Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
Fundamentals of theFundamentals of the
DempsterDempster--Shafer Theory and its Shafer Theory and its
Applications to SystemApplications to System
Safety and Reliability ModellingSafety and Reliability Modelling
Uwe Kay RakowskyUwe Kay Rakowsky
University of Wuppertal, GermanyUniversity of Wuppertal, Germany
Department D Department D –– Safety EngineeringSafety Engineering
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
2
DempsterDempster--Shafer ApplicationsShafer ApplicationsIntroