If Licensee desires to reinstate Support Services Licensee previously
terminated, Licensee shall be required to pay to Dyadem the then applicable
Service Charges for such Support Services and a reinstatement fee equal to the
aggregate Services Charges that would have been payable during the intervening
period in which Support Services were not purchased for such Software.
6.0 FORCE MAJEURE
6.1 A Party shall be excused from delays in performing or from its failure to
perform hereunder to the extent such delays or failures result from an Event of
Force Majeure provided that such Party provides notice to the other Party of the
occurrence of such Event of Force Majeure and acts diligently to remedy the
cause of such delay or failure.
FTA-Pro Preface
Dyadem International xix
7.0 ADDITIONAL SERVICES FOR PURCHASE
Dyadem may, at its discretion, make available additional or expanded support
services requested by Licensee, which shall be billed to Licensee at Dyadem's
then current time and material rates for professional services unless otherwise
agreed by the Parties.
8.0 LICENSEE RESPONSIBILITIES
8.1 Licensee must install and use the most current Update if so requested by
Dyadem to resolve an Error or otherwise to ensure the Software complies with the
terms and conditions of this Agreement and its Documentation.
8.2 Licensee shall notify Dyadem promptly following the discovery of any
Error, and if requested by Dyadem, Licensee shall provide Dyadem with
reasonable access to any information reasonably required by Dyadem in order to
reproduce the Error and the operating conditions under which the Error occurred
or was discovered.
8.3 If the Software requires a permanent key (license access code) to enable
authorized usage, Licensee shall maintain the security and confidentiality of such
key once provided by Dyadem. If a key is lost, Dyadem's sole responsibility is to
provide a replacement key that is valid for the remainder of the term and any
renewals.

FTA-Pro Preface
Dyadem International xx
SCHEDULE B
PROFESSIONAL SERVICES TERMS AND CONDITIONS
1. SUBJECT AND PURPOSE OF THIS SCHEDULE
If Licensee desires to purchase additional professional services from Dyadem for
the Software, the Parties may enter into a separate professional services
agreement. In the absence of such agreement, the terms and conditions of this
Schedule B shall govern the provision of the professional services by Dyadem and
shall supersede or govern over any contrary or inconsistent terms or conditions set
out in any purchase order or similar instrument.
The Parties expressly acknowledge and agree that the terms and conditions set out
in the Schedule do not relate to the licensing of the Software or the provision of
Support Services for the Software, and nothing in this Schedule is in any way
dependent or contingent on such matters (or vice versa). The general terms and
conditions set out in this Schedule are solely provided in order to conveniently
provide a general framework for the provision of separate and additional
professional services also offered by Dyadem in the absence of a separate
professional services agreement governing such matters. To emphasize such
distinction, Licensee or associated entity for which Dyadem is providing
professional services pursuant to this Schedule is referred to in this Schedule as
the "Client".
2. WORK STATEMENTS
Any engagement for professional services by Dyadem ("Professional Services")
shall use a statement of work, proposal or other instrument (in any case, a "Work
Statement") to identify the services to be provided by Dyadem and any
deliverables to be produced in connection with such services (the "Work
Product"), and any resources to be provided by Dyadem. Each Work Statement
shall be effective only if in writing and when signed by each Party. Neither Party
is obligated to accept any Work Statement.
FTA-Pro Preface
Dyadem International xxi
3. PRICING AND PAYMENT
Professional Services shall be performed on a time and material basis or such
other basis as may be agreed by the Parties and set out in the applicable Work
Statement. The fees and payments for particular Professional Services shall be set
forth in the Work Statement or proposal related to such Professional Services.
Client shall pay all applicable sales and similar taxes on the performance of the
Professional Services. Unless otherwise stated in a Work Statement, payment is
due when performance is rendered. Dyadem shall issue invoices to Client for
charges when due. Client agrees to pay invoices within thirty days of receipt of
such invoices, and Dyadem shall deliver such invoices in accordance with any
reasonable invoicing requirements requested by Client. If Client fails to make any
required payment within such thirty (30) days, amounts remaining unpaid shall
accrue interest at the rate of RBC's prime rate +2% until paid.
4. PERFORMANCE
All Professional Services will be rendered by Dyadem in a workmanlike manner
by personnel having an appropriate level of skill and experience commensurate
with their responsibilities. The Parties shall use commercially reasonable efforts
to perform the tasks assigned and to complete any Work Product. Scheduled
performance dates are estimates only and dependent on Client resource
availability, funding, assistance, and other factors that may cause dates to shift or
interfere with completion. Client agrees that the timely and successful design and
implementation of the Work Product requires punctual and accurate participation
by Client and good faith cooperation. Client agrees that information supplied to
Dyadem will be complete, accurate and prompt, and that Client's review,
acceptance and other directives will be timely. Dyadem shall not be responsible
for securing for Client any rights wholly or partly owned or retained by third
parties unless the applicable Work Statement expressly makes Dyadem
responsible for doing so.
5. INDEPENDENT CONTRACTORS
The Parties are independent contractors and Client shall not take any action
inconsistent with such relationship, such as withholding any statutory deductions
on behalf of Dyadem or Dyadem employees or representatives. Dyadem shall
FTA-Pro Preface
Dyadem International xxii
protect, defend, indemnify, release, and hold harmless Client from and against any
and all claims relating to the compensation of Dyadem employees or contractors,
including without limitation any failure by Dyadem to provide any unemployment
insurance, workers compensation insurance or any benefits.
6 OWNERSHIP AND INTELLECTUAL PROPERTY RIGHTS
6.1 Existing Intellectual Property Rights; Exclusive Statement of
Rights. All intellectual property existing prior to performance of Professional
Services will belong to the Party owning such rights prior to such performance.
Neither Party will gain by virtue of the Professional Services any intellectual
property rights to any trade or service mark rights owned by the other Party.
6.2 Rights in Work Product. As between the Parties, any Work
Product provided by Dyadem pursuant to the Professional Services shall be
Client's property. Notwithstanding the foregoing, this license does not expand any
license Client has for any Dyadem software or grant Client any ownership rights
to any such software or any derivative products thereof, and to the extent any
Work Product contains modifications to a Dyadem software product that is under
license to Client, such software enhancements shall be deemed to be subject to the
software license agreement in place between Dyadem and Client for such Dyadem
software product. Nothing herein restricts, impairs or deprives Dyadem of any of
its rights or proprietary interest in technology or products which existed prior to
and are enhanced during performance, or independent of the performance, of
services or provision of materials, under this Agreement or this Schedule. Client's
rights under this Section are contingent upon performance of its obligations
hereunder and under any applicable Work Statement, and no rights are granted or
conveyed by Dyadem to Client except when and so long as such obligations are
performed.
7. TERMINATION OF WORK STATEMENTS
Unless otherwise stated in the applicable Work Statement, its term shall last until
completion of the Professional Services identified in such Work Statement.
Either Party may request cancellation of a Work Statement upon the other Party's
failure to materially to meet its obligations under this Schedule or the Work
Statement by providing written notice to the defaulting party. Upon receipt of
such notice, the notified Party shall use its commercially reasonable best effort to
FTA-Pro Preface
Dyadem International xxiii
correct such default within ten (10) business days, failing which the non-
defaulting Party may immediately terminate the Work Statement upon written
notice to the defaulting Party.
8. NON-SOLICITATION
Without Dyadem's prior written consent, Client shall not recruit or hire any
Dyadem personnel who are or have been assigned to perform work until one (1)
year after the termination of the applicable services performed by such personnel.
9. INSURANCE
Dyadem shall maintain commercially reasonable insurance coverage, including
without limitation commercial general liability and employers liability insurance,
commensurate with the nature and scope of the Professional Services being
provided.
10. CLIENT POLICIES AND PROCEDURES.
While on the premises of Client, Dyadem shall ensure that its personnel comply in
all material respects with any policies and procedures of Client provided to
Dyadem in writing to the extent applicable given the nature and scope of the
Professional Services.
FTA-Pro Table of Contents
Dyadem International i
Table of Contents
Preface................................................................................................iii
Getting Software and Engineering Support............................................. iv
Dyadem Software License Agreement ................................................... v
Chapter 1: Installing the Software .......................................................1
Minimum System Requirements ........................................................... 2
Installing FTA-Pro on a Single Workstation............................................. 4
Installing FTA-Pro on a Network ........................................................... 6
Starting FTA-Pro ............................................................................... 15
Authorizing Your License .................................................................... 16
Updating FTA-Pro .............................................................................. 18
Contacting Dyadem........................................................................... 19
Uninstalling FTA-Pro .......................................................................... 21
Chapter 2: Overview of Fault Tree Analysis Methodology...................22
Definition of a Fault Tree .................................................................... 23
Dynamic Fault Trees .......................................................................... 24
Purpose of FTA.................................................................................. 25
Procedure for Carrying Out an FTA....................................................... 26
Basic Event Failure Models.................................................................. 27
Qualitative System Analysis................................................................ 30
Unreliability System Analysis Methods.................................................. 32
System Unreliability Calculation Methods .............................................. 34
Calculating Failure in Repairable Systems ............................................. 37
Calculating Failure in Non-Repairable Systems ...................................... 41
Confidence Analysis........................................................................... 42
Common Cause Failure Models............................................................ 44
Component Importance Measures........................................................ 49
Chapter 3: Getting Started .................................................................52
Overview of the FTA-Pro Interface ....................................................... 53
Program Menus................................................................................. 54
Project Window................................................................................. 59
FTA Toolbox ..................................................................................... 61
The Fault Tree Grid............................................................................ 62
Changing the Language Options .......................................................... 63
Saving Files...................................................................................... 65
Changing a Files Name or Format ....................................................... 67
Opening Files.................................................................................... 68
Closing Files ..................................................................................... 69
Exiting FTA-Pro ................................................................................. 70
Chapter 4: Learning the Basics...........................................................71
Creating Fault Trees .......................................................................... 72
Types of Gates and Events ................................................................. 73
Adding Gates and Events.................................................................... 76
Dynamic Module Restrictions .............................................................. 78
Accessing the Node Properties Dialog Box............................................. 79
Setting Gate Properties ...................................................................... 80
Setting Event Properties..................................................................... 83
Displaying Calculation Input Values...................................................... 93
Working With Repeated Events............................................................ 94
Working With Common Cause Failure Groups ........................................ 96
Moving, Copying, Pasting and Deleting Nodes ....................................... 99
Finding a Gate or an Event ............................................................... 103
Converting Events into Gates ............................................................ 106
Converting Gates to Events .............................................................. 107
Changing Logic or Dynamic Gates into Transfer Gates .......................... 108
Entering Data from the Event Data Library.......................................... 109
FTA-Pro Table of Contents
Dyadem International ii
Undoing and Redoing Actions............................................................ 110
Renaming a Fault Tree ..................................................................... 111
Zooming In and Out of the Fault Tree ................................................ 112
Deleting a Fault Tree ....................................................................... 113
Chapter 5: Calculating Probability ....................................................114
Setting Your Calculation Options........................................................ 115
Validating Your Fault Tree................................................................. 123
Calculating Your Results ................................................................... 124
Displaying the Calculation Results...................................................... 125
Recommendations for Calculating Large Fault Trees ............................. 131
Chapter 6: Generating Reports.........................................................135
Using The Report Generator.............................................................. 136
Report Results ................................................................................ 139
Searching Your Reports.................................................................... 143
Printing Reports .............................................................................. 144
Exporting Reports............................................................................ 147
Chapter 7: Printing and Exporting....................................................148
The Print Options Dialog Box............................................................. 149
Setting the Contents of the Printing ................................................... 150
Laying Out the Fault Tree for Printing................................................. 153
Formatting the Page for Printing........................................................ 154
Adding Page Information.................................................................. 156
Scaling the Fault Tree ...................................................................... 157
Printing Documents ......................................................................... 158
Generating PDF Files........................................................................ 160
Exporting Fault Trees as Event Data................................................... 161
Exporting Faults Tree as Image Files.................................................. 162
Chapter 8: Importing Fault Trees and Event Data.............................163
Importing Fault Trees ...................................................................... 164
Importing Event Data ...................................................................... 170
Appendix A: Calculation Methods for Static Fault Trees....................173
Boolean Reliability Models................................................................. 174
Minimal Cut Set Calculation .............................................................. 184
Optimized Decomposition Method...................................................... 192
Monte Carlo Simulation Method......................................................... 201
Practical Criteria of Algorithm Efficiency.............................................. 205
Appendix B: Calculation Methods for Dynamic Fault Trees ...............206
Markov Chain Method ...................................................................... 207
Dynamic Gates ............................................................................... 210
Monte Carlo Method for Dynamic Fault Trees....................................... 219
Tutorial A: Conducting a Fault Tree Analysis Study ..........................222
The FTA Study Details...................................................................... 223
Constructing the Tree ...................................................................... 225
Analyzing the Fault Tree................................................................... 235
Displaying Your Calculation Results.................................................... 240
Tutorial B: Importing Fault Trees and Event Data ............................245
FTA-Pro Sample Files ....................................................................... 246
Importing a Fault Tree From the Sample FTA-Pro File........................... 247
Importing the Sample FMEA-Pro Fault Tree......................................... 251
Importing Event Data from the Sample Files ....................................... 256
Suggested Reading...........................................................................265
Index ...............................................................................................266
FTA-Pro Chapter 1: Installing the Software
Dyadem International 1
CHAPTER 1: INSTALLING THE SOFTWARE
This chapter tells you the minimum system requirements your computer must
have and the steps you need to perform to install the software. You will learn how
to start FTA-Pro and authorize your license so you can begin a new Fault Tree
Analysis. The chapter also explains how to update the software, and how to
remove it from your computer.
This section discusses the following topics:
Minimum System Requirements on page 2.
Installing FTA-Pro on a Single Workstation on page 4.
Installing FTA-Pro on a Network on page 6.
Starting FTA-Pro on page 15.
Authorizing Your License on page 16.
Updating FTA-Pro on page 18.
Contacting Dyadem on page 19.
Uninstalling FTA-Pro on page 21.
FTA-Pro Chapter 1: Installing the Software
Dyadem International 2
Minimum System Requirements
FTA-Pro is designed to operate in a 32-bit Windows Operating System with .NET
2.0 Runtime. If you do not have Microsoft .NET Framework Runtime version 2.0
or higher installed on your machine, you can download it from the Microsoft web
site.
This section discusses the following topics:
Desktop System Requirements on page 2.
Network System Requirements on page 3.
Desktop System
Requirements
In order for FTA-Pro to run on your system, your computer must meet the
following minimum system requirements:
Tip: The Microsoft .NET Framework Version 2.0 Redistributable Package (x86) can
be downloaded from:
http://www.microsoft.com/downloads/details.aspx?FamilyID=0856EACB-
4362-4B0D-8EDD-AAB15C5E04F5&displaylang=en
Desktop Installation
Operating System
Windows XP SP 2
Vista
Computer / Processor
Minimum:
733 MHz Pentium III (or equivalent)
Recommended:
1 GHz Pentium IV (or equivalent)
RAM Size
Minimum:
512 MB (Windows)
1 GB (Vista)
Recommended:
1 GB (Windows)
2 GB (Vista)
Hard Drive Space
Program Requirements:
50 MB
Database Requirements:
1 GB
FTA-Pro Chapter 1: Installing the Software
Dyadem International 3
Network System
Requirements
In order for FTA-Pro to run on your network, your server and workstations must
meet the following minimum system requirements:
Network Installation
Operating System
Server:
Windows Server 2003 with IIS 6.0
Windows Server 2008 with IIS 6.0
Windows XP with IIS 5.1
Windows Vista with IIS 7.0
Workstation:
Windows XP SP 2
Windows Vista
Computer / Processor
Server and Workstation:
Minimum:
733 MHz Pentium III (or equivalent)
Recommended:
1 GHz Pentium IV (or equivalent)
RAM Size
Server and Workstation:
Minimum:
512 MB
Recommended:
1 GB
Hard Drive Space
Server:
Program Requirements:
50 MB
Database Requirements:
1 GB
FTA-Pro Chapter 1: Installing the Software
Dyadem International 4
Installing FTA-Pro on a Single Workstation
The workstation version of FTA-Pro must be installed on your computer for use.
You cannot run the program from the CD. To successfully install and run FTA-
Pro, you must be able to install the program by one of the following:
Internet access that supports file downloads.
CD-ROM or DVD Drive.
Before installing FTA-Pro on your machines, you should install Microsoft .NET
Framework Runtime version 2.0 or higher. If you do not have .NET installed on
your machine, the installation program asks you to install .NET as part of FTA-
Pros installation procedure.
To install FTA-Pro on a single workstation:
Note: You must have internet access in order to install FTA-Pro on your computer.
Tip: The Microsoft .NET Framework Version 2.0 Redistributable Package (x86) can
be downloaded from:
http://www.microsoft.com/downloads/details.aspx?FamilyID=0856EACB-
4362-4B0D-8EDD-AAB15C5E04F5&displaylang=en
Note: You must have administrator privileges before installing this software.
Contact your Information Systems Specialist for assistance if necessary.
Note: In order to install FTA-Pro on a Vista machine, you must run the installer as
an administrator. You can do this by right clicking the installation package
and selecting "Run as Administrator". Contact your Information Systems
Specialist for assistance if necessary.
Step Action
1. Download package from web site.
OR
If downloading from the CD:
1. Place the CD in the CD-ROM or DVD drive.
The AutoPlay brings up a product selection window (if AutoPlay is
disabled, double-click your CD-ROM in My Computer to manually
launch selection window).
2. Select FTA-Pro from list.
3. Select Install Software.
The File Download dialog box opens.
2. Click Save.
The Save As dialog box opens.
3. Using the Save In field, select the folder that you want to save
the file in.
4. Click Save.
5. Click Open.
Winzip opens.
Note: You must have Winzip on your computer to open the file.
6. Extract all of the files from the .zip file to your computer.
FTA-Pro Chapter 1: Installing the Software
Dyadem International 5
The first time you launch FTA-Pro, the License dialog box opens. It asks for a
License to authorize the copy of FTA-Pro. For information on authorizing your
software, see Authorizing Your License on page 16.
7. Using Windows Explorer, go to the folder containing the setup
files.
8. Double-click Setup.exe.
The Installation Wizard opens.
9. Click Next.
The License Agreement opens.
10. Select the I Agree radio button.
11. Click Next.
The Select Installation Folder dialog box opens.
Tip: To change the location of where the program is to be installed,
enter the new location in the text field; otherwise FTA-Pro is
installed to C:\Program Files\FTA-Pro\.
12. Click Next.
The Confirm Installation window appears.
13. Click Next.
FTA-Pro installs.
14. Click Close.
Step Action
FTA-Pro Chapter 1: Installing the Software
Dyadem International 6
Installing FTA-Pro on a Network
Network version uses Microsoft ClickOnce technology. The program is installed
on IIS server and is activated via an Internet Explorer. No installation is necessary.
The first invocation is slow, since the program has to be copied from the web
server. Subsequent invocations are faster, since the program is loaded from the
local application cache.
Anyone on the network can run the program, however, there is a limit on number
of concurrent users. Once is the program started, there is no difference between
the network and locally installed version, except for the data directory. Only the
locally installed program has a data directory.
This section discusses the following topics:
Types of Network Licenses on page 6.
Preconditions on page 6.
Windows 2003 Server and XP Preconditions on page 7.
Enabling Dynamic Content for IIS 6.0 on the Windows 2003 Server on page 7.
Windows 2008 Server Installation Preconditions on page 7.
Windows Vista Installation Preconditions on page 8.
Installing FTA-Pro on Your Network Server on page 9.
Installing FTA-Pro on a Vista Server on page 10.
Disabling the IIS Version 7 Filtering on page 12.
Authorizing Your Network Version on page 12.
FTA-Pro Network Installation FAQs on page 13.
Types of Network Licenses FTA-Pro has two different types of Network Licenses:
Network Concurrent User License. This license restricts the number of users
that can use FTA-Pro at any given time.
Temporary Network Concurrent User License. This license allows only
selected users access to the program and limits the number of users at any
given time. The license is good only for a limited period of time.
Preconditions The target server must have:
Note: You must have administrator privileges before installing this software.
Operating System
Internet Information
Services (IIS) Version
.NET Framework Version
Windows XP IIS 5.1 .Net 2.0
Windows 2003
Server
IIS 6.0 .Net 2.0
Windows 2008
Server
IIS 7.0 .Net 3.0
Windows Vista IIS 7.0 .Net 3.0
FTA-Pro Chapter 1: Installing the Software
Dyadem International 7
Windows 2003 Server and XP
Preconditions
The target server has to have IIS 5.1 (Windows XP) or 6.0 (Windows 2003 Server)
and .Net 2.0 installed.
The web server must be installed first. If the .Net 2.0 has been installed first, you
must re-configure the web server.
To re-configure the web server to use .Net 2.0:
Enabling Dynamic Content
for IIS 6.0 on the Windows
2003 Server
By default the IIS 6.0 comes with dynamic content disabled. The ASP .NET has
to be enabled for proper FTA-Pro functionality:
To enable the ASP .NET
Windows 2008 Server
Installation Preconditions
Microsoft Server 2008 comes with IIS 7.0. You must make it backwards
compatible to IIS 6.0.
To set the Windows 2008 Server preconditions:
Tip: The Microsoft .NET Framework Version 2.0 Redistributable Package (x86) can
be downloaded from:
http://www.microsoft.com/downloads/details.aspx?FamilyID=0856EACB-
4362-4B0D-8EDD-AAB15C5E04F5&displaylang=en
Step Action
1. Go to Control Panel>Add or Remove Programs>Microsoft .NET
Framework 2.0
2. Select Repair.
The webserver is re-configured to use .Net 2.0.
Tip: If the program still does not work:
1. Uninstall IIS, .Net 2.0 and FTA-Pro.
2. Reinstall IIS.
3. Reinstall .Net 2.0.
4. Reinstall FTA-Pro.
Step Action
1. Go to Administrative Tools>IIS Manager.
2. Click on local computer.
3. Click on Web Service Extensions.
4. Allow ASP .NET version 2.0.50727.
Step Action
1. Go to Administrative Tools>Server Manager.
2. In the left navigation pane expand Roles.
3. Right-click Web Server (IIS).
4. Select Add Role Services.
5. Go to Select Role Services>IIS 6 Management Compatibility.
FTA-Pro Chapter 1: Installing the Software
Dyadem International 8
Windows Vista Installation
Preconditions
To set the Windows Vista preconditions:
Adding Admin to the Vista
Context Menu
Vista does not have an option to run MSI's as the admin by default, but you can
add the option to the context menu by modifying the registry.
To modify the registry:
6. Select the check boxes for:
IIS 6 Metabase Compatibility.
IIS 6 Management Console.
7. Turn on FTP Publishing Service (and all subitems).
8. Go to World Wide Web Services>Application Development
Features.
9. Turn on .NET Extensibility, ASP, ASP.NET.
10. Click Next on the Select Role Services pane.
11. Click Install on the Confirm Installations Selections pane.
12. Click Close to leave the Add Role Services wizard.
Step Action
Step Action
1. Go to Control Panel>Programs and Features.
2. In the left pane, select Turn Windows features on or off
3. Open the Internet Information Service tree.
4. Turn on FTP Publishing Service (and all subitems).
5. Turn on Web Management Tools (and all subitems).
6. Go to World Wide Web Services>Application Development
Features.
7. Turn on .NET Extensibility, ASP, ASP.NET.
8. Click OK button
Step Action
1. Create a *.reg file with the following:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\Msi.Package\shell\runas\command]
@=hex(2):22,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,
00,6f,00,74,\
00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,0
0,6d,00,\
73,00,69,00,65,00,78,00,65,00,63,00,2e,00,65,00,78,00,65,00,22,00,2
0,00,2f,\
00,69,00,20,00,22,00,25,00,31,00,22,00,20,00,25,00,2a,00,00,00
2. Double-click the file.
A registry editor dialog box opens.
FTA-Pro Chapter 1: Installing the Software
Dyadem International 9
Installing FTA-Pro on Your
Network Server
To install FTA-Pro on your network server:
3. Click OK.
You can now run the msi using the Vista context menu.
Step Action
Note: Before starting the installation, make sure that you have met the
preconditions and that you have enabled dynamic content for IIS 6.0. For
more information, see Preconditions on page 6.
Step Action
1. Download package from web site.
OR
If downloading from the CD:
1. Place the CD in the CD-ROM or DVD drive.
The AutoPlay brings up a product selection window (if AutoPlay is
disabled, double-click your CD-ROM in My Computer to manually
launch selection window).
2. Select FTA-Pro from list.
3. Select Install Network Software.
The Installation Wizard opens.
2. Click Next.
The License Agreement opens.
3. Select the I Accept the terms of the license check box.
4. Click Next.
The Destination Folder dialog box opens.
Note: Ensure that the destination folder is C:\Inetpub\wwwroot\.
5. Click Next.
The Ready to install dialog box appears.
6. Click Install.
FTA-Pro installs.
7. Click Finish.
The Request Network License dialog box opens.
8. Complete the following fields on yourself and your company:
Name.
Title. (Optional)
Company.
Department. (Optional)
Phone.
Extension. (If applicable)
E-mail Address.
9. From the Type of License drop-down list, select the type of
license required.
10. Enter the serial number in the Serial No. field. (Optional)
11. Enter the number of licenses purchased in the Users field.
12. Enter any additional information in Notes field.
FTA-Pro Chapter 1: Installing the Software
Dyadem International 10
Installing FTA-Pro on a Vista
Server
Installing FTA-Pro on a server using Microsoft Vista uses a different installation
procedure. Before installing FTA-Pro on Windows Vista machine, IIS must be
installed and configured to allow .NET services to work with FTA-Pro. I
To install FTA-Pro if you have to install IIS:
13. Enter the following information on your account manager or
customer care representative:
Name.
E-mail address.
14. Click either:
Send Request by E-mail Now.
Save Request to File.
Note: The latter option is required if you use web-based e-mail or
unsupported e-mail software. You must e-mail the file to
[email protected].
The Save as dialog box opens.
15. Click Save.
If you have selected Send Request by E-mail Now, the file containing the
license request is saved in the <your web server root
directory>\DyademWebServices\Bin directory and attached to an e-mail
addressed to [email protected].
If you have selected Save Request to File, the file containing the license
request is saved in the <your web server root
directory>\DyademWebServices\Bin directory. You must create an e-
mail and attach the file to the e-mail yourself.
Note: If you are using Vista, the file is saved to the Desktop.
Tip: You can use the Save As dialog box to save the key request in a
different folder if you wish.
16. E-mail the request to Dyadem.
Dyadem issues a license and mails it back to you.
Step Action
Note: If IIS was installed on the Windows Vista machine, before the .NET runtime
libraries, then you must run Windows repair to bind the .NET runtime
libraries to IIS.
Note: Vista doesn't have an option to run MSI's as the admin by default, but you
can add the option to the context menu by adding the following to the
registry: Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\Msi.Package\shell\runas\command]
@=hex(2):22,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,
6f,00,74,\
00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,6
d,00,\
73,00,69,00,65,00,78,00,65,00,63,00,2e,00,65,00,78,00,65,00,22,00,20,
00,2f,\
00,69,00,20,00,22,00,25,00,31,00,22,00,20,00,25,00,2a,00,00,00
Step Action
1. Go to Start >Select Control Panel.
2. Select Programs from the dialog box.
FTA-Pro Chapter 1: Installing the Software
Dyadem International 11
To install FTA-Pro if IIS is already installed:
3. Select Turn Windows Features ON or OFF from the Program and
Features dialog box.
4. Click OK in the dialog box.
5. Highlight Internet Information Server and click OK.
6. After the IIS is installed, repeat steps #1 to #3.
7. Expand the Internet Information Services group.
8. Expand the Web Management Tools group and select all options.
9. Expand the World Wide Web Services Group.
10. Expand the Application Development Features.
11. Check the ASP.NET option.
This automatically selects required options.
12. Expand the Microsoft .NET Framework 3.0 group to verify that
XPS Viewer option is selected.
Note: If it is not selected, select it.
13. Click OK.
14. Install the network version of FTA-Pro.
For more information, see Installing FTA-Pro on Your Network Server on
page 9.
15. Activate the license.
For more information, see Authorizing Your Network Version on page 12.
16. Disable the IIS Version 7 filtering.
For more information, see Disabling the IIS Version 7 Filtering on
page 12.
Step Action
1. Go to Start >Select Control Panel.
2. Select Programs from the dialog box.
3. Select Turn Windows Features ON or OFF from the Program and
Features dialog box.
4. Expand the Internet Information Services group.
5. Expand the Web Management Tools group and select all options.
6. Expand the World Wide Web Services Group.
7. Expand the Application Development Features.
8. Check the ASP.NET option.
This automatically selects required options.
9. Expand the Microsoft .NET Framework 3.0 group to verify that
XPS Viewer option is selected.
Note: If it is not selected, select it.
Step Action
FTA-Pro Chapter 1: Installing the Software
Dyadem International 12
Disabling the IIS Version 7
Filtering
Once you have installed FTA-Pro, you have to disable the IIS version 7 filtering.
By default, IIS 7 does not allow transferring .config files over the Internet. As a
result users trying to connect to FTA-Pro Network Install on a Windows Vista
machine could get a "Files missing" error.
To disable Internet Information Services version 7 filtering:
Authorizing Your Network
Version
Once you have received your license from Dyadem, you can authorize your
program.
To authorize your copy of FTA-Pro:
10. Click OK.
11. Install the network version of FTA-Pro.
For more information, see Installing FTA-Pro on Your Network Server on
page 9.
12. Activate the license.
For more information, see Authorizing Your Network Version on page 12.
13. Disable the IIS Version 7 filtering.
For more information, see Disabling the IIS Version 7 Filtering on
page 12.
Step Action
Step Action
1. Using Windows Explorer, navigate to:
C:\WINDOWS\System32\inetsrv\config
2. Open the "applicationHost.config" file.
3. Find this element in the XML file:
<add fileExtension=".config" allowed="false" />
4. Change to read:
<add fileExtension=".config" allowed="true" />
5. Either:
Re-start the Default Web Site.
Re-boot the server.
Step Action
1. Open the e-mail reply.
2. On the e-mail menu, go to File>Save Attachments.
3. Use the Save As dialog box to save the license.xml file in the
<your web server root
directory>\DyademWebServices\App_Data\ directory.
FTA-Pro Chapter 1: Installing the Software
Dyadem International 13
FTA-Pro Network Installation
FAQs
FAQs on FTA-Pro Network Installation:
4. Re-start the IIS web server.
The program is now ready to be launched. For more information, see
Launching a Network Version of FTA-Pro on page 15.
Note: If you have installed the program on a Windows XP server, you
must ensure that access is enabled to the server from other
computers on your LAN:
1. Go to Control Panel/Security Center/Windows
Firewall.
2. Click the Exceptions tab.
3. Click Add Port.
4. Add TCP on Port 80.
Step Action
Question 1: After a successful installation I get the following error when I try to
run the program:
License error: The request failed with HTTP status 404: Not Found.
Answer: By default the IIS 6.0 comes with dynamic content disabled.
ASP .NET has to be enabled for proper FTA-Pro functionality:
1. Go to Administrative Tools/IIS Manager.
2. Click on Local Computer.
3. Click on Web Service Extensions.
4. Allow ASP .NET version 2.0.50727.
Question 2: After a successful installation I get the following error when I run the
program:
Cannot Start Application
Application installation did not succeed. Cannot locate application files on the
server.
When I click on "Details..." button I get a log file containing the following error:
Downloading http://<servername>/1.0.0.0/ftapro.exe.config did not succeed.
The remote server returned an error: (404) Not Found.
Answer: The IIS 6.0 does not serve any file which extension has no entry in its
MIME table. When .NET Framework is installed or repaired it updates the IIS MIME
table with all necessary file extensions for the program activation.
1. Go to Control Panel/Add or Remove Programs/Microsoft .NET
Framework 2.0.
2. Select Repair.
Question 3: When I start the program, I get the following error:
The request failed with HTTP status 401: Unauthorized.
Answer: Enable anonymous access to the web site:
1. Go to Default Web Site properties.
2. Select the Directory Security tab.
3. Edit Anonymous access and authentication control.
4. Check Anonymous access.
Question 4: I get following error while trying to register the program:
Could not create type 'LicensingService'.
Answer: If the version information in the error message lists "Microsoft .NET
Framework Version:1.1.4322.2300", install .Net version 2.0.
FTA-Pro Chapter 1: Installing the Software
Dyadem International 14
Question 5: I installed the network version of FTA-Pro and can use it on the server.
However, it cannot be started on other computers on the network.
Answer: If you are using Windows XP: On the server, go to Control Panel/
Security Center/Windows Firewall and add TCP on part 80 to the Exceptions
tab.
If you are using Windows Vista: Ensure that the IIS 7 filtering is disabled. For more
information, see Disabling the IIS Version 7 Filtering on page 12.
FTA-Pro Chapter 1: Installing the Software
Dyadem International 15
Starting FTA-Pro
Launching a Desktop Version
of FTA-Pro
To launch a desktop version of FTA-Pro:
Launching a Network Version
of FTA-Pro
The first time you use the network version of FTA-Pro, you will find that the
program is slow to start up, since the program has to be copied from the web
server. Subsequent usages of the program are faster, since the program is loaded
from the local application cache.
To launch a network version of FTA-Pro:
Step Action
1. On the Start menu, point to Programs.
2. Select the FTA-Pro folder.
3. Click the FTA-Pro icon.
FTA-Pro opens on your screen.
Note: If you are starting FTA-Pro for the first time, see Authorizing Your
License on page 16.
Step Action
1. Open Internet Explorer (IE) on your workstation.
2. Browse to
http://<your server>/FTA-Pro
or
http://<your server>/FTA-Pro/index.htm
Tip: Save this screen in your Favorites folder and then click on the
name to quickly access the login screen when you want to use
FTA-Pro.
3. Activate the application either by:
1. Clicking on the FTA-Pro link.
Or
1. Typing http://<your server>/FTA-Pro/FTA-Pro.application in
the address field.
2. Pressing Enter.
FTA-Pro Chapter 1: Installing the Software
Dyadem International 16
Authorizing Your License
Once you have installed FTA-Pro, you must authorize its license using a license.
This is a two stage process. You request a license from Dyadem, and then you use
the key to authorize your copy of FTA-Pro.
This section discusses the following topics:
Applying for Your License on page 16.
Authorizing Your Copy of FTA-Pro on page 17.
Applying for Your License The first time you start FTA-Pro, the License dialog box opens. To apply for the
license, you must complete the Request License form and e-mail it to us. Dyadem
then sends back a file with the license that contains the activation codes that you
require to validate FTA-Pro.
To apply for the license:
Note: This procedure applies only for a workstation version of FTA-Pro. License
authorization is part of the network installation procedure.
Step Action
1. In the License dialog box, click Request License.
Request License dialog box opens.
2. Complete the following fields on yourself and your company:
Name.
Title. (Optional)
Company.
Department. (Optional)
Phone.
Extension. (If applicable)
E-mail Address.
3. From the Type of License drop-down list, select the license type.
4. Enter the serial number in the Serial No. field.
5. Enter any additional information in Notes field.
6. Enter the following information on your account manager or
customer care representative:
Name.
E-mail address.
7. Click either:
Send Request by E-mail Now.
Save Request to File.
Note: The latter option is required if you use web-based e-mail or
unsupported e-mail software. You must e-mail the file to
[email protected].
Save as dialog box opens.
FTA-Pro Chapter 1: Installing the Software
Dyadem International 17
Authorizing Your Copy of
FTA-Pro
Once you have received your license from Dyadem, you save it to your computer
and then apply it to software. Once this is done, the software can be used.
To authorize your copy of FTA-Pro:
8. Click Save.
If you have selected Send Request by E-mail Now, the file containing the
license request is saved in the FTA-Pro\Bin directory and attached to an
e-mail addressed to [email protected].
If you have selected Save Request to File, the file containing the license
request is saved in the FTA-Pro\Bin directory. You must create an e-mail
and attach the file to the e-mail yourself.
Tip: You can use the Save As dialog box to save the key request in a
different folder if you wish.
9. E-mail the request to Dyadem.
Dyadem issues a license and mails it back to you.
Step Action
Step Action
1. Open the e-mail reply.
2. On the e-mail menu, go to File>Save Attachments.
3. Use the Save As dialog box to save the key to the same folder as
the key request.
4.
Open FTA-Pro.
The License dialog box opens.
5. Click Load License from File.
The Open dialog box opens.
6. Using the Look in field, navigate to the folder containing the
license.
7. Select the file containing the license.
8. Click Open.
Your copy of FTA-Pro is licensed and ready for use.
FTA-Pro Chapter 1: Installing the Software
Dyadem International 18
Updating FTA-Pro
Dyadem regularly updates its software products to add new features, deal with
known issues and otherwise improve the quality of its products. Registered
owners of FTA-Pro who are covered by the Maintenance Plan (see the Dyadem
Software License Agreement on page v) can always download the latest update
from Dyadems Technical Support page.
Downloading Updates from
the Web
To download an update of FTA-Pro:
Note: Installing an update on your computer does not void your existing license.
Step Action
1. Go to Help>About FTA-Pro.
The About dialog box appears. Under Version, the dialog box displays the
version number of FTA-Pro that is installed on your computer system.
2. Record this number on a piece of paper.
3. Click OK.
The dialog box closes.
4. Go to Help>Technical Support from the drop-down menu.
Your web-browser launches and connects to Dyadems Technical Support
page.
5. Log into the Dyadem Technical Support site using your username
and password.
6. Navigate to the download page for product updates.
7. Compare the version number displayed on this Web page with
the information you recorded in step 3.
If the information is the same, your copy of FTA-Pro is already up-to-
date.
8. If an update is available, click the download link and follow the
instructions on your screen.
FTA-Pro Chapter 1: Installing the Software
Dyadem International 19
Contacting Dyadem
The Help menu has three commands that take you to various parts of our web site:
The Dyadem home page.
Technical support log in page.
Product feedback page.
Accessing Dyadems Home
Page
To access Dyadems home page:
Accessing Dyadems
Technical Support Page
Registered owners of FTA-Pro who are covered by our Maintenance Plan (see the
Dyadem Software License Agreement on page v) can access Dyadems dedicated
technical support web site.
To access Dyadems technical support web site:
Providing Product Feedback To help make our products more reliable and easier to use, we appreciate any
information on problems you may encounter using our software or suggestions as
to any new features you would like included in the next release.
To provide product feedback:
Step Action
Go to Help>Dyadem Web Site.
Your web-browser launches and connects to Dyadems home page.
Step Action
1. Go to Help>Technical Support.
Your web-browser launches and connects to Dyadems Technical Support
page.
2. Log in to the Support Web Site:
1. Enter your name in the Name field.
2. Enter your password in the Password field.
3. Click Login.
Step Action
1. Go to Help>Product Feedback.
Your web-browser launches and connects to Dyadems Product Feedback
page.
2. Select FTA-Pro from the Products drop-down list.
FTA-Pro Chapter 1: Installing the Software
Dyadem International 20
3. Complete the following fields on yourself and your company:
Name.
Company Name.
Address. (where the software is installed)
City. (Optional)
Country. (Optional)
State. (Optional)
Zip Code. (Optional)
Phone Number.
Fax Number. (Optional)
E-mail Address.
4. Enter your suggestions or comments in the What would you like
implemented in the next version? field.
5. Click Submit Information.
Step Action
FTA-Pro Chapter 1: Installing the Software
Dyadem International 21
Uninstalling FTA-Pro
FTA-Pro is uninstalled using Add or Remove Programs in Windows Control
Panel.
To uninstall FTA-Pro from your computer:
Note: Uninstalling FTA-Pro terminates your license, and may cause loss of data.
Step Action
1. In Windows, go to Start>Control Panel to open up the Control
Panel.
2. Click the Add or Remove Programs icon.
The Add or Remove Programs dialog box opens.
3. Select FTA-Pro from the list.
4. Click Remove.
FTA-Pro is removed from your computer.
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 22
CHAPTER 2: OVERVIEW OF FAULT TREE
ANALYSIS METHODOLOGY
Fault Tree Analysis (FTA) is a widely used technique in System Reliability
Analysis. This chapter provides an overview of Fault Tree Analysis.
This section discusses the following topics:
Definition of a Fault Tree on page 23.
Dynamic Fault Trees on page 24.
Purpose of FTA on page 25.
Procedure for Carrying Out an FTA on page 26.
Basic Event Failure Models on page 27.
Qualitative System Analysis on page 30.
Unreliability System Analysis Methods on page 32.
Calculating Failure in Repairable Systems on page 37.
Calculating Failure in Non-Repairable Systems on page 41.
Confidence Analysis on page 42.
Common Cause Failure Models on page 44.
Component Importance Measures on page 49.
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 23
Definition of a Fault Tree
A fault tree is a logic structure displaying the relationship between an undesired
potential event (top event) and all its causes. Each direct cause of the top event
can be logically divided by its causal events. This top down procedure is
continued deductively. Causes can be of several different types, including, but not
limited to:
Environmental conditions.
Human error.
Normal (expected) events.
Component failure.
Figure 2-1: This simple fault tree breaks down the top event, in this case power
unavailable, into its causes.
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 24
Dynamic Fault Trees
A dynamic system is a system whose state at any time depends on its entire
history. To describe a dynamic system, we have to track it from the starting to the
current time point. A typical example of dynamic system is one, whose output
depends on the sequence of input events. The reliability of such systems can be
described by Dynamic fault trees. A static system and its corresponding fault tree
can be time dependent, but to calculate it at any time, we only need input for one
time. The most popular tool for describing reliability of dynamic system is the
Markov Chain.
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 25
Purpose of FTA
Fault Tree Analysis (FTA) evaluates the probability of the failure of the top event
of a system by using analytical or simulation methods. Different failure models of
the system components and their logical connections can be applied to simulate
the system reliability. FTA has the capability of estimating the importance of each
system component, and defining components whose improvement (or
maintenance) leads to significantly improving the systems reliability. In addition,
FTA allows the identification of all failure modes (minimal cut sets) of a complex
system. However, these problems can be complicated for large fault trees
containing repeated events.
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 26
Procedure for Carrying Out an FTA
The United States Coast Guard (USCG) uses an eight step procedure for carrying
out a Fault tree Analysis. For more information, go to http://www.uscg.mil/hq/gm/
risk/e-guidelines/rbdm/html/vol3/09/v3-09-03.htm
The USCG procedure for performing a fault tree analysis is as follows:
Step Description
1. Define the system of interest.
Specify and clearly define the boundaries and initial conditions of the
system for which failure information is needed.
2. Define the TOP event for the analysis.
Specify the problem that the analysis will address. This may be a specific
quality problem, shutdown, safety issue, etc.
3. Define the treetop structure.
Determine the events and conditions (for example, intermediate events)
that most directly lead to the TOP event.
4. Explore each branch in successive levels of detail.
Determine the events and conditions that most directly lead to each
intermediate event. Repeat the process at each successive level of the
tree until the fault tree model is complete.
5. Solve the fault tree for the combinations of events contributing to
the TOP event.
Examine the fault tree model to identify all the possible combinations of
events and conditions that can cause the TOP event.
6. Identify important dependent failure potentials and adjust the
model appropriately.
Study the fault tree model and the list of minimal cut sets to identify
potentially important dependencies among events. Dependencies are
single occurrences that may cause multiple events or conditions to occur
at the same time. This step is qualitative common cause failure analysis.
7. Perform quantitative analysis (if necessary).
Use statistical characterizations regarding the failure and repair of
specific events and conditions in the fault tree model to predict future
performance for the system.
8. Use the results in decision making.
Use results of the analysis to identify the most significant vulnerabilities
in the system and to make recommendations for reducing the risks
associated with those vulnerabilities.
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 27
Basic Event Failure Models
When determining the failure of a system, one needs to determine the failure
model under which failure may occur.
This section discusses the following topics:
Fixed Probability Model on page 27.
Constant Failure and Repair Rate Model on page 27.
Failure with Periodic Inspection on page 27.
Exposure Time on page 28.
Dormant Failure with Periodic Inspection on page 28.
Dormant Failure with Maximum Risk on page 28.
Weibull Failure Distribution Model on page 28.
Fixed Probability Model This model specifies event property as a probability constant in time.
Constant Failure and Repair
Rate Model
This model is used to represent events with exponential probability distribution
for failure and/or repair process. The failure and repair rates are constant in time.
If failure with repair model is chosen, the formula for the unavailability Q(t) of
such a component is:
where is failure rate of event, is its repair rate.
For a model without repair, , the formula for the unreliability of a
component is:
The Mean Time Between Failure (MTBF) is given as:
In the Failure with Repair model, the Mean Corrective Time (MCT) is given as:
Failure with Periodic
Inspection
This model is used for systems with periodic preventive maintenance. It is
common practice to assume that the system is as good as new after such
maintenance and the time spent on periodic inspection and maintenance is much
smaller compared to the period between inspections T. In this case the availability
of the system with periodic inspections at time t is given by:
A(t)= A
s
(t)
Q t ( )

+
-------------
1 e
)t + ( )
( ) =

0 =
F t ( ) 1 e
t
=

1
MTBF
----------------
=

1
MCT
-------------
=
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 28
where A
s
(x) is the system availability at time x when there is no inspection. Any
time t can be represented as t=nT+t, where t is time after last maintenance, t<T,
n is the number of periodic inspections during time t, n is zero or positive integer.
The unavailability of the system with periodic inspection is calculated as:
Q(t)=1-A(t)
Exposure Time Some parts of the system can be involved in the process less than Mission or End
Time. In this case we calculate the effective Failure Rate of an event as a product
, where k is the ratio calculated as the following
a. If the exposure time t
0
is selected
where t is current time and t
1
is end time in our calculations.
b. If exposure time percentage r is selected , where .
We use effective failure rate instead of failure rate in Constant Failure and
Repair Rate Model and Failure with Periodic Inspection.
Dormant Failure with
Periodic Inspection
According to this model, the unavailability (unreliability) of a dormant event is
calculated using the formula:
where is constant failure rate, is inspection interval. If , we have the
following approximation:
Dormant Failure with
Maximum Risk
The formula for a dormant event with maximum risk is:
Weibull Failure Distribution
Model
In this case, components are considered without repairing. The probability
distribution function

contains two parameters: rate (or scale) parameter and shape parameter .
k
k t
0
t
1
if t t
1
=
k 1 = if t t
1
>

k r 100 = 0 r 100

Q
1 e

( )

------------------------------------
=
1
Q

2
------
=
Q 1 e

=
F t ( ) 1 e
t

=

FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 29
If we have an exponential distribution function with constant failure
rate.
If , we have a failure model with decreasing failure rate.
If , the failure rate is increasing over time.
If , we have a Rayleigh distribution. When , then it appears
similar to the normal distribution.
1 =
1 <
1 >
2 = 3.4
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 30
Qualitative System Analysis
A minimal cut set of a fault tree is the smallest combination of component
failures, which, if they all occur, will cause the top event to occur. A minimal cut
set is an intersection of primary events sufficient for the top event to occur. If one
of the failures in the minimal cut set does not occur, then the top event does not
occur. If E={E
1
, E
2
,..., E
N
} is the set of all basic component failures, any minimal
cut set Q
i
may be represented as an intersection of events
(1)
Any fault tree consists of a finite number of minimal cut sets, which are unique for
the top event.
The top event of a fault tree may be represented by Boolean functions involving
basic events. These representations may be different for the same fault tree. The
simplest representation is the following:
(2)
This is the sum of all the minimal cut sets of the fault tree. The problem of
determining minimal cut sets amounts to the well-known problem of Boolean
algebra: transform the given Boolean function to Disjunctive Normal Form (2).
This representation is unique for a given Boolean function. It does not depend on
the reliability properties of basic events. For this reason defining minimal cuts is
called qualitative analysis of the fault tree.
The process of finding minimal cut sets is one of the most important parts of
calculation, because minimal cut sets provide useful information to the reliability
analyst. They indicate the failure modes of the entire system. Minimal Cut Sets is
a valuable tool, indicating analyzed system weak points. Many traditional
methods of reliability calculations are based on minimal cut sets. They also are
required as part of the input to the common cause analysis and calculation of
importance measure of fault tree components.
The problem of finding the minimal cut sets of a fault tree is an algorithm which is
NP-complete. The consuming time of such algorithms increases exponentially (in
the worst case) in proportion to 2
N
where N is the number of basic events. There is
no single example showing that such an algorithm can be transformed in a much
simpler one (for example with polynomial measure of complexity N
2
). Therefore
the combination of methods should be applied to reduce the time required for
calculating minimal cut sets. These methods can be based on the features of the
specific fault tree.
Q
K
E
i
E
j
E
m
=
T E ( ) Q
1
Q
2
Q
n
+ + + =
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 31
FTA-Pro uses three levels of optimization for its minimal cut set calculation
algorithms. At the lowest level it uses bit array representation of each cut set and
optimizes the process of eliminating redundant (non-minimal cut sets). At the
middle level it applies the properties of specific gates to improve speed of
calculation. And finally, FTA-Pro uses the generalized modularization method of
defining independent parts of the fault tree, which are represented by complex
events. It also applies the substitution method for non-repeated events belonging
to the same parent and considered them as complex events. For many industrial
benchmarks such simplifications increase calculation speed dramatically.
In addition FTA-Pro provides users with the option to restrict the order of minimal
cut sets (decreasing total number of cut sets), because the reliability analyst does
not regularly need thousands of minimal cut sets, only the more important cut sets
of the smallest order. This option allows calculating minimal cut sets for large and
complicated industrial fault trees to be carried out in seconds or minutes.
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 32
Unreliability System Analysis Methods
Several traditional methods of unavailability (unreliability) analysis of a system
such as Cut Set Summation, Cross Product and Esary-Proschan methods are
based on minimal cut set calculations. These are all rare approximation methods,
whose accuracy is better for relatively small values of the probability of the
system.
This section discusses the following topics:
Occurrence Probability of a Cut Set on page 32.
Cut Set Summation Method on page 32.
Esary-Proschan Method on page 32.
Cross Product Method on page 32.
Occurrence Probability of a
Cut Set
The occurrence probability of a cut set with number k is determined from the
following:
which is product of probabilities of basic events in this cut set.
Cut Set Summation Method Cut Set Summation method formula for calculation system unavailability is given
by:
This method yields upper bound of unavailability for coherent systems (systems
without any NOT logic).
Esary-Proschan Method The Esary-Proschan expression for system unavailability is:
First factor in this formula is the product of probabilities of events that are
common to all cut sets of the system. If m = 0 this product is equal to 1. is the
probability of cut set with number k without considering common events. The
Esary-Proschan formula also gives upper bound approximation, but is better than
Cut Set Summation method.
Cross Product Method Cross Product unavailability is given by:
Q
K
Q
i
i 1 =
N

=
Q
sys
Q
k
k 1 =
n

=
Q
sys
q
i
1 1 Q
k

( )
k 1 =
n

i 1 =
m

=
Q

1
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 33
where Q
ij
(t) is product of the unavailabilities of the basic events in cut sets i and j,
Q
ijk
(t) is product of the unavailabilities of the basic events in cut sets i, j and k.
This is the formula for calculating the exact values of system unavailability, but its
full computation requires exponentially increasing number of product
probabilities. This is the reason why in computation only very first terms are taken
into account.
Depending on number of terms involved in the calculation, there is Cross Product
of order one, two, three etc. The first term of Cross Product method matches the
Cut Set Summation formula. Cross Product of order two provides the lower bound
for probability of coherent systems. Cross Product of order three provides an
upper bound of probability, which provides a better estimation when compared to
either the Esary-Proschan or Cut Set Summation methods.
All of the previous formulas can be applied not only to the top event, but also to
any gate of a fault tree. They provide approximations for system unavailability
and require minimal cut set calculation, which is a complex problem itself.
Q
sys
t ( ) Q
i
t ( ) Q
ij
t ( ) Q
ijk
t ( ) 1 ( )
n 1 +
Q
123n
t ( ) +
k j 1 + =
n

j i 1 + =
n 1

i 1 =
n 2

+
j i 1 + =
n

i 1 =
n 1

i 1 =
n

=
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 34
System Unreliability Calculation Methods
This section describes three methods of calculating system unreliability.
This section discusses the following topics:
Exact Methods on page 34.
Monte Carlo Simulation Method on page 35.
Exact Methods The most valuable method for calculating system unreliability is the method of
calculating the exact value of system unreliability. The calculation of exact value
of system probability is an NP-complete problem with exponentially increasing
calculation time. However in the last decade the decomposition method and the
Binary Decision Diagram representation of fault tree were developed. They allow
calculating the system probability of large fault trees. The main idea of the
decomposition method is based on the Shannon Decomposition Formula:
Let F be the Boolean expression that depends on variable v. Then
where is negation of v, F
v
is the Boolean expression F after eliminating variable
v=true. In , the variable v is eliminated as v=false.
In terms of Fault Tree Analysis, we now have two simplified fault trees instead of
one. We can continue such simplifications until probability of each fault tree can
be calculated easily. In our algorithm we continue this process until fault trees do
not contain repeated events. As a result of decomposition we have a list of fault
trees, which is saved and used for further calculations. The advantage of such
approach is that decomposition of given time dependent fault tree only has to be
calculated once, and then it is easy to calculate probabilities of the system for
different input values, because the Shannon decomposition formula for
probability is very similar to the formula for the decomposition of Boolean
function:
Here P(x) is probability of event x.
FTA-Pro implements the Shannon decomposition formula in two ways:
Exact
Decomposition.
The difference between two options is that in the first case the decomposition of
the Fault Tree is performed only once, and the corresponding data structure is
saved and used several times for all required time points. This method is faster if
number of time points is greater that 2. However, it needs much more memory for
F v F
v
v F
v
+ =
v
F
v
P F ( ) P v ( )P F
v
( ) 1 P v ( ) ( )P F
v
( ) + =
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 35
saving data structure. Decomposition method is preferable if calculation is needed
only for 1 or 2 time points or in case when there is not enough RAM memory to
calculate unreliability using Exact method.
As in minimal cut sets calculation, we use a generalized modularization method
defining independent parts of the fault tree, which are represented by complex
events. We also apply a substitution method for non-repeated events belonging to
the same parent and consider them to be complex events. These simplifications
increase the speed of calculation. But exact method has its limits mostly
depending on the number of repeated events of the fault tree. After testing about
40 industrial benchmarks, we discovered that the most efficient method for
calculating probability of extra large fault trees is the Monte Carlo simulation
method.
Monte Carlo Simulation
Method
The Monte Carlo method matches very well the random nature of the problem. In
the Monte Carlo method, random numbers are generated and, according to
probability values of basic events, true or false is assigned to these events. The
output of each gate is then calculated. To calculate probability approximately, but
with good accuracy, we have to perform many trials. To obtain acceptable
calculations accuracy, many trials have to be performed. Calculation time is
proportional to the number of basic events, the total number of fault tree nodes,
and the number of trials. In contrast to exact method, in the Monte Carlo method
all simulations should be repeated if any input value is changed. Therefore
calculation time is proportional to the number of time points for time dependent
fault trees. The recommended number of trials is 10,000. To obtain better
accuracy of calculation, user can increase the number of trials, increasing
calculation time accordingly.
Empirical data shows that the accuracy of the obtained result increases as the size
of the fault trees increases. This agrees with the nature of the method, because
increasing the fault tree size increases the number of random outputs, which is
similar to increasing the number of trials.
The main disadvantage of the traditional Monte Carlo simulation method is the
decreasing accuracy for fault trees with very low probability (highly reliable
systems). To improve accuracy in this case without significant increase of
calculation time, we select such trials, whose output is false for all basic events.
For these trials we do not need to calculate output of top event. It will be false.
The total number of trials after calculation will be the number of trials chosen by
user plus the number of trials with all false basic events.
We have improved the Monte Carlo method for small probabilities by using
variance reduction approach. This approach is applied for both static and dynamic
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 36
fault trees. This method, however, is used only for the top (or current) gate. If on
the Advanced tab of the Calculation Engine Configuration dialog box, you select
the Calculate All Gates option, the improved Monte Carlo method is applied only
to the top (current) gate. For all other gates, the raw simulation method is used. If
you are not satisfied about accuracy of the calculation of an intermediate gate,
select that gate as a top (current) gate and recalculate. The modified Monte Carlo
method is then applied to the selected gate.
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 37
Calculating Failure in Repairable Systems
FTA-Pro calculates failure in repairable systems in several different ways. These
include downtime, conditional failure intensity, failure frequency, the expected
number of failures in a finite amount of time and the mean time between failures.
This section discusses the following topics:
Calculating Downtime on page 37.
Calculating Failure Frequency on page 38.
Methods of Failure Frequency on page 39.
Calculating Conditional Failure Intensity on page 39.
Calculating the Mean Time Between Failure (MTBF) on page 40.
Calculating the Expected Number of Failures on page 40.
Calculating Downtime In addition to Unavailability Q(t), we calculate Total Downtime (TDT).
TDT can be calculated using the following formula:
where t
1
and t
2
are Start Time and End Time respectively.
To simplify the calculations, we use the Pad approximation of the Unavailability
function Q(t). The Pad rational function uses the following formula:
The coefficients of Pad function and are defined using the results of
Unavailability calculations for different time points. The minimum required
number of Data Points for a Pad approximation is 5. The greater the number of
points, the better the approximation of Unavailability function.
We also use information about the asymptotic behavior of the Unavailability
function when or when . If , we use the following asymptotic
expansion of the function and calculate the
corresponding parameters of this asymptotic representation. FTA-Pro also
calculates the asymptotic value of the Unavailability function Q
st
when .
Pad approximation allows a significantly reduced number of points in TDT
calculation and obtains results with good accuracy. To calculate the coefficients of
the Pad function we have to solve corresponding linear equations.
TDT Q t ( ) t d
t
1
t
2

=
Q t ( )

0

1
t
n
t
n
+ + +
1
1
t
m
t
m
+ + +
--------------------------------------------------
=

i
( )
i
( )
t 0 t t
Q t ( ) Q
0
Q
k
t
k
0 t
k
( ) + + =
t
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 38
Calculating Failure
Frequency
The Failure Frequency calculation is based on the following definition of system
Failure Frequency
Here Q
i
and v
i
are Unavailability and Failure Frequency of i-th component (basic
event) of the system. Using decomposition formula
we can get
This expression is used for calculating Failure Frequency using the Monte Carlo
method. Calculating conditional probabilities and we count the
number of system failures under condition that event x
i
has or has not occurred
respectively.
This last formula can be represented as
Here and are the failure frequencies of the system where event x
i
is
eliminated as x
i
=1 and x
i
=0. Together with decomposition formula for system
probability, it gives the recursion procedure for the calculation of both the Failure
Frequency and the Unavailability of the system. The Exact and Decomposition
methods are based on these formulae.
The Failure Frequency of the i-th basic event is defined, in the general case, as
where , the failure rate of the component Q
i
, is the components unavailability
(unreliability).
For the component with constant failure rate without repair we have
For a repairable component with the constant repair rate , we have
v v
i
Q
Q
1
----------
i 1 =
n

=
Q Q
1
Q
x
i
1 =
1 Q
i
( )Q
x
i
0 =
+ =
v v
i
Q
x
i
1 =
Q
x
i
0 =
( )
i 1 =
n

=
Q
x
i
1 =
Q
x
i
0 =
v v
i
Q
x
i
1 =
Q
x
i
0 =
( ) Q
i
v
x
i
1 =
1 Q
i
( )Q
x
i
0 =
+ + =
v
x
i
1 =
v
x
i
0 =
v
i

i
1 Q
i
( ) =

i
v
i

i
e

i
t
=

i
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 39

For a Weibull distribution, with the rate and shape parameters, we have

Methods of Failure
Frequency
The Methods of Failure Frequency calculation based on minimal cut sets can be
applied to static fault trees. These methods are valid for small probabilities. We
first calculate the Failure Frequency of each i-th minimal cut set:
where k is number of events in the cut set.
For the Cut Set Summation method we sum the frequency of all n cut sets
If the Esary-Proschan method is selected, the following formula is applied
Calculating Conditional
Failure Intensity
Conditional Failure Intensity (CFI) can be easily calculated if the Failure
Frequency and Unavailability are obtained. We have
We calculate Failure Rate of repairable systems using the formula:
All previous formulae and methods applied to frequency calculation are valid for
calculating the derivative of the probability function. In this case instead of
system Frequency and its components we have to consider corresponding
derivatives.
v
i

i

i

i

i
+
----------------

i

i

i
+
----------------
e

i

i
+ ( )t
+


=

i

i
v
i

i

i

i
t ( )

i
t
e

i
t ( )

=
Note: If these methods are applied to a dynamic fault tree, Spare gates, PAND,
and Sequence Enforcing gates are substituted by static AND gates.
v
cut
i
v
j
Q
i
i 1 i j , =
k

j 1 =
n

=
v v
i
cut
i 1 =
n

=
v v
cut
i
1 Q
cut
j
( )
j 1 i j , =
n

i 1 =
n

=
CFI
v
1 Q
-------------
=

sys
t ( )
dQ
dt
-------
1 Q
-------------
=
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 40
Calculating the Mean Time
Between Failure (MTBF)
The Mean Time Between Failure of a repairable system is calculated as the
reciprocal of the system Failure Frequency at time .
This allows us to significantly simplify the fault tree for calculation. For example,
all non-repairable components are eliminated from the static modules of the fault
tree because their probabilities are equal to 1 if .
Calculating the Expected
Number of Failures
The Expected Number of Failures of a repairable system at the given time range
[t
1
, t
2
] is calculated as the integral:
In this case we use result of the Frequency Failure calculation for the selected
Number of Data Points and also the asymptotic representation of frequency when
. Having this data, we can apply polynomial functions to approximate the
frequency function v(t). Once this is done, the integral can be calculated
analytically.
t
MTBF
1
v ( )
------------
=
t
n t
1
t
2
, ( ) v t ( ) t d
t
t
2

=
t 0
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 41
Calculating Failure in Non-Repairable Systems
FTA-Pro calculates failure in non-repairable systems in several different ways.
These include conditional failure intensity, failure frequency, the expected number
of failures in a finite amount of time and the mean time to system failure.
This section discusses the following topics:
Calculating Conditional Failure Intensity on page 41.
Calculating Failure Frequency on page 41.
Calculating the Expected Number of Failures on page 41.
Calculating the Mean Time To Failure (MTTF) on page 41.
Calculating Conditional
Failure Intensity
In addition to calculating the Unreliability F(t) of a non-repairable system, we
also calculate the systems Conditional Failure Intensity (CFI). This defined as
Calculating Failure
Frequency
The Failure Rate of a non-repairable system coincides with its CFI. Failure
Frequency in this case is calculated using the following simple formula:
Calculating the Expected
Number of Failures
The Expected Number of Failures of a non-repairable system between time t
1

and t
2
. It can be defined as
Calculating the Mean Time To
Failure (MTTF)
According to its definition, the Mean Time to the (first) Failure of a non-
repairable system is calculated as the improper integral:
This integral is calculated numerically using result of Unreliability function
calculation at several time points as well as the asymptotic representations of this
function. The calculation is optimized with respect to time points distribution.
This calculation is time consuming and it does not depend on other calculations,
therefore we recommend calculating MTTF separately. The running time and
accuracy of calculation depends on Number of Calculation Points selected by
user. Although FTA-Pro requires a minimum of five calculation points be set, we
recommend that you select between 10 and 15 points for this calculation.
CFI
dF
dt
-------
1 F
------------
=
v t ( )
dF
dt
-------

sys
t ( ) 1 F ( ) = =
n t
2
t
1
, ( ) F t
2
( ) F t
1
( ) =
MTTF
t
F d
t d
------
t d ( )
0

=
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 42
Confidence Analysis
When we calculate system parameters, the results often assume that the event
failure and repair parameters are known exactly. Although the system parameters
cannot tell us exactly when a component breaks down, they can tell us the
probability of the component breaking down at any time. The more accurate, and
complete, the statistical data we have, the more accurate results we would get.
FTA-Pro can express these uncertainties as a range of values between given
limits. This range of values can be applied to any input parameters of the system
components: probability, failure rate, frequency etc.
Input Uncertainty Values FTA-Pro provides the following types of distribution functions to define the input
uncertainty.
1. Normal Distribution is given by its mean and standard error.
2. Lognormal Distribution function. The first input value for any parameter can
be interpreted as mean, mode or median. These options are provided in
Calculation Engine Configuration -> Confidence Analysis by checking radio
button "Mode", "Median" or "Mean". This setting is related to the entire fault
tree (to any input with Lognormal Distribution function). The second
uncertainty value is an error factor. It also has different interpretations
selected by user. It is given by:
84 percentile
90 percentile
95 percentile
99 percentile
where is standard deviation of Lognormal Distribution.
3. Triangular Distribution can be defined by the probability point p and error
factor k:
errorfactor e

=
errorfactor e
1.285
=
errorfactor e
1.65
=
errorfactor e
2.33
=

FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology

Dyadem International 43
4. Similarly, Logtriangular, Uniform and LogUniform are defined by specified
parameters -- the probability point and the error factor.
f(x)
p/k
x
kp
p
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 44
Common Cause Failure Models
Common-cause failure is defined as the simultaneous, dependent failure of
multiple components in a system due to a shared cause. Common cause failures
are important because they can defeat redundancies built in to your safety
systems. As a result, although they are rare events, CCFs are major contributions
to plant risk.
A vast majority of CCF events are not due to multiple failures in response to an
operational demand, but due to a condition of equipment. For example, an
inspection of one component reveals a deficiency, leading to the inspection of the
redundant component. The second inspection results in the discovery of the
discovery of the same deficiency.
A major contributor to CCF events is programmatic maintenance practices
(frequency, quality in both procedures and performance). Another contributor is
design problems, especially those resulting from design modifications. Human
errors related to procedures caused a small percentage of the total events, but
these events had a greater impact than the others.
This section discusses the following topics:
Common Cause Analysis Using the Beta Factor Model on page 44.
CCF Models Supported by FTA-Pro on page 46.
Characteristics of the Models on page 46.
Description of Formula Notation on page 46.
Beta Factor Model on page 47.
Alpha Model on page 47.
Multiple Greek Letter MGL Model on page 47.
Beta Binomial Failure Rate (BFR) Model on page 48.
Common Cause Analysis
Using the Beta Factor Model
The following example shows how Common Cause Analysis is carried out using
the Beta Factor Model.
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 45
Let Q
1
and Q
2
be the probabilities of the basic events Event1 and Event2. If the
events are independent, the probability of the AND gate is calculated as a product
Q = Q
1
Q
2
. For example, if Q
1
= 0.01 and Q
2
= 0.01, then Q = 10
-4
. However, if
both events have the same common cause to fail, for example they have the same
manufacturing deficiency, they can fail simultaneously. The situation can now be
modeled using the so-called Beta Factor . Let us consider first the case when Q
1

= Q
2
= Q
T
. Here Q
T
is the total probability, which can be represented as sum of
two terms: probability due to the Common Cause Failure (CCF)
and the independent probability . Each event belonging to the
Common Cause Group is substituted by an OR gate with the following input: a
corresponding event with independent probability Q
1
and the repeated event
Group1 with probability Q
CCF
due to CCF.
The probability of the AND gate in our case can be calculated using the formula
The probability P(Gate0) of the AND gate in our case can be calculated using the
formula
P(Gate0)=P(Event0Event1)
= P(Event2 + Group1) P(Event3+Group1)
when we apply Boolean algebra axiom, we get
= (Q
1
Q
2
) = Q
CCF
but since Q
1
= Q
2
, we get

If , and substituting for Q
1
and Q
CCF
then, in our example, we get

Q
CCF
Q
T
=
Q
1
1 ( )Q
T
=
Q
2
1
Q
CCF
+ =
0.1 =
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 46
P(Gate0)= {(1-)Q
T
}
2
+ Q
T
= {(1-0.1)(0.01)}
2
= (0.1)(0.01)
= 1.08x10
-3
Comparing this result with the previous calculation, one can conclude, that even
though the common cause probability is small , its contribution to
system probability can be significant due to repetition in the fault tree. Note that in
this example, omitting the Common Cause Failure would yield
P(Gate0)=Q
1
Q
2
= (0.01)(0.01) = 10
-4
.
CCF Models Supported by
FTA-Pro
FTA-Pro supports four different CCF models:
Beta Factor Model.
Alpha Model.
Multiple Greek Letter (MGL) Model.
Beta Binomial Failure Rate (BFR) Model.
Characteristics of the Models Beta Factor Model:
Its main advantage is its simplicity.
You do not need component success data.
It provides conservative results for redundancy levels above 2.
Multiple Parameter Models (Alpha Model and MGL Model):
These models are more appropriate for systems with higher levels of
redundancy.
The Alpha parameters are easier to obtain from observation than the MGL
parameters.
Beta BFR Model:
This model is more appropriate for components subject to independent
failures and dependent shocks, both lethal and non-lethal.
It provides less conservative results than the Beta Factor model for higher
redundancy levels.
It is more restrictive than the Alpha and MGL models.
Description of Formula
Notation
When discussing the formulae we use the following notation:
n - the number of events in CCF group.
Q
k
- the probability of CCF event of order k > 1 or probability of CCF involving
any k events from the group.
- the probability of individual basic event with number i.
0.1 = ( )
Q
i ( )
I
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 47
Q
T
- the total probability of the basic events in the CCF group. It is calculated at
any time point according to input parameters of basic events from the group as
minimum, maximum or mean value. This is constant of the group for the time
point. If all events from the group have the same probability, QT is simply the
input probability of the event.
Beta Factor Model The Beta Factor model requires only one input parameter.
FTA-Pro uses the following formula for calculating the probabilities of CCF
events:
The probability of an individual basic event with the number i is calculated as:
where is the input probability of the basic event with the number i.
Alpha Model The Alpha model allows m input parameters . In FTA-Pro, the
maximum number of input parameters is m = 4.
FTA-Pro uses the following formula for calculating the probabilities of CCF
events:
where ,
The probability of an individual basic event with the number i is calculated as:
Multiple Greek Letter MGL
Model
The Multiple Greek Letter (MGL) model requires 3 parameters to be specified:
.
FTA-Pro uses the following formula for calculating the probabilities of CCF
events:
Q
k
0 k 2 3 n 1 , , , = ( ) =
Q
n
Q
CCF
Q
T
= =
Q
i ( )
I
Q
i ( )
Q
T
=
Q
i ( )

1

2

m
, , ,
Q
k
k
n 1
k 1

-----------------

k

-----
Q
t
=
n 1
k 1

n 1 ( )!
n k ( )! k 1 ( )!
-------------------------------------
= i
i
i 1 =
n

=
Q
i ( )
I
Q
i ( )
Q
T
1
1
( ) =
, ,
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 48
where ,
The probability of an individual basic event with the number i is calculated as:
Beta Binomial Failure Rate
(BFR) Model
The Beta Binomial Failure Rate (BFR) model requires 3 parameters to be
specified:
- rate of lethal shock occurrences.
- rate of nonlethal shock occurrences.
- probability that a specific component fails, given that a nonlethal shock
occurs.
FTA-Pro calculates the failure rate of CCF events as:
and the corresponding probabilities as
The input for each basic event from the group is considered in the Beta BFR
model as the probability of the individual basic event: .
Q
k
1
n 1
k 1

-----------------

i
i 1 =
k

1
k 1 +
( )Q
T
=
n 1
k 1

n 1 ( )!
n k ( )! k 1 ( )!
-------------------------------------
=
1
1 =
2
=
3
=
4
=
i
0 iif i 4 > = , , , ,
Q
i ( )
I
Q
i ( )
Q
T
=

k

2

k
1
+
3
=
Q
k
1 e

k
t
( ) =
Q
i ( )
I
Q
i ( )
=
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 49
Component Importance Measures
Defining the importance of system components is one of the most important parts
of analyzing the reliability analysis of a system. Using different importance
measures, system components can be ranked or classified. Component importance
measures may be used to identify weak points of the system and components that
should be improved to improve the system reliability or where to allocate
inspection and maintenance resources. They are also commonly applied in risk
assessments of the system.
This section discusses the following topics:
When to Use Component Importance Measures on page 49.
Birnbaums Measure of Importance on page 49.
Criticality Importance Measure on page 50.
Risk Achievement Worth on page 50.
Risk Reduction Worth on page 50.
Fussell-Vesely's Measure of Importance on page 50.
Component Importance Measures Calculation Results on page 50.
When to Use Component
Importance Measures
Each importance measure provides specific information that you for making
various decisions. Therefore, it is important to know when to use a particular
measure. You use:
Birnbaums Measure of Importance if you want to decrease the
unavailability of each event a specified amount with the same effort.
Criticality Importance Measure if you can only make improvements to
events that have high unavailabilities. You can also use it to prioritize your
maintenance efforts.
Risk Achievement Worth (RAW) if you want to assess which basic events of
the risk model are the most crucial for causing the system to have a higher
risk. Elements with high RAW are the ones that will have the most impact,
should their failure unexpectedly occur.
Risk Reduction Worth (RRW) if you want to identify events that can result in
the greatest risk benefit if more resources are allocated to improve their
reliability or availability.
Fussell-Veselys Measure of Importance if you want to minimize the
contributions of each basic event.
Birnbaums Measure of
Importance
Birnbaum's Measure of Importance calculates the increase in risk when
component i fails.
Using the number i and probability q
i
it an be defined as a partial derivative of the
probability function with respect to q
i
. Another equivalent definition is given by
the formula:
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 50
where P(q
i
=1) is probability of the system under condition q
i
=1, P(q
i
=0) is
probability of the system when q
i
=0.
Criticality Importance
Measure
Criticality Importance Measure calculates the probability n of the top event of
the system failing as a result of component i failing.
It is defined as:
where P is probability of the top event of the system.
Risk Achievement Worth Risk Achievement Worth (RAW) is a measure of the change in risk when the
probability of the component i is set to one. By setting the event probability to
one, RAW measures the amount of change in system risk due to assuming the
worst case of the component failing.
It is defined as:
Risk Reduction Worth Risk Reduction Worth (RRW) is a measure of the change in risk when the
probability of component i failing is set to zero. It measures amount by which risk
would decrease if the failure does not occur.
It is defined as:
Fussell-Vesely's Measure of
Importance
Fussell-Vesely's Measure of Importance calculates the probability that failure of
component i contributes to the system failing.
For systems with highly reliable components we can write the following formula
for this measure in terms of minimal cut sets:
where Q
k
is probability of minimal cut set containing the component i, .
Component Importance
Measures Calculation
Results
The values of importance component measures depend on the time at which these
values are calculated. FTA-Pro calculates component importance at the Primary
Time Point.
I
B
i
P q
i
1) P q
i
( = ( = 0) =
I
CR
i
I
B
i
q
i
1 P
------------
=
I
RAW
i
1 P q
1
0 = ( )
1 P
---------------------------------
=
I
RRW
i
1 P
1 P q
1
1 = ( )
---------------------------------
=
I
FV
i
Q
k
P
-------------
=
Q
k
q
j
=
FTA-Pro Chapter 2: Overview of Fault Tree Analysis Methodology
Dyadem International 51
The result also depends on the method of calculating the system probabilities in
formulas above. We use a method based on minimal cut sets, which is the Cut Set
Summation method. This method is more accurate for systems with small
probabilities.
If the importance measure calculation is chosen, then minimal cut sets are
calculated first.
Tip: We recommend selecting importance measure calculation, if the minimal cut
set calculation is chosen, because minimal cut set calculation takes much
more time than importance measure. For highly reliable systems, you can also
select Cut Set Size Limit to restrict maximum order of minimal cut sets and to
reduce calculation time. This selection affects not only the minimal cut set,
but also importance measure calculations.
FTA-Pro Chapter 3: Getting Started
Dyadem International 52
CHAPTER 3: GETTING STARTED
Getting to know some of the key features of FTA-Pro helps you to complete your
Fault Tree Analysis quickly and efficiently. This chapter provides an overview of
some of the features of the program.
This section discusses the following topics:
Overview of the FTA-Pro Interface on page 53.
Project Window on page 59.
FTA Toolbox on page 61.
Program Menus on page 54.
The Fault Tree Grid on page 62.
Saving Files on page 65.
Changing the Language Options on page 63.
Changing a Files Name or Format on page 67.
Opening Files on page 68.
Closing Files on page 69.
Exiting FTA-Pro on page 70.
FTA-Pro Chapter 3: Getting Started
Dyadem International 53
Overview of the FTA-Pro Interface
Menus and tool bars
give you access to all
of the commands,
options and features
available in FTA-Pro.
For more information,
see Program
Menus on page 54.
The Project Window
and tabs list of all the
fault trees that belong
to the file. You open a
fault tree by clicking
its name in the
Project Window or
clicking its tab. For
more information, see
Project Window on
page 59.
The Zoom control
allows you to zoom in
or out of your fault
tree by either moving
the slider, or entering
a percentage in the
field. For more
information, see
Zooming In and Out
of the Fault Tree on
page 112.
The Fault Tree Grid
presents the
properties of all the
gates and events in
table form. For more
information, see The
Fault Tree Grid on
page 62.
The Fault Tree
Diagram Area is your
working area where
you create your fault
tree. For more
information, see
Creating Fault
Trees on page 72.
The FTA Toolbox
provides the gates
and events needed for
constructing your
fault tree. For more
information, see FTA
Toolbox on page 61.
FTA-Pro Chapter 3: Getting Started
Dyadem International 54
Program Menus
The menu at the top of the software is composed of a series menu items that are
opened when the cursor is placed on the menu title. There is also another menu
that is accessed by right-clicking your mouse on the fault tree diagram area.
This section discusses the following topics:
Submenus Accessed From the Main Menu on page 54.
File Submenu on page 54.
Edit Submenu on page 55.
View Submenu on page 55.
Fault Tree Submenu on page 56.
Help Submenu on page 56.
Right-Click Menu on page 56.
Tool Bar Icons on page 57.
Submenus Accessed From
the Main Menu
The main menu is composed of a series of drop-down submenus. When you place
the cursor on the menu item, the drop-down submenu opens.
These menu items are:
File.
Edit.
View.
Fault Tree.
Help.
File Submenu The File submenu allows you to work with your files. It contains the following
commands:
Add - creates a new fault tree.
Open - opens an existing file.
Recent Project Files - lists the last 11 FTA-Pro files that you have used. For
more information, see Opening a Recently Used File on page 68.
Close - closes an open project file.
Close Tab - deletes the currently selected fault tree.
Save - saves the project file.
Save As - saves the project file under a new file name.
Server - this option is available only on the Enterprise level version.
Note: The Open and Recent Project Files commands are not active if another file is
open.
Note: If you use close tab, the selected fault tree is deleted from the file. For more
information, see Deleting a Fault Tree on page 113.
FTA-Pro Chapter 3: Getting Started
Dyadem International 55
Plugins - opens a plugin window. The window lists currently loaded plugin
and their status. Allows you to enable/disable plugins.
Import - allows you to import fault trees from:
Relex Project Files
Aralia FT File Format.
Other FTA-Pro Files.
Fault Trees from FMEA-Pro exported XML files.
Fault Trees in XML files.
It also allows you to import event data from:
FMEA-Pro XML export files.
XML files from other applications.
Export - allows you to export the fault tree as an image file.
Page Setup - invokes standard page setup dialog box.
Print Preview - allows you preview print output.
Print - prints fault tree.
Exit - exits the application.
Edit Submenu The Edit submenu helps you work with your fault tree. It contains the following
commands:
Cut - cuts currently selected node.
Copy - makes a copy of currently selected node.
Paste - pastes previously selected node as a unique node.
Paste as a Repeated Event - pastes additional copies of the previously cut/
copied event. (Only for events) For more information, see Pasting an Event as
a Repeated Event on page 100.
Paste as a Transfer Gate - pastes additional copies of the previously cut/
copied gate. (Only for gates) For more information, see Pasting a Gate as a
Repeated Transfer Gate on page 100.
Go To Gate/Event - invokes the Go To Gate/Event dialog box. The dialog
allows you to find nodes (events or gates) in the tree. For more information,
see Using the "Go To Command in the Main Menu on page 104.
View Submenu The View submenu allows you to open and close key features of FTA-Pro. It
contains the following commands:
Tool Bar - tool bar visibility control. The tool bar has two parts - standard and
FTA. The submenu can selectively control their visibility.
Project Window - controls visibility of the project window. For more
information, see Project Window on page 59.
Highlight Cut Sets - invokes Cut Set Highlighting dialog box. For more
information, see Displaying Cut Sets as a Highlighted Path on page 129.
Show FTA Toolbox - controls visibility of the FTA Toolbox. For more
information, see FTA Toolbox on page 61.
Show Data Event Library - provides access to the Data Event Library. For
more information, see Entering Data from the Event Data Library on
page 109.
FTA-Pro Chapter 3: Getting Started
Dyadem International 56
View Cut Sets - invokes Cut Set dialog box. The dialog box allows you to
view cut sets if they have been previously calculated. For more information,
see Displaying the Cut Sets Table on page 128.
View Importance Measures - allows you to view the importance measures
table. For more information, see Displaying the Importance Measures
Table on page 128.
View Calculation Results - allows you to view calculation results. For more
information, see The Calculation Results Table on page 125.
Show Unreliability - controls the display of event/gate unreliability in the
diagram window. The values are shown for all events and only calculated
gates. For more information, see Displaying the Unreliability or
Unavailability Calculations on page 127.
Show Unavailability - controls the display of event/gate unavailability in the
diagram window. The values are shown for all events and only calculated
gates. For more information, see Displaying the Unreliability or
Unavailability Calculations on page 127.
Show Event Input Values - controls the display for event calculation data in
the diagram window. For more information, see Displaying Calculation Input
Values on page 93.
Fault Tree Submenu The Fault Tree submenu allows you to work with fault tree in terms of calculation
and node properties. It contains the following commands:
Configure Engine - invokes the engine configuration dialog box. For more
information, see Setting Your Calculation Options on page 115.
Calculate - starts the fault tree calculation. For more information, see
Calculating Your Results on page 124.
Validate - validates the fault tree. For more information, see Validating Your
Fault Tree on page 123.
Reports - allows you to view/print reports. For more information, see Chapter
6: Generating Reports on page 135.
Node Properties - invokes the Node Properties dialog box. This menu item is
not active unless you have highlighted a node in the Fault Tree Diagram
Area. For more information, see Setting Gate Properties on page 80 and
Setting Event Properties on page 83.
CCF - invokes the Common Cause Failures dialog box. For more information,
see Working With Common Cause Failure Groups on page 96.
Help Submenu The Help submenu provides access to the online help and information on the
version of FTA-Pro that you are using. It contains the following commands:
FTA-Pro Help - invokes program help.
About FTA-Pro - invokes the About dialog.
License - provides contact information and allows you to request site keys for
your program.
Right-Click Menu The right-click menu is accessed by right-clicking your mouse anywhere in the
Fault Tree Diagram Window. It contains the following commands:
FTA-Pro Chapter 3: Getting Started
Dyadem International 57
Go To Parent - allows you to return to the top gate and event on the main
page. This menu item is available only on transfer gate pages.
New Top Gate - Creates a new top gate and displays the gate.
Delete - deletes the currently selected sub-tree.
Copy - makes a copy of a currently selected sub-tree.
Cut - removes the currently selected sub-tree.
Paste - pastes the previously selected sub-tree.
Paste as a Repeated Event - pastes additional copies of the previously cut/
copied event. (only for events)
Paste as a Transfer Gate - pastes additional copies of the previously cut/
copied gate. (only for gates)
Go To Gate/Event - invokes the Go To Gate/Event dialog box.
Properties - invokes the Node Properties dialog box.
Tool Bar Icons The tool bar consists of icons representing the most used commands that are found
in the menus.
The tool bar contains the following commands:
Add - creates a new fault tree.
Open - opens an existing file.
Save - saves the project file.
Copy - makes a copy of a currently selected sub-tree.
Cut - removes the currently selected sub-tree.
Paste - pastes the previously selected sub-tree.
Print - prints fault tree.
Preview - allows you preview print output.
Undo - undoes actions, one action at a time.
Redo - redoes undone actions, one action at a time.
Properties - invokes the Node Properties dialog box.
Go To - invokes the Go To Gate/Event dialog box.
Highlight - invokes Cut Set Highlighting dialog box. For more information,
see Displaying Cut Sets as a Highlighted Path on page 129.
Cut Sets - invokes Cut Set dialog box. The dialog box allows you to view cut
sets if they have been previously calculated. For more information, see
Displaying the Cut Sets Table on page 128.
Measures - allows you to view the importance measures table. For more
information, see Displaying the Importance Measures Table on page 128.
Tip: The Properties command is active only when a gate or event has been
selected.
Note: The Open command is not active if another file is open.
Tip: The Properties command is active only when a gate or event has been
selected.
FTA-Pro Chapter 3: Getting Started
Dyadem International 58
Results - allows you to view calculation results. For more information, see
The Calculation Results Table on page 125.
Configure - invokes the engine configuration dialog box. For more
information, see Setting Your Calculation Options on page 115.
Calculate - starts the fault tree calculation. For more information, see
Calculating Your Results on page 124.
Validate - validates the fault tree. For more information, see Validating Your
Fault Tree on page 123.
Reports - allows you to view/print reports. For more information, see Chapter
6: Generating Reports on page 135.
FTA-Pro Chapter 3: Getting Started
Dyadem International 59
Project Window
The Project Window contains a visual summary of the fault trees in the current
file. You can access a fault tree by clicking its name in the Project Window.
This section discusses the following topics:
Closing the Project Window on page 59.
Minimizing the Project Window on page 59.
Re-opening the Project Window on page 59.
Resizing the Project Window on page 59.
Using the Toggle Feature on page 60.
Closing the Project Window You can easily close the Project Window at anytime to increase the size of the
working area available on your screen.
To close the Project Window:
Minimizing the Project
Window
To minimize the project window:
Re-opening the Project
Window
To re-open the Project Window:
Resizing the Project Window You can change the size of the Project Window to view more of its contents or to
reduce the amount of room it occupies on your screen.
To resize the Project Window:
Step Action
Go to View>Project Window.
The Project Window is closed.
Step Action

Click on the title bar of the Project Window.

The Project Window is minimized.
Step Action
Go to View>Project Window.
Tip: If you minimized the Project Window, Project appears in a box on
the left hand margin of the software. Click Project to open the
window.
The Project Window is re-opened.
Tip: You can still re-size your Project Window if you have the toggle feature on.
Step Action
1. Position your mouse pointer over its right edge.
The pointer changes to .
2. Click and hold down the left mouse button.
FTA-Pro Chapter 3: Getting Started
Dyadem International 60
Using the Toggle Feature Toggling is a quick way of hiding and redissolving the Project Window with a
simple movement of your mouse. This allows you to have more space on your
screen to work on your study, but still have quick access to the Project Window.
To turn on this feature:
To temporarily hide the Project Window:
To redisplay the Project Window:
To turn off this feature:
3. Drag it either left or right until the Project Window is the desired
width.
4. Release the mouse button.
The Project Window is resized.
Step Action
Tip: You can still re-size your Project Window if you have the toggle feature on.
Step Action

Click the on the title bar of the Project Window.

The icon changes to .
Step Action
Move your mouse pointer away from it.
The Project Window disappears from your screen.
Step Action
Move your mouse pointer to where it last appeared on your
screen.
The Project Window remains visible so long as the pointer is over it.
Step Action

Click the on the title bar of the Project Window.

The icon changes to , and the Project Window is permanently visible.
FTA-Pro Chapter 3: Getting Started
Dyadem International 61
FTA Toolbox
The FTA Toolbox contains the icons needed for building your fault tree. The
toolbox can be either a window that you can move around on your screen or part
of the Project Window.
The icons are selected from the toolbox and placed into the Fault Tree. For more
information, see Adding New Logic Gates, Dynamic Gates and Events on
page 76.
Figure 3-1: When the toolbox is active, the icons name is displayed when you place the
mouse cursor on an icon. To active the icon, click it.
This section discusses the following topics:
Opening the Toolbox on page 61.
Closing the Toolbox on page 61.
Opening the Toolbox Normally when you start a new fault tree the toolbox is open. If you accidently
close the toolbox, you can easily re-open it.
To open the toolbox:
Closing the Toolbox To close the toolbox:
Step Action
Go to View>Show FTA Toolbox.
Step Action

Click on the title bar of the FTA Toolbox.

The FTA Toolbox is closed.
FTA-Pro Chapter 3: Getting Started
Dyadem International 62
The Fault Tree Grid
The Fault Tree Grid presents the properties of all the gates and events in table
form.
Figure 3-2: The Fault Tree Grid presents the properties of all the gates and events in an
editable table.
All the properties of a logic gate except the number of votes for a Voting Gate are
displayed in the Fault Tree Grid. Transfer gates do not have their own properties.
They use the properties of the attached logic gate.
All properties of Basic and Developed Events are displayed in the Fault Tree
Grid. In this table, the Input Value column corresponds to Failure Rate or MTBF
in the Properties Dialog box and Input Value2 matches Mean Corrective Time or
Inspection Time. You can edit most properties of a node using the Fault Tree
Grid. For more information, see Editing Gate Properties in the Fault Tree Grid on
page 82 and Editing Basic or Undeveloped Event Properties in the Fault Tree
Grid on page 87.
Note: The attached logic gates, and their events, are shown at the bottom of the
grid as parallel, unattached trees.
FTA-Pro Chapter 3: Getting Started
Dyadem International 63
Changing the Language Options
You can change the current language used in the softwares interface. When you
change the language, the menus, fixed messages, roll-overs, labels, buttons,
header text, dialog titles, reports, and pop-up messages change to the new
language. These changes do not apply to the templates or the online help, nor do
they apply to pop-up messages that originate from Microsoft Windows. Any pop-
up messages that originate from Windows are in the language of the Windows
installed on the screen. For example, if you have a German version of windows,
the pop-up messages are in German, even if you selected Spanish as the language.
In order to translate the UI into the language of your choice, you need to locate
and translate the resource file,. You then save the file, and place the translated file
into the resource folder. The language file is ready for use.
This section discusses the following topics:
Translating the FTA-Pro Resource File into a New Language on page 63.
Activating the New Language Resource File on page 64.
Translating the FTA-Pro
Resource File into a New
Language
You have to follow this procedure out if you are going to translate FTA-Pro into
the language you want.
To translate the FTA-Pro resource file:
Note: You can only change the language options for the desktop installation, and
not for the network version.
Note: If you are modifying the language resource file using Word, we suggest that
you use Arial Unicode MS or Microsoft Sans Serif, especially if you are
creating Korean or Asian forms. If you are creating templates in Korean,
you must use one of those two fonts or the text does not render properly.
Step Action
1. Go to C:\Program Files\FTA-Pro4\bin\Resources.
2. Copy the FtaStringResource_English file.
3. Find the resource file for the FTA-Pro module that you want to
localize.
4. Translate the strings in the file into the language you want.
For example, if you are localizing the UI to French, you would change:
LogicalConditionName.Normal=Normal
LogicalConditionName.True=True
LogicalConditionName.False=False
to
LogicalConditionName.Normal=Normal
LogicalConditionName.True=Vrai
LogicalConditionName.False=Faux
Note: Do not translate the text on the left hand of the = sign. If you
change the text, the program does not recognise the string.
FTA-Pro Chapter 3: Getting Started
Dyadem International 64
Activating the New Language
Resource File
To activate the resource and translate the FTA-Pro interface into the new
language:
5. Using the Save As command, save the file using the following
format in UTF-8:
FtaStringResource_<Translated Language>
For example, if you localized the file to French, you would save the file as
FtaStringResource_French
Tip: The Language listed after the underscore in the file name is the
language that is shown in the Options drop down list.
Tip: Make sure that there is no file extension. For example if you are
using Notepad, make sure that there is no .txt at the end of the file
name after you save it.
Step Action
Step Action
1. Add the translated file to the C:\Program Files\FTA-
Pro4\bin\Resources folder.
2. Start FTA-Pro.
3. Go to File>Menu.
4. Select Options.
5. Select the language from the drop-down list.
6. Restart FTA-Pro.
FTA-Pro is now displayed in the new language.
FTA-Pro Chapter 3: Getting Started
Dyadem International 65
Saving Files
Data is stored in a compressed XML-based file. You can also save the file as a
standard xml file. The file can be stored and accessed from a workstation or a
server.
This section discusses the following topics:
Types of Files on page 65.
Saving Your File for the First Time on page 65.
Saving Your File on page 66.
Types of Files FTA-Pro allows you to save your files in either a compressed or uncompressed
format.
FTA-Pro saves files using the compressed format by default. The extension of
the compressed file is .dpr.
FTA-Pro also allows to save the file in a uncompressed format as a standard
xml file. The file extension of the uncompressed file is .xml.
A compressed file takes up about 10% of the disk space of an uncompressed file.
Saving Your File for the First
Time
If you have just created a new fault tree, you will want to save it in a file for future
use.
To save a file for the first time:
Tip: You should save your file periodically during your work session to avoid data
loss in the event of a power failure or other technical problem.
Tip: If you are going to embed the dpr file in a MS Word file, the following
restrictions apply when creating a file name:
The file name has a maximum length of eight characters.
The file name cannot contain space(s) or periods ., but may contain
numbers or parentheses.
If these restrictions are not followed, when you open the embedded file from
the Word document, it does not show the data.
Step Action
1. Go to File>Save As.
The Save As dialog box appears, allowing you to save your file.
2. In the File name field, type the name for your new file.
The Save as type field specifies that the software adds the .dpr extension
to the end of the file name.
Tip: If you want to save the file in an uncompressed format, select
Uncompressed project files (*.xml) from the Save as Type drop
down list.
3. Click the Save in drop-down arrow to select where you want to
store your file.
This location can be on your computer or company network.
4. Click Save.
The new file is saved.
FTA-Pro Chapter 3: Getting Started
Dyadem International 66
Saving Your File To save your FTA-Pro file:
Step Action

Click on the tool bar.

Or
Go to File>Save.
FTA-Pro Chapter 3: Getting Started
Dyadem International 67
Changing a Files Name or Format
You may want to save a copy of your file under a different name before making
extensive editing changes. Doing so allows you to revert to the original version if
you decide later that you no longer want to keep the changes.
You may want to change the format of the file from compressed to uncompressed,
or compress uncompressed files
This section discusses the following topics:
Changing a Files Name on page 67.
Changing a Files Format on page 67.
Changing a Files Name To change a files name:
Changing a Files Format You use the Save as command to change an uncompressed project file to a
compressed project file or change a compressed file to an uncompressed file.
To change a files format:
Tip: If you are going to embed the dpr file in a MS Word file, the following
restrictions apply when changing a file name:
The file name has a maximum length of eight characters.
The file name cannot contain space(s) or periods ., but may contain
numbers or parentheses.
If these restrictions are not followed, when you open the embedded file from
the Word document, it does not show the data.
Step Action
1. Go to File>Save As.
The Save As dialog box appears, allowing you to save your file with a
different name, as well as in a different location.
2. In the File name field, type the new name for your file.
The Save as type field defaults to the .dpr extension.
3. Click the Save in drop-down arrow to select where you want to
store your file.
This location can be on your computer or company network.
4. Click Save.
The file is saved under the new name.
Step Action
1. Go to File>Save As.
The Save As dialog box appears, allowing you to save your file with a
different name, as well as in a different location.
2. Click the Save as Type drop-down arrow to the file format you
require.
3. Click Save.
The file is saved under the new format.
FTA-Pro Chapter 3: Getting Started
Dyadem International 68
Opening Files
You can easily open a file you created and saved in FTA-Pro during a previous
work session.
This section discusses the following topics:
Opening a File on page 68.
Opening a Recently Used File on page 68.
Opening a File To open a FTA-Pro file:
Opening a Recently Used File If you want to use a file that you have recently used, you can also use the Recent
Project Files command that lists the last 11 FTA-Pro project files, both
compressed and uncompressed, that you have used.
To open a recently used file:
Note: You can only open one file at a time.
Step Action
1. Click the Open icon on the tool bar.
Or
Go to File>Open.
The Open dialog box appears.
2. Use the Look in field to navigate to the folder containing the FTA-
Pro file that you want to open.
Tip: The file may have been saved as an uncompressed project file. If it
has been saved as an uncompressed file, select Uncompressed
project files (*.xml) from the Files of type drop-down list.
3. Select the file that you want to open.
4. Click Open.
The software opens the chosen file on your screen.
Step Action
1. Go to Files>Recent Project Files.
The list of the last 11 FTA-Pro files used opens.
2. Select the file you want to open.
FTA-Pro Chapter 3: Getting Started
Dyadem International 69
Closing Files
FTA-Pro allows you to have only one file open at a time. Before you can open a
new file, you must close your open file.
To close your file:
Tip: Be sure to save your file before closing it.
Step Action
Go to File>Close.
FTA-Pro closes the file.
Note: If you have not yet saved the file you are closing, the software
asks you if you want to save you file before closing it. Click:
Yes - to save your changes and close the file.
No - to discard your changes and close the file.
Cancel - to return to the file.
FTA-Pro Chapter 3: Getting Started
Dyadem International 70
Exiting FTA-Pro
You can easily exit from FTA-Pro when you finish your session. Be sure to save
your file before exiting the program.
To exit FTA-Pro:
Tip: If you have not saved your file and attempt to exit, FTA-Pro asks you if you
want to save your file before exiting the program. Click:
Yes - to save your changes and exit the program.
No - to discard your changes and exit the program.
Cancel - to return to the program.
Step Action
Go to File>Exit.
FTA-Pro closes.
Tip: You can also click in the upper right hand corner of the software window
to close FTA-Pro.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 71
CHAPTER 4: LEARNING THE BASICS
Before carrying out your FTA, you should understand the basic functions of FTA-
Pro. This chapter describes the icons used for gates and events, and instructs you
on how to set properties for your gates and events. It also describes how to create
your fault tree.
This section discusses the following topics:
Creating Fault Trees on page 72.
Types of Gates and Events on page 73.
Adding Gates and Events on page 76.
Dynamic Module Restrictions on page 78.
Accessing the Node Properties Dialog Box on page 79.
Setting Gate Properties on page 80.
Setting Event Properties on page 83.
Working With Repeated Events on page 94.
Working With Common Cause Failure Groups on page 96.
Moving, Copying, Pasting and Deleting Nodes on page 99.
Finding a Gate or an Event on page 103.
Converting Events into Gates on page 106.
Converting Gates to Events on page 107.
Changing Logic or Dynamic Gates into Transfer Gates on page 108.
Entering Data from the Event Data Library on page 109.
Undoing and Redoing Actions on page 110.
Renaming a Fault Tree on page 111.
Zooming In and Out of the Fault Tree on page 112.
Deleting a Fault Tree on page 113.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 72
Creating Fault Trees
Once you have decided on the structure of the fault tree, you add the fault tree to
the file.
Creating the Fault Tree When you create your fault tree, a single top gate is displayed in the Fault Tree
Diagram area. This is the root of the fault tree. You then construct your fault tree
by adding, editing, copying, appending and deleting gates and events in the Fault
Tree Diagram area.
To create a new fault tree:
Step Action
1. Click the drop-down arrow beside the Add icon.
2. Select Fault Tree.
3. Enter the name of the fault tree in the Name dialog box
4. Click OK.
The dialog box closes, the name of the fault tree is added to the tab and
the root gate is added to the Fault Tree Diagram area.
You are now ready to build the fault tree by adding the appropriate gates
and events. For more information, see Types of Gates and Events on
page 73.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 73
Types of Gates and Events
Fault trees are complex structures composed of gates that either permit or inhibit
the flow of fault logic up the tree. A gate shows the relationship of events needed
for the occurrence of a higher event. Events below a gate are the input into the
gate; events above the gate are the output. The gate represents the type of relation
between the input events required for the output event.
This section discusses the following topics:
Types of Gates on page 73.
Logic Gates on page 73.
Dynamic Gates on page 74.
Transfer Gates on page 74.
Types of Events on page 75.
Types of Gates Gates are classified as either logic or dynamic. Logic gates express failure criteria
in terms of combinations of events. Dynamic gates express failure criteria in
terms of combinations and order of occurrence for input events. Gates show how
failures of components combine to produce subsystem failures. The top-level gate
in a fault tree corresponds to the overall system.
The static modules of a fault tree use only logic gates; dynamic modules can use
both static and dynamic gates.
Logic Gates Logic gates express failure in terms of combinations of the input events. There are
three kinds of logic gates - AND, OR and Voting gates. The input events for logic
gates can be Basic, Undeveloped or Dormant events, or outputs of other gates. If
any logic gate has only one input event, then the output of this gate is equal to its
input.
Note: Events are always leaves of the fault tree. Gates without input are treated
in calculations as nodes with FALSE output (or with output probability equal
to 0).
Tip: FTA-Pro does not allow gates with the same name in a fault tree. Use transfer
gates to introduce repeated nodes of the fault tree instead.
Symbol and Gate Description
AND Gate The output of the AND gate is TRUE if and only if all input
events are TRUE.
OR Gate The output of the OR gate is TRUE if at least one of input
events is TRUE.
Voting (m-
out-of-n)
Gate
The output of the VOTING gate is TRUE if at least m of n
input events are TRUE. If m=1 the Voting gate is equal to
an OR gate, if m=n it is equal to an AND gate.
Tip: Under a Voting Gate, FTA-Pro displays a box
containing the number of votes needed along with
the number of inputs.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 74
Dynamic Gates Dynamic Gates express failure in terms of both combinations and the order of
occurrence of input events. FTA-Pro contains the four types of dynamic gates -
Spare, Sequence Enforcing, Functional Dependency and Priority AND gates.
Transfer Gates Transfer gates are special links from a logic or dynamic gate to its input, which is
displayed on another page. This divides the fault tree into several parts, providing
better viewing and faster browsing. Unlike other gates, you can repeat transfer
gates in your fault tree. This saves space and memory by acting as a link to the
same repeated parts of the fault tree.
Symbol and Gate Description
Spare Gate A Spare Gate represents a system with the redundant units
kept running. The first input to a spare gate is the primary;
all other inputs are the spares. The spares are used in a left
to right order on the fault tree and in a descending order on
the fault tree grid.
The output of a SPARE gate is TRUE if all of the spares fail
or are in use elsewhere.
Priority
AND
(PAND)
Gate
The output of the Priority AND Gate is TRUE if and only if
all input events fail in the left to right order on the fault tree
and in a descending order on the fault tree grid.
Note: A PAND gate allows the events to occur in any order,
but its output is true if, and only if, the events occur
in the specified order.
Sequence
Enforcing
(SEQ) Gate
In a Sequence Enforcing Gate, the input events must
occur in the left to right order on the fault tree and in a
descending order on the fault tree grid.
The output is TRUE if and only if all input events are TRUE;
input events must occur in a particular order.
Note: Unlike a PAND gate, a SEQ gate allows the events to
occur only in the specified order.
Functional
Dependency
(FDEP) Gate
A Functional Dependency Gate has one trigger event and
one or more dependent events. (The trigger event is the left
most input event on the fault tree diagram and the
uppermost input event on the fault tree grid.) When the
trigger event occurs, all dependent events are forced to
occur in a particular order. However, an independent
occurrence of a dependent event has no effect on the
trigger event.
The trigger event must be TRUE for the output to be TRUE.
When the trigger event is TRUE, then dependent events are
forced to become TRUE.
Note: A FDEP gate is static in its nature and is eliminated
at the very beginning of calculation by substitution
with some combination of trigger and OR gate.
Note: Transfer gates that link to the same repeated part of the fault tree have the
same name.
Symbol and Gate Description
Transfer
Gate
A Transfer Gate does not have special properties. Its
name and description corresponds to those of its input
gate.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 75
Types of Events Events are the main components of the tree, and their properties must be defined
before calculation. There are four types of events - basic, undeveloped, dormant
and spare.
Symbol and Event Description
Basic Events Basic events are leaves of the fault tree terminating paths
from its top.
Undeveloped
Events
Undeveloped events are similar to Basic events and are
treated exactly as a Basic event in calculations. It tells your
study team that this event can be further broken down into
related input gates and events. For more information, see
Converting Events into Gates on page 106.
Dormant
Events
Dormant events are similar to Basic events but calculate
dormant failures.
Note: Dormant events are not allowed in the dynamic
modules of a fault tree.
Spare
Events
Spare events are used to specify spares in dynamic fault
trees. Spare events are restricted for use as spares for Spare
gates.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 76
Adding Gates and Events
This section discusses the following topics:
Adding New Logic Gates, Dynamic Gates and Events on page 76.
Adding a New Transfer Gate on page 76.
Adding an Existing Transfer Gate on page 77.
Exiting from the Cursors Add Mode on page 77.
Adding New Logic Gates,
Dynamic Gates and Events
To add new a logic gate, dynamic gate or event:
Adding a New Transfer Gate To add a new transfer gate:
Step Action
1. Select corresponding symbol from the FTA Toolbox by clicking it.
The cursor changes to the Add mode.
Tip: If the FTA Toolbox is closed, open it. For more information, see
Opening the Toolbox on page 61.
Tip: To deselect a gate or event, click Esc on your keyboard.
2. Go to the logic or dynamic gate under which you want to add the
gate or event.
Note: You can only add Spare events to Spare gates.
3. Left-click your mouse.
The chosen type of logic gate or event is attached below the selected
gate.
4. Repeat steps 1 to 3 to add more gates and events, or set the
properties of the node.
For more information, see Entering or Editing Gate Properties in the
Node Properties Dialog Box on page 81 and Entering or Editing Basic or
Undeveloped Event Properties in the Node Properties Dialog Box on
page 86.
Step Action
1. Select the Transfer Gate symbol from the FTA Toolbox.
The cursor changes to the Add mode.
Tip: If the FTA Toolbox is closed, open it. For more information, see
Opening the Toolbox on page 61.
2. Go to the logic or dynamic gate under which you want to add the
transfer gate.
3. Left-click your mouse.
The Transfer Gate Configuration dialog box appears.
4. Ensure that the New radio button is selected.
5. Enter the name of gate in the Name field.
6. Select the type of logic gate from the Gate Type drop-down list.
7. Click OK.
The transfer gate is added.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 77
Adding an Existing Transfer
Gate
You can select a transfer gate from the list of existing transfer gates. This is an
effective way to attach existing and repeated parts of the fault tree.
To add an existing transfer gate:
Exiting from the Cursors
Add Mode
To exit from the cursors Add mode:
Tip: When you add a duplicate of an existing transfer gate, a line is added under
the gate symbol to indicate that the gate is used in more than one place. All
the events of a repeated transfer gate become repeated events.
Step Action
1. Select corresponding symbol from the FTA Toolbox.
The cursor changes to the Add mode.
Tip: If the FTA Toolbox is closed, open it. For more information, see
Opening the Toolbox on page 61.
2. Go to the logic or dynamic gate under which you want to add the
transfer gate.
3. Left-click your mouse.
The Transfer Gate Configuration dialog box appears.
4. Select the Existing Gate radio button.
5. Select the existing transfer gate from the list of existing transfer
gates.
6. Click OK.
The transfer gate is added.
Step Action
Right-click the mouse.
or
Click Esc on the keyboard.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 78
Dynamic Module Restrictions
Fault trees can be composed of both static and dynamic modules. When dynamic
modules are used in the fault tree, FTA-Pro applies certain restrictions.
FTA-Pro has the following general restrictions for dynamic modules:
1. Voting gates should be explicitly represented by OR and AND gates. Voting
gates are not allowed in the dynamic parts of the fault tree.
2. Only two input types for a basic or spare event are allowed: Failure Rate/
MTBF or Weibull. There is no difference in the calculation of unreliability
and unavailability for dynamic parts of the fault tree. However, for the static
parts of the fault tree, all inputs are allowed including the failure with repair
model.
3. Dormant events are not allowed in the dynamic modules of a fault tree.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 79
Accessing the Node Properties Dialog Box
The Node Properties dialog box contains the settings for your gates and events.
There are four methods of opening the Node Properties dialog box:
Right-clicking the node.
Double-clicking the node.
Using the menu.
Using the tool bar.
This section discusses the following topics:
Accessing the Node Property Box by Right-Clicking on page 79.
Accessing the Node Property Box by Double-Clicking on page 79.
Accessing the Node Property Box by Using the Menu on page 79.
Accessing the Node Property Box by Using the Tool Bar on page 79.
Accessing the Node Property
Box by Right-Clicking
To accessing the Node Properties dialog box by right-clicking the selected node:
Accessing the Node Property
Box by Double-Clicking
To access the Node Properties dialog box by double-clicking the selected node:
Accessing the Node Property
Box by Using the Menu
To access the Node Properties dialog box by using the menu:
Accessing the Node Property
Box by Using the Tool Bar
To access the Node Properties dialog box by using the tool bar:
Step Action
1. Right-click the selected node.
Right-click pop-up menu opens
2. Select Properties.
The Properties Dialog box opens.
Step Action
Double-click the selected node.
Step Action
1. Select the node.
2. Go to Fault Tree>Node Properties.
Step Action
1. Select the node.
2. Click the Properties icon on the tool bar.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 80
Setting Gate Properties
Gate properties can be accessed in either the Node Properties dialog box or the
Fault Tree Grid. When you create gates, you should set their properties. You can,
however, go back and modify a gates properties at any time.
This section discusses the following topics:
Description of the Node Properties Dialog Box for Gates on page 80.
Logical Conditions for Gates on page 80.
Entering or Editing Gate Properties in the Node Properties Dialog Box on
page 81.
Editing Gate Properties in the Fault Tree Grid on page 82.
Description of the Node
Properties Dialog Box for
Gates
The Node Properties dialog box for logic and dynamic gates contains two tabs:
General Tab. This tab includes the name, type of gate and its description,
which appears in the text box above the gate name in the fault tree window.
Names of logical and dynamic gates must be unique. The type of gate may be
modified by choosing it from the drop-down list.
Calculation Data Tab.This tab allows you to set the Logical Condition for the
gate.
Logical Conditions for Gates You set the Logical Condition as Normal, True or False for all logic and dynamic
gates:
If Normal is chosen the gate operates normally. Normal is the default setting.
The output of the gate is always True for a True Logical Condition, and False
for a False Logical Condition.
The number of votes for a voting gate is chosen from the drop-down list on
the Calculation Data Tab.
Note: A Transfer gate does not have a Node Properties dialog box. Its properties
correspond to those of its input gate.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 81
Figure 4-1: The General page lists the name of the gate, gate type and description that
appears in the gates text box in the fault tree window.
Figure 4-2: The only difference on the Calculation page between a voting gate and a
non-voting gate is the addition of the Votes drop-down list for a voting gate. The number
of votes selected equals the number of input events that must occur for the output event
to take place.
Entering or Editing Gate
Properties in the Node
Properties Dialog Box
To enter or edit information in the Node Properties dialog box:
Step Action
1. Open the dialog box for the selected gate.
For more information, see Description of the Node Properties Dialog Box
for Gates on page 80.
2. Enter a new name for the gate in the Name field.
Note: The new name of a Logic or Dynamic Gate cannot be the same
name as an existing gate.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 82
Editing Gate Properties in the
Fault Tree Grid
You can also modify the properties of a logic gate using the grid.
To edit information in the Fault Tree Grid:
3. Specify the type of the gate by selecting from the Type drop-
down list.
4. Enter a brief description of the fault event in the Description
field.
Tip: In order for the description to fit in the box on the diagram, the
length of the description, including spaces, should not exceed 30
characters.
5. Click the Calculation Data tab.
The Calculation Data page opens.
6. Select the Logical Condition for the gate by selecting the
appropriate radio button.
For more information, see Logical Conditions for Gates on page 80.
7. If the gate is a Voting gate, enter the number of votes needed for
the condition to occur in the Voting field.
Tip: You cannot have more votes than you have inputs to the gate. You
must add the inputs to the gate before entering the number of
votes needed.
8. Click OK.
Step Action
Note: You cannot change the name of a gate, nor, for a Voting gate, the number
of votes required, in the Fault Tree Grid. This information can only be
changed in the Node Properties dialog box.
Step Action
1. Select the gate you want to edit.
2. Edit the fault event information in the Comment column:
(Optional)
1. Click the cell in the Comment column.
2. Edit the information.
3. Click outside the cell.
3. Change the gate type by selecting from the Type drop-down list.
(Optional)
4. Change the logical condition by selecting a new condition from
the Logical Condition drop-down list.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 83
Setting Event Properties
Event properties can be accessed in either the Node Properties dialog box or the
Fault Tree Grid. When you create your events, you should set their properties.
You can, however, modify an events properties at any time.
This section discusses the following topics:
Description of the Node Properties Dialog Box on page 83.
Logical Conditions for Events on page 85.
Calculation Data Input Types for Basic and Undeveloped Events on page 85.
Entering or Editing Basic or Undeveloped Event Properties in the Node
Properties Dialog Box on page 86.
Editing Basic or Undeveloped Event Properties in the Fault Tree Grid on page 87.
Calculation Data Input Types for Dormant Events on page 88.
Entering or Editing Dormant Event Properties in the Node Properties Dialog
Box on page 88.
Editing Dormant Event Properties in the Fault Tree Grid on page 90.
Calculation Data Input Types for Spare Events on page 90.
Entering or Editing Spare Event Properties in the Node Properties Dialog Box on
page 91.
Editing Spare Event Properties in the Fault Tree Grid on page 92.
Description of the Node
Properties Dialog Box
The Node Properties dialog box for events contains three tabs:
General Tab. This tab includes the name, type of event and its description,
which appears in the Fault Tree Diagram Window in the box above the event
name. The type of event may be modified by choosing it from the list. Names
of events may be repeated.
Calculation Data Tab. This tab allows user to assign logical conditions and
select type of input data.
Confidence Analysis Data Tab. This tab allows the user to assign confidence
analysis to the calculations. It brings over the information that you entered on
the calculation tab and allows you to add either the standard deviation or error
factor to each parameter.
Tip: Events with the same name have the same properties. When you change any
property of a repeated event in any place of the fault tree, all events with the
same name are also changed.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 84
Figure 4-3: The General page provides the name of the event, event type and
description. The text in the description field appears in the event box in the Fault Tree
Diagram.
Figure 4-4: For an event, you set both the logical conditions and the input calculation
data type. This Calculation Data page is from a basic event.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 85
Figure 4-4: The Confidence Analysis Data tab brings over the Input type and its
parameters from the Calculation Data tab. You apply the
Logical Conditions for
Events
Logical Conditions are set as Normal, True or False for all events:
The output of event is always True if the Logical Condition is True, and False
for a False Logical Condition.
For Normal Logical Condition, you have to specify other input data: input
type and corresponding values.
Calculation Data Input Types
for Basic and Undeveloped
Events
For each basic and undeveloped event, you set the calculation data input type
using the Calculation Data tab. You can select from the following input data
types:
Constant Probability. If you select Constant Probability, you must enter a
Probability value between 0 and 1. In this case the probability of failure of
this event is considered to be constant over time.
Failure Rate/MTBF. If you select Failure Rate/MTBF, you must specify type
of input value (Failure Rate or MTBF (Mean Time Between Failure)) and then
enter the corresponding non-negative number. This input matches the
Constant Rate Failure Model.
Weibull. If you select Weibull, you must enter the Rate and Shape parameters.
For more information, see Weibull Failure Distribution Model on page 28.
Failure with Repair. If you select Failure with Repair, you must enter the
Mean Corrective Time value, which is a non-negative number. If Failure with
Repair is selected, the Mean Corrective Time can be entered in minutes or
hours by selecting the appropriate unit.
Note: Each basic event belonging to a dynamic module of a fault tree can only use
Failure Rate/MTBF, which corresponds to the constant failure rate model
without repair and Weibull input types.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 86
Failure with Periodic Inspection. If you select Failure with Periodic
Inspection, you must enter the value of Inspection Time (in minutes or hours)
in addition to the Failure Rate or MTBF. It must be a positive number.
Constant Frequency. If you select Constant Frequency you enter a Frequency
Value, which is a double, positive number. In this case the number of events
per unit is considered to be constant over time. If you selected Constant
Probability, then Constant Frequency equals zero.
Entering or Editing Basic or
Undeveloped Event
Properties in the Node
Properties Dialog Box
To enter or edit information in the Node Properties dialog box:
Note: Mean Time Between Failure is measured in hours, but Mean Corrective Time
or Inspection Time can be measured in either hours or minutes.
Tip: You can manage the time units by interpreting one given unit (for example,
an hour) as any other unit. For example, "1 hour" can be interpreted as "1000
hours" or even "1,000,000 cycles". However, ensure that the interpretation is
readily available for other users.
Tip: For all input types except Constant Probability and Constant Frequency, you
must also enter the Exposure Time (hours). This is a positive number greater
than or equal to the End Time. The default value is 1 hour.
Step Action
1. Open the dialog box for the selected event.
For more information, see Accessing the Node Properties Dialog Box on
page 79.
2. Enter the name in the Name field.
Tip: If the name of the event that you enter is the same as an existing
event, all the properties of the event are automatically changed to
match those of the original.
3. Specify the type of the event by selecting from the Type drop-
down list. (Optional)
4. Enter a description of the event in the Comment field.
Tip: In order for the description to fit in the box on the diagram, the
length of the description, including spaces, should not exceed 30
characters.
5. Click the Calculation Data tab.
The Calculation Data page opens.
6. Select the Logical Condition for the event by selecting the
appropriate radio button.
For more information, see Logical Conditions for Events on page 85.
7. If the event is to be part of a CCF group, select the group from
the CCF group drop-down list.
Note: The CCF Groups must first be set up. For more information, see
Working With Common Cause Failure Groups on page 96.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 87
Editing Basic or
Undeveloped Event
Properties in the Fault Tree
Grid
Most properties of Basic and Developed Events can be modified in the fault tree
grid by selecting corresponding event and its properties.
To edit event properties in the Fault Tree Grid:
8. Select the Input Types by selecting the appropriate radio button.
Note: If you select Constant Probability:
1. Enter the Probability value.
2. Go to step 13.
Note: If you select Weibull:
1. Enter the Rate.
2. Enter the Shape value.
3. Go to step12.
For more information, see Calculation Data Input Types for Basic and
Undeveloped Events on page 85.
9. Select Type of Input Value:
1. Select the appropriate radio button:
Failure Rate.
MTBF.
2. Enter the value in the field.
10. If you selected:
Failure with Repair, enter the Mean Corrective Time.
Failure with Periodic Inspection, enter the Inspection Time.
11. Set the unit for Mean Corrective Time or Inspection Time by
selecting the appropriate time unit radio button:
Minutes.
Hours.
12. Enter either Exposure Time or Exposure Time Percentage:
1. Select the appropriate radio button.
2. Enter the value in the field.
13. Click the Confidence Analysis Data tab. (Optional)
14. If you are completing the Confidence Analysis tab, for each
parameter, enter:
1. Select the appropriate distribution function from the drop down list.
2. Enter one of the following:
Standard Deviation - for Normal Distribution function.
Error Factor - for Lognormal, Triangular, Logtriangular,
Uniform and LogUniform Distribution functions.
15. Click OK.
Step Action
Note: You cannot change the name of an event in the Fault Tree Grid. Names can
only be changed in the Node Properties dialog box.
Step Action
1. Select the event you want to edit.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 88
Calculation Data Input Types
for Dormant Events
On the Calculation Data tab for dormant events, you have two types of input that
you can select from:
Dormant with Periodic Inspection. If you select Dormant with Periodic
Inspection, you must enter the value of Inspection Time (in minutes or hours)
in addition to the Failure Rate or MTBF. It must be a positive number.
Maximum Risk. If you select Maximum Risk, you must enter the value of
Inspection Time (in minutes or hours) in addition to the Failure Rate or
MTBF. It must be a positive number.
Entering or Editing Dormant
Event Properties in the Node
Properties Dialog Box
To enter or edit information for a dormant event in the Node Properties dialog
box:
2. Edit the information in the Comment column: (Optional)
1. Click the cell in the Comment column.
2. Edit the information.
3. Click outside the cell.
3. Change the event type by selecting from the Type drop-down list.
(Optional)
4. Select the input type from the Input Type drop-down list.
(Optional)
5. Select the failure rate type from the Failure Rate Type drop-down
list.
6. Edit the Failure Rate, MTBF or Rate value in the Input Value
column: (Optional)
1. Click the cell in the Input Value column.
2. Edit the information.
3. Click outside the cell.
7. Edit the Mean Corrective Time, Inspection Time or Shape value in
the Input Value2 column: (Optional)
1. Click the cell in the Input Value2 column.
2. Edit the information.
3. Click outside the cell.
8. Select the appropriate time unit value from the Units drop-down
list.
9. Edit the Exposure Time or Exposure Time Percentage value in the
Exposure Time/Percentage% column: (Optional)
1. Click the cell in the Exposure Time/Percentage% column.
2. Edit the information.
3. Click outside the cell.
10. Change the logical condition by selecting from the Logical
Condition drop-down list.
Step Action
Step Action
1. Open the dialog box for the selected event.
For more information, see Accessing the Node Properties Dialog Box on
page 79.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 89
2. Enter the name in the Name field.
Tip: If the name of the event that you enter is the same name as an
existing event, all the properties of the event are automatically
changed to match those of the original.
3. Select Dormant from the Type drop-down list. (Optional)
4. Enter a description of the event in the Description field.
Tip: In order for the description to fit in the box on the diagram, the
length of the description, including spaces, should not exceed 30
characters.
5. Click the Calculation Data tab.
The Calculation Data page opens.
6. Select the Logical Condition for the event by selecting the
appropriate radio button.
For more information, see Logical Conditions for Events on page 85.
7. If the event is to be part of a CCF group, select the group from
the CCF group drop-down list.
Note: The CCF Groups must first be set up. For more information, see
Working With Common Cause Failure Groups on page 96.
8. Select the Input Type by selecting the appropriate radio button:
Dormant with Periodic Inspection.
Maximum Risk.
For more information, see Calculation Data Input Types for Dormant
Events on page 88.
9. Select Type of Input Value by selecting the appropriate radio
button:
Failure Rate.
MTBF.
10. Enter the value in the field.
11. Enter the Inspection Time.
12. Set the unit for Inspection Time by selecting the appropriate time
unit radio button:
Minutes.
Hours.
13. Click the Confidence Analysis Data tab. (Optional)
14. If you are completing the Confidence Analysis tab, for each
parameter, enter:
1. Select the appropriate distribution function from the drop down list.
2. Enter one of the following:
Standard Deviation - for Normal Distribution function.
Error Factor - for Lognormal, Triangular, Logtriangular,
Uniform and LogUniform Distribution functions.
15. Click OK.
Step Action
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 90
Editing Dormant Event
Properties in the Fault Tree
Grid
Most properties of dormant events can be modified by selecting corresponding
event and its properties.
To edit dormant event properties in the Fault Tree Grid:
Calculation Data Input Types
for Spare Events
Although a spare event is similar to a basic event in functionality, it allows only
Failure Rates/MTBF and Weibull rates as inputs.
Failure Rate/MTBF. You must specify type of input value (Failure Rate or
MTBF (Mean Time Between Failure)) and then enter the corresponding non-
negative number. This input matches the Constant Rate Failure Model.
Weibull. If you select Weibull, you must enter the Rate and Shape parameters.
For more information, see Weibull Failure Distribution Model on page 28.
Exposure Time Percentage. For both input types you enter either Exposure
Time (see above, page 86) or Exposure Time Percentage. Exposure Time
Percentage is the amount of time that the event is exposed as a percentage of
the end time.
Dormancy Factor. For both input types, you must also enter the Dormancy
Factor. The dormancy factor indicates the ratio of failure rate in the spare
Note: You cannot change the name of an event in the Fault Tree Grid. Names can
only be changed in the Node Properties dialog box.
Step Action
1. Select the event you want to edit.
2. Edit the information in the Comment column: (Optional)
1. Click the cell in the Comment column.
2. Edit the information.
3. Click outside the cell.
3. Change the event type by selecting from the Type drop-down list.
(Optional)
4. Select the input type from the Input Type drop-down list.
(Optional)
5. Select the failure rate type from the Failure Rate Type drop-down
list.
6. Edit the Failure Rate or MTBF value in the Input Value column:
(Optional)
1. Click the cell in the Input Value column.
2. Edit the information.
3. Click outside the cell.
7. Edit the Inspection Time value in the Input Value2 column:
(Optional)
1. Click the cell in the Input Value2 column.
2. Edit the information.
3. Click outside the cell.
8. Select the appropriate time unit value from the Units drop-down
list.
9. Change the logical condition by selecting from the Logical
Condition drop-down list.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 91
mode and the failure rate in the operational mode. This value must be between
0 and 1.
Entering or Editing Spare
Event Properties in the Node
Properties Dialog Box
To enter or edit information for a spare event in the Node Properties dialog box:
Note: The Dormancy factor of the first child of a Spare gate always equals 1 in
calculations. The first child is the left-most event under the gate on the
tree.
Step Action
1. Open the dialog box for the selected event.
For more information, see Accessing the Node Properties Dialog Box on
page 79.
2. Enter the name in the Name field.
Tip: If the name of the event that you enter is the same name as an
existing event, all the properties of the event are automatically
changed to match those of the original.
3. Select Spare from the Type drop-down list. (Optional)
Note: Spare event only appears in the Type drop-down list if the event
is a child of a Spare gate.
4. Enter a description of the event in the Description field.
Tip: In order for the description to fit in the box on the diagram, the
length of the description, including spaces, should not exceed 30
characters.
5. Click the Calculation Data tab.
The Calculation Data page opens.
6. Select the Logical Condition for the event by selecting the
appropriate radio button.
For more information, see Logical Conditions for Events on page 85.
7. If the event is to be part of a CCF group, select the group from
the CCF group drop-down list.
Note: The CCF Groups must first be set up. For more information, see
Working With Common Cause Failure Groups on page 96.
8. Select the Input Type by selecting the appropriate radio button:
Failure Rate/MTBF.
Weibull.
9. If you selected Failure Rate/MTBF:
1. Select Type of Input Value by selecting the appropriate radio button:
Failure Rate.
MTBF.
2. Enter the value in the field.
If you selected Weibull:
1. Enter the Rate value.
2. Enter the Shape value.
10. Enter the Exposure Time Percentage.
11. Enter the Dormancy Factor.
Note: This value must be between 0 and 1.
Note: The first child of a spare gate must have a Dormancy Factor of 1.
12. Click the Confidence Analysis Data tab. (Optional)
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 92
Editing Spare Event
Properties in the Fault Tree
Grid
Most properties of spare events can be modified by selecting the corresponding
event and its properties.
To edit spare event properties in the Fault Tree Grid:
13. If you are completing the Confidence Analysis tab, for each
parameter, enter:
1. Select the appropriate distribution function from the drop down list.
2. Enter one of the following:
Standard Deviation - for Normal Distribution function.
Error Factor - for Lognormal, Triangular, Logtriangular,
Uniform and LogUniform Distribution functions.
14. Click OK.
Step Action
Note: You cannot change the name of an event in the Fault Tree Grid. Names can
only be changed in the Node Properties dialog box.
Step Action
1. Select the event you want to edit.
2. Edit the information in the Comment column: (Optional)
1. Click the cell in the Comment column.
2. Edit the information.
3. Click outside the cell.
3. Select the failure rate type from the Failure Rate Type drop-down
list.
4. Edit the Failure Rate or MTBF value in the Input Value column:
(Optional)
1. Click the cell in the Input Value column.
2. Edit the information.
3. Click outside the cell.
5. Edit the Exposure Time Percentage in the Exposure Time/
Percentage% field.
6. Edit the Dormancy Rate value in the Dormancy Factor column.
Note: This value must be between 0 and 1.
7. Change the logical condition by selecting from the Logical
Condition drop-down list.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 93
Displaying Calculation Input Values
You can display the Calculation Input Values directly on each event in the Fault
Tree Diagram.
To display the Calculation Input Values directly on each event in the Fault Tree
Diagram:
Calculation Input Value
Prefixes
When the Calculation Input values are displayed, the following prefixes are used:
Step Action
Go to View>Show Event Input Values.
The calculation data input values are displayed on each event of the fault
tree.
Prefix Description
P: This prefix is used if the input is probability.
r: This prefix is used is the input is a rate.
T: This prefix is the Exposure Time.
: This prefix is the Inspection Time or the Mean Corrective Time.
Note: This input is followed by h for hour or m for minutes.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 94
Working With Repeated Events
Events with the same name have the same properties and are called repeated
events. When you change any property of a repeated event, all of the events with
the same name are also changed.
This section discusses the following topics:
Converting an Event into a Repeated Event on page 94.
Converting a Repeated Event into a Non-Repeated Event on page 94.
Converting an Event into a
Repeated Event
To convert an event to a repeated event:
Converting a Repeated Event
into a Non-Repeated Event
If you wish to convert a repeated event to a non-repeated event, in order to change
some of the calculation data, you must change the name of the event before you
make the desired changes to the calculation data.
To convert a repeated event to a non-repeated event:
Tip: All repeated events are red instead of green and have a bar attached to the
bottom. These make repeated events easier to identify in the fault tree on
screen. The bar helps to identify repeated events if you print the repeated
events using grey scale.
Step Action
1. Open the Node Properties of the event that you want to concert
into a repeated event.
For more information, see Accessing the Node Properties Dialog Box on
page 79
2. Enter the name of the event that you want to repeat in the Name
field.
3. Click Ok.
The Event Name Change dialog box opens.
4. Click Yes.
Both boxes close and the event is a repeated event using the properties
of the event whose name you took. All instances of the repeated event
are changed to red from green on the fault tree.
Tip: You can also copy an event and paste it as a repeated event. For more
information, see Moving, Copying, Pasting and Deleting Nodes on page 99.
Note: Any changes you make to the Calculation Data page are made to all
instances of a repeated event. If you do not want to make the changes to
all instances of the repeated event, you must first make the individual event
non-repeating by changing its name.
Step Action
1. Open the Node Properties of the event that you want to concert
into a repeated event.
For more information, see Accessing the Node Properties Dialog Box on
page 79.
2. Enter a new unique name for the event in the Name field.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 95
3. Click OK.
The Event Name Change dialog box opens.
4. Click Yes.
Both boxes close and the event is now non-repeating. You can now edit
the event as any other event.
Step Action
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 96
Working With Common Cause Failure Groups
FTA-Pro allows the taking common cause failure (CCF) explicitly into account by
creating repeated events or by assigning the events to CCF groups. In the latter
case, the CCF model of each group is selected by the user, who also enters the
models parameters.
If the probabilistic parameters of events belonging to the same CCF group are
different, FTA-Pro allows you to select one of three different scenarios of
calculation: the minimum, maximum or mean value of all event probabilities for
the CCF group.
FTA-Pro generates different combinations of n events from the CCF group. For
example, let the CCF group contain 4 basic events - A, B, C, and D. Then the
following CCF events are automatically generated: AB, AC, AD, BC, BD, CD,
ABC, ABD, ACD, BCD, and ABCD. During calculation, all of the original basic
events are replaced with OR gates. The inputs to each OR gate include the original
basic events from the group and the CCF events that contain this basic event. For
example, basic event B is replaced by OR gate with the individual failure B and
the following CCF events: AB, BC, ABC, BCD, and ABCD. The probability Q
k

of the CCF event of order k is calculated according to the selected CCF model.
FTA-Pro considers the order k up to a maximum of 4. CCF events with an order
greater than 4 are discarded in calculation.
This section discusses the following topics:
Creating a Common Cause Failure Group on page 96.
Adding Events to a CCF Group on page 97.
Moving an Event from One Group to Another on page 97.
Removing a Group on page 98.
Removing an Event From a Group on page 98.
Alternate Method of Adding, Moving and Removing Events on page 98.
Creating a Common Cause
Failure Group
If you are using CCF, you must create a Common Cause Failure Group. When
you create the group, you must select the CCF model to be used, as well as
selecting the value of the input probability of the events that is to be used. Once
you have created the group, you add the events to the group.
To create a common cause failure group:
Step Action
1. Go to Fault Tree>CCF.
The Common Cause Failures window opens.
2. Enter the name of the group in the Group Name field.
3. Select the CCF model from the CCF Type drop-down list.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 97
Adding Events to a CCF
Group
Once you have created your CCF Group and set the CCF Type, you add events to
it.
To add events to a CCF group:
Moving an Event from One
Group to Another
Before you can add an event to a group, you must ensure that it does not belong to
another group. If it belongs to another group, and you are using the Common
Cause failures window, you must first delete it from one group and add it to the
new group. For more information, see Removing an Event From a Group on
4. Describe the group in the Description field. (optional)
5. Enter the parameter(s) in the Parameter(s) field(s).
6. Select the type of value of all event probabilities used in
calculations by selecting the appropriate radio button:
Minimum.
Maximum.
Mean.
7. Add events to the group. (Optional - you can add events later)
For more information, see Adding Events to a CCF Group on page 97.
8. Click OK.
Step Action
Note: Events can only belong to one group.
Step Action
1. Go to Fault Tree>CCF.
The Common Cause Failures window opens.
2. If there is more than one group, select the group to which you
want to add the event.
3. Select the event from the drop-down list.
4. Click Add Event.
The event is added to the group. When the event is added, the following
occurs:
The event name is removed from the Event drop-down list.
The event name is added to the Event Name field.
Any information in the Comments field of the event properties dialog
box is entered into the Comments field.
The Advanced tab of the events Properties box is displayed in the
Common Causes Failures window.
A symbol, representing the CCF Type appears under the Event box in
the Fault Tree window:
- Beta Model.
- Beta BFR Model.
- Alpha Model.
MGL - Multi Greek Letter Model.
5. Repeat steps 3 and 4 for each event you want to add.
6. Click OK.

BFR

FTA-Pro Chapter 4: Learning the Basics

Dyadem International 98
page 98 and Adding Events to a CCF Group on page 97. If you are going to move
the event using the Properties dialog box, you merely select the new group from
the CCF Group drop-down list. For more information, see Alternate Method of
Adding, Moving and Removing Events on page 98.
Removing a Group To remove a CCF group:
Removing an Event From a
Group
To remove an event from a group in the Common Cause Failures window:
Alternate Method of Adding,
Moving and Removing
Events
Once a group has been created, you can also add, move and remove events by
using the events Properties dialog box instead of the Common Cause Failures
Window.
To add an event to a group using the events Properties dialog box:
Step Action
1. Go to Fault Tree>CCF.
The Common Cause Failures window opens.
2. Select the row of the event that you want to remove.
3. Click Delete on the keyboard.
4. Click OK.
Step Action
1. Go to Fault Tree>CCF.
The Common Cause Failures window opens.
2. Select the row of the group that you want to remove.
3. Click Delete on the keyboard.
4. Click OK.
Step Action
1. Right-click the event you want to add.
The right-click menu opens.
2. Select Properties.
The Properties dialog box opens.
3. Click Calculation Data.
The calculation data page opens.
4. Select the group from the CCF Group drop-down list.
Tip: If you want to change groups, select the new group from the list.
If you want to remove the event from groups altogether, select the
blank line rather than a group.
5. Click OK.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 99
Moving, Copying, Pasting and Deleting Nodes
Standard cut, copy and paste, and delete operations can be applied to events and
logic gates of a fault tree. These functions allow gates and events to be quickly
transferred within, or removed from the fault tree. You can also use the copy, cut
and paste functions to copy or move nodes from one fault tree to another.
The functions can be accessed by using:
The Edit submenu.
The tool bar icons.
The right-click menu.
shortcut keys.
You can also paste events as repeated events and logic gates as transfer gates.
These functions are accessed by using:
The Edit submenu.
The right-click menu.
This section discusses the following topics:
Cutting a Node on page 99.
Copying a Node on page 99.
Pasting a Node on page 100.
Pasting an Event as a Repeated Event on page 100
Pasting a Gate as a Repeated Transfer Gate on page 100.
Copying and Pasting Nodes from One Fault Tree to Another on page 101.
Re-Arranging Children of a Gate on page 101.
Deleting a Node on page 101.
Cutting a Node When the cut operation is performed on a logic gate or event, the node along with
its children is removed from the fault tree and a copy is saved for further pasting.
To cut a node:
Copying a Node In the Copy operation the node is copied without being removed from the fault
tree. The copied node can then be pasted elsewhere in the fault tree.
Step Action
1. Highlight the node that you want to cut.
2. Cut the node by carrying out one of the following:
Go to Edit>Cut.
Click the Cut icon on the tool bar.
Right-click the node and select Cut from the menu.
Press Ctrl + X on your keyboard.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 100
To copy a node:
Pasting a Node After you cut or copy the node, you can paste it to another part of the fault tree. If
you copy and paste a node without using either the Paste as a Repeated Event or
Paste as a Transfer Gate function, FTA-Pro renames the node by adding a
number at the end. If the node is a gate, all the events under the gate are also
renamed in the same manner.
To paste a copied or cut node:
Pasting an Event as a
Repeated Event
FTA-Pro allows you the option of pasting a copied event as a repeated event as
well.
To paste an event as a repeated event:
Pasting a Gate as a Repeated
Transfer Gate
FTA-Pro does not allow you to have multiple copies of a logic or dynamic gate,
but it does allow you to have multiple copies of a transfer gate. If you want to
paste identical copies of a logic or dynamic gate, along with its children, FTA-Pro
automatically converts the existing gate into a transfer gate, and pastes all copies
of the gate as transfer gates as well.
Step Action
1. Highlight the node that you want to copy.
2. Copy the node by carrying out one of the following:
Go to Edit>Copy.
Click the Copy icon on the tool bar.
Right-click the node and select Copy from the menu.
Press Ctrl + C on your keyboard.
Step Action
1. Highlight the gate to which you want to attach the node.
2. Paste the node by carrying out one of the following:
Go to Edit>Paste.
Click the Paste icon on the tool bar.
Right-click the node and select Paste from the menu.
Press Ctrl + V on your keyboard.
Step Action
1. Highlight the gate to which you want to attach the event.
2. Paste the event by carrying out one of the following:
Go to Edit>Paste as a Repeated Event.
Right-click the gate and select Paste as a Repeated Event from
the right-click menu.
The event is added under the gate.
Note: When you create a repeated transfer gate, all of the gates children who are
events become repeated events. The gates under the transfer gate remain
unchanged.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 101
To paste a gate as a repeated transfer gate:
Copying and Pasting Nodes
from One Fault Tree to
Another
You can move a node from one fault tree to another in the file by using copy or
cut, and paste. If you are moving or copying a node to another fault tree, the
names of the gate and events of the fault tree remain the same if there is no
naming conflict. If there is a conflict, FTA-Pro renames the conflicting gates or
events by adding a number at the end.
Re-Arranging Children of a
Gate
You may find it necessary to re-arrange the order of a gates children. Order is
very important when you are working with dynamic gates and you have to ensure
that events are in the proper order. If you are re-arranging them, you can drag and
drop the children rather than cut and paste.
To re-arrange the children of a gate using drag and drop:
Deleting a Node To delete an event or whole section of a fault tree:
Step Action
1. Highlight the gate to which you want to attach the transfer gate.
2. Paste the gate by carrying out one of the following:
Go to Edit>Paste as a Transfer Gate.
Right-click the node and select Paste as a Transfer Gate from the
right-click menu.
The original gate is converted into a transfer gate and copy of the
transfer gate is added to the fault tree.
Tip: If you want to transfer nodes from one file to another, import the fault tree,
and then you can copy and paste the node. For more information, see
Importing a Fault Tree from Another FTA-Pro File on page 164.
Step Action
1. Left-click the node you want to move.
2. Holding the left button down, drag the node to where you want it
to be.
3. Release the left button.
The node is moved.
Step Action
1. Select the node in the fault tree diagram.
2. Right-click your mouse.
3. Select Delete.
The Node Deletion dialog box appears on the screen
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 102
4. Click Yes.
The node and all of its children are deleted.
Note: If a repeated node was chosen for deletion, only the selected
example of the node is deleted.
Note: If you delete the logic gate represented by a transfer gate then
all the occurrences of the transfer gate are removed from the
fault tree.
Step Action
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 103
Finding a Gate or an Event
In a large fault tree, you may find it difficult to find a node by simply examining
the tree diagram.
FTA-Pro provides four methods that allows you to quickly find the node you are
searching for:
The Right-Click Menu.
The Go To button on the tool bar
The Go To command in the Menu.
The Fault Tree Grid.
This section discusses the following topics:
Using the Right-Click Menu on page 103.
Using the "Go To Button on the Tool Bar on page 103.
Using the "Go To Command in the Main Menu on page 104.
Using the Fault Tree Grid on page 104.
Using the Right-Click Menu To find a node using the right-click menu:
Using the "Go To Button on
the Tool Bar
To find a node using the Go To button on the tool bar:
Tip: This procedure is especially useful when you want to access a node that is
represented on the tree by a transfer gate.
Step Action
1. Right-click a node.
2. Select Go To from the right-click menu.
3. From the drop-down list select the required gate.
The Fault Tree Diagram is displayed with gate or event highlighted. The
node also is highlighted in the Fault Tree Grid.
Tip: If the node is repeated in the fault tree is possible to locate all
nodes with the same name by clicking the > button in the dialog
box to move to the next node or the < button to go back to the
previous node.
Step Action
1. Open the Go To Gate/Event dialog box by clicking the Go To
button on the tool bar.
2. From the drop-down list select the required gate.
The Fault Tree Diagram is displayed with gate or event highlighted. The
node also is highlighted in the Fault Tree Grid.
Tip: If the node is repeated in the fault tree is possible to locate all
nodes with the same name by clicking the > button in the dialog
box to move to the next node or the < button to go back to the
previous node.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 104
Using the "Go To Command
in the Main Menu
To find a node using the Go To command in the main menu:
Using the Fault Tree Grid The tree on the left hand side of the Fault Tree Grid may also be used to locate
any node. You expand the gates from the top of the tree until you locate and select
the required node. The Fault Tree Diagram highlights the selected node.
To find a node using the Fault Tree Grid:
Figure 4-6: To find the next example of a repeated node, click the > button in the Go To
Gate/Event dialog box.
Step Action
1. Open the Go To Gate/Event dialog box by going to Edit>Go To
Gate/Event.
2. From the drop-down list select the required gate.
The Fault Tree Diagram is displayed with gate or event highlighted. The
node also is highlighted in the Fault Tree Grid.
Tip: If the node is repeated in the fault tree is possible to locate all
nodes with the same name by clicking the > button in the dialog
box to move to the next node or the < button to go back to the
previous node.
Tip: Nodes that are presented on the main fault tree by a transfer gate are at the
bottom of the Fault Tree Grid.
Step Action
1. If necessary, expand the tree diagram in the grid to find the
event or gate.
2. Select the required gate or event.
The corresponding page of the Fault Tree Diagram is displayed with
highlighted gate or event. The node is highlighted both on the tree and in
the Fault Tree Grid.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 105
Figure 4-7: FTA-Pro also highlights nodes that are located on a secondary page of the
fault tree.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 106
Converting Events into Gates
As you work through your analysis, you may have to break down events, usually
undeveloped events, into related input gates and events.
This section discusses the following topics:
Converting a Non-Repeated Event into a Gate on page 106.
Replacing a Repeated Event with a Transfer Gate on page 106.
Converting a Non-Repeated
Event into a Gate
To convert an event into a gate:
Replacing a Repeated Event
with a Transfer Gate
If you have to replace a repeated event with a gate, you create a transfer gate and
replace the repeated events by deleting each incidence of the repeated event and
adding the transfer gate in its place.
To replace a repeated event with a transfer gate:
Note: In the same manner, you might want to converted gates into events. FTA-
Pro allows you to convert gates without children into events. For more
information, see Converting a Gate into an Event on page 107.
Step Action
1. Open the Node Properties dialog box of the event that you want
to convert into a gate
For more information, see Accessing the Node Properties Dialog Box on
page 79.
2. Select the gate type from the Type drop-down list.
3. Click OK.
Tip: You can use this same procedure to replace one instance of a repeated event
with a dynamic or logic gate.
Step Action
1. Find the repeated event that you want to replace with a transfer
gate.
For more information, see Finding a Gate or an Event on page 103.
2. Create a transfer gate next to the event.
For more information, see Adding a New Transfer Gate on page 76 and
Adding an Existing Transfer Gate on page 77.
3. Delete the event.
4. Repeat steps 1 to 3 until all required incidences of the repeated
event are replaced by transfer gates.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 107
Converting Gates to Events
FTA-Pro allows you to convert gates without children into events. You cannot,
however, convert gates with children into events.
Converting a Gate into an
Event
To convert a gate into an event:
Step Action
1. Open the Node Properties dialog box of the gate that you want to
convert into an event.
For more information, see Description of the Node Properties Dialog Box
for Gates on page 80.
2. Select the event type from the Type drop-down list.
3. Click OK.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 108
Changing Logic or Dynamic Gates into Transfer
Gates
As your fault tree increases in size, you may wish to split it up into several pages
for ease of use. This can be carried out by using transfer gates. You can convert
any logic or dynamic gate into a transfer gate and include it in the list of exiting
transfer gates.When you convert a gate into a transfer gate, the transfer gate with
the same gate name appears in the fault tree instead of the selected gate. The
selected gate and all of its children are moved to another page.
All construction actions in the Fault Tree Diagram are updated and reflected
accordingly in the Fault Tree Grid.
This section discusses the following topics:
Changing a Logic or Dynamic Gate into a Transfer Gate on page 108.
Changing a Transfer Gate Back to a Logic or Dynamic Gate on page 108.
Changing a Logic or Dynamic
Gate into a Transfer Gate
To change a selected gate into a transfer gate:
Changing a Transfer Gate
Back to a Logic or Dynamic
Gate
To change a transfer gate back to a logic or dynamic gate:
Step Action
1. Right-click the selected gate.
A pop-up menu appears.
2. Select Change into transfer gate.
The transfer gate with the same name appears instead of selected logic
gate. The node with corresponding logic gate on top is displayed on a
separate page.
Step Action
1. Right-click the selected gate.
A pop-up menu appears.
2. Select Revert From transfer gate.
The logic or dynamic gate with the same name appears instead of
selected transfer gate.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 109
Entering Data from the Event Data Library
Once you have uploaded the event data into the Event Data Library, you can enter
the information into the appropriate events in your fault tree. For more
information, see Importing Event Data on page 170. Uploaded event data can be
used in all of the files fault tree.
Figure 4-8: The Event Data Library lists your uploaded event data, and makes it
available for use in your fault trees.
To enter data from the Event Data Library into your fault tree:
Step Action
1. Open the file containing the fault trees.
For more information, see Closing Files on page 69.
Or
Create a new fault tree.
For more information, see Creating Fault Trees on page 72.
2. Import the data into the Event Data Library.
For more information, see Importing Event Data from FMEA-Pro on
page 170 or Importing Event Data from an XML File on page 171.
3. If you have multiple trees in the file, open the appropriate fault
tree.
4. Go to View>Show Event Data Library.
The Event Data Library opens in a separate window. (Figure 4-8)
5. Find and highlight the appropriate event in the fault tree.
For more information, see Finding a Gate or an Event on page 103.
6. Click Copy Data in the Event Data Library window.
The information from the library is copied to the event. If there was any
information in the event, it is over written.
7. Repeat steps 5 and 6 for all the events in the fault tree.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 110
Undoing and Redoing Actions
In FTA-Pro you can either undo your most recent action, or a series of actions
starting at your most recent. You can also redo actions that you have undone.
This section discusses the following topics:
Undoing Your Most Recent Action on page 110.
Redoing the Most Recent Action on page 110.
Undoing Multiple Actions on page 110.
Redoing Multiple Actions on page 110.
Undoing Your Most Recent
Action
To undo the most recent step you performed:
Redoing the Most Recent
Action
To redo the action you have most recently undone:
Undoing Multiple Actions To undo more than one action:
Redoing Multiple Actions To redo multiple actions you have undone:
Step Action
Click Undo icon on the tool bar.
Step Action
Click Redo icon on the tool bar.
Tip: You can also access the Undo and Redo commands from the Edit menu.
Step Action
1. Open the Undo drop-down list.
A list of actions appears.
2. Go down the list and find the action that you want to undo.
3. Click your left mouse button.
The action is undone. All actions above it in the list are also undone.
Step Action
1. Open the Redo drop-down list.
A list of actions you can repeat appears.
2. Go down the list and find the action that you want to redo.
3. Click your left mouse button.
The action is redone. All actions above it in the list are also redone.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 111
Renaming a Fault Tree
You can rename an existing fault tree either in the Project Window or on the tree
tab.
This section discusses the following topics:
Renaming a Fault Tree in the Project Window on page 111.
Renaming a Fault Tree by Right-Clicking the Tab on page 111.
Renaming a Fault Tree by Double-Clicking the Tab on page 111
Renaming a Fault Tree in the
Project Window
To rename the fault tree in the Project Window:
Renaming a Fault Tree by
Right-Clicking the Tab
To rename the fault tree on the tab:
Renaming a Fault Tree by
Double-Clicking the Tab
To rename the fault tree by double-clicking the tab:
Note: You cannot use the Undo or Redo commands to undo the renaming of a
fault tree.
Step Action
1. In the Project Window, double-click the fault tree you want to
rename.
2. Enter the new name.
3. Click the Enter key on the keyboard.
Step Action
1. Right-click the tab.
Pop-up menu opens.
2. Select Rename from the menu
3. Enter the new name.
4. Click the Enter key on the keyboard.
Step Action
1. Double-click the tab of the fault tree you want to rename.
2. Enter the new name.
3. Click another tab when you are finished.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 112
Zooming In and Out of the Fault Tree
FTA-Pro allows you to zoom in to your fault tree to focus on details or to zoom
out to see more of the tree. The Zoom controls are on the right side of the status
bar.
To zoom in or out of your document:
Step Action
In the Zoom controls on the Status bar, carry out one of the
following:
Enter the new percentage in the Zoom window.
Click the plus (minus) button to enlarge (reduce) the size of the fault
tree.
Use the slider, by clicking it and holding the left mouse button down,
move the slider until the size you want appears.
FTA-Pro Chapter 4: Learning the Basics
Dyadem International 113
Deleting a Fault Tree
You can quickly and easily delete a fault tree either from the menu or by right-
clicking the fault trees tab.
This section contains the following topics:
Deleting a Fault Tree Using the Menu on page 113.
Deleting a Fault Tree Using the Tab on page 113.
Deleting a Fault Tree Using
the Menu
To delete a fault tree using the menu:
Deleting a Fault Tree Using
the Tab
To delete a fault tree using the tab:
Note: Undo cannot be used to restore a tree that has been deleted.
Tip: We suggest that you save the file before deleting the tree. If you delete the
wrong tree, close the file without saving it. When you re-open the file, the file
is restored to this point.
Step Action
1. Click the tab for the Fault Tree that you want to delete.
2. Go to File>Close Tab.
A dialog box asks you if you want to delete the tab data.
3. Click:
Yes to delete the tree.
No to cancel the process.
Step Action
1. Right-click the tab of the fault tree you want to delete.
Pop-up menu opens.
2. Select Close Tab from the menu.
A dialog box asks you if you want to delete the tab data.
3. Click:
Yes to delete the tree.
No to cancel the process.
FTA-Pro Chapter 5: Calculating Probability
Dyadem International 114
CHAPTER 5: CALCULATING PROBABILITY
This chapter discusses how to set your calculation options, validate your fault tree
and then calculate and display the results.
This section discusses the following topics:
Setting Your Calculation Options on page 115.
Validating Your Fault Tree on page 123.
Calculating Your Results on page 124.
Displaying the Calculation Results on page 125.
Recommendations for Calculating Large Fault Trees on page 131.
FTA-Pro Chapter 5: Calculating Probability
Dyadem International 115
Setting Your Calculation Options
You set the calculation options for your fault tree in the Calculation Engine
Configuration dialog box. The Calculation Engine Configuration dialog box
consists of three tabs:
General tab.
Advanced tab.
Confidence Analysis tab.
This section discusses the following topics:
Using the General Tab on page 115.
Using the Advanced Tab on page 117.
Using the Confidence Analysis Tab on page 118.
Setting the Calculation Options on page 119.
Dynamic Module Calculation Options and Rules on page 121.
Using the General Tab
Figure 5-1: The General page of the Calculation Engine Configuration allows you to set
your calculation parameters.
The General tab of the Calculation Engine Configuration dialog box, allows you
to configure your analysis to carry out:
Qualitative analysis. Click the Qualitative Analysis Only check box or under
Calculations, select only Cut Sets.
Quantitative analysis. Under Calculations, deselect Cut Sets and select one or
more of Reliability Importance Measures, and parameters in the Repairable
and Non-Repairable Systems sections.
Both. Under Calculations, select Cut Sets and one or more of Reliability
Importance Measures, and parameters in the Repairable and Non-Repairable
Systems sections.
If either Cut Sets or Qualitative Analysis Only is selected, the minimal cut sets of
the fault tree are calculated. To reduce the number of minimal cut sets and
FTA-Pro Chapter 5: Calculating Probability
Dyadem International 116
calculation time, you can limit the number of cut sets by entering a value into Cut
Set Size Limit. If you select 0 as the limit, all minimal cut sets are calculated. The
probability of each cut set is calculated at the Primary Time Point.
The importance of each system component with respect to each gate is calculated
at Primary Time Point if Reliability Importance Measures is selected. This
calculation is based on minimal cut sets and performed after their calculation with
the entered value of Cut Set Size Limit.
To calculate Unreliability or/and Unavailability, the corresponding check box
should be chosen. You should also define the interval of calculation for time
dependent systems by entering values of:
Start Time.
End time.
Primary Time Point.
Number of Data Points.
If Unavailability is selected, either Unavailability Failure with Repair or Failure
with Periodic Inspection are taken into account for the corresponding system
components.
If Unreliability is selected, the properties of the basic events Mean Corrective
Time and Inspection Time are ignored, and Fixed Probability or Constant Failure
Rate Model is applied as the input from basic events.
Tip: When defining the interval of calculation for time dependent systems, avoid
"obvious" time points:
Do not use Start Time = 0 if you know the probability for this time point
(for example, if it is equal to 0).
Do not repeat Primary Time Point in the list of all time points. For
example, if the Primary Time Point is equal to the End Time, calculations
are performed twice: once for the Primary Time point and again for the
End Time.
Tip: If the value entered in the Number of Data Points field is equal to 0, the
calculation is performed for Primary Time Point only. For more information,
see Recommendations for Calculating Large Fault Trees on page 131.
FTA-Pro Chapter 5: Calculating Probability
Dyadem International 117
Using the Advanced Tab
Figure 5-2: The Advanced page of the Calculation Engine Configuration dialog box allows
you to set the type of calculation used.
The method of calculating the system Unreliability or/and Unavailability is
chosen in the Advanced tab from the following methods:
Cut Set Summation.
Cross Product.
Esary-Proschan.
Exact.
Decomposition.
Monte Carlo.
For the Cross Product method, you can use the default figure of 1 for Order of
Product Terms, or you can specify a different value from the drop-down list. For
more information, see Cross Product Method on page 32.
For the Decomposition method, you set the Order of decomposition.
For the Monte Carlo method, you can use the default, and recommended, figure of
10,000 simulations, or you can specify a different value for the minimum number
of simulations that you want calculated.
For all methods, you set the gates of the fault tree for which you want to calculate
system Unreliability or/and Unavailability. To do this, two options are provided:
The first option is to set the gate at which you want to start your calculation:
Topmost Gate.
Current Gate.
Tip: If you want to use the Exact Decomposition Method, select Decomposition and
enter 0 in the Order field. The Exact Decomposition method does not require
as much RAM memory as the Exact method, since it does not save data
structures as does the Exact method. It repeats all calculations for each time
point. It is faster if total number of time points of calculation is less than 3.
FTA-Pro Chapter 5: Calculating Probability
Dyadem International 118
The second option is to set the gate(s) that you want to calculate.
Calculate Top Gate Only.
Calculate All Gates
For example if you select Current Gate and Calculate Top Gate Only, only the
gate that you selected is calculated. If you selected Current Gate and Calculate All
Gates, the gate that you selected and all of its children gates are calculated, gates
in other parts of the tree are ignored.
Using the Confidence
Analysis Tab
Figure 5-3: The Confidence Analysis tab allows you to set your confidence analysis
parameters.
During a confidence analysis, FTA-Pro determines the confidence using Monte
Carlo simulation. The accuracy of calculation depends on the Number of
Simulations entered by user. The running time is proportional to this number. The
method of system probability calculations applied for any simulation is selected in
the Advanced tab.
On the Confidence Analysis tab you set the following parameters:
Number of Simulations. The number of simulations that FTA-Pro carries for
calculating confidence analysis. The recommended number of simulations is
20.
Note: If you have selected the Current Gate option, you will get a validation error
message if:
You have not selected a gate.
The gate that you have chosen is a Functional Dependency Gate.For
more information, see Validating Your Fault Tree on page 123.
Tip: Confidence analysis calculations may be time consuming for large FTs. They
are provided for primary time only. We recommend performing confidence
analysis separately from other calculations.
FTA-Pro Chapter 5: Calculating Probability
Dyadem International 119
Random Number Seed. This is a non-negative integer. To increase the
accuracy of probability calculation, you can change value of seed and then
calculate the same example several times or on different computers then
calculate the mean value of the probability.
Confidence Percentile. When you select the confidence percentile, you set the
factor for calculating the Result Bounds:
factor = 1.645 for 90% confidence.
factor = 1.96 for 95% confidence.
factor = 2.576 for 99% confidence.
Result Bounds. You can select Single or Double Sides bound.:
Single Sided returns the upper bound values:
mean + factor*standard error.
Double Sided returns the upper and lower bound values
mean +/- factor*standard error.
Lognormal Point Value Interpretation. The first input value for any parameter
can be interpreted as mean, mode or median. This setting is related to the
entire fault tree (to any input with Lognormal Distribution function).
Lognormal error Factor Percentile. The second uncertainty value is an error
factor. It also has different interpretations selected by user. It is given by:
84 percentile
90 percentile
95 percentile
99 percentile
where is standard deviation of Lognormal Distribution.
Setting the Calculation
Options
To set the calculation options using the Calculation Engine Configuration dialog
box:
errorfactor e

=
errorfactor e
1.285
=
errorfactor e
1.65
=
errorfactor e
2.33
=

Step Action
1. Select the gate.
2. Open the Calculation Engine Configuration dialog box by carrying
out one of the following options:
Go to Fault Tree>Configure Engine.
Click the Configure Icon on the tool bar.
3. Set the Reliability/Availability Evaluation parameters:
1. Complete the following fields:
Start Time.
End Times.
Number of Data Points.
Note: If you are going to select Total Downtime as a calculation
parameter, you must first set the Number of Data Points to 5 or
greater.
Primary Time Point.
FTA-Pro Chapter 5: Calculating Probability
Dyadem International 120
2. If you want Exact Calculations, click the Perform Exact Calculations
check box. (Optional)
Tip: If you want to carry out a Qualitative Analysis only:
1. Click the Qualitative Analysis check box.
2. Set the Cut Size Limit.
If you enter 0 as the limit, all minimal cut sets are calculated.
The probability of each cut set is calculated at the Primary Time
Point.
3. Go to Step 7.
4. Set the Calculations parameters:
1. Select the appropriate check boxes:
Cut Sets. If you select cut sets, you can limit the number of cut
sets by entering a value into Cut Set Size Limit. If you enter 0
as the limit, all minimal cut sets are calculated. The probability
of each cut set is calculated at the Primary Time Point.
Reliability Importance Measures.
2. Select the appropriate Repairable System parameters:
Unavailability. If you select Unavailability, you can also select:
Failure Rate.
Total Downtime. If you select Total Downtime, you must set
the Number of Data Points to 5 or greater.
Frequency. If you select Frequency, you can also select:
Number of Failures.
MTBF. (Mean time Between Failures)
3. Select the appropriate Non-Repairable System parameters:
Unreliability. If you select Unreliability, you can also select:
CFI. (Conditional Failure Intensity)
MTTF. If you select MTTF, set the Number of Calculation Points
to be used. The minimum number of calculation points that you
set is 5. However, we recommend that you set the number of
calculation points between 10 and 15.
5. Click the Advanced tab.
The Advanced tab page opens.
6. Select the Calculation method by selecting the appropriate radio
button:
Cut Set Summation.
Cross Product. If you select cross product, you can change the order
of the product terms by selecting a new order from the drop-down
list.
Esary-Proschan.
Exact.
Decomposition. If you select the Decomposition method, set the
Order of decomposition.
Tip: If you want to use the Exact Decomposition Method, select
Decomposition and set the Order to 0.
Step Action
FTA-Pro Chapter 5: Calculating Probability
Dyadem International 121
Dynamic Module Calculation
Options and Rules
FTA-Pro applies the following calculation options and rules to the Dynamic
modules:
1. If minimal cut set calculation (or any method based on minimal cut sets) is
selected then Priority And (PAND), Spare, and Sequence Enforcing (SEQ)
gates are substituted by static AND gates and a static approach is used for the
whole fault tree.
2. If the Monte Carlo method is selected then it is performed for the whole fault
tree. It is slightly slower compared to static Monte Carlo and accurate when
Monte Carlo. If you select the Monte Carlo method, you must set the
following input options:
Seed of simulations is a non-negative integer. To increase the
accuracy of probability calculation, you can change value of
seed and then calculate the same example several times or on
different computers then calculate the mean value of the
probability.
Standard Error is a double positive number. The Monte Carlo
simulations are continued until calculated standard error
corresponding to the top (or current) gate is less than entered
by user value AND number of trials accedes the entered
Minimum Number of Simulations. Now user has the options to
govern the precision of calculation by both standard error and
by number of trials.
Note: The minimum number of simulations is now 10,000.
7. In the Start Calculating At section, select the gate level that you
want to start the calculations at by selecting the appropriate
radio button:
Topmost Gate.
Current Gate
8. In the Gate Calculation section, select the gates that you want to
calculate by selecting the appropriate radio button:
Calculate Top Gate Only.
Calculate All Gates.
9. Click the Confidence Analysis tab.
10. If you want to calculate the confidence analysis, select the
Confidence Analysis check box.
11. Enter:
The Number of simulations.
The Random Seed Number.
12. Set the rest of the Confidence Analysis by selecting the
appropriate radio button for each of the following:
Confidence Percentile.
Result Bounds.
Lognormal Point Value Interpretation.
Lognormal Error Factor Percentile.
Tip: For more information, see Using the Confidence Analysis Tab on
page 118.
13. Click OK.
Step Action
FTA-Pro Chapter 5: Calculating Probability
Dyadem International 122
top event probability is not too small (greater than 0.001). In addition to
general restrictions for dynamic fault tree, there can be no repeated events
under a SEQ gate (except first child, which can be repeated) and only one
repeated event is allowed under Spare gate.
3. If either the Exact or Decomposition method is selected then the whole fault
tree is divided into static and dynamic modules. The dynamic parts of the fault
tree are transformed into a Markov Chain and then solved using a system of
differential equations. The corresponding initial value problems are solved
using numerical Runge-Kutta method.
Note: When using either the Exact or Decomposition method, the calculation of a
dynamic module containing more than 15 basic events can be time
consuming. The static modules of the fault tree are calculated (after
eliminating dynamic modules) by the Decomposition method with selected
order or by the Exact method.
FTA-Pro Chapter 5: Calculating Probability
Dyadem International 123
Validating Your Fault Tree
Once you have completed your tree and set your calculation options, you should
validate your tree. When you validate the tree, FTA-Pro checks for problems such
as events with no input values or gates with no inputs. The validation process
applies to the area that is covered in your calculations options. If, for example,
you select Current Gate, only the part of the tree that is under the current gate is
validated, the process does not apply to the rest of the tree.
This section discusses the following topics:
Validating Your Fault Tree on page 123.
Results of a Validation on page 123.
Validating Your Fault Tree To validate your fault tree:
Results of a Validation If the validation is successful, a dialog box opens telling you that no errors or
warnings generated. Click Ok to close the dialog box.
If the validation is unsuccessful, the Fault Tree Validation Errors window opens.
It lists all of the errors and warnings found during the process. Correct the errors
and revalidate the fault tree.
Step Action
Validate your fault tree by carrying out one of the following
options:
Go to Fault Tree>Validate.
Click the Validate icon on the tool bar.
FTA-Pro carries out the validation.
Tip: FTA-Pro allows you to save the contents of the Fault Tree Validation Errors
window as a text file. Click Save to File to give yourself a checklist for
making the corrections.
FTA-Pro Chapter 5: Calculating Probability
Dyadem International 124
Calculating Your Results
Once you have set your options, you can calculate the results. When FTA-Pro has
finished calculating the results, it opens the Calculations Results table. For more
information, see Displaying the Calculation Results on page 125.
To calculate the results:
Step Action
Calculate the results by carrying out one of the following options:
Go to Fault Tree>Calculate.
Click the Calculate icon on the tool bar.
FTA-Pro carries out the calculations. When the calculations are
completed, the Calculation Results Table opens.
FTA-Pro Chapter 5: Calculating Probability
Dyadem International 125
Displaying the Calculation Results
After carrying out calculations, you have a choice of three tables that you can
view. The results are calculated for each gate. These three tables, which can be
viewed from the View submenu, are:
Calculation Results Table.
Importance Measures Table.
Cut Sets Table.
FTA-Pro can also display the unavailability or unreliability calculation result for
the primary time point on each event and gate.
This section discusses the following topics:
The Calculation Results Table on page 125.
Displaying the Results of the Monte Carlo Method on page 126.
Displaying the Unreliability or Unavailability Calculations on page 127.
Displaying the Importance Measures Table on page 128.
Displaying the Cut Sets Table on page 128.
Displaying Cut Sets as a Highlighted Path on page 129.
Sorting Your Results on page 129.
The Calculation Results
Table
The Calculation Result Table appears immediately after FTA-Pro finishes its
calculations. Depending on the options selected during configuration, the table
displays the following columns:
Unavailability.
Rate (Failure Rate).
Frequency (Frequency of Failure)
Unreliability.
CFI (Conditional Failure Intensity).
In this table, the result of calculation for each time point is displayed.
The calculation results for the Primary Time is shown separately in the header and
footer for the following calculations:
Header:
Results for Gate: (drop-down list)
Results at Time (Primary Time)
Unreliability.
Unavailability.
Frequency.
Confidence is given for Unreliability, Unavailability and Frequency.
Calculation Method. (The calculation method used.)
Date. (The time and date the calculation was finished.)
Footer:
MTBF.
Tip: For information on creating reports, see Generating Reports on page 136.
FTA-Pro Chapter 5: Calculating Probability
Dyadem International 126
MTTF.
Total Downtime.
Number of Failures.
You can choose any gate of the fault tree in Results for Gate drop-down list to
display corresponding calculation results.
Figure 5-4: The Fault Tree Calculation Results Table lists the unavailability and
unreliability for each data point. This calculation also include the confidence analysis for
unavailability and unreliability at the primary data point.
Displaying the Results of the
Monte Carlo Method
If the Monte Carlo method is selected, the number of simulation trials is displayed
in the Monte Carlo Trials column in the Fault Tree Calculation Results table. This
number is always greater or equal to the Minimum number of simulations entered
by the user.
The calculated standard error is provided in the Errors column. If only Reliability
is selected for calculation, the output standard error corresponds to this
probability. If only Unavailability is selected for calculation, the standard error
corresponds to this probability. If both are selected, the calculated standard error
corresponds to Unavailability.
Tip: You can also display the table by going to View>View Calculation Results.
Note: The difference between the number of simulations made and the minimum
number of simulations is larger for highly reliable systems. This improves
the accuracy of the Monte Carlo simulation method for systems with a low
probability of failure. For more information, see Monte Carlo Simulation
Method on page 35.
Tip: The improved Monte Carlo method, for small probabilities, is used only for top
(or current) gate. If you are not satisfied about accuracy (error) of the
calculation for an intermediate gate, select that gate as a top (current) gate
and recalculate. The improved Monte Carlo method is then applied to the
selected gate.
FTA-Pro Chapter 5: Calculating Probability
Dyadem International 127
Figure 5-5: If you have selected the Monte Carlo method, additional columns showing
the number of simulations and the standard error are added to the Fault Tree Calculation
Results table.
Displaying the Unreliability
or Unavailability Calculations
You can display the result of the Unavailability or Unreliability calculation at the
Primary Time Point directly on each gate and event in the Fault Tree Diagram.
To display the unreliability or unavailability calculation results directly in the
fault tree:
Figure 5-6: The fault tree has the unreliability calculation result at the primary time
displayed on each gate and event.
Tip: In order to calculate Unavailability or Unreliability, you must have selected the
appropriate check box(es) in step 4 of Setting the Calculation Options on
page 119.
Step Action
Go to either:
View>Show Unreliability.
View>Show Unavailability.
The calculation results are displayed on each gate and event of the fault
tree.
FTA-Pro Chapter 5: Calculating Probability
Dyadem International 128
Displaying the Importance
Measures Table
In order to calculate the Importance Measures, you must select the Reliability
Importance Measures check box in step 4 of Setting the Calculation Options on
page 119.
To display the Importance Measures Table:
Figure 5-7: To display the Importance Measures table for a specific gate, select the gate
from the list in the Gate field.
Displaying the Cut Sets Table In order to calculate the information found in the Cut Sets table, you must select
the Cut Sets check box in step 4 of Setting the Calculation Options on page 119.
To display the Cut Sets Table:
Step Action
Go to View>View Importance Measures.
The result of calculation of importance of each system component with
respect to selected gate will appear.
Note: FTA-Pro uses five importance measures in its calculations:
Birnbaum's measure of importance.
Criticality importance measure.
Fussell-Vesely's measure of importance.
Risk achievement worth.
Risk reduction worth.
For more information, see Component Importance Measures on page 49.
Step Action
Go to View>View Cut Sets.
Minimal cut sets with their probabilities calculated at the primary time
are displayed for the selected gate. The name in angle brackets <>
corresponds to an independent part (module) of the fault tree. It can be
the name of gate or event, which is a complex fault tree component
containing several basic events.
FTA-Pro Chapter 5: Calculating Probability
Dyadem International 129
Figure 5-8: To display the Cut Sets for a specific gate, select the gate from the list in the
Gate field.
Displaying Cut Sets as a
Highlighted Path
Any minimal cut set corresponding to a gate can be shown in the Fault Tree
Diagram as highlighted path from each component of cut set to the selected gate.
To display a cut set as a highlighted path:
Sorting Your Results You can sort the results of any of the tables - Calculation Results, Importance
Measures and Cut Sets - in either ascending or descending order.
To sort your results:
Step Action
1. Go to View>Highlight Cut Sets.
The Cut Set Highlighting dialog box appears.
2. Select gate by name from the drop-down list.
3. Select the minimal cut set by its number and probability.
The path is shown in Fault Tree Diagram in red color.
Tip: You can scroll through all of the cut sets for a gate by clicking the
< and > buttons.
Step Action
1. On the table, click the heading of the column of information that
you want to sort on.
The table is resorted on the information in that column in ascending
order.
2. If you want the information sorted in descending order, click the
heading again.
The table is resorted, with the information in the column in descending
order.
FTA-Pro Chapter 5: Calculating Probability
Dyadem International 130
Figure 5-8: In this example the Importance Measures Table for Gate0 is being sorted in
ascending order on results of the information in the Fussell-Vesely column.
FTA-Pro Chapter 5: Calculating Probability
Dyadem International 131
Recommendations for Calculating Large Fault
Trees
Through our use of the industrial fault tree examples, we found that most of the
examples could be simplified without affecting the main goals of Fault Tree
Analysis.
This section discusses the following topics:
Optimizing Your Fault Tree on page 131.
Separating Minimal Cut Set and Probability Calculations on page 133.
Optimizing Minimal Cut Set Calculation on page 133.
Optimizing Exact or Monte Carlo Calculation on page 133.
Monitoring Computer Performance on page 133.
Optimizing Your Fault Tree Some simplifications lead to a significant increase of speed of calculation. The
following recommendations should help you to avoid the most typical and most
important "mistakes" in fault tree creation. Some of them are corrected in the
preprocessing stage of calculation, but many of them can slow down your
calculations.
1. Use transfer gates with the same name for the same parts of the fault tree. In
Figure 5-9, for example, the same parts of the fault tree have different names:
Gate3 and Gate4.
Figure 5-9: In this example, Gate3 and Gate4 have the same input events.
The representation of the same fault tree in Figure 5-10 is much more efficient in
saving memory, displaying the tree and increasing the calculation speed.
FTA-Pro Chapter 5: Calculating Probability
Dyadem International 132
Figure 5-10: Gate3 and Gate4 have now been replaced by Transfer Gate3.
Figure 5-11: Transfer Gate3 points to the same part of the fault tree, which is logic
Gate3.
2. Avoid redundant connections. For example, we found more than 100
redundant connections in nus9601.
FTA-Pro Chapter 5: Calculating Probability
Dyadem International 133
Figure 5-12: In this example, the gate r1 is redundant, because it contains only one
child.
3. Try to simplify the fault tree using rules of Boolean algebra. For more
information, see Main Rules of Boolean Algebra on page 175.
Separating Minimal Cut Set
and Probability Calculations
When calculating large fault trees, you should separate the calculations for
minimal cut set and probability using Exact or Monte Carlo methods. They are
completely independent. It is better to separate these calculations and perform
them in two sets of calculation to avoid an "out of memory" situation.
Optimizing Minimal Cut Set
Calculation
It is better to start your minimal cut set calculation by entering low value for Cut
Set Size Limit. Then you can repeat calculations increasing this limit to achieve
the compromise between your computer resources and total number of calculated
minimal cut sets.
Optimizing Exact or Monte
Carlo Calculation
When using either the Exact or Monte Carlo method, try to minimize the number
of time points used to calculate probabilities. By increasing the number of points,
you increase the calculation time. Avoid "obvious" time points: do not use Start
Time equals to 0, if you know the probability for this time point (for example, if it
is equal to 0); do not repeat the Primary Time Point in the list of all time points.
For example, if the Primary Time Point is equal to the End Time, calculations are
performed twice: once for the Primary Time point and again for the End Time. For
very large fault tree start with Number of Data Points equals 0. In this case
calculations will be performed for Primary Time Point only.
Monitoring Computer
Performance
It is important to monitor the performance of the calculations for large fault trees.
FTA-Pro Chapter 5: Calculating Probability
Dyadem International 134
To monitor your CPU performance using the Microsoft Windows operating
system:
If the used memory is very close to your RAM limit, it is better to terminate the
process, because calculations will be performed extremely slowly. Using a
Pentium IV computer we reached the memory limit in 2-3 minutes after starting
the Exact method of probability calculation. In case of minimal cut sets
calculation, the "out of memory" situation can happen any time.
Step Action
1. Click <Ctrl+Alt+Delete>.
The Windows Security dialog box opens.
2. Click Task Manager.
The Window Task Manager dialog box opens.
3. Click the Performance tab.
The Performance page opens.
4. Look at the CPU Usage bar chart.
FTA-Pro Chapter 6: Generating Reports
Dyadem International 135
CHAPTER 6: GENERATING REPORTS
FTA-Pros Report Generator allows you to create printable reports based on the
settings of the Calculation Engine. This chapter discusses how to use the Report
Generator and describes FTA-Pros built-in reports.
This section discusses the following topics:
Using The Report Generator on page 136.
Report Results on page 139.
Searching Your Reports on page 143.
Printing Reports on page 144.
Exporting Reports on page 147.
FTA-Pro Chapter 6: Generating Reports
Dyadem International 136
Using The Report Generator
FTA-Pro has three standard reports that you can create using the Report
Generator:
The Cut Set Report.
The Importance Measures Report.
The Calculation Result Report.
The reports open up in a separate window that has its own specialized tool bar. For
more information, see Using the Report Page Tool Bar on page 137.
This section discusses the following topics:
Generating Reports on page 136.
Using the Report Page Tool Bar on page 137.
Generating Reports To generate reports for editing or printing:
Step Action
1. Set the calculation options.
For more information, see Setting the Calculation Options on page 119.
2. Validate your fault tree.
For more information, see Validating Your Fault Tree on page 123.
3. Calculate the results.
For more information, see Calculating Your Results on page 124.
4. Go to Fault Tree>Reports.
Or
Click the down arrow beside the Report icon on the tool bar.
5. From the drop down list, select the appropriate report:
Cut Set Report.
Importance Measure Report.
Calculation Result Report.
The Gate Selection Window appears.
6. Highlight the gate that you want the report for.
7. Click Select.
The report is generated.
FTA-Pro Chapter 6: Generating Reports
Dyadem International 137
Figure 6-1: The menu bar across the top of the Report window allows you to zoom in
and out, print, search and navigate through your reports.
Using the Report Page Tool
Bar
The Report window has its own tool bar across the top. The bar contains the
following functions:
Button Function
Takes you to the first page of the report.
Moves you back one page.
Moves you forward one page.
Takes you to the last page of the report.
Refreshes the screen.
Print button allows you to print
Print Layout allows you to switch between normal and Print
Layout views. For more information, see Previewing Your
Report Before Printing on page 145.
FTA-Pro Chapter 6: Generating Reports
Dyadem International 138
Page Setup allows you to format your report pages. For
more information, see Printing Reports on page 144
Export allows you to save file as pdf or excel spreadsheet.
For more information, see Exporting a Report on page 147.
The Zoom drop-down list allows you to zoom in and out of
the report.
Search allows you to search the report for a specific piece
of information.
Button Function
FTA-Pro Chapter 6: Generating Reports
Dyadem International 139
Report Results
FTA-Pro has three built in reports that you to present your calculation results in a
printable and distributable format. Like the calculation tables, the reports display
the information for a specific gate.
This section discusses the following topics:
Cut Set Report on page 139.
Importance Measure Report on page 139.
Calculation Result Report on page 140.
Report Results When Using CCF Groups on page 141.
Cut Set Report The Cut Set Report provides the information from the Cut Set Table in a printable
format. The report is produced for a specific gate and provides the probability for
each cut set for that gate at the Primary Time Point.
Figure 6-2: When you select the gate, the report lists all the cut sets for that gate.
Importance Measure Report The Importance Measures Report ranks the events for a specific gate at the
Primary Time Point using the following five different sets of calculations:
Birnbaums Measure of Importance. For more information, see Birnbaums
Measure of Importance on page 49.
Tip: If you want to distribute your reports, you can export the report in Microsoft

Excel

spreadsheet or in Adobe

PDF format. For more information, see

Exporting a Report on page 147.
FTA-Pro Chapter 6: Generating Reports
Dyadem International 140
Criticality Importance Measure. For more information, see Criticality
Importance Measure on page 50.
Fussell-Veselys Measure of Importance. For more information, see Fussell-
Vesely's Measure of Importance on page 50.
Risk Achievement Worth. For more information, see Risk Achievement
Worth on page 50.
Risk Reduction Worth. For more information, see Risk Reduction Worth on
page 50.
Figure 6-3 The Reliability Importance Measures Report is created only if you have
selected the Reliability Importance Measures check box in step 4 of Setting the
Calculation Options on page 119.
Calculation Result Report The Calculation Result Report provides the information from the Calculation
Results Table in a printable format. It also displays the results of the Monte Carlo
Simulations if that option was selected in the Calculation Engine Configuration.
For more information, see Setting the Calculation Options on page 119.
FTA-Pro Chapter 6: Generating Reports
Dyadem International 141
Figure 6-4: In this example, Monte Carlo Simulation was selected as the calculation
method in the Calculation Engine.
Report Results When Using
CCF Groups
All events that belong to a CCF group are treated as OR gates for calculation
purposes. For all reports, you will find any event that belongs to a CCF group
listed as a gate, <EventID>, that you can select. For example, if Event5-2 belongs
to a CCF group, under the Gates lists, you will find <Event5-2>.
As well, for Cut Set and Importance Measures reports, when you select the gate
<EventID>, there will be two sets of data. One row is the data for the event; the
second is the data for the CCF Group.
Figure 6-5: In this example, Event5-2 has been converted to an OR gate called
<Event5-2> for calculation purposes. The first row of the report provides the importance
measures calculation results for Event5-2. The second row provides the calculation
results for the CCF group that the event belongs to, in this case the CCF group is called
datalink failure.
FTA-Pro Chapter 6: Generating Reports
Dyadem International 142
Figure 6-6: For this cut set report, Event5-2 has again been converted to an OR gate
called <Event5-2> for calculation purposes. There are two cuts sets that can cause
failure - one cut set is the Event5-2 and the second is the CCF group, that the event
belongs to, datalink failure.
FTA-Pro Chapter 6: Generating Reports
Dyadem International 143
Searching Your Reports
You can seek specific information in your reports by using the search function.
Figure 6-7: In the example here, the term event3-2 is being searched for.
To use the search function on the report page:
Step Action
1. Enter the term you are searching for in the Search field.
Tip: The search engine is not case-sensitive.
2. Click Find.
The term is highlighted in the report.
3. If you want to find the next occurrence of the term, click Next.
FTA-Pro Chapter 6: Generating Reports
Dyadem International 144
Printing Reports
FTA-Pro allows you to print your reports for distribution.
This section discusses the following topics:
Setting the Paper Orientation on page 144.
Setting the Paper Size on page 144.
Adjusting Margins on page 144.
Previewing Your Report Before Printing on page 145.
Printing the Report on page 146.
Setting the Paper Orientation FTA-Pro allows you to change the orientation of data on your printed pages. By
default, the software uses landscape orientation, but you can easily change to
portrait orientation.
To set the orientation of paper for a report:
Setting the Paper Size FTA-Pro allows you to change the size of your printed pages. By default, the
software uses letter size, but you can easily change the size to meet your
requirements.
To set the paper size for a report:
Adjusting Margins The widths of the margins in your printed reports are fully customizable, allowing
you to precisely set the size of your top, bottom, left and right margins. By default,
all four margins are three-quarters of an inch wide.
To adjust one or more of the margins for your printed reports:
Step Action
1. Click the Page Setup icon in the report window menu.
2. Under Orientation, select either Portrait or Landscape.
Note: By default, reports are printed using Portrait orientation.
Step Action
1. Click the Page Setup icon in the report window menu.
2. From the Size drop-down list, select the size you want.
Note: By default, reports are printed on Letter size (8.5 x 11) paper.
Step Action
1. Click the Page Setup icon in the report window menu.
2. Under Margins (Inches), for each margin you want to change,
double-click the number currently displayed in the corresponding
field and then type a new value.
Note: Margin sizes are measured in inches.
FTA-Pro Chapter 6: Generating Reports
Dyadem International 145
Previewing Your Report
Before Printing
The Print Layout view allows you to check on screen the format of your finished
report. Previewing your report saves time and printing costs by helping to identify
problems prior to printing.
Figure 6-8: The Print Layout function allows you to see what the report will look like
before you print it.
To preview your report:
Step Action
Click the Print Layout icon in the report window menu.
The report changes to the Print Layout view.
FTA-Pro Chapter 6: Generating Reports
Dyadem International 146
Printing the Report After you have setup the report, you can easily print it.
To print the report:
Step Action
1. Click the Printer icon in the report window menu.
The Print dialog box opens.
2. If you want to change printers, select a different printer in the
Select Printer field.
Tip: If you cannot find the printer, click Find Printer to find the printer
you require.
3. If you want to change your printer settings, click Preferences.
4. Select the pages you want to printing by clicking the appropriate
radio button:
All - prints all the pages in the report.
Pages - prints selected page.
Note: If you select pages, you must enter the pages you want printed
in the adjacent field.
5. If you want multiple copies, enter the number of copies you want
printed in the Number of copies field. (Optional)
Tip: If you want the copies collated, click the collate check box.
6. Click Print.
The report is printed.
FTA-Pro Chapter 6: Generating Reports
Dyadem International 147
Exporting Reports
FTA-Pro allows you to export your reports to either Microsoft Excel or Adobe
PDF format.
Exporting a Report To export a report:
Step Action
1. Click the Export (Save) icon.
2. From the drop-down menu, select either:
Excel.
Adobe (PDF) file.
The Save As window opens.
3. Using the Save in field, navigate to the folder that you want to
save the file in.
4. Enter the name of the file in the File name field. (Optional)
Note: The default name is the name of the report.
5. Click Save.
The file is saved.
FTA-Pro Chapter 7: Printing and Exporting
Dyadem International 148
CHAPTER 7: PRINTING AND EXPORTING
FTA-Pro makes it easy to create hard copies of your fault trees for others in your
organization. You can print either the entire fault trees or individual sub trees.
This chapter shows you how to format your fault tree for printing and preview
them prior to printing. It also shows you how you to export your fault tree as an
image file for use in presentations.
This section discusses the following topics:
The Print Options Dialog Box on page 149.
Setting the Contents of the Printing on page 150.
Laying Out the Fault Tree for Printing on page 153.
Formatting the Page for Printing on page 154.
Adding Page Information on page 156.
Scaling the Fault Tree on page 157.
Printing Documents on page 158.
Generating PDF Files on page 160.
Exporting Faults Tree as Image Files on page 162.
FTA-Pro Chapter 7: Printing and Exporting
Dyadem International 149
The Print Options Dialog Box
The Print Options dialog box allows you to format your fault tree and the pages
for printing. It also allows you to print the entire fault tree, along with its sub trees
or to print individual modules, or sub trees.
The Print Options dialog box has two tabs:
Contents Tab. This tab allows you to set what part(s) of the fault you want to
print.
Paging Tab. This tab allows you set the formatting for the printed pages. You
set the parameters of how the fault tree fits on the page, how the page is set
up, and what page information is printed.
Figure 7-1: Use the Contents tab to select the part(s) of the fault tree that you want to
print. The default Print Mode is Print All, which prints the fault tree with all of its sub
trees. The Node Index and the Portrait Orientation for the Index are also printed by
default.
Figure 7-2: Use the Paging tab to set the page layout, page set up and page info for
your printing.
FTA-Pro Chapter 7: Printing and Exporting
Dyadem International 150
Setting the Contents of the Printing
You set the contents of printing your fault tree using the Contents tab. You have
the following contents options:
The entire tree, with its sub trees and a node index.
The entire tree, with its sub trees but without a node index.
One or more sub trees with a node index.
One or more sub trees without a node index.
This section discusses the following topics:
Selecting the Entire Tree on page 150.
Selecting One or More Sub Trees on page 150.
Turning the Node Index On/Off on page 151.
Setting the Index Orientation to Portrait on page 151.
Selecting Only the Node Index for Printing on page 151.
Selecting the Entire Tree The default setting for Print Mode is Print All. This prints the entire tree as well as
the node index. If you want to print the entire tree without the node index, you
have to use the Print Selected Sections section of the dialog box. For more
information, see Selecting One or More Sub Trees on page 150.
To select the entire fault tree, including its sub trees and node index, for printing:
Selecting One or More Sub
Trees
If you only want to print selected sub trees, or the main tree and certain sub trees,
you use the Print Selected Sections section. As well, if you want to print a tree, or
parts of a tree without a node index, you have to use the Printed Selected Sections
section.
To select one or more sub trees for printing:
Tip: The default contents option is the entire Fault Tree, including all sub trees.
Step Action
1. Go to File>Print Options.
2. Under Print Mode, select Print All.
3. Click OK.
Step Action
1. Go to File>Print Options.
2. Under Print Mode, select Print Selected Sections.
3. Ensure the Trees check box is checked.
4. Select:
Print All Trees - prints the entire fault tree and all sub trees.
Print Selected Trees - allows you to select individual sub trees, or
the main tree.
FTA-Pro Chapter 7: Printing and Exporting
Dyadem International 151
Turning the Node Index On/
Off
If you want to print a tree without a node index, you have to use the Printed
Selected Sections section.
To turn the Node Index on or off:
Setting the Index Orientation
to Portrait
FTA-Pro allows you to set the orientation of the index to portrait even though the
fault tree is being printed in landscape orientation. This means that the index can
be printed in a fewer number of pages.
To set the index orientation to portrait:
Selecting Only the Node
Index for Printing
You can print only the index to your fault tree if you want. When you select the
index only option, the index is based on the set of gate options that you had last
selected.
5. If you selected Print Selected Trees, click the tree(s) that you
wish to print.
6. Ensure that the Node Index check box is:
Selected if you want an index.
Deselected if you do not want an index.
7. Click OK.
Step Action
Step Action
1. Go to File>Print Options.
2. Under Print Mode, select Print Selected Sections.
3. Ensure that the Node Index check box is:
Selected if you want an index.
Deselected if you do not want an index.
4. Click OK.
Tip: This is also handy if you are just printing the index. You can set the index to
print portrait and not have to worry about accidentally printing the fault tree
in portrait at a later date.
Step Action
1. Go to File>Print Options.
2. Under Print Mode, select Print Selected Sections.
3. Ensure that the Print Index in Portrait Orientation check box is:
Selected if you want the index to be printed in portrait orientation.
Deselected if you want the index printed in the same orientation as
the fault tree.
4. Click OK.
Tip: You can use this function to either index the entire fault tree, or to list all of
the nodes for a specific gate.
FTA-Pro Chapter 7: Printing and Exporting
Dyadem International 152
To select only the Node Index for printing:
Step Action
1. Go to File>Print Options.
2. Under Print Mode, select Print Selected Sections.
3. If you want the index for the entire fault tree, select Print All
Trees.
Or
If you want a listing of all the nodes under a specific gate:
1. Select Print Trees with Top Gates.
2. Select the Gate whose nodes you want to list.
4. Deselect the Trees check box.
5. Ensure that the Node Index check box is selected.
6. Click OK.
FTA-Pro Chapter 7: Printing and Exporting
Dyadem International 153
Laying Out the Fault Tree for Printing
You can set the number of nodes are printed on the individual page. FTA-Pro
allows you to set the number of nodes printed across the page as well as the
number of levels of the fault tree per page.
To layout the fault tree for printing:
Tip: The default layout is:
5 nodes across the page.
4 levels of the fault tree per page.
Tip: If you increase number of nodes per page, you should scale down the size of
the tree to get it to fit properly on the page. For more information, see Scaling
the Fault Tree on page 157.
Step Action
1. Go to File>Print Options.
2. Click the Paging tab.
3. In the Page Layout section, enter the number of nodes you want
printed across each page by entering the number in the Number
of Nodes Across Page field.
4. In the Page Layout section, enter the number of levels of the
fault tree you want printed on each page by entering the number
in the Number of Levels per Page field.
5. Click OK.
FTA-Pro Chapter 7: Printing and Exporting
Dyadem International 154
Formatting the Page for Printing
You can customize your document using the Page Setup dialog box. You can
change the orientation of the report, set the page size as well as adjust the page
margins.
Figure 7-3: You format your page in the Page Setup dialog box.
This section discusses the following topics:
Setting the Paper Orientation on page 154.
Setting the Paper Size on page 154.
Adjusting Margins on page 155.
Setting the Paper Orientation FTA-Pro allows you to change the orientation of data on your printed pages. By
default, the software uses landscape orientation, but you can easily change to
portrait orientation.
To set the orientation of paper for a report:
Setting the Paper Size FTA-Pro allows you to change the size of your printed pages. By default, the
software uses letter size, but you can easily change the size to meet your
requirements.
To set the paper size for a report:
Step Action
1. In the Print Options dialog box, go to Paging>Page Setup.
2. Under Paper Orientation, select either Portrait or Landscape.
Note: By default, FTA-Pro uses Landscape orientation.
Step Action
1. In the Print Options dialog box, go to Paging>Page Setup.
FTA-Pro Chapter 7: Printing and Exporting
Dyadem International 155
Adjusting Margins The widths of the margins in your printed reports are fully customizable, allowing
you to precisely set the size of your top, bottom, left and right margins. By default,
all four margins are 25.4mm wide.
To adjust one or more of the margins for your printed reports:
2. From the Paper Size drop-down list, select the size you want.
Note: By default, FTA-Pro uses Letter size (8.5 x 11) paper.
Step Action
Step Action
1. In the Print Options dialog box, go to Paging>Page Setup.
2. Under Margins, for each margin you want to change, double-click
the number currently displayed in the corresponding field and
then type a new value.
Note: Margin sizes are measured in mm.
FTA-Pro Chapter 7: Printing and Exporting
Dyadem International 156
Adding Page Information
FTA-Pro allows you to add the following information to each page of the printed
documentation:
Page number.
File name.
File path.
Fault tree name.
Transfer-To Pages.
To add or remove the page information to the fault tree document:
Tip: The following information is printed by default:
Page number.
File name.
Fault Tree (FT) name.
Transfer-To Pages.
Note: When FTA-Pro breaks the Fault tree into a number of pages, it replaces
logic gates with transfer gates. The logic gate and its children are printed on
a different page. The Transfer-To Pages information tells which page of the
fault tree diagram, the logic gate was originally from.
Step Action
1. Go to File>Print Options.
2. Click the Paging tab.
3. In the Page Info section, select or deselect the following check
boxes:
Page Number.
File Name.
File Path.
FT Name.
Transfer-To page.
4. Click OK.
FTA-Pro Chapter 7: Printing and Exporting
Dyadem International 157
Scaling the Fault Tree
If you want to increase the number of nodes on a page using Print Options, you
scale the fault tree to fit your page by using the Zoom setting. The print command
scales the fault tree based on the percentage in the Zoom setting.
To scale the fault tree:
Note: When you use the Zoom command, FTA-Pro automatically calculates and
sets the maximum number of Nodes across the page and the maximum
number of level of nodes on the page. You can decrease the number of
nodes if you wish, but you cannot increase the number.
Step Action
1. Go to File>Print Options.
2. Click the Paging tab.
3. In the Page Layout section, set the Zoom size by either:
Using the up and down arrows to scale the fault tree to the size you
want.
Entering a new percentage in the text field.
4. Click OK.
FTA-Pro Chapter 7: Printing and Exporting
Dyadem International 158
Printing Documents
FTA-Pro allows you to preview and then print your fault trees.
This section discusses the following topics:
Previewing Your Document Before Printing on page 158.
Printing Your Document on page 159.
Previewing Your Document
Before Printing
The Print Preview feature of FTA-Pro allows you to check the format of your
finished document onscreen. Using the Print Preview feature saves time and
printing costs by helping to identify problems prior to printing.
To preview your document:
Figure 7-4: The Print Preview window has its own tool bar across the top, which allows
you to print, zoom in or out and view multiple pages at once. The Index button opens a
pop-up window that displays the Index table.
Note: Unlike the regular Zoom command, the Zoom drop down list in the Print
Preview does not change the size of the tree for printing.
Step Action
1. Go to File>Print Preview.
Or
Click the Print Preview button on the tool bar.
The Print Preview window opens.
2. Use the controls at the top of the window to zoom in and out, and
to scroll through the pages.
Tip: If you click the Index button, a pop-up window opens displaying
the Index table.
3. After previewing the document, click Close.
Tip: You can use Print Previews Print icon to print the fault tree
directly from Print Preview.
FTA-Pro Chapter 7: Printing and Exporting
Dyadem International 159
Printing Your Document Once you are satisfied with the way the document looks, you can print it.
To print your document:
Note: Unlike the regular Zoom command, the Zoom drop-down list in the Print
Preview does not change the size of the tree for printing.
Step Action
1. Go to File>Print.
Or
Click the Print button on the tool bar.
The Print dialog box opens.
2. Select the Print Range. (Optional)
Tip: All is the default.
3. Enter the number of copies that you want printed. (Optional)
Tip: If you select more than one copy, you can have the copies collated
by checking the Collate check.
4. Click OK.
The document is printed.
FTA-Pro Chapter 7: Printing and Exporting
Dyadem International 160
Generating PDF Files
The Adobe

Portable Document Format (PDF) is a popular file format that allows

you to share your information. It ensures a consistent document layout and
appearance regardless of the computer system or platform recipients are using to
open PDF files.
FTA-Pro does not contain the Adobe PDF printer drivers. You must install an
appropriate PDF printer driver, such as Adobe Acrobat

PDF Writer or Adobe

Acrobat

Distiller, before you can perform the following procedure. Once a driver
is installed on your computer system, you can easily create a report containing
your data in the PDF format.
To generate a PDF file:
Step Action
1. Customize your document by:
Setting the contents options.
Setting the paging options.
Setting the page setup.
You can also preview the report before exporting it as a PDF file.
2. Go to File>Print.
Or
Click the Print button on the tool bar.
The Print dialog box opens.
3. Select your PDF printer.
4. Click Properties and adjust any settings for your PDF.
Tip: If you want to view your PDF file immediately after creating it,
select the check box called View PDF Results.
5. After making any adjustments to the settings, click OK.
The Print dialog box opens.
6. Select the Print Range. (Optional)
Tip: All is the default.
7. Click OK.
The Save PDF File As dialog box opens.
8. In the Save in field, specify where you want to save your PDF file.
9. In the File name field, type a name for your PDF file.
10. Click Save.
FTA-Pro saves the file.
Note: If you selected View PDF File in step 4, and you have Adobe
Acrobat or Reader installed on your computer, FTA-Pro launches
the program and opens the PDF file.
FTA-Pro Chapter 7: Printing and Exporting
Dyadem International 161
Exporting Fault Trees as Event Data
FTA-Pro allows you to export your fault trees as an xml-format event data file.
This allows you to re-use data by creating event data libraries from existing fault
trees. Once you have exported the data, you can import the event data file from the
xml file. For more information, see Importing Event Data on page 170.
To export a fault tree as event data:
Step Action
1. Go to File>Export>Export Event Data.
The Save as dialog box opens.
2. Click the Save in drop-down arrow to select where you want to
store your file.
3. In the File name field, type the name for your new file.
4. Click Save.
The event data file is saved.
FTA-Pro Chapter 7: Printing and Exporting
Dyadem International 162
Exporting Faults Tree as Image Files
FTA-Pro allows you to export your fault trees as image files. This provides you
with images of your fault trees for use in business presentations. When you export
a files fault trees image files, you must export each fault tree, or node represented
by a transfer gate on the main tree, separately.
This section discusses the following formats:
Image File Formats Supported on page 162.
Exporting the Fault Tree on page 162.
Image File Formats
Supported
FTA-Pro allows you to export your fault in the following image formats:
BMP - Windows Bitmap.
GIF - Compuserve GIF.
JPG - JPEG Image.
PNG - Portable Network Graphics. (Default Format)
TIFF - Tagged Image File Format
Exporting the Fault Tree To export a fault tree as an image file:
Step Action
1. Go to the Top Gate of the fault tree you want to export.
2. Go to File>Export>Export FT Image.
The Save as dialog box opens.
3. Click the Save in drop-down arrow to select where you want to
store your file.
4. In the File name field, type the name for your new file.
Tip: You should give the file the same name as the fault tree.
5. Select the file type from the Save as File Type drop down list.
6. Click Save.
The image file is saved.
FTA-Pro Chapter 8: Importing Fault Trees and Event Data
Dyadem International 163
CHAPTER 8: IMPORTING FAULT TREES AND
EVENT DATA
FTA-Pro allows you to import fault trees and data from other programs and
formats. This chapter discusses how to import Fault Trees and Event data from
other programs such as FMEA-Pro.
This section discusses the following topics:
Importing Fault Trees on page 164.
Importing Event Data on page 170.
FTA-Pro Chapter 8: Importing Fault Trees and Event Data
Dyadem International 164
Importing Fault Trees
FTA-Pro allows you to import and use fault trees created in other programs or
other FTA-Pro files.
This section discusses the following topics:
Importing a Fault Tree from Another FTA-Pro File on page 164.
Importing a Fault Tree from FMEA-Pro on page 164.
Importing a Fault Tree from an XML File on page 166.
Importing a Relex File on page 167.
Importing a File in Aralia Format on page 168.
Importing a Fault Tree from
Another FTA-Pro File
FTA-Pro allows you to import fault trees from other FTA-Pro files into your
study. This allows you to have various teams create several fault trees for a large
FTA project concurrently and then bring them all together into one file.
To import a fault tree from another FTA-Pro file:
Importing a Fault Tree from
FMEA-Pro
You can import a fault tree from FMEA-Pro. The tree, however, must first be
exported from FMEA-Pro using the XML Import/Export feature. When you
import the tree from FMEA-Pro, the information is already mapped for you.
Note: You cannot import a fault tree from an open file.
Step Action
1. Go to File>Import.
A drop-down menu appears.
2. Select Fault Tree from the drop-down menu.
The Open dialog box appears.
3. Select Dyadem Project File (*.dpr) from the Files of Type drop-
down list.
Tip: If you are importing a fault tree from an older version of FTA-Pro,
you may have to select Dyadem Project File Uncompressed
(*.xml) from the drop-down list.
4. Using the Look-In field, navigate to the folder containing the file.
5. Highlight the file.
6. Click Open.
The Fault Trees dialog box opens, listing the fault trees in the file.
7. Select the fault tree.
8. Click Select.
The fault tree is imported into the current file under its own tab and fault
tree name.
FTA-Pro Chapter 8: Importing Fault Trees and Event Data
Dyadem International 165
Figure 8-1: When you open the file to import the fault trees, the FMEA Element to FTA
Event Mapping dialog box opens.
Figure 8-2: After you set the Minimum Severity in the Top Event Selection dialog box,
FTA-Pro lists all of the fault trees that meet the criteria. You check the boxes of the fault
trees that you want to import and click Create FTs.
To import a fault tree that has been exported from FMEA-Pro:
Step Action
1. Go to File>Import.
A drop-down menu appears.
2. Select Fault Tree from FMEA from the drop-down menu.
The Open dialog box appears.
3. Select Dyadem FMEA Export Fault Tree File Format (*.xml) from
the Files of Type drop-down list.
4. Using the Look-In field, navigate to the folder containing the file.
5. Highlight the file.
6. Click Open.
The FMEA Element to FMEA Event Mapping dialog box opens, with the
required elements mapped. (Figure 8-1)
Tip: If you select the wrong format in step 2, you get the error
message: Invalid project file. Your file may be valid, but you have
selected the wrong file format. Select another xml format and try
again.
7. Click Next.
The Top Event Selection dialog box opens. (Figure 8-2)
FTA-Pro Chapter 8: Importing Fault Trees and Event Data
Dyadem International 166
Importing a Fault Tree from
an XML File
You can import a fault tree from an XML file. The procedure is similar to that of
importing a fault tree from FMEA-Pro. When you import a fault tree from an
XML file from another application, you have to map the information manually.
If you are mapping a fault tree from an XML file, you need to map the following
information:
To import a fault tree from an XML file:
8. If you want only the events above a certain severity, select the
severity level from the Minimum Severity drop-down list.
Note: The highest minimum severity level that you can select is the
highest severity level in the imported study. For example, if the
highest severity level in the study is 6, you cannot set the
minimum severity level at 7 or higher.
9. Select one or more top events by either:
Clicking the check box for each top event you want to use.
Clicking Select All.
Note: If you do not select a top event from the list, the fault tree for
that event is not created.
10. Click Create FTs.
The fault trees are created.
Tip: You may want to rename your fault trees to give them a more
meaningful name. For more information, see Renaming a Fault
Tree on page 111.
Step Action
Field in FMEA Element to FMEA Event
Mapping
Information Required
FMEA Base Element Potential Effect of Failure
Effects of Failure (Fault Tree top event) Potential Effects of Failure
Cause of Failure Potential Cause of Failure
Severity Severity
Step Action
1. Go to File>Import.
A drop-down menu appears.
2. Select Fault Tree from FMEA from the drop-down menu.
The Open dialog box appears.
3. Select Dyadem FMEA Export Fault Tree File Format (*.xml) from
the Files of Type drop-down list.
4. Using the Look-In field, navigate to the folder containing the file.
5. Highlight the file.
FTA-Pro Chapter 8: Importing Fault Trees and Event Data
Dyadem International 167
Importing a Relex File FTA-Pro can import Relex fault tree files, provided all input values are supported.
Once the fault tree is opened in Fault Tree Diagram window, it can be modified,
saved and run as an FTA-Pro file.
To import a Relex file:
6. Click Open.
The FMEA Element to FMEA Event Mapping dialog box opens, with the
required elements mapped.
Tip: If you select the wrong format in step 2, you get the error
message: Invalid project file. Your file may be valid, but you have
selected the wrong file format. Select another xml format and try
again.
7. Click Select for each data element you want to add, starting with
the FMEA Base Element.
The FMEA Selection dialog box opens showing the structure of the XML
file.
8. Click the plus sign next to an element to show its nested
elements until you find the element you want to use.
9. Highlight the element.
10. Click Select.
The dialog box closes and the element is listed in the FMEA Element to
FMEA Event Mapping dialog box.
11. Repeat steps 7 to 10 to map the:
Fault Tree Top Event.
Fault Tree Base Event.
Severity.
12. Click Next.
The Top Event Selection dialog box opens.
13. If you want only the events above a certain severity, select the
severity level from the Minimum Severity drop-down list.
Note: The highest minimum severity level that you can select is the
highest severity level in the imported study. For example, if the
highest severity level in the study is 6, you cannot set the
minimum severity level at 7 or higher.
14. Select one or more top events by either:
Clicking the check box for each top event you want to use.
Clicking Select All.
Note: If you do not select a top event from the list, the fault tree for
that event is not created.
15. Click Create FTs.
The fault trees are created.
Step Action
Step Action
1. Go to File>Import.
A drop-down menu appears.
FTA-Pro Chapter 8: Importing Fault Trees and Event Data
Dyadem International 168
Importing a File in Aralia
Format
FTA-Pro can also import fault trees created in Aralia format. Aralia format is the
compact textual representation of fault tree. However, the basic event properties
are not assigned in this format. Only the logical structure of the fault tree can be
created using Aralia format. Once imported, the fault tree can be modified, saved,
and run using FTA-Pro.
:
Figure 8-3: The above is an example of a fault tree in Aralia format.
Deciphering the Aralia format:
The left hand side has the names of gates including top gate r1.
The input of the gate is at the right hand side:
Sign & corresponds to logical AND.
Sign | is logical OR.
Voting gate (m out-of n) is notated as @; in parentheses we have number
m and all n listed children. In the above example, g4 is a 3 out-of 5 voting
gate.
To find more information about Aralia format, go to:
2. Select Fault Tree from the drop-down menu.
The Open dialog box appears.
3. Select Relex Project Files (*.RPJ) from the Files of Type drop-
down list.
4. Using the Look-In field, navigate to the folder containing the file.
5. Highlight the file.
6. Click Open.
The file is imported.
Step Action
Note: Although Aralia format are usually in files with a .dag extension, Aralia
format can be saved in any text file (.txt) that contains a textual
representation of a fault tree.
r1 /* root */ := (g1 & g2);
g1 := (e1 | e2 | e3 | g3);
g2 := (g4 & g5);
g3 := (g6 & g7);
g4 := @(3,[e4 , e5 , e6 , e7 , g8]);
g5 := (e8 | g9);
g6 := (e9 | e10 | e11 | g10);
g7 := (e12 | e13);
g8 := (g11 & g12);
g9 := (g13 & g14);
g10 := (g15 & g16);
g11 := (e14 | e15 | e16 | g12);
g12 := (g13 & g14);
g13 := (e1 | e2 | e3 );
g14 := (e4 | e5 | e6 | e7 );
g15 := (e17 | e18);
g16 := (e19 | e20 | e21);
FTA-Pro Chapter 8: Importing Fault Trees and Event Data
Dyadem International 169
http://iml.univ-mrs.fr/~arauzy/aralia/benchmark.html#AraliaFormat
To import an Aralia file:
Figure 8-4: The fault tree created from the Aralia format example in Figure 8-3 after
being imported into FTA-Pro.
Step Action
1. Go to File>Import.
A drop-down menu appears.
2. Select Fault Tree from the drop-down menu.
The Open dialog box appears.
3. Select Aralia FT File Format (*.dag) from the Files of Type drop-
down list.
Tip: If the fault tree has been saved in a text file (.txt), select All files
(*.*) from the Files of type drop-down list.
4. Using the Look-In field, navigate to the folder containing the file.
5. Highlight the file.
6. Name the fault tree.
The fault tree appears in Fault Tree Diagram window.
FTA-Pro Chapter 8: Importing Fault Trees and Event Data
Dyadem International 170
Importing Event Data
You can import event data from your FMEA-Pro files and from XML files.
Uploaded event data can be used in all of the files existing fault trees or can be
used to help create new fault trees.
This section discusses the following topics:
Importing Event Data Process on page 170.
Importing Event Data from FMEA-Pro on page 170.
Importing Event Data from an XML File on page 171.
Importing Event Data
Process
You cannot import data directly into your fault trees. You must import the data
into the Event Data Library and then enter information from the library into
events in the fault tree. When you import the data into the library, the data remains
in the library until either you exit the program, or you import new data into the
library.
Importing and using the event data:
Importing Event Data from
FMEA-Pro
You can use event data from your FMEA-Pro studies.
To import event data from an XML file exported from FMEA-Pro:
Note: If you import event data into your event library, it over-writes any
information that exists in the library at the time.
Step Description
1. Import the data and populate the Event Data Library.
2. Open file into which you want to import the data.
Note: Steps 1 and 2 are interchangeable. You can import event data
whether the file is open or closed. Imported event data remains
in the library if you switch files without closing FTA-Pro.
3. Copy the data from the library into the appropriate events in your
fault tree.
Note: Before you can import your FMEA-Pro data, you must export the data using
FMEA-Pros XML Import/Export feature.
Step Action
1. Go to File>Import.
A drop-down menu appears.
2. Select Events from FMEA from the drop-down menu.
The Open dialog box appears.
3. Select Dyadem FMEA Export Event File Format (*.xml) from the
Files of Type drop-down list.
4. Using the Look-In field, navigate to the folder containing the file.
5. Highlight the file.
FTA-Pro Chapter 8: Importing Fault Trees and Event Data
Dyadem International 171
Importing Event Data from an
XML File
You can also import event data in XML format from other applications. The
procedure is similar to that of importing event data from FMEA-Pro. When you
import event data from an XML file from another application, you have to map
the information manually.
y
Figure 8-5: You select the FMEA elements for the FTA Event Mapping in the FMEA
Element Selection dialog box.
To import event data from an XML file:
6. Click Open.
The FMEA Element to FMEA Event Mapping dialog box opens, with the
required elements mapped.
Tip: If you select the wrong format in step 2, you get the error
message: Invalid project file. Your file may be valid, but you have
selected the wrong file format. Select another xml format and try
again.
7. Click Load Events.
The events are uploaded into the Event Data Library. The View Events
Data dialog box opens.
8. Click:
Yes if you want to view the events.
No if you do not.
9. Click OK.
Step Action
Step Action
1. Go to File>Import.
A drop-down menu appears.
2. Select Events from FMEA from the drop-down menu.
The Open dialog box appears.
FTA-Pro Chapter 8: Importing Fault Trees and Event Data
Dyadem International 172
3. Select Dyadem FMEA Export Event File Format (*.xml) from the
Files of Type drop-down list.
4. Using the Look-In field, navigate to the folder containing the file.
5. Highlight the file.
6. Click Open.
The FMEA Element to FMEA Event Mapping dialog box opens, with the
required elements mapped.
Tip: If you select the wrong format in step 2, you get the error
message: Invalid project file. Your file may be valid, but you have
selected the wrong file format. Select another xml format and try
again.
7. Click Select next to the FMEA Element you want to add, starting
with the FMEA Base Element.
The FMEA Selection dialog box opens showing the structure of the XML
file. (Figure 8-5)
8. Click the plus sign next to an element to show its nested
elements until you find the element you want to use.
9. Highlight the element.
10. Click Select.
The dialog box closes and the element is listed in the FMEA Element to
FMEA Event Mapping dialog box.
11. Repeat steps 7 to 10 to map an element for each FTA Event
Property.
12. When you have mapped an element for all of the FTA event
properties, click Load Events.
The events are uploaded into the Event Data Library. The View Events
Data dialog box opens.
13. Click:
Yes if you want to view the events.
No if you do not.
14. Click OK.
Step Action
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 173
APPENDIX A: CALCULATION METHODS FOR
STATIC FAULT TREES
This section provides a more in-depth explanation of the Boolean reliability
models, calculations for minimal cut sets, and the decomposition and Monte Carlo
methods.
This section discusses the following topics:
Boolean Reliability Models on page 174.
Minimal Cut Set Calculation on page 184.
Optimized Decomposition Method on page 192.
Monte Carlo Simulation Method on page 201.
Practical Criteria of Algorithm Efficiency on page 205.
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 174
Boolean Reliability Models
It is important to understand that any Fault Tree Diagram is a graphical
representation of a set of Boolean equations. Each basic event can be associated
with a Boolean variable and each gate of fault tree with a Boolean operation. All
manipulations with a fault tree (simplifications, any transformation to equivalent
fault tree) and calculations of its minimal cut sets are based directly on Boolean
algebra rules. The Boolean equation corresponding to the top event of the fault
tree is its structural function. It is coupled with probability function of the fault
tree. In this section we are going to examine the basic information about Boolean
algebra and its application to fault tree analysis.
This section discusses the following topics:
Boolean Variables and Operations on page 174.
Main Rules of Boolean Algebra on page 175.
Boolean Functions on page 179.
Disjoint Normal Form of Boolean Function and Minimal Cut Sets on page 179.
NP-Complete Problems on page 180.
Probability Function and Operations with Probabilities on page 181.
Boolean Variables and
Operations
Let B denote the set {0,1} of truth-values (0 being false and 1 being true). We will
use Latin italic letters to denote Boolean variables with or without indices. For
example, x, y or x
1
,x
2
,...,x
n
. X is used to denote the set {x
1
,x
2
,...,x
n
} of Boolean
variables. There are three main operations in Boolean algebra:
"OR" (sum) operation, which we denote as "+".
"AND" (product) operation we denote as " ".
"NOT" (negation) operation, which when applied to variable x is denoted as
.
Any other operation can be defined using these three operations. For instance, the
"exclusive or" operation (gate) on two variables x and y can be represented as
. Furthermore, according to Morgan's theorem "AND" or "OR"
logical operations can be excluded as the following:
or
Thus only two Boolean operations are needed to define any logic gate of a fault
tree. Unfortunately, negation cannot be defined by the two binary operations, "+"
and " ", and consequently cannot be excluded. However, there is an important
subset of all Boolean functions, which could be defined using sum and product
operations only. Such Boolean functions correspond to the so-called coherent fault
tree.
x'
y x' x y' +
x y x' y' + ( )' = x y + x' y' ( )' =
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 175
In a coherent fault tree, logic gates are restricted to AND and OR gates (or their
combinations like voting gate), and the top event is uniquely described in terms of
all minimal cut sets. A non-coherent fault-tree has inverse gates. For example, it
may have NOT, NAND, NOR, and XOR gates. The concept of minimal cut sets
does not apply in this case because Boolean functions no longer have the
monotone properties. The minimal cut sets should be replaced by prime
implicants from Boolean algebra.
Main Rules of Boolean
Algebra
Some Boolean algebra rules are shown in the table below. Most of them are
widely used in our calculations to simplify the given fault tree and to define its
minimal cut sets. This section illustrates how Boolean rules can manipulate or
reduce a fault tree. A reduced fault tree is easier to read, faster to calculate, and
takes less space to display.
Some Rules of Boolean Algebra:
According to the Commutative Law it is possible to change the input order for
gates, if they do not have special input priority. We can use this law to arrange the
given fault tree in a special order to increase the speed of calculation of exact
value of top event probability of large fault trees.
The Associative Law allows combining gates of the same type and reducing the
fault tree. Diagrams of a given and a reduced fault tree after application of
Associative Law are represented in the figures below.
Name Formula
Commutative
Law
a. b.
Associative Law
a.
b.
Idimpotent Law
a. b.
Absorption Law
a. b.
Distributive Law
a.
b.
Complementatio
n
a. b. c.
Morgan's
Theorem
a. b.
Unnamed
a. b.
x y y x = x y + y x + =
x y z ( ) x y ( ) z =
x y z + ( ) + x y + ( ) z + =
x x x = x x + x =
x x y + ( ) x = x x y + x =
x y z + ( ) x y x z + =
x y + ( ) x z + ( ) x y z + =
x x' 0 = x x' + 1 = x' ( )' x =
x y ( )' x' y' + = x y + ( )' x' y' =
x x' y + x y + = x' x y + ( ) x' y' =
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 176
Figure A-1: In this tree, Gate1 and Gate2 can be eliminated by Associative Law.
Figure A-2: The tree from Figure A-1 with Gate1 and Gate2 removed.
The next two figures show the application of a combination of the Associative
Law and Idimpotent Law.
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 177
Figure A-3: In this tree, one instance of each of Event1 and Gate2 is redundant and can
be removed.
Figure A-4: The fault tree from Figure A-3 with the redundancies removed.
The powerful Absorption Law is used in calculating minimal cut sets and
simplifying the given fault tree. In the following example it is applied in
combination with the Associative Law.
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 178
Figure A-5: The fault tree before the application of the combination of the Absorption
and Associative laws.
Figure A-6: After applying the Absorption and Associative laws, the fault tee now looks
like this figure.
Note: These rules can be applied not only to variables of Boolean
functions (basic events of fault tree as in examples above), but
also to any Boolean expressions (fault tree gates).
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 179
In two last examples, the given fault trees were not only reduced by size, but
repeated events (with the same name) were also eliminated from the fault trees.
Decreasing the number of repeated events along with fault tree reduction
improves the speed of calculation dramatically.
These simple examples show that the basic knowledge of Boolean algebra is
essential for fault tree analysis. Some of Boolean rules are easy to implement;
others are not only harder to apply, but also require additional computer resources
- memory and calculation time.
The distributive law is also widely used in fault tree calculations. Boolean rules 6,
7, and 8 - Complementation, Morgans Theorem and Unnamed - are used in non-
coherent fault trees, containing NOT logic.
Boolean Functions The mathematical definition of a Boolean function as follows:
A Boolean function f depending on the set of Boolean variables X={x
1
,x
2
,...x
n
} is a
mapping of .
This means that the corresponding truth-value of the function is assigned to each
combination of truth-values of n variables. We will also use the common notation
for Boolean function f = f (x
1
,x
2
,...x
n
) and for its positive and negative cofactors:
and
Engineers understand a Boolean function as a Boolean formula or the sequence of
Boolean operations on Boolean variables. The Boolean formula can be
represented as a fault tree with its basic events (Boolean variables) and logic gates
(Boolean operations).
Disjoint Normal Form of
Boolean Function and
Minimal Cut Sets
There are two basic equations corresponding to each Boolean function:
f =1 and f =0. If the function f is associated with the top event of a fault tree, the
set of solutions of the first equation is a collection of cut sets of this fault tree or
Boolean Indicated Cut Sets (BICS). They are the failure modes of fault tree and
should be obtained as a solution by the reliability system analyst.
Let us consider the simple Boolean equation The left hand side
can be rewritten as the sum of products:
.
This representation of the Boolean function as a sum of products yields the set of
solutions {{x},{x,y},{y,x},{y,z}}: each term of the sum is a solution of the given
Boolean equation. The obtained solution can be simplified using Boolean rules.
After simplification we have the equation and the corresponding set
f B
N
B :
f
x
i
1 =
f x
1
x
i 1
1 x
i 1 +
x
n
, , , , , ( , ) =
f
x
i
0 =
f x
1
x
i 1
0 x
i 1 +
x
n
, , , , , ( , ) =
x y + ( ) x z + ( ) 1 =
x x x z y x y z + + + 1 =
x y + z 1 =
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 180
of solutions {{x},{y,z}}. Now we have 2 cut sets instead of 4. Two cut sets were
eliminated, because they are non-minimal. Both of them contained a subset {x},
which is in its turn a cut set (solution). Thus minimal cut sets can be obtained by
simplifying the corresponding Boolean function or by eliminating non-minimal
cut sets from BICS.
We have described two steps of obtaining minimal cut sets of a fault tree. First
step is obtaining BICS. This step is easy to implement. The second one,
eliminating non-minimal cut sets, is an NP-hard algorithmic problem that requires
both algorithm optimization and computer resources. It is not uncommon for large
industrial fault trees to have millions of BICS and tens of thousands minimal cut
sets.
After considering these simple examples, let us provide a more precise definition
of minimal cut set. A minimal cut set of a fault tree is the smallest combination of
component failures (basic events), which, if they all occur, cause the top event to
occur. A minimal cut set is an intersection of primary events sufficient for the top
event, but if one of the components in the minimal cut set does not occur, then the
top event does not occur. If E = {e
1
,e
2
,..., e
n
} is the set of all component failures,
any minimal cut set Q
i
may be represented as an intersection (product) of events:

Any fault tree consists of a finite number of minimal cut sets, which are unique
for the top event.
The top event of a fault tree may be represented by a Boolean equation involving
basic events. These representations may be different for the same fault tree, but
the simplest representation is the following:
T(E) = Q
1
+Q
2
+...+Q
n
This is the sum of all the minimal cut sets of the fault tree. This representation in
terms of minimal cut sets is also unique for the given fault tree or corresponding
Boolean function. It is the so-called Disjunctive Normal Form (DNF) of the
Boolean function.
NP-Complete Problems The problem of finding DNF of a Boolean function (minimal cut sets of the fault
tree) is an NP-complete algorithmic problem. NP-complete problems can be
solved by algorithms that run in exponential time.
Let us consider the nature of NP-complete problems without mathematical details.
To verify the Boolean equation f =1, where f is a Boolean function of n Boolean
variables, we have 2
n
different cases to calculate values of the function.
Calculation of minimal cut sets is a different problem, but it has the same nature
Q
k
e
i
e
j
e
m
=
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 181
and, in the worst case, the complexity of this algorithm (running time) is
proportional to 2
n
.
No polynomial time algorithms (for example with n
2
complexity) are known to
exist for any of the NP-complete problems and it is very unlikely that polynomial
time algorithms should indeed exist although nobody has yet been able to prove
their non-existence. Fortunately, this conclusion is true in the worst case. In
practice fault trees have some particular properties, which could be taken into
account while optimizing algorithm. In many studies, authors use heuristic
approaches and numerical experiments with industrial benchmarks as criteria to
find optimal algorithms. But one should be aware that for any "good" algorithm
for NP-hard problem, the worst case can be found and the algorithm can fail in
this case.
It is worth mentioning a special "lucky" case: fault trees without repeated events.
These fault trees can be calculated in linear time, because each BICS of these fault
trees is a minimal cut set, making it unnecessary to search and eliminate non-
minimal cut sets.
Probability Function and
Operations with Probabilities
We will use here an engineering definition of probability of an event as the
relative frequency. Let us consider the outcome of some random experiment with
n possible outcome events {x
1
,x
2
,...x
n
}. Suppose after N trials we find that
outcome x
i
has happened N
i
times. The ratio is the relative frequency of
occurrence of event x
i
. We define the probability of event x
i
as the limit
if this limit exists.
There are several properties arising from this definition.
For each event x
i
, .
If P(x
i
)=1, event x
i
is certain to occur.
If P(x
i
)=0, event x
i
is impossible.
If is the negation of event x
i,
then

.
If any possible outcome of any trial of the experiment belongs to the set of
events {x
1
,x
2
,...x
n
}, then:
.
N
i
N
-----
P x
i
( )
N
i
N
-----


N
lim =
0 P x
i
( ) 1
x'
i
P x'
i
( ) 1 P x
i
( ) =
P x
i
( ) 1 =
i 1 =
n

FTA-Pro Appendix A: Calculation Methods for Static Fault Trees

Dyadem International 182
If the two events A and B are mutually exclusive, the following formula can be
applied:
If the events A and B are not mutually exclusive, we have the more general
expression:
Similarly, the AND operation between two independent events can be represented
in terms of probability theory
If the events A and B are dependent
where conditional probability is the probability of event B given that
event A has already occurred.
To illustrate the difference between the probability calculations of mutually
exclusive and non-mutually exclusive events let us evaluate the probability of the
complex event given that events x
1
and x
2
are independent,
P(x
1
)=P(x
2
)=0.5. Assuming that two events and x
1
are mutually exclusive,
we apply the rule for the OR operation
Events x
1
and x
2
are independent, therefore we can apply the rule for the AND
operation
On the other hand, according to Boolean rules , which yields
. The result 0.75 is not correct. The correct steps of the
calculation are
The complexity of probability calculation increases dramatically with an increase
of the number of dependent events. For the set {x
1
,x
2
, ... x
n
} of n dependent events,
we have the formula for OR operation:
Tip: It is important to note that the main causes leading to introduction of
dependent events (or dependent gates) in the fault tree analysis are repeated
basic events.
P A B + ( ) P A ( ) P B ( ) + =
P A B + ( ) P A ( ) P B ( ) P A B ( ) + =
P A B ( ) P A ( )P B ( ) =
P A B ( ) P A ( )P B A) ( P B ( )P A B) ( = =
P B A) (
x
1
x
2
x
1
+
x
1
x
2

P x
1
x
2
x +
1
( ) P x
1
x
2
( ) P x
1
( ) + =
P x
1
x
2
x
1
+ ( ) P x
1
( )P x
2
( ) P x
1
( ) + 0.5 0.5 0.5 + 0.75 = = =
x
1
x
2
x
1
+ x
1
=
P x
1
x
2
x
1
+ ( ) P x
1
( ) 0.5 = =
P x
1
x
2
x
1
+ ( ) P x
1
( )P x
2
( ) P x
1
( ) P x
1
x
2
x
1
( ) P x
1
( ) 0.5 = = + =
P x
1
x
2
x
2
+ + + ( ) P x
i
( ) P x
1
x
2
( )
j i 1 + =
n

i 1 =
n 1

i 1 =
n

=
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 183
+
Assuming that all events are mutually exclusive, we can obtain the so-called "rare
event approximation"
which can be accurate for highly reliable systems with small input probabilities.
The last formula yields a conservative estimation of the exact probability value.
For AND operation with n dependent events we have
One of advanced methods for calculating the probability function of a fault tree is
described in Optimized Decomposition Method on page 192. This method is based
on the Shannon decomposition formula and allows the calculation of the exact
value of probability of relatively large fault trees. For a brief description of
traditional methods based on minimal cut set calculation, see Unreliability System
Analysis Methods on page 32. Both of these methods give some approximations
of probability. They are more accurate for highly reliable systems.
Note: Calculation of each factor of this formula is not a trivial problem.
P x
i
x
j
x
k
( ) 1 ( )
n
P x
1
x
2
x
n
( ) +
k j 1 + =
n

j i 1 + =
n 1

i 1 =
n 2

P x
1
x
2
x
n
+ + + ( ) P x
i
( )
i 1 =
n

=
P x
1
x
2
x
n
( ) P x
1
( )P x
2
x
1
( )P x
3
x
1
x
2
( )P x
n
x
1
x
2
x
n 1
( ) =
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 184
Minimal Cut Set Calculation
This section describes the method of minimal cut set calculation, as well as its
main aspects of implementation and optimization.
This section discusses the following topics:
Data Structures for Cut Set Calculation on page 184.
Advanced Bottom-up Algorithm on page 185.
Optimization of Algorithm for Minimal Cut Set Calculation on page 186.
Tuning the Calculation Engine by Cut Set Cut-Off on page 190.
Data Structures for Cut Set
Calculation
It is crucial to choose appropriate data structure for saving and manipulating data
of complicated problems such as fault tree analysis. We use binary representation
of each cut set: array of bits (Bit Array). The size of this array equals to the
number of basic events n of a fault tree.
The first advantage of this data structure is that it is ordered as any array. To
indicate that event with number i (say event x
i
) is included in the cut set we assign
to the bit with number i value 1 (true). For example, the cut set of a fault
tree, containing 5 basic events, is stored as a Bit Array [0, 1, 0, 1, 0].
The second advantage of this data structure is that the memory required to
represent each cut set is n bits only. In our example of the fault tree with 5 basic
events we need 5 bits to describe each cut set.
The third advantage of using Bit Array to represent cut sets is the ease of
application of Boolean operations and Boolean rules to binary data. For example,
the redundant last factor x
2
in Boolean expression is automatically
eliminated by the binary representation [0, 1, 0, 1, 0]. It is easy to apply OR and
AND Boolean operations to cut sets in binary representation.
Finally, and most importantly, using Bit Array representation efficiently
eliminates non-minimal cut sets from BICS. For this purpose we have to compare
a maximum of n bits. In practice, however, we need much fewer steps. For
example, we are going to determine if the cut set {x
2
, x
3
} is a subset of {x
2
, x
4
}.
We have to compare two bit arrays [0, 1, 1, 0, 0] and [0, 1, 0, 1, 0]. From the first
array we have to select only the elements with true values and compare them with
the corresponding elements of the second array. If there is only one element from
the second array with false value, we can terminate the process and conclude that
the first cut set is not subset of the second one. If, however, all of the elements
from the second array are also true, the first cut set is a subset of the second one
and the second cut set must be eliminated from the list of minimal cut sets.
x
2
x
4

x
2
x
4
x
2

FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 185
Advanced Bottom-up
Algorithm
Using a binary representation of each cut set, we can construct the collection of all
cut sets of any fault tree gate as a list of bit arrays. In general, the input of each
gate of the fault tree also lists the bit arrays. It is easy to define basic logical
operations on lists of bit array. If we have an OR gate, the output is a list of arrays,
which is union of all input lists. For AND gate with two lists with m and k cut sets
we have list of mk bit arrays after multiplication.
We use the robust Bottom-up Algorithm, which gains all of the benefits of binary
cut set representation. In this algorithm it is implied that the input of any gate is
known and represented as a list of bit arrays. Starting from the basic events
(leaves) of the fault tree and representing them as bit arrays, we can then calculate
the cut sets of the above gates.
Figure A-7: The above fault tree has 6 basic events.
The binary representations of the events in Figure A-7 are:
All steps of calculating the cut sets are:
Event name Binary representation
Event0 [1, 0, 0, 0, 0, 0]
Event1 [0, 1, 0, 0, 0, 0]
Event2 [0, 0, 1, 0, 0, 0]
Event3 [0, 0, 0, 1, 0, 0]
Event4 [0, 0, 0, 0, 1, 0]
Event5 [0, 0, 0, 0, 0, 1]
Gate name Cut sets represented as lists of bit arrays
Gate5 {[0, 0, 1, 1, 0, 0]}
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 186
The third cut set of Gate0 is non-minimal, and must be eliminated from the list of
minimal cut sets of the top gate. Finally, we have the list of cut sets {[1, 1, 0, 0, 0,
0], [1, 0, 1, 1, 0, 0], [1, 0, 1, 0, 1, 1]} of Gate0; using initial notation for basic
events, we have {{Event0, Event1}, {Event0, Event2, Event3}, {Event0, Event2,
Event4, Event5}}.
In addition to very fast execution, the described bottom-up algorithm allows you
to calculate the minimal cut sets of all intermediate gates. It appears that Binary
Decision Diagram method is more efficient for calculation of cut sets of top event
only. The bottom-up algorithm also easily permits the implementation of a cut-off
procedure of cut sets by their order or probability. If, in our example for fault tree
analysis, we need minimal cut sets with a maximum order of 2, we have the
following steps of the solution.
Optimization of Algorithm for
Minimal Cut Set Calculation
We carried out numerous calculations to optimize the algorithm for minimal cut
set calculation. We used dozens of industrial examples as benchmarks, as well as
specially created examples for this purpose. We completed three levels of
optimization of the algorithm.
The lowest level is the optimization of eliminating non-minimal cut sets from the
given list of bit arrays. The following useful rules improved the calculation:
1. Separating repeated and not repeated events. If the cut set does not contain
repeated events, it is minimal.
Gate3 {[0, 1, 0, 0, 0, 0], [0, 0, 1, 1, 0, 0]}
Gate1 {[1, 1, 0, 0, 0, 0], [1, 0, 1, 1, 0, 0]}
Gate6 {[0, 1, 0, 0, 0, 0], [0, 0, 0, 0, 0, 1]}
Gate4 {[0, 1, 1, 0, 1, 0], [0, 0, 1, 0, 1, 1]}
Gate2 {[1, 1, 1, 0, 1, 0], [1, 0, 1, 0, 1, 1]}
Gate0
{[1, 1, 0, 0, 0, 0], [1, 0, 1, 1, 0, 0],
[1, 1, 1, 0, 1, 0], [1, 0, 1, 0, 1, 1]}
Gate name Cut sets represented as lists of bit arrays
Gate5 {[0, 0, 1, 1, 0, 0]}
Gate3 {[0, 1, 0, 0, 0, 0], [0, 0, 1, 1, 0, 0]}
Gate1 {[1, 1, 0, 0, 0, 0]}
Gate6 {[0, 1, 0, 0, 0, 0], [0, 0, 0, 0, 0, 1]}
Gate4 Null
Gate2 Null
Gate0 {[1, 1, 0, 0, 0, 0]}
Gate name Cut sets represented as lists of bit arrays
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 187
2. Sorting cut sets by order improves the speed of calculation dramatically. The
reason is obvious: to determine if any cut set is a subset of another cut set, we
have to compare this cut set with cut sets of the same or larger order only. This
feature is easier to implement when you have an ordered list of cut sets. We
also sort the cut sets to eliminate null elements from cut set list and to
eliminate cut sets of order over the limit, which was selected by user before
calculation.
3. Determining the independent inputs before eliminating non-minimal cut sets.
If two lists of minimal cut sets are inputs of any gate and they contain
different events, the output of the gate is also a minimal cut set. In the
example above Gate3 has two inputs: Event1 and Gate5, which does not
contain Event1. The corresponding output (unit of two lists) represents the list
of minimal cut sets.
In the middle level of the algorithm optimization we use the properties of
particular gates.
1. If we have two lists of minimal cut sets as inputs for OR gates, it is enough to
compare elements of first list with elements of the second one only to
eliminate non-minimal cut sets.
2. If one input of OR gate is a basic event, it is enough to eliminate all elements
from all other inputs containing this event.
3. If any gate contains more than two inputs, it is better to divide the process by
several steps, eliminating redundant cut sets after each step and decreasing the
number of elements in the list. It is also better to represent a voting gate as a
sequence of OR and AND gates.
Finally, we analyze the property of each particular fault tree in the preprocessing
stage of calculation. There are two main parts of preprocessing and simplifying a
given fault tree.
1. Defining modules (subtrees) of the fault tree, which can be calculated
separately. Each module does not depend on any other events outside the
module. Let us consider the example in Figure A-8.
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 188
Figure A-8: The subtrees whose top gates are Gate1 and Gate8 are modules.
Figure A-9: After simplifying the fault tree from Figure A-8 at the preprocessing phase,
we have this fault tree. The names of corresponding gates in angle brackets indicate the
origin of new basic events. FTA-Pro defines modules and automatically makes
substitutions. The result of calculation is displayed in initial variables after reverse
substitution.
Figure A-10: This fault tree contains one module. It is Gate2, which is repeated.
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 189
Figure A-11: Transfer Gate2 points to Gate2, which is an independent module.
Figure A-12: In this case we can also substitute Gate2 by basic repeated events, which
do not depend on other parts (basic events) of the fault tree.
2. Non-repeated events belonging to the same gate can be combined and
substituted by a new variable. See Figure A-13.
Figure A-13: The fault tree in Figure A-8 allows further simplification after
modularization: basic events Event1 and <Gate8> can be substituted by a new basic
event. We now have a fault tree with 3 basic events instead of 7.
According to our experience, almost all of the industrial fault tree examples
allowed for a significant simplification at the preprocessing stage. The algorithm
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 190
for defining modules and simplification of fault trees is very fast. Typically it took
less than 1% of total calculation time.
In the Tables 1 and 2 below, the calculation results of a computer using 3 GHz
Pentium IV CPU and 1 GB of RAM are shown. The computer has 2 processors
and a maximum of 50% of the CPU was used in calculations.
These tables provide the following information:
Variables shows the number of basic unique events, before and after
preprocessing.
Nodes shows the total number of nodes, calculated by fault tree traversing.
Minimal Cut Sets shows the number of minimal cut sets for each fault tree.
Tuning the Calculation
Engine by Cut Set Cut-Off
Table 2 contains the calculation data for several extra large fault trees from the
benchmark collection. It took 15 hours to calculate all minimal cut sets of FT
edf9205. This is due to the huge amount of minimal cut sets of two intermediate
gates g1 and g3 - more than 300,000 minimal cut sets were calculated after
Name of FT Variables Nodes
Minimal Cut
Sets
Calculation
Time (sec)
chinese 25 (25) 95 392 1
das9205 51 (1) 78 17280 1.2
das9203 51 (16) 122 16200 1
das9202 49 (26) 183 27778 2.5
das9204 53 (23) 113 16704 2
das9206 121 (80) 353 19518 10
das9201 122 (68) 402 14217 2
baobab2 32 (32) 465 4805 85
das9208 103 (91) 1698 8060 26
Name of FT Variables Nodes
Minimal Cut
Sets
Calculation
Time
edf9205 165 (141) 2075 21308
2/ 1104
3/ 5351
4/ 12013
Max size is 8
15 hours
11 sec
130 sec
43 min
das9207 276 (192) 2681 25988 8 min
jbd9601 533 (280) 2932 14007 3 min
baobab3 80 (80) 4348 24386
2/ 22
3/ 124
4/ 388
5/1527
6/ 4979
7/
Out of memory
1 sec
6 sec
7 sec
12 sec
46 sec
Out of memory
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 191
simplification and represented in terms of new variables. There was not enough
memory to store them in terms of initial variables in the data table. However FTA-
Pro allows you to limit cut sets by their order to save memory and to speed up the
calculation. For example, after entering 2 as a cut set order limit it took only 11
seconds to calculate minimal cut sets of all gates, including 1104 minimal cut sets
of the top gate. It took 130 seconds to calculate 5351 minimal cut sets of top gate
with a maximum order of 3, 1481 minimal cut sets of gate g3 and 13525 minimal
cut sets gate g1, as well as minimal cut sets of all gates. Gate g3 contains 103,055
minimal cut sets with a maximum order of 4, and gate g1 has 61,845 minimal cut
sets with the same maximum size. It took 43 minutes to calculate minimal cut sets
of all gates with such size.
There was not enough memory to calculate all minimal cut sets of baobab1 fault
tree, but it took only 46 seconds to calculate minimal cut sets of all gates,
including 4979 minimal cut sets of top gate, with a maximum order of 6.
It is reasonable to restrict the size of minimal cut sets, because it is not possible to
analyze a huge amount of minimal cut sets. Furthermore, small cut sets are more
important in fault tree analysis.
Note: Restricting the maximum size of minimal cut sets affects all calculations
based on minimal cut sets:
Cut Set Summation.
Cross Product.
Esary-Proschan Methods.
As well as importance measures calculation.
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 192
Optimized Decomposition Method
Traditional methods of calculating the probability of top and intermediate events
of a fault tree, such as Cut Set Summation, Cross Product, and Esary-Proschan,
are based on minimal cut set calculations. This is a major disadvantage, because
minimal cut set calculation is a NP-complete problem requiring significant
computer resources. These methods allow calculating probability approximately
and were developed for highly reliable systems (with small probability of input
and top events). They can be applied efficiently when cut sets of big order (or
small probability) can be discarded. The most valuable is exact method of
probability calculation.
The progress made in last decade in computer industry, as well as in developing
calculation methods in fault tree theory, allows the calculation of the exact value
of probability of relatively large fault trees. The most advanced methods are the
decomposition and binary decision diagram methods. Both are based on Shannon
Decomposition Formula.
This section discusses the following topics:
Shannon Decomposition Formula on page 192.
Implementation of Decomposition Method on page 193.
Optimization of Decomposition Method on page 194.
Decomposition Method with Truncation on page 198.
Shannon Decomposition
Formula
The Shannon Decomposition Formula allows for the elimination of any Boolean
variable of a Boolean or probability function. Let f be the Boolean function
defined on set of n Boolean variables X={x
1
,x
2
,...,x
n
}. According to the Shannon
formula:
where is the negation of the Boolean variable x
i
, and where the Boolean
functions and do not depend on the variable x
i
. The corresponding
formula for probability function has the same structure:
where P(x) is the probability of event x, 1-P(x) is the probability of event . The
factors and in the probability formula also do not depend on
variable x
i
.
The process of eliminating variables can be continued. For the next step, we can
apply the decomposition formula to the Boolean functions and or to
the corresponding probability functions to exclude another variable. This process
f x
1
f
x
i
1 =
x'
i
f
x
i
0 =
+ =
x'
i
f
x
i
1 =
f
x
i
0 =
P f ( ) P x
i
( )P f
x
i
1 =
( ) 1 P x
i
( ) ( )P f
x
i
0 =
( ) + =
x'
P f
x
i
1 =
( ) P f
x
i
0 =
( )
f
x
i
1 =
f
x
i
0 =
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 193
is continued until all the variables are excluded or until the probability function is
simple enough for its direct calculation. Usually the decomposition formula for
Boolean functions is applied in minimal cut set calculation and the decomposition
formula of probability function is used for calculation of top event probability.
This algorithm is also NP-complete, but it can be applied along with the
optimization procedures. The advantage of this method is that the decomposition
procedure has to be applied only once for the given fault tree. The corresponding
structure (formula) is saved (if there is enough memory) and can be re-used for
calculating fault tree probability for different input values. This reduces the
amount of running time required for the calculation of probability for time
dependent fault trees if that calculation is required for many time points.
The main disadvantage of the decomposition method (as opposed to bottom-up
algorithm used in minimal cut set calculation) is that calculations for each
intermediate gate of the fault tree should be performed separately. However, the
decomposition method (or its variations) probably is still the only one that allows
the calculation of the exact value of top event probability of relatively large fault
trees.
Implementation of
Decomposition Method
The Boolean function f in decomposition formulas can be represented as a fault
tree, the function as a simplified fault tree assuming that output of basic
event x
i
is true, and the function as a given fault tree with false output of
basic event x
i
. At the first step of decomposition method we have two simplified
fault trees. In any step of the basic event elimination process the number of fault
trees is doubled, but each fault tree is simpler.
Figure A-14: This fault tree corresponds to the given Boolean function f.
f
x
i
1 =
f
x
i
0 =
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 194
Let us consider the fault tree in Figure A-14, which corresponds to the given
Boolean function f.
We choose event E1 at the first step of decomposition. If E1=true, G2=true,
G0=true and . If E1=false, the given fault tree also can be simplified
significantly, giving the fault tree seen in Figure A-15.
Figure A-15: If E1=false, then the fault tree from Figure A-14 can be simplified to this
fault tree.
This simplified fault tree, Figure A-15, does not contain repeated events.
Therefore the probability of the top event is now a straightforward
calculation. Finally, we have the simple decomposition formula in this example
We obtained the result in one step for two reasons. First, this example is very
simple. Large fault trees require many steps. The second reason is that the "right"
event was chosen for the decomposition. The strategy of choosing the event
sequence in the decomposition process is crucial for the algorithm optimization.
The next section considers this strategy, as well as some other rules of algorithm
optimization.
Optimization of
Decomposition Method
In practice there are different heuristic approaches that can be used to select the
order of decomposition while optimizing the algorithm. Our goal is to simplify the
given fault tree until it does not contain repeated events, because it is easier to
calculate a fault tree without repeated events. In addition, by eliminating repeated
events, by using the decomposition method, we can simplify the fault tree in
several places. In the following example both G1 and G2 are simplified if
repeated event E3 is selected for the first step of decomposition. If event E1 is
selected, then both G3 and G4 are simplified. Thus the main criterion in our
strategy is the selection of repeated events for the decomposition of the tree.
P f
E1 1 =
( ) 1 =
P f
E1 0 =
( )
P f ( ) P E1 ( ) 1 P E1 ( ) ( )P f
E1 0 =
( ) + =
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 195
Figure A-16: The fault tree before decomposition.
Comparing two repeated events E3 and E1, it is easy to see that event E3 is
preferable for decomposition, because it is above event E1. If E3=true, gate G2 is
discarded together with all of its children. If E3=false, gate G1 is deleted. If we
select E1 for decomposition, gates G3 and G4 are discarded. Thus it is more
desirable to select repeated events that are on, or closer to, the top of the fault tree.
This idea is implemented as follows. We use the left-first deep-most method of
traversing the fault tree. This can be seen in Figure A-17.
Figure A-17: The left-first deep-most method of traversing a fault tree
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 196
Figure A-18: The fault tree from Figure A-17 has been reordered so the first child of
each gate is a basic event.
If we reorder the fault tree so that the first child of each gate is a basic event
(Figure A-18), then the first repeated basic event in such traversing is the best
event for the first step of decomposition.
In addition we arrange the children of the top gate, putting the larger parts of the
fault tree (having more nodes) to the left, but after basic events, if the top gate has
such children. In this case, when we traverse the fault tree and look for the event
for the next step of the decomposition, we start to simplify a bigger part of the
fault tree. We also repeat this procedure for the children of the top gate and
arrange their children in the similar order. We only have to complete this ordering
of the fault tree once before the calculation. Although it is possible to calculate the
number of fault tree nodes that will be deleted for each basic event at each step of
decomposition and to choose the best basic event for each step of decomposition,
this estimation seems to be much more time consuming.
We also carry out the preprocessing simplifications of the fault tree as we did in
minimal cut set calculations: modularization and combining non-repeated events
belonging to the same gate. In addition we eliminate redundant gates by using the
Associative Law of Boolean algebra. For more information, see Boolean
Variables and Operations on page 174.
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 197
As a result of the decomposition process, we obtain the list of fault trees that do
not contain repeated events. The probability of each fault tree from the list can
now be calculated in a straightforward manner.
Tables 3 and 4 display the result of calculations using a Pentium IV computer with
a CPU of 3 GHz and 1 GB of RAM. The computer has two processors. A
maximum 50% of CPU usage was used in calculations. It was possible to
calculate the exact value of the probability of any example from our benchmark
collection, if the number of repeated events did not exceed 60 after preprocessing
simplifications.
In the two tables below, the running time is shown for several benchmarks. The
fault tree characteristics shown in parentheses were calculated after the
preprocessing simplification operation. Typically we got an "out memory
exception" if the calculation did not finish after 2-3 minutes of computer running.
FTA-Pro provides another version of the Exact method - Exact Decomposition.
This version does not require as much RAM memory, since it does not save data
structures as does the Exact method,. However, it repeats all calculations for each
Note: The described decomposition procedure does not depend on the input
probabilities of basic events. It only has to be completed once and, can then
used many times to calculate the probability of the top event for any
required time point. The main difficulty we faced applying this algorithm to
a relatively large fault tree is the lack of RAM memory, due to the large
number of fault trees in the list.
Name of FT Variables
Repeated
Events
Nodes
Calculation
Time (sec)
baobab2 32 (32) 22 (22) 466 (466) 0.7
das9201 122 (68) 86 (48) 402 (222) .5
das9206 121 (80) 45 (38) 353 (281) 1.6
das9208 103 (91) 83 (79)
1698
(1669)
12
Name of FT Variables
Repeated
Events
Nodes
Calculation
Time (sec)
baobab2 32 (32) 22 (22) 466 (466) 1.5
das9201 122 (68) 86 (48) 402 (222) 2
das9206 121 (80) 45 (38) 353 (281) 5
das9208 103 (91) 83 (79)
1698
(1669)
31
Tip: If you want to use the Exact Decomposition Method, select Decomposition and
enter 0 in the Order field in the Advanced tab of the Calculation Engine
Configuration dialog box. For more information, see Using the Advanced
Tab on page 117
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 198
time point. It is faster if total number of time points of calculation is less than 3.
The calculation time for this method is shown in Table 5.
Decomposition Method with
Truncation
The Esary-Proschan method and other approximations, based on minimal cut sets
calculation, are commonly used in reliability system analysis. However, it is time
consuming and even impossible to calculate all minimal cut sets of large systems.
Usually, to simplify algorithm less important minimal cut sets are excluded from
the computation. For systems with small probabilities (highly reliable systems)
minimal cut sets with high order or with small values of probabilities are omitted,
because their contribution to the final result is negligible.
We applied a similar truncation approach in decomposition methods. According
to the Shannon Decomposition Formula, at each step of the decomposition
method we have the sum of products in the formula for top event probability, and
each product has the form
P(x
i
)...P(x
k
)(1-P(x
j
))...(1-P(x
m
))P(t)
Here we have M factors of type P(x
i
) and K factors of type (1-P(x
m
)). We call M
the order of the term. The total number of factors increases with each step of
decomposition, . There are 3 different cases, when factor P(t) is easy to
calculate.
1. P(t) = 1 (output of the top event is true) for any value of time t. The
corresponding set of FT events x
i
...x
k
is a cut set, but it is not necessarily a
minimal cut set.
2. P(t) = 0 (output of top event is false) for any t. The corresponding term should
be discarded in this case.
3. The fault tree does not have repeated events. They are eliminated in the
decomposition method. Calculation of P(t) in this case is straightforward.
In all of these cases the corresponding terms are calculated exactly (exact terms).
All approximations in our calculation are concerned with the remaining terms. We
have studied different options of approximate calculation of P(t). If we put P(t)=0
when M > M
max
, we have the lower bound approximation for the top event
probability. If P(t)=1 when M > M
max
, we have the upper bound approximation.
Name of FT Variables
Repeated
Events
Nodes
Calculation
Time (sec)
baobab2 32 (32) 22 (22) 466 (466) 0.5
das9201 122 (68) 86 (48) 402 (222) 0.5
das9206 121 (80) 45 (38) 353 (281) 1.1
das9208 103 (91) 83 (79)
1698
(1669)
6.5
M K N +
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 199
We call M
max
the order of truncation in decomposition method, this is similar to
the cut off order in the methods based on minimal cut sets.
Both truncation approaches are approximations of the exact solution when
probabilities of basic events are small (rare event approximation). We expanded
this truncation approach significantly by additionally considering the behavior of
the system when its probability tends to 1 (frequent event approximation). We
have shown that a good approximation of the system probability in this case is
very simple: we can just assume that all its components (including repeated
events) are independent.
The accuracy of decomposition method increases with the increasing of the
truncation order M
max
, because the corresponding formula contains all of the exact
terms with the order . Other terms are calculated approximately and
they are small if the probabilities of basic events are small. On the other hand, if
the probabilities tend to 1 the accuracy of calculation of these terms increases
because of frequent events approximation. Therefore our truncation approach
leads to a good approximation of the exact solution for both rare and frequent
events.
In two tables below, tables 6 and 7, the results of calculations of two benchmarks
are shown for different values of M
max
. The difference between two sequential
calculations for M
max
and M
max
+1 decreases for larger values of M
max
. This
indicates that approximations are getting closer to the exact solution with
increasing M
max
. We can reach the exact solution increasing M
max
.
In all our numerous calculations of different benchmarks with different inputs
(including generated randomly) the maximum error did not exceed 5% when
M
max
=3. We would recommend in practical calculations to start with truncation
order 2, then to repeat calculation with order 3. If the difference in results is not
small, you have to calculate the fault tree with truncation order 4.
Order 1 2 3 4 Exact
Prob 0.2248 0.2203 0.2200 0.2199 0.2199
Time 2.3 sec 2.5 sec 3 sec 4 sec 7 sec
Order 2 3 4 Exact
Prob 2.202E-5 2.202E-5 2.202E-5 2.202E-5
Prob 0.0022 0.0022 0.0022 0.0022
Prob 0.1970 0.1990 0.2012 0.2028
Prob 0.5985 0.5876 0.5845 0.5865
Prob 0.8757 0.8615 0.8542 0.8504
M M
max

FTA-Pro Appendix A: Calculation Methods for Static Fault Trees

Dyadem International 200
The calculation time is shown in last rows of these tables. The efficiency of
decomposition method with truncation is dramatically increasing with the
complexity of the fault tree The speed of calculation of Dassault Aviation 9208
increased about 3 times after applying our truncation approach. It takes about 5.5
hours to obtain exact value of top event probability of benchmark Baobab3. But
applying decomposition method with truncation with order 3 it takes only 13
seconds. The accuracy is very good in this case in the entire range of top event
probability. Our decomposition method with truncation is the best for fault tree
reliability analysis of complex systems.
Time 6 sec 13 sec 37 sec 5.5 hours
Order 2 3 4 Exact
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 201
Monte Carlo Simulation Method
In Boolean Reliability Models on page 174, we defined probability as the relative
frequency of a certain outcome of a number of trials. Now we are going to
consider the reverse problem: simulating the statistical experiment when the
probability of the outcome is given.
This section discusses the following topics:
Monte Carlo Method and its Statistical Nature on page 201.
Improvement of Simulation Method for Highly Reliable Systems on page 202.
Managing the Accuracy of the Monte Carlo Method on page 203.
Monte Carlo Method and its
Statistical Nature
We apply the Monte Carlo method to simulate occurrences of a basic event, using
a random number generator. The output of random number generator is any
number between 0 and 1. The likelihood of occurrence of each number between 0
and 1 is the same. If the generated number is less than or equal to the probability
of the basic event, the event is deemed to have occurred and its output is true,
otherwise the output of this event is false. This procedure is performed for each
basic event independently. The output of the fault tree is then evaluated. These
trials are repeated many times and the number of top event occurrences is stored.
The probability of top events is then calculated as the ratio of number of true
outputs of top event to the total number of trials. By increasing number of trials,
the user can improve the accuracy of Monte Carlo calculation.
The main advantage of the Monte Carlo method is that the calculation time
needed for calculation of the probability of the top event is proportional to number
of total nodes of the fault tree (it is not exponential in time in contrast to NP-
complete problem of calculating the exact value of probability). The Monte Carlo
method is also easy to implement and can be applied to fault trees with different
types of gates including dynamic gates and gates with NOT logic. In addition, our
empirical data has shown that the accuracy of the Monte Carlo method increases
with the growth in the size of the fault tree. We believe that this fact reflects the
statistical nature of Monte Carlo method - increasing the number of basic events
of the fault tree increases the total number of independent simulations of input
probabilities.
The Monte Carlo method has two main weaknesses. The calculation time is
proportional to the number of time points of computation, because any change in
input data requires repetition of all simulations. Also, a greater number of
simulations are needed to achieve the required accuracy for highly reliable
systems.
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 202
Improvement of Simulation
Method for Highly Reliable
Systems
For fault trees without NOT logic the probability function is monotonic: the less
the input probabilities of each basic event, the less is the probability of the top
event and the less is the number of true outcomes. To obtain the accuracy of about
2%, we need approximately 50 true outputs. If the top event probability is 1/1000,
we have to perform about 50,000 simulations to obtain 50 true outputs.
Fortunately, some simulations will contain many cases with all false basic events.
In these cases we do not need to calculate output of top event because it is false.
Using this fact, we implemented the following improvement for Monte Carlo
algorithm for highly reliable systems. Assume that a user entered the value of
Minimal Number of Trials N
min
. In the calculations, we identify the cases when all
basic events are false and assign false to the top event without having to carry out
the calculations. Let us say we have N
f
such cases. We would have a total of
N=N
min
+N
f
simulations at the end of calculation.
Let us compare two cases from Table 6 below - chinese and chinese0. Chinese0
represents an example of a highly reliable system with probabilities of each basic
event 10 times less than the corresponding probabilities of the chinese fault tree.
In both examples N
min
=10,000. For chinese N
f
=7,493 and N=17,493. For chinese0
the number of trials increased dramatically N=127,456, because the number
N
f
=117,456 increased. However the running time increased slightly from 0.9 to
1.08 seconds, because 117,456 cases had all basic events false and therefore did
not have to calculate the outcome of the top event.
We found that the Monte Carlo method showed much better run-time
performance than exact method of probability calculation for large fault trees. We
did not find the limit for Monte Carlo method trying to calculate all industrial
benchmarks. One of largest fault trees in our collection of industrial benchmarks
is Edf9203. It took only 30 seconds to calculate probabilities of all gates of this
fault tree using the same Pentium IV computer we used for unreliability
calculations. For more information, see page 197.
Name of
FT
Variable
s
Nodes
Exact
Probability
Value
Monte
Carlo
Method
Time
(sec)
Number
of trials
das9205 51 78 0.152164 0.1479
2.8%
0.15255
0.25%
0.84
1.6
10000
20000
chinese 25 95 0.03855128 0.0379008
1.7%
0.9 17493
chinese0 25 95 0.00043229 0.0004472
3.5%
1.08 127456
das9206 121 353 0.72278710 0.7213082
0.2%
3.1 10029
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 203
In all examples shown in the table, the probability of all gates were calculated for
one time point. Increasing the number of points of calculation leads to the
proportional increase of calculation time using the Monte Carlo method.
Managing the Accuracy of
the Monte Carlo Method
The Monte Carlo method allows you to calculate probability approximately. To
estimate the accuracy of the method, the exact values of probability are shown in
the table. The errors of calculation by the Monte Carlo method are given as a
percentage. To enhance the accuracy of calculation, the number of trials can be
increased. The running time, however, also increases proportionally.
When using das9205, we increased the number of trials from 10,000 to 20,000,
and we found that the error of calculation decreased from 2.8% to 0.25%. We
knew the exact value of probability in this case. In practice we do not know the
exact value of probability because this is our goal of calculation. To estimate the
accuracy of Monte Carlo calculation in each particular case, we would
recommend starting calculation with N
min
=10,000, then increase this number 2
times and check the difference between the two calculations. If the relative
difference is "small enough", you reached the desired accuracy. If it is not, you
can continue the calculations, increasing the number of simulations. It is difficult
to define the precisely "small enough", because it is typically the result of some
compromise.
All Monte Carlo methods have limitations. Empirical data shows that the
accuracy of calculation is lower for highly reliable systems, i.e. if the probability
of top event is less then 0.0001. This reduction occurs because each random
number generator produces numbers with a period, which can be large but limited.
Increasing the number of simulations over this limit does not lead to increasing of
accuracy of calculation. On the other hand, in the range of small probabilities the
traditional methods based on minimal cut sets with maximum order 2 or 3 (for
example Proschan method) are very efficient. It is also important that such
interval of probability exists when both methods are valid.
FTA-Pro provides three independent groups of methods:
Methods based on minimal cut sets.
Exact methods.
das9201 122 402 0.83143383 0.8342
0.3%
2.5 10000
das9208 103 1698 0.2199273 0.2236501
1.7%
3.9 10038
Edf9203 362 10630 0.1827715
0.1841460
32
69
14685
29450
Name of
FT
Variable
s
Nodes
Exact
Probability
Value
Monte
Carlo
Method
Time
(sec)
Number
of trials
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 204
Monte Carlo simulation method.
This increases the reliability of calculations because one can compare results
obtained by different methods to make sure that they are correct. This approach
also allows you to cover the entire range of probability of the top event. If the
Exact method is not available, you can use the Proschan method for smaller
probabilities, and the Monte Carlo method is valid for larger probabilities.
FTA-Pro Appendix A: Calculation Methods for Static Fault Trees
Dyadem International 205
Practical Criteria of Algorithm Efficiency
Calculation of the exact value of top event probability or minimal cut sets are NP-
complete problems in fault tree analysis. This means that the computation time
increases exponentially in the worst case. There is no example showing that NP-
complete problem can be reduced to polynomial complexity in the worst case.
Fortunately, in practice, fault trees have some properties that can be used for
simplifying the fault trees and for improving speed of calculation. We can identify
many useful properties of a given fault tree at the preprocessing stage. We can
also use heuristic approach for the optimization of the algorithm.
The main criteria in this situation are industrial examples. Thanks to Prof. Antoine
Rauzy, we have an excellent benchmark collection of more than 50 industrial fault
trees in Aralia format (http://iml.univ-mrs.fr/~arauzy/aralia/benchmark.html)
coming from "Electricite de France", "Dassault Aviation", "Westinghouse",
"Institut de Protection et Surete", "Elf Aquitaine" and other companies. Some of
them have the solution of minimal cut set calculations. We used these examples in
our optimization of algorithms, as well comparing calculation times with other
algorithms.
FTA-Pro Appendix B: Calculation Methods for Dynamic Fault Trees
Dyadem International 206
APPENDIX B: CALCULATION METHODS FOR
DYNAMIC FAULT TREES
This section provides a more in-depth explanation of the calculation methods for
dynamic trees - the Markov Chain method and the Monte Carlo method. It also
provides an explanation on how the dynamic gates work.
This section discusses the following topics:
Markov Chain Method on page 207.
Dynamic Gates on page 210.
Monte Carlo Method for Dynamic Fault Trees on page 219.
FTA-Pro Appendix B: Calculation Methods for Dynamic Fault Trees
Dyadem International 207
Markov Chain Method
The Markov Chain method is a powerful technique with applications in different
areas. We are going to concentrate our attention on its application to system
reliability analysis, especially to the dynamic fault tree.
A Markov Chain is a stochastic process, which can be described by a collection of
system states. Each state can be in two different conditions: good or failed. There
are transitions between the states with constant transition rates. Graphically
transition is described by an arc connecting the two states. The transition rate in
the Markov Chain model depends only on these two states - it does not depend on
the previous states of the system (the system is memoryless). In the Markov Chain
model, it is assumed that any transition time is significantly less than time spent
by the system at any state.
Here we have to make several remarks about application of the Markov Chain
method to reliability system analysis.
1. The assumption that transition rate should be constant leads to conclusion that
reliability system has to have basic components with constant failure rates.
Systems with variable failure rates can be also considered but require a more
specialized approach.
2. Components with repair could be included in the Markov Chain model, but
should be used with caution, because typically repair is not a stochastic
process nor does it have exponential probability distribution. We believe that
including repair into dynamic fault tree requires special attention and more
research.
A stochastic Markov Chain process can be described by a system of differential
equations. In the Figure B-1, a fragment of Markov Chain with all connections of
the state with number k is shown.
Note: In the current release of FTA-Pro we included neither components with
repair in dynamic fault tree modules nor components having failure
distributions other than exponential. But they can be included in static fault
tree modules in the fault tree. These modules are solved separately with
static fault tree methods.
FTA-Pro Appendix B: Calculation Methods for Dynamic Fault Trees
Dyadem International 208
Figure B-1: State k of Markov Chain with its connections.
The differential equation corresponding to this state is the following
where P
k
is the probability of the event when the system is at the time point t. The
number of differential equations of Markov Chain equals the number of its states.
Initial conditions are needed for solving the system. Typically, in the system
reliability theory initial conditions are and if . Here the
state with number 0 is initial state of the system when its entire components are
functional. In more general case, the initial conditions of the stochastic process
have the restriction
The initial value problem of differential equations is solved with the Runge-Kutta
method of order 4 in our software. This is the most popular and reliable numerical
method for solving differential equations with initial conditions.
Example of a Markov Chain Let us consider a simple fault tree with an AND gate and two basic events with the
constant failure rates and . The corresponding Markov Chain is displayed
in Figure B-2. There are 4 states in the Markov Chain:
0 is the initial state with functional components.
1 corresponds to the system with the first component failed.
2 corresponds to the system with the second component failed.
3 corresponds to system failure, because both of its components failed.
j
s
k

r
dP
k
dt
---------

i

l

m
+ + ( )P
k

n
P
j

r
P + +
s
=
P
o
0 ( ) 1 = P
k
0 ( ) 0 = k 0
P
i
0 ( ) 1 =
i

1

2
FTA-Pro Appendix B: Calculation Methods for Dynamic Fault Trees
Dyadem International 209
Figure B-2: This Markov Chain represents an AND gate with two inputs.
The corresponding differential equations are:
State 0 -
State 1 -
State 2 -
State 3 -
The initial conditions for the system are , ,
and .
From the practical point of view the function is the most important, because
it describes the case when the system fails. The solution for this function can be
obtained analytically in this simple case
The result is equivalent to the solution obtained by static methods.
System Failed
0
1
2
3

1

2

2

1
dP
0
dt
---------

1

2
+ ( )P
0
=
dP
1
dt
---------

2
P
1

1
P
0
+ =
dP
2
dt
---------

1
P
2

2
P
0
+ =
dP
3
dt
---------

2
P
1

1
P
2
+ =
P
0
0 ( ) 1 = P
1
0 ( ) 0 = P
2
0 ( ) 0 =
P
3
0 ( ) 0 =
P
3
t ( )
P
3
t ( ) 1 e

1
t
e

2
t
e

1

2
+ ( )t
+ =
FTA-Pro Appendix B: Calculation Methods for Dynamic Fault Trees
Dyadem International 210
Dynamic Gates
The following dynamic gates are commonly used in Fault Tree Analysis:
Priority AND (PAND) gate.
Sequence Enforcing (SEQ) gate.
Spare gate
Functional Dependency (FDEP) gate.
This section discusses the following topics:
Priority AND (PAND) Gates on page 210.
Sequence Enforcing (SEQ) Gates on page 211.
Spare Gates on page 212.
Functional Dependency (FDEP) Gates on page 217.
Priority AND (PAND) Gates In contrast to an AND gate, the output of a PAND gate is true only if the input
events occur in the order from left to right; otherwise it is false, even if all inputs
are true.
Figure B-3: This Markov Chain represents a PAND gate with two inputs.
Compare the chain in Figure B-3 with Figure B-2 - state 3 is split in two states in
Figure B-3, because in state 4 the system is still functional, even though all of its
components have failed.
Usually, we are interested in a solution that corresponds to the states when the
system fails, because they describe the unreliability of the system. In this case we
can simplify the Markov Chain in Figure B-3 by discarding two states - 2 and 4.
Their absence does not affect the solution for state 3.
0

2
1
2
3
4
System Failed
System Functional
FTA-Pro Appendix B: Calculation Methods for Dynamic Fault Trees
Dyadem International 211
Figure B-4: This is the equivalent Markov Chain for a PAND gate with two inputs.
To increase the speed of calculation for a complex dynamic fault tree containing
PAND gates, we have applied this approach to simplify the Markov Chain.
Unfortunately, this simplification is not correct if the dynamic module of fault tree
has components with repair.
The analytical solution of the corresponding system of differential equations is:
For small probabilities, , we have the rare event approximation
. For an AND gate we have .
Sequence Enforcing (SEQ)
Gates
Markov Chains corresponding to a SEQ gate are valid only if input events
occurred in the order from the left to right. The situation when the second event
failed before the first one is not feasible. The Markov Chain corresponding to a
SEQ gate with two inputs is shown in Figure B-5.
Figure B-5: This Markov Chain represents a SEQ gate with two inputs.
The solution in this case is:
If the following rare event approximation can be applied:
.
0

2
1
3
System Failed

2
P
3
t ( )

1

1

2
+
-----------------

2

1

2
+
-----------------
e

1

2
+ ( )t
e

2
t
+ =
t 0 ( )
P
3
t ( ) 0.5
1

2
t
2
P
3
t ( )
1

2
t
2

1
1
3
System Failed

2
P
3
t ( ) 1

1
e

2
t

2
e

1
t

1

2

---------------------------------------
=
t 0.1
P
3
t ( ) 0.5
1

2
t
2

FTA-Pro Appendix B: Calculation Methods for Dynamic Fault Trees

Dyadem International 212
Spare Gates Spare gates can have spare events as their inputs. Spare events have different
failure rates depending on the condition of events located to the left of the spare
event. If they have all failed, the rate is equal to , but if at least one of them has
not failed, the rate is multiplied by the dormancy factor k, . This reflects
the case when the spare component of the system can fail with the rate if it is
not in the active mode. If the Dormancy factor is , then the spare
component is in the cold spare mode; if the dormancy factor is , then the
spare component is hot; and it is warm in all other cases. The dormancy factor of
the first child of the spare gate is always equal to 1.
Figure B-6: This Markov Chain represents a spare gate with two spare events.
In Figure B-6, a Markov Chain for a spare gate with two spare events is shown. It
is clear that if k = 1, we have the case of an AND gate and if k = 0, we have the
case of a SEQ gate.
A Repeated spare event works as a redundant item, which can be used in different
locations of the system. In the system represented in Figure B-7, spare Event2 can
fail in one of three different ways:
Event2 can fail in standby mode, when both Event1 and Event2 are
functional.
Event2 can fail in active mode when Event1 is failed, in this case Gate1 is
failed.
Event2 can fail in active mode when Event3 is failed, in this case Gate2 is
failed.

0 k 1
k
k 0 =
k 1 =
System Failed
0
1
2
3

1

2
k
2

2

1
FTA-Pro Appendix B: Calculation Methods for Dynamic Fault Trees
Dyadem International 213
Figure B-7: Fault Tree with repeated spare event.
The corresponding Markov chain is displayed in Figure B-8. Note that state 4 is
failed because if Event1 is failed then spare Event2 is in active mode and located
under Gate1. Gate2 now only has one input, Event3. If it fails both Gate2 and
Gate0 will fail.
Figure B-8: The corresponding Markov Chain.
It is important to realize that the situation becomes more complex when the
number of dynamic fault tree components is increased. The next two examples
show the complexity of the problem and help to understand how a Markov Chain
is generated from a dynamic fault tree.
FTA-Pro Appendix B: Calculation Methods for Dynamic Fault Trees
Dyadem International 214
Figure B-9: This fault tree contains 2 spare gates and 3 spare events.
Figure B-10: The corresponding Markov chain contains 8 states.
The numbers of the failed basic events are displayed in parentheses near each
Markov Chain state. For example, state 5 is characterized by the failed fault tree
components with the numbers 2 and 3. To identify each state, we need a list of
failed events and an indicator showing whether the entire system failed or not. In
our algorithms we use Bit Array for this purpose. Bit Array contains N + 1
elements for the system and its N basic events. In Bit Array format, state 5 can be
identified as [0, 0, 1, 1] and state 7 as [1, 1, 1, 1].
FTA-Pro Appendix B: Calculation Methods for Dynamic Fault Trees
Dyadem International 215
Example 2:
Figure B-11: This Fault tree contains 1 Spare gate and 3 spare events.
Figure B-12: The corresponding Markov Chain contains 8 states.
Generating a Markov Chain module is not a trivial problem. A dynamic fault tree
containing only 15-20 basic events can be transformed into a Markov Chain with
tens of thousands states. The system with the corresponding number of differential
equations has to be solved. If the fault tree contains a combination of static and
dynamic gates, we apply the Markov Chain method only to its dynamic modules.
For this purpose the modularization method for static fault tree described above is
generalized. The following example demonstrates the modularization method.
FTA-Pro Appendix B: Calculation Methods for Dynamic Fault Trees
Dyadem International 216
Figure B-13: This fault tree contains both static and dynamic modules
The fault tree in Figure B-13 contains the dynamic module Gate2, which is solved
using the Markov Chain method. The result is then substituted into the rest of the
fault tree and a method for a static fault tree is applied to obtain result for the top
event.
The following example shows that static gate above the dynamic gates can also be
a part of dynamic module, because Gate1 and Gate2 are not modules. As a result,
the entire fault tree displayed in Figure B-14, has to be calculated using a dynamic
method.
Note: Gate3 cannot be calculated separately using any static fault tree method,
because all its components, which are below the dynamic gate Gate2, are
considered to be dynamic.
FTA-Pro Appendix B: Calculation Methods for Dynamic Fault Trees
Dyadem International 217
Figure B-14: Unlike the fault tree in Figure B-13, this fault tree does not contain both
static and dynamic modules because Event5 is repeated under both gates. FTA-Pro
calculates the entire tree as dynamic.
Each basic event belonging to the dynamic module of a fault tree must have only
one input type Failure Rate/MTBF, corresponding to the constant failure rate
model without repair. This is the basic restriction of the Markov Chain method.
For the same reason, dormant events are not allowed in the dynamic fault tree
modules. Voting gates should be represented by using OR and AND gates in
dynamic modules. Spare events can be attached only to spare gates.
Functional Dependency
(FDEP) Gates
The first child of FDEP gate is a trigger. Other events (children) of the FDEP gate
happen immediately when the trigger event occurs. A FDEP gate can be
substituted by static gates. The FDEP gate itself is substituted with the trigger in
fault tree where it is located. Where they are repeated in the fault tree, its other
children have to be substituted with OR gate which contains the trigger and
corresponding input event.
Tip: FTA-Pros Validate function allows you to check these restrictions prior to
calculation. For more information, see Validating Your Fault Tree on page 123.
FTA-Pro Appendix B: Calculation Methods for Dynamic Fault Trees
Dyadem International 218
Figure B-15: In this fault tree, we have a FDEP gate (Gate2). We can replace the FDEP
gate with a static gate, and its children to get Figure B-16.
Figure B-16: In this example we modified Figure B-15 by substituting Gate3 (trigger) for
FEDEP Gate2. Event3 from Gate1 has also been replaced by an OR gate (Gate4),
containing both the trigger (Gate3) and Event3.
FTA-Pro Appendix B: Calculation Methods for Dynamic Fault Trees
Dyadem International 219
Monte Carlo Method for Dynamic Fault Trees
The Monte Carlo method can be modified for dynamic fault trees. We have
already mentioned that the output in dynamic fault trees depends on the sequence
of occurred input events. To describe this sequence we need the corresponding
time points for when each event occurred. It is easy to calculate time points for
basic events in the simulation method. If the probability P
i
of an event is
generated randomly, we can find the corresponding time from the equation
, where is the probability distribution function. For example, if an
event has the exponential distribution function , then the
corresponding time is . If the current time is , then the
event occurred in the system.
We can suggest a simple algorithm for calculating the output of an OR gate in
terms of time. Let the OR gate have the set of inputs . The output for
this gate is . If , then the output of the OR gate
is true. For an AND gate we have . For a PAND gate we
have, in addition to previous output, the following condition -- .
For a SEQ gate, we have .
For a spare gate with two inputs we can consider two different cases:
If the second component fails before the first one . In this case
corresponding time for spare gate is t
1
.
If first component fails before second one, the output time for this gate is
.
Therefore for the spare gate we have . If ,
the output of Spare gate is true.
P
i
f t ( ) = f t ( )
P
i
1 e

i
t
=
t
i
1

i
----
1 P
i
( ) log = t t
i

t
1
t
2
, , t
n
{ , }
t
out
min t
1
t
2
, , t
n
{ , } = 0 t
out
t
t
out
max t
1
t
2
, , t
n
{ , } =
t
1
t
2
t
n

t
out
t
1
t
2
t
n
+ + + =
t
2
k
2
t
1
< ( )
1 k
2
( )t
1
t
2
+
t
out
min t
1
1 k
2
( )t
1
t
2
+ { , } = 0 t
out
t
FTA-Pro Appendix B: Calculation Methods for Dynamic Fault Trees
Dyadem International 220
Figure B-17: In case of several inputs, the spare gate can be represented as sequence
of spare gates with two inputs. That means we can substitute this fault tree ...
Figure B-18: with this one for use with the Monte Carlo method.
The situation becomes more complicated if the dynamic fault tree has repeated
events. For this reason we considered Monte Carlo method for fault tree with
additional restrictions:
Repeated events (except first child) are not allowed under SEQ gates.
Only one repeated event is allowed under a spare gate.
The Monte Carlo method is much faster than the Markov Chain method,
especially for a complex fault tree. In FTA-Pro, the speed of Monte Carlo method
for calculating the probability of a dynamic fault tree is only slightly less than the
speed of the Monte Carlo method for calculating the probability of a static fault
tree. In addition, it does not have any significant restrictions on the type of
probability distribution functions. However, it is not accurate enough for highly
reliable systems. We recommend to use Monte Carlo method only when the top
event probability is greater than 0.001.
FTA-Pro Appendix B: Calculation Methods for Dynamic Fault Trees
Dyadem International 221
Calculating Dynamic FT with
Components Having Weibull
Distribution Function
System components with the Weibull distribution function

do not have constant failure rates. If the shape parameter is , the failure rate
is decreasing over time; if , then the failure rate is increasing.
If the dynamic module of a fault tree does not contain SEQ gates or spare events
with dormancy factors less than 1, the module is transformed into a non-
homogeneous Markov Chain. FTA-Pro solves the corresponding coupled system
of differential equations numerically using the Runge-Kutta-Fehlberg method. In
other cases, only the Monte Carlo method can be applied.
P t ( ) 1 e
t

=
1 <
1 >
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 222
TUTORIAL A: CONDUCTING A FAULT TREE
ANALYSIS STUDY
For this tutorial, we are going to conduct a fault tree study for the total loss of a
control unit, which runs our system. We will analyze the problem, create the fault
tree and then run our calculations.
This section discusses the following topics:
The FTA Study Details on page 223.
Constructing the Tree on page 225.
Analyzing the Fault Tree on page 235.
Displaying Your Calculation Results on page 240.
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 223
The FTA Study Details
Our tutorial is based on the following scenario. Your factory uses computer-
controlled machinery. There are various components of the machinery that can
breakdown and cause production delays. Because of the complexity of the
machinery, each piece has several study teams, each looking at different events
that can occur.
This section discusses the following topics:
Determining the Top Event on page 223.
Analyzing the Causes of the Failure on page 223.
Exploring Each Branch of the Tree in Detail on page 223.
Determining the Top Event All of the machines have been broken down into several studies, with each study
based on the top event. Your team has been charged with carrying out an FTA on
the failure of the control unit of machine EA-101.
Analyzing the Causes of the
Failure
The team has determined that the control unit can fail if one of the following
occurs:
a. Both control circuits have failed at the same time.
b. The software fails.
c. An external power failure.
d. Two of three data links to the control unit fails.
We can use each of the above conditions as branches of the fault tree.
Exploring Each Branch of the
Tree in Detail
The analysis process continues at successive levels of detail until the model is
complete. The model is complete when each branch of the fault tree has been
pursued to the lowest level of resolution deemed necessary. The goal for each
branch is to be appropriately descriptive, reasonably exhaustive in the range of
possible contributions noted, and exclusive from other branches in the model.
Each branch should end with a basic event or an undeveloped event.
Breaking down each branch, we get the following:
Both control circuits fail at the same time. The system has a back-up control
circuit that is the same as the main control circuit. In both cases, we have 3
conditions that can cause failure:
Processor failure.
Internal Power supply failure.
I/O Board failure.
Tip: By knowing where to stop your analysis, you can avoid overworking problems.
A good guideline for determining the level at which to stop an analysis is to go
no further than those things your organization has control or influence to
affect.
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 224
Since we cannot control any of these conditions, we will leave these conditions as
basic events, and not break down the branch any further.
Software failure. This condition is outside of our organizations control, so we
will not break it down any further.
External power supply failure. This condition is outside of our organizations
control, so we will not break it down any further.
2 out of 3 data links failed. We can break it down to the three data links as
events. Since we cannot control why the links may fail, we will leave these
conditions as basic events, and not break down the branch any further.
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 225
Constructing the Tree
We are now going to recreate the tree graphically in FTA-Pro.
To create the initial fault tree, Control Unit in the software:
Step Action
1. Add the Fault Tree:
1. Click the Add icon on the tool bar.
2. Select Fault tree from the drop-down list. (Figure A-1)
2. Name the Fault tree:
1. In the Name Dialog box, enter Control Unit.
2. Click Enter. (Figure A-2)
3. Right-click Gate0 and select Properties from the drop-down
menu. (Figure A-3)
4. Change the gate to an OR Gate and enter Complete Loss of
Control Unit in the Comment window.
5. Click OK. (Figure A-4)
6. Select the AND Gate icon from the FTA Toolbox. (Figure A-5)
7. Add the gate (Gate1) to the fault tree and name the gate Failure
of Both Control Circuits. (Figure A-6)
8. Add a Basic Event (Event0) to Gate0:
1. In the Properties dialog box, enter S/W Failure in the Comments
field.
2. Click the Calculation Data tab and enter .0004 in the Probability
field.
3. Click OK. (Figure A-7)
9. Add a second Basic Event (Event1) to Gate0:
1. In the Properties dialog box, enter External power supply failure in
the Comments field.
2. Click the Calculation Data tab and enter .0005 in the Probability
field.
3. Click OK.
Your fault tree should resemble the one pictured in Figure A-8.
10. Add a Voting Gate (Gate2) to Gate0 and name it 2 out of 3 Data
Links Failed. (Figure A-9.)
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 226
Figure A-1: First you add a fault tree.
Figure A-2: And then you name it. In our example, enter the name Control Unit.

Figure A-3: By default, FTA-Pro creates the first gate as an AND gate. We need to
change the gate to an OR gate. Right-click the gate and select properties from the drop
down menu.
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 227
Figure A-4: Enter a description of the gate in the Comments field and click OK.
Figure A-5: Because we need both control circuits to fail at the same time, we need to
add an AND Gate. Select the AND Gate from FTA Toolbox.
Figure A-6: Using the Properties dialog box, enter the gate information in the Comments
field.
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 228
Figure A-7: Add a Basic Event for S/W Failure. In the Properties dialog box, click the
Calculations tab and enter .0004 in the Probability field.
Figure A-8: Add another Basic Event for External Power Supply Failure.
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 229
Figure A-9: Because the last condition that can cause the failure is 2 out of 3 data links
failing, we need to add a voting gate to the tree.
Expanding the Branches of
the Tree
Now that we have the top event and the top level conditions, we can start to
expand the branches of the tree. There are two branches that need to be expanded
- Failure of both control circuits and 2 out of 3 data links failed.
To expand the branches of the tree:
Step Action
1. Add an OR Gate (Gate3) to Gate1:
1. Enter Failure of Control Circuit 1 in the Comments field.
2. Click OK.
Note: We are adding an OR gate, because you need only one of three
conditions to occur in order for the circuit to fail.
2. Add a Basic Event (Event2) to Gate3:
1. Enter Processor 1 Failure in the Comments field.
2. Click the Calculation Data tab and enter .00015 in the Probability
field.
3. Click OK.
2. Add a Basic Event (Event3) to Gate3:
1. Enter Internal Power Supply 1 Failure in the Comments field.
2. Click the Calculation tab and enter .0005 in the Probability field.
3. Click OK.
3. Add a third Basic Event (Event4) to Gate3:
1. Enter I/O Board 1 Failure in the Comments field.
2. Click the Calculation tab and enter .0003 in the Probability field.
3. Click OK. (Figure A-11)
4. Copy the node:
1. Right-click Gate3.
2. Select Copy from the menu.
5. Paste the node:
1. Right-click Gate1.
2. Select Paste from the menu. (Figure A-13)
The node is added, and a -2 has been added to the gate and event
names. (Figure A-14)
Note: Because we want to make changes in the Comments field of the
gate and the events, we selected Paste and not Paste as a
transfer gate.
6. Change the description in the gate (Gate3-2) and events (Event2-
2, Event3-2 and Event 4-2) Comments field by changing the 1 to
2. (Figure A-15)
The branch for the Failure of Both Control Circuits is now complete.
7. Add a Basic Event (Event 5) to Gate2:
1. Enter Data Link 1 Failure in the Comments field.
2. Click the Calculation tab and enter .0002 in the Probability field.
3. Click OK.
8. Copy Event5.
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 230
Figure A-10: We are now going to expand one of the branches of the tree. Since there
are three distinct conditions that can cause a control circuit to fail, we add an OR Gate
under Gate1.
9. Paste the link twice to Gate2.
1. Right-click Gate2.
2. Select Paste from the menu.
The node is added, and a -2 has been added to the event names.
3. Repeat steps 9.1 and 9.2.
Note: Because we want to make changes in the Comments field of the
events, we selected Paste and not Paste as a repeated event.
10. Change the description in the Comments field of events 5-2 and
5-3 from 1 to 2 and 3 respectively.
11. Change the voting condition for Gate2 so that 2 events have to
occur:
1. Go to the Node Properties dialog box.
2. Click Calculations tab.
3. Change Votes from 1 to 2.
4. Click OK.
The dialog box closes and the fault tree is complete.
Step Action
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 231
Figure A-11: We now add the three basic events to Gate3, naming them and adding
their probability.
Figure A-12: Since both control circuits have the same conditions for failure, we can
copy the node, by right-clicking Gate3 and selecting Copy from the menu.
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 232
Figure A-13: Right-click Gate1, and select Paste from the menu. Paste was selected
since we are going to change the description in the Comments field.
Figure A-14: The node has been added to the fault tree, with a -2 added to gate and
event names.
Figure A-15: Change the 1 to a 2 in the Comments fields in the Node Properties
dialog boxes for the gate and events.
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 233
Figure A-16: Add a basic event for Data Link 1 Failure to Gate2.
Figure A-17: Copy the basic event for the data link failure and paste it to the gate two
more times. Change the description in the Comments fields from 1 to 2 and 3
respectively.
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 234
Figure A-18: Open the Node Properties dialog box for Gate2, go to the Calculation tab
and change Votes to 2.
Figure A-19: The fault tree is complete and we are now ready to analyze the
information.
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 235
Analyzing the Fault Tree
FTA-Pro allows you carry out both qualitative and quantitative analyses of your
fault tree. You first configure calculations for your tree. You then validate the
tree. Once the tree has been validated you can carry out your analysis of the
system.
This section discusses the following topics:
Configuring the Calculation Engine on page 235.
Validating the Fault Tree on page 237.
Carrying Out Your Calculations on page 239.
Configuring the Calculation
Engine
When you configure the calculation engine, you can configure it to carry out:
Qualitative analysis. Click the Qualitative Analysis Only check box or under
Calculations, select only Cut Sets. Only Cut Sets are calculated.
Quantitative analysis. Under Calculations, deselect Cut Sets and select one or
more of Reliability Importance Measures, Unavailability and Unreliability.
Both. Under Calculations, select Cut Sets and one or more of Reliability
Importance Measures, Unavailability and Unreliability.
For our study, we are going to carry out both types of analysis, calculating cut
sets, and unreliability and unavailability at the Primary Time Point.
To configure the Calculation Engine:
Step Action
1. Click the Configure icon on the tool bar. (Figure A-20)
The Calculation Engine Configuration dialog box opens.
2. We only want to calculate reliability/availability for the Primary
Time Point, so ensure that Number of Data Points is 0. (Figure A-
21)
3. Under Calculations, select the Unavailability check box. (Figure
A-22)
You should now have three check boxes selected under Calculations:
Cut Sets.
Unavailability.
Unreliability.
4. Click the Advanced tab. (Figure A-23)
5. Ensure that following are selected:
Decomposition.
Calculate All Gates.
6. Ensure that Order is 3.
7. Click OK.
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 236
Figure A-20: When you click the Configure icon, the Calculation Engine Configuration
dialog box opens to the General tab.
Figure A-21: By changing the Number of Data Points to 0, unavailability and unreliability
is calculated for the primary time point only.
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 237
Figure A-22: We want to calculate unavailability as well as unreliability and cut sets, so
ensure that all the appropriate check boxes have been selected.
Figure A-23: Click the Advance tab to check that Decomposition and Calculate all Gates
have been selected, and that the Order of the decomposition is 3.
Validating the Fault Tree After configuring the calculation engine, you validate the fault tree.
To validate the fault tree:
Step Action
1. Click the Validate icon on the tool bar. (Figure A-24)
2. Click OK in Fault Tree Validation dialog box. (Figure A-25)
Tip: If there were errors, the Fault Tree Validation Errors window would
open. (Figure A-26) Correct the errors and revalidate the fault
tree.
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 238
Figure A-24: To validate your fault tree, simply click the Validate icon.
Figure A-25: If there are no errors in the fault tree, the Fault Tree Validation dialog box
opens. Click Ok close the dialog box.
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 239
Figure A-26: If there are errors, the Fault Tree Validation Errors window opens, listing
the errors. Click Save to File to give yourself a checklist for making the corrections.
Carrying Out Your
Calculations
Once the calculation engine has been configured and the fault tree validated,
calculating the fault tree is a simple step.
To carry out your calculations:
Figure A-27: Click the Calculate icon, and FTA-Pro carries out the calculations based on
the configuration you set up.
Step Action
Click the Calculate icon on the tool bar. (Figure A-27)
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 240
Displaying Your Calculation Results
FTA-Pro provides two major ways of presenting the results of your calculations.
It presents the information in table in its own separate window. It also can place
the unreliability/unavailability calculation results directly on the trees nodes, and
it can highlight individual cut sets.
This section discusses the following topics:
Displaying Unavailability/Unreliability Calculation Results on page 240.
Displaying the Unreliability Calculation Results on the Tree on page 240.
Displaying the Cut Set Calculation Results on page 241.
Highlighting the Cut Sets on the Tree on page 242.
Displaying Unavailability/
Unreliability Calculation
Results
When FTA-Pro has finished its calculations, the Fault Tree Calculation Results
window opens. (Figure A-28) It tells you what calculation method was used as
well as provides the unavailability/unreliability data for the time points that were
calculated.
To close the Fault Tree Calculation Results window:
Figure A-28: When FTA-Pro finishes the calculations, the Fault Tree Calculation Results
window automatically opens.
Displaying the Unreliability
Calculation Results on the
Tree
FTA-Pro allows you to display the either the unavailability or unreliability results
for each node at the primary time point directly on the fault tree.
Step Action
Click Close.
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 241
To display the unreliability results directly on each node:
Figure A-29: To display the unreliability calculation results on the tree, go to View and
select Show Unreliability.
Figure A-30: The menu closes and the results for the primary time point are displayed
on each gate and event.
Displaying the Cut Set
Calculation Results
We calculated the cut sets for the fault tree to provide a qualitative analysis of the
tree.
Step Action
Go to View>Show Unreliability. (Figure A-29)
The results are shown on the nodes. (Figure A-30)
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 242
To display the cut sets for the gates.
Figure A-31: The Cut Sets window opens listing all of the cut sets by gate. Select the
gate from the drop-down list, and all the cut sets for that gate are listed.
Highlighting the Cut Sets on
the Tree
FTA-Pro also allows you to highlight cut sets on the fault tree. When you
highlight a cut set on the tree the path of the cut set is changed to red on screen.
To highlight a cut set on the tree:
Step Action
1. To display the Cut Set window, either:
Go View>View Cut Sets.
Click the Cut Sets icon on the tool bar.
The Cut Sets window opens. (Figure A-31)
Step Action
1. To display the Cut Set window, either:
Go View>Higlight Cut Sets.
Click the Highlight icon on the tool bar.
The Cut Set Highlighting window opens. (Figure A-32)
2. Select the gate from the drop-down list.
3. Select the cut set from the drop-down list. (Figure A-33)
Tip: You can also scroll through the cut sets for a gate by clicking the
arrows on the right side of window (Figure A-34).
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 243
Figure A-32: If you click the Highlight icon, the Cut Set Highlighting window opens
Figure A-33: You select the gate and the cut set from the drop-down lists and the cut
set is highlighted by red on the fault tree.
FTA-Pro Tutorial A: Conducting a Fault Tree Analysis Study
Dyadem International 244
Figure A-34: You can also scroll through the cut sets by clicking the arrows on the right
hand side of the window.
FTA-Pro Tutorial B: Importing Fault Trees and Event Data
Dyadem International 245
TUTORIAL B: IMPORTING FAULT TREES AND
EVENT DATA
FTA-Pro comes with three sample import files and one sample project file. This
tutorial describes the files and shows how they are used in the program.
This section discusses the following topics:
FTA-Pro Sample Files on page 246.
Importing a Fault Tree From the Sample FTA-Pro File on page 247.
Importing the Sample FMEA-Pro Fault Tree on page 251.
Importing Event Data from the Sample Files on page 256.
FTA-Pro Tutorial B: Importing Fault Trees and Event Data
Dyadem International 246
FTA-Pro Sample Files
FTA-Pro contains 3 sample import files and a sample project file. The sample
files allow you to learn how to use the import features.
The sample import files are:
Sample_FMEA-Pro_Fault_Tree.xml. This file contains a fault tree exported
from an FMEA-Pro file. For more information, see Importing the Sample
FMEA-Pro Fault Tree on page 251.
Sample_FMEA-Pro_Event_Data.xml. This file contains event data that has
already been mapped. For more information, see Importing the Sample
FMEA-Pro Event Data on page 256.
Sample_Unmapped_Event_Data.xml. This file contains event data that has
not been mapped. For more information, see Importing the Sample XML
Event Data on page 258.
The sample project file is
Examples_Fta.xml. This file contains several fault trees. It is opened like any
other project file. For more information, see Opening Files on page 68.
This section discusses the following topics:
Where to Find the Files on page 246.
Downloading the Sample Files Separately on page 246.
Where to Find the Files During a workstation installation, FTA-Pro places the sample import files in the
Import directory, and the project file in the Project directory.
During a network installation, the files are not loaded. You must download them
to your computers from the program CD separately.
Downloading the Sample
Files Separately
To download the sample files from the CD:
Step Action
1. Place the CD in your drive.
2.
Click the FTA-Pro logo.
3.
Click FTA-Pro Examples.
Windows Explorer opens listing the files.
4. Copy the sample files from the CD to the appropriate folders on
the computer.
FTA-Pro Tutorial B: Importing Fault Trees and Event Data
Dyadem International 247
Importing a Fault Tree From the Sample FTA-Pro
File
FTA-Pro allows you to import fault trees from other project files. We are going to
import a fault tree from the Examples_FTA-Pro.dpr into the Failure of
Computerized Machinery EA-101.dpr file that we created in Tutorial A.
To import a fault tree from another FTA-Pro file:
Figure B-1: From the Import drop-down menu, select Fault Tree.
Step Action
1. Open the Failure of Computerized Machinery EA-101.dpr file in
FTA-Pro.
2. Go to File>Import.
3. Select Fault Tree from the drop-down menu. (Figure B-1)
The Open window opens.
4.
Select Examples_FTA-Pro.dpr.
5. Click Open. (Figure B-2)
The fault trees window opens, listing all of the fault trees in the file.
(Figure B-3)
6. Select Loss_of_Power. (Figure B-4)
7. Click Select (Figure B-5).
The fault tree is imported and the tab for the new fault tree is active.
(Figure B-6)
FTA-Pro Tutorial B: Importing Fault Trees and Event Data
Dyadem International 248
Figure B-2: You need to select the FTA-Pro file that you are going to import he tree
from. In our example, we are going to import a tree from the Examples_FTA-Pro.dpr file.
Figure B-3: The Fault Trees dialog box opens, listing all of the trees in the file.
FTA-Pro Tutorial B: Importing Fault Trees and Event Data
Dyadem International 249
Figure B-4: You select the tree that you want to import and ...
Figure B-5: click Select.
FTA-Pro Tutorial B: Importing Fault Trees and Event Data
Dyadem International 250
Figure B-6: The tree is imported into the file.
FTA-Pro Tutorial B: Importing Fault Trees and Event Data
Dyadem International 251
Importing the Sample FMEA-Pro Fault Tree
The Sample_FMEA-Pro_Fault_Tree.xml file is a fault tree exported from a
process-FMEA carried out in FMEA-Pro.
To import an FMEA-Pro Fault Tree:
Figure B-7: The Import process starts by going File>Import and then selecting Fault
Tree from FMEA from the drop-down menu.
Step Action
1. Go to File>Import.
2. Select Fault Tree from FMEA from the drop-down menu.
The Open dialog box opens on the Import folder. (Figure B-7)
Note: If you downloaded the files separately due to a network
installation, navigate to the folder containing the sample files.
3. Highlight Sample_FMEA-Pro_Fault_Tree.xml. (Figure B-8)
4. Select Dyadem FMEA Export Fault Tree File (*.xml) from the Files
of Type drop-down list. (Figure B-9)
5. Click Open.
The FMEA Element to FMEA Event Mapping dialog box opens, with the
required elements mapped. (Figure B-10)
6. Click Next.
The Top Event Selection dialog box opens.
7. Select both top events. (Figure B-11)
8. Click Create FTs. (Figure B-12)
The fault trees are created. (Figure B-13)
9. Rename the fault tree FT-2: (Figure B-14)
1. Right-click the tab.
2. Select Rename.
3. Type Rust.
10. Add the Input Values for the events (Figures B-15 to B-17).
For more information, see Setting Event Properties on page 83.
FTA-Pro Tutorial B: Importing Fault Trees and Event Data
Dyadem International 252

Figure B-8: The Open window dialog box opens, select Sample_FMEA-
Pro_Fault_Tree.xml.
Figure B-9: Select Dyadem FMEA Export Fault Tree File (*.xml) from the Files of type
drop-down list, and then click Open.
Figure B-10: Since this file has already been mapped, you only have to click OK in the
FMEA Element to FTA Event Mapping dialog box.
FTA-Pro Tutorial B: Importing Fault Trees and Event Data
Dyadem International 253

Figure B-11: Select the Fault Trees you want to import by clicking the check box under
Selected.
Figure B-12: Then click Create FTs.
Figure B-13: The dialog box closes and each selected top event forms its own fault tree
in the file.
FTA-Pro Tutorial B: Importing Fault Trees and Event Data
Dyadem International 254
Figure B-14: Rename the fault tree FT-2 by using the right-click menu. Remember to
press the enter key on the keyboard after entering the new name.
Figure B-15: Using the right-click menu, open the Node Properties dialog box for
Event1.

Figure B-16: Give the event the constant probability of .004.
FTA-Pro Tutorial B: Importing Fault Trees and Event Data
Dyadem International 255
Figure B-17: On the Fault Tree grid, change the probability of Event0 to .0003257.
FTA-Pro Tutorial B: Importing Fault Trees and Event Data
Dyadem International 256
Importing Event Data from the Sample Files
FTA-Pro contains 2 sample event data files. One of the files is mapped, and the
other on is mapped.
This section discusses the following topics:
Importing the Sample FMEA-Pro Event Data on page 256.
Importing the Sample XML Event Data on page 258.
Importing the Sample FMEA-
Pro Event Data
To import event data from the Sample_FMEA-Pro_Event_Data.xml file:
Figure B-18: Go to File>Import and then select Events from FMEA from the drop-
down list.
Step Action
1. Go to File>Import.
2. Select Events from FMEA from the drop-down menu.
The Open dialog box opens on the Import folder. (Figure B-18)
Note: If you downloaded the files separately due to a network
installation, navigate to the folder containing the sample files.
3. Highlight the Sample_FMEA-Pro_Event_Data.xml.
4. Select Dyadem FMEA Export Event File (*.xml) from the Files of
Type drop-down list. (Figure B-19)
5. Click Open.
The FMEA Element to FMEA Event Mapping dialog box opens, with the
required elements mapped. (Figure B-20)
6. Click Load Events. (Figure B-21)
The events are uploaded into the Event Data Library. The View Events
Data dialog box opens.
7. Click View Events to view the uploaded events. (Figure B-22)
8. Close the Event Data Library window and click OK.
FTA-Pro Tutorial B: Importing Fault Trees and Event Data
Dyadem International 257
Figure B-19: After selecting Sample_FMEA-Pro_Event_Data.xml, select Dyadem FMEA
Export Event File (*.xml) from the Files of type drop-down list.
Figure B-20: When you click Open, FMEA Element to FMEA Event Mapping dialog box
opens, with the required elements mapped.
FTA-Pro Tutorial B: Importing Fault Trees and Event Data
Dyadem International 258
Figure B-21: After you click Load Events, the events are uploaded to the Event Data
Library, and the View Events button becomes active.
Figure B-22: Click View Events to display the Event Data Library window.
Importing the Sample XML
Event Data
To import event data from the Sample_Unmapped_Event_Data.xml file:
Step Action
1. Go to File>Import.
2. Select Events from FMEA from the drop-down menu.
The Open dialog box opens on the Import folder. (Figure B-18)
Note: If you downloaded the files separately due to a network
installation, navigate to the folder containing the sample files.
3. Highlight the Sample_Unmapped_Event_Data.xml.
4. Select Dyadem FMEA Export Event File (*.xml) from the Files of
Type drop-down list. (Figure B-23)
FTA-Pro Tutorial B: Importing Fault Trees and Event Data
Dyadem International 259
Figure B-23: After selecting Sample_Unmapped_Event_Data.xml, select Dyadem FMEA
Export Event File (*.xml) from the Files of type drop-down list.
5. Click Open.
The FMEA Element to FMEA Event Mapping dialog box opens, with the
required elements mapped. (Figure B-24)
6. Enter the FMEA Base Element:
1. Click Select. (Figure B-25)
2. Open the Library tree. (Figure B-26)
3. Highlight Events. (Figure B-27)
4. Click Select. (Figure B-28)
6. Enter the FMEA Element for the FTA Event Properties - Name:
1. In the Name row, click Select. (Figure B-29)
2. Open the Event tree. (Figure B-30)
3. Highlight Name. (Figure B-31)
4. Click Select. (Figure B-32)
7. Repeat step 6 to:
1. Enter the /Event/Comment FMEA Element in the Comment row.
2. Enter the /Event/FailureRate FMEA Element in the Failure Rate
row.
8. Click Load Events. (Figure B-33)
The events are uploaded into the Event Data Library.
9. Click OK.
Step Action
FTA-Pro Tutorial B: Importing Fault Trees and Event Data
Dyadem International 260
Figure B-24: When you click Open, FMEA Element to FMEA Event Mapping dialog box
opens, and none of the fields are mapped.
Figure B-25: Map the fields starting with FMEA Base Element. Click Select.
FTA-Pro Tutorial B: Importing Fault Trees and Event Data
Dyadem International 261
Figure B-26: Open the Library tree.
Figure B-27: Highlight Events ....
FTA-Pro Tutorial B: Importing Fault Trees and Event Data
Dyadem International 262
Figure B-28: and click Select.
Figure B-29: Map the fields, starting with the Name row.
FTA-Pro Tutorial B: Importing Fault Trees and Event Data
Dyadem International 263
Figure B-30: Open the Event tree.
Figure B-31: Highlight Name, and ...
FTA-Pro Tutorial B: Importing Fault Trees and Event Data
Dyadem International 264
Figure B-32: click Select.
Figure B-33: When all of the required FMEA Elements are mapped to their respective
FTA Event Properties, click Load Events.
FTA-Pro Suggested Reading
Dyadem International 265
SUGGESTED READING
Aven T. Reliability and Risk Analysis. Elsevier Applied Science, New York,
1992.
Hassel D. F., Roberts N. H., Vesely W. E. & Goldberg F. F. Fault Tree Handbook.
US Nuclear Regulatory Commission, NUREG-0492.
Kumamoto H., Henley E. J. Probabilistic Risk Assessment And Management for
Engineers and Scientists. 2nd Edition, IEEE Press, New York, 1996.
Rausand M., Hoyland A. System Reliability Theory: Models, Statistical Methods,
and Applications. 2nd Edition, John Wiley & Sons, NJ, 2004.
FTA-Pro Index
Dyadem International February 11, 2010 266
A
Absorption Law
Boolean algebra 175
Accessing
Dyadem home page 19
Dyadem on the web 19
Dyadem web site 19
product feedback page 19
technical support site 19
Actions
redoing 110
undoing 110
Adding
Common Cause Failure Groups 96
event information in node properties dialog box 86, 88,
91
events 76
events to Common Cause Failure Groups 97, 98
existing transfer gates 77
fault tree 72
gate information in node properties dialog box 81
gates 76
transfer gates 76
Advanced Tab
Calculation Engine Configuration 117
definition 117
Alpha Model
characteristics 46
Common Cause Failure Models 47
equations 47
AND Gates
description 73
symbol 73
Aralia format
importing 168
Associative Law
Boolean algebra 175
Authorizing
FTA-Pro 16
license 16
B
Basic Event Failure Models
failure with periodic inspection 27
fixed probability 27
Basic Events
calculation data input types 85
description 75
symbol 75
Beta BFR Model see Beta Binomial Failure Rate Model
Beta Binomial Factor Model
Common Cause Failure Models 47
Beta Binomial Failure Rate Model
characteristics 46
Common Cause Failure Models 48
equations 48
Beta Factor Model
characteristics 46
equations 47
Binary Decision Diagram method
advantage 186
Birnbaums Measure of Importance
equation 49
Bit Array
advantages of use 184
dynamic modules 214
Markov Chains 212, 214
Boolean
operations 174
rules 175
variables 174
Boolean Function
definition 179
Boolean Indicated Cut Sets 179
Boolean Rules
Absorption Law 175
Associative Law 175
Commutative Law 175
Complementation 175
Distributive Law 175
Idimpotent Law 175
Morgans Theorem 175
Unnamed rule 175
Bottom-Up Algorithm 185
advantage 186
C
Calculating system unreliability
decomposition method 34
dynamic modules 207
exact methods 34
Monte Carlo method 35
Calculation Data Input Types
basic events 85
dormant events 88
spare events 90
undeveloped events 85
Calculation Engine Configuration
Advanced tab 117
Confidence Analysis tab 118
General tab 115
Calculation Options
Advanced tab 117
Confidence Analysis tab 118
General tab 115
INDEX
FTA-Pro Index
Dyadem International February 11, 2010 267
setting 115
CCF see Common Cause Failure
Changing
event information in fault tree grid 87, 90, 92
file formats 67
file names 67
gate information in fault tree grid 82
languages 63
Closing
files 69
FTA Toolbox 61
project window 59
tab 113
Common Cause Failure
groups 96
Common Cause Failure Groups 96
adding 96
adding events 97, 98
creating 96
deleting 98
deleting events 98
moving events 98
removing 98
removing events 98
Common Cause Failure Models 44
Alpha Model 47
Beta Binomial Failure Rate Model 48
Beta Factor Model 47
model characteristics 46
Multiple Greek Letter Model 47
notation 46
supported by FTA-Pro 46
Commutative Law
Boolean algebra 175
Complementation
Boolean algebra 175
Computer Performance
monitoring 133
Monte Carlo method 202
unreliability calculation 197
Confidence Analysis
input uncertainty values 42
Lognormal distribution 42
Logtriangular distribution 43
Loguniform distribution 43
Normal distribution 42
Triangular distribution 42
Uniform distribution 43
Confidence Analysis Tab
Calculation Engine Configuration 118
definition 118
Constant Failure and Repair Rate
equations 27
model 27
Constant Frequency
entering 86
Constant Probability
entering 85
Converting
.dpr files to .xml project files 67
.xml project files to .dpr files 67
events into gates 106
events into repeated events 94
gates into events 107
repeated events into non-repeated events 94
Copying
nodes 100
Creating
Common Cause Failure Groups 96
fault tree 72
Criticality Importance Measure
equation 50
Cross Product Method
equation 32
model 32
Cut Set Summation Method
equation 32
model 32
Cutting
nodes 99
D
Decomposition Method
calculating system unreliability 34
equation 34
exact decomposition method 197
implementation 193
optimizing 194
preprocessing 196
Definition
Boolean Function 179
minimal cut set 30, 180
Deleting
Common Cause Failure Groups 98
events from Common Cause Failure Groups 98
fault tree 113
nodes 101
Description
AND gates 73
basic events 75
dormant events 75
OR gates 73
transfer gates 74
undeveloped events 75
voting gates 73
Distributive Law
Boolean algebra 175
Documents
FTA-Pro Index
Dyadem International February 11, 2010 268
previewing 158
Dormancy Factors
entering 90
Dormant Events
calculation data input types 88
description 75
symbol 75
Dormant Failure with Maximum Risk
equation 28
Dormant Failure with Periodic Inspection
equation 28
model 28
Dormant with Periodic Inspection
entering 88
Dyadem
accessing web sites 19
Dyadem Home Page
accessing 19
Dyadem Web site
accessing 19
Dynamic Gates
changing into transfer gates 108
functional dependency gates 74
priority AND gates 74
sequence enforcing gates 74
spare gates 74
types 74
Dynamic modules
bit array 214
calculating system unreliability 207
Monte Carlo method 219
E
Editing
event information in fault tree grid 87, 90, 92
event information in node properties dialog box 86, 88,
91
gate information in fault tree grid 82
gate information in node properties dialog box 81
Entering
constant frequency 86
constant probability 85
dormancy factors 90
dormant with periodic inspection 88
event information in node properties dialog box 86, 88,
91
exposure time 86
exposure time percentage 90
failure rate/MBTF 85, 90
failure with periodic inspection 86
failure with repair 85
gate information in node properties dialog box 81
maximum risk 88
Weibull 85, 90
Equations
Birnbaums Measure of Importance 49
constant failure and repair rate model 27
criticality importance measure 50
cross product method 32
cut set summation method 32
decomposition method 34
dormant failure with maximum risk 28
dormant failure with periodic inspection 28
Esary-Proschan method 32
exact methods 34
exposure time 28
failure with periodic inspection model 27
Fussell-Veselys Measure of Importance 50
minimal cut set 30
probability of a cut set 32
risk achievement worth 50
risk reduction worth 50
Esary-Proschan Method
equation 32
expression 32
Event data
exporting fault trees as 161
Events
adding 76
basic events 75
converting into gates 106
converting into repeated events 94
dormant events 75
finding 104
logical conditions 85
node properties dialog box 83
Repeated 94
replacing with gates 106
searching for 104
spare 75
types 75
undeveloped events 75
Exact Decomposition Method
setting parameters 197
Exact Method
optimizing calculation 133
Exact Methods
calculating system unreliability 34
equation 34
model 34
example 44
Exporting
fault trees as event data 161
fault trees as image files 162
fault trees as xml files 161
reports as excel spreadsheets 147
reports as PDF files. 147
Exposure Time
FTA-Pro Index
Dyadem International February 11, 2010 269
entering 86
equation 28
model 28
Exposure Time Percentage
entering 90
F
Failure Rate/MTBF
entering 85, 90
Failure with Periodic Inspection
entering 86
equation 27
model 27
Failure with Repair
entering 85
Fault Tree
adding 72
creating 72
definition 23
deleting 113
exporting as image file 162
optimizing 131133
preprocessing stage 187
printing 159
renaming 111
validating 123
Fault Tree Analysis
purpose 25
Fault Tree Grid
changing event information 87, 90, 92
changing gate information 82
editing event information 87, 90, 92
editing gate information 82
modifying event information 87, 90, 92
modifying gate information 82
navigating 104
Fault Trees
exporting as event data 161
exporting as xml files 161
scaling 157
FDEP Gate see Functional Dependency Gate
Files
.dpr extension 65
.xml extension 65
changing formats 67
changing names 67
closing 69
saving 65, 66
types supported 65
Finding
gates 104
nodes 103, 104
Finding events 104
Fixed Probability Model 27
FTA Toolbox 61
closing 61
opening 61
FTA-Pro
authorizing 16
installing 4
launching 15
starting 15
system requirements 2
uninstalling 21
Functional Dependency Gate
definition 217
description 74
symbol 74
Fussell-Veselys Measure of Importance
equation 50
G
Gates
adding 76
AND gates 73
converting into events 107
dynamic 74
finding 104
functional dependency gates 74
logical conditions 80
node properties dialog box 80
OR gates 73
priority AND gates 74
searching for 104
sequence enforcing gates 74
voting 73
General Tab
Calculation Engine Configuration 115
definition 115
Generating
PDF files 160
PDF files for reports 147
I
Idimpotent Law
Boolean algebra 175
Image Files
exporting fault trees as 162
types supported 162
Images see Image Files
Importing
Aralia format files 168
event data from FMEA-Pro 170
event data from XML files 171
event data process 170
fault trees from FMEA-Pro files 164
fault trees from other FTA-Pro files 164
fault trees from other XML files 166
Relex files 167
FTA-Pro Index
Dyadem International February 11, 2010 270
Input Uncertainty Values
confidence analysis 42
Installing
FTA-Pro 4
L
Languages
changing 63
Launching FTA-Pro 15
License
authorizing 16
Logging in
technical support site 19
Logic Gates
AND gates 73
changing into transfer gates 108
OR gates 73
see also Gates
types 73
voting gates 73
Logical Conditions
events 85
gates 80
Lognormal Distribution
confidence analysis 42
Logtriangular Distribution
confidence analysis 43
Loguniform Distribution
confidence analysis 43
M
Margins
adjusting 155
setting 155
Markov Chain Method
definition 207
Markov Chains
Bit Array 212, 214
example 208
Priority AND Gate 210
Sequence Enforcing Gate 211
Spare Gate 212
Maximum Risk
entering 88
Minimal Cut Set
definition 30, 180
equations 30
optimizing calculation 133, 186187
Minimizing
project window 59
Modifying
event information in fault tree grid 87, 90, 92
gate information in fault tree grid 82
Monitoring
computer performance 133
Monte Carlo Method
advantage 201
calculating system unreliability 35
computer performance 202
disadvantages 201
dynamic modules 219
improving 202
managing accuracy 203
optimizing 202
optimizing calculation 133
Morgans Theorem
Boolean algebra 175
Moving
events from Common Cause Failure Groups 98
Multiple Greek Letter Model
characteristics 46
Common Cause Failure Models 47
equations 47
N
Navigating 103, 104
using fault tree grid 104
using go to gate/event dialog box 103, 104
Node Properties Dialog Box
editing event information 86, 88, 91
editing gate information 81
entering event information 86, 88, 91
entering gate information 81
opening 79, 83
Nodes
copying 100
cutting 99
deleting 101
finding 103, 104
opening node properties dialog box 79
pasting 100
searching for 104
Normal Distribution
confidence analysis 42
NP-Complete Problems 180
O
Opening
FTA toolbox 61
node properties dialog box 79, 83
Optimizing
decomposition method 194
exact method calculation 133
fault tree 131133
minimal cut set calculation 133, 186187
Monte Carlo method 202
Monte Carlo method calculation 133
OR Gates
description 73
symbol 73
FTA-Pro Index
Dyadem International February 11, 2010 271
P
PAND Gate see Priority AND Gate
Pasting
nodes 100
PDF files
generating 160
printing 160
Preprocessing
decomposition method 196
fault tree 187
Previewing
reports 145
Printing
fault tree 159
PDF files 160
Priority AND Gate
definition 210
description 74
Markov Chains 210
symbol 74
Probability of a Cut Set
equation 32
Product Feedback
providing 19
Product Feedback Page
accessing 19
Project Window
closing 59
minimizing 59
renaming fault tree 111
reopening 59
resizing 59
toggle feature 60
Providing
product feedback 19
R
Redo function 110
Redoing
actions 110
Relex Files
importing 167
Removing
Common Cause Failure Groups 98
events from Common Cause Failure Groups 98
Renaming
fault tree 111
Reopening
project window 59
Repeated Events 94
converting into non-repeated events 94
Replacing
events with gates 106
Reports
adjusting margins 144, 155
exporting as excel spreadsheet 147
exporting as PDF 147
previewing 145
selecting paper size 144, 154
setting margins 155
setting paper orientation 144, 154
Resizing
project window 59
Risk Achievement Worth
equation 50
Risk Reduction Worth
equation 50
S
Saving
files 65, 66
Scaling
fault trees 157
Searching
events 104
gates 104
nodes 104
Selecting
paper size for reports 144, 154
SEQ Gate see Sequence Enforcing Gate
Sequence Enforcing Gate
definition 211
description 74
Markov Chains 211
symbol 74
Setting
Advanced tab 117
calculation options 115
Confidence Analysis tab 118
General tab 115
margins 155
Shannon Decomposition Formula 192
disadvantage 193
Software
launching 15
starting 15
updating 18
Spare Events
calculation data input types 90
description 75
symbol 75
Spare Gate
definition 212
description 74
Markov Chains 212
symbol 74
Spares
cold 212
FTA-Pro Index
Dyadem International February 11, 2010 272
hot 212
warm 212
Starting
FTA-Pro 15
software 15
Symbols
AND gates 73
basic events 75
dormant events 75
Functional Dependency Gate 74
OR gates 73
Priority AND Gate 74
Sequence Enforcing Gate 74
spare gate 74
transfer gates 74
undeveloped events 75
voting gates 73
System Requirements
FTA-Pro 2
T
Tab
closing 113
renaming fault tree 111
Technical Support Site
accessing 19
logging in 19
Toggle feature
project window 60
Transfer Gates
adding 76
adding existing 77
converting from dynamic gates 108
converting from logic gates 108
definition 74
description 74
reverting to dynamic gates 108
reverting to logic gates 108
symbol 74
Triangular Distribution
confidence analysis 42
Types
events 75
logic gates 73
U
Undeveloped Events
calculation data input types 85
description 75
symbol 75
Undo function 110
Undoing
actions 110
Uniform Distribution
confidence analysis 43
Uninstalling
FTA-Pro 21
Unnamed rule
Boolean algebra 175
Unreliability Calculation
computer performance 197
Updating
.xml project files to .dpr files 67
downloading from the web 18
software 18
V
Validating
fault trees 123
Voting Gates
description 73
symbol 73
W
Weibull
calculating dynamic modules 221
description 28
entering 85, 90
equations 28
Z
Zooming
fault tree view 112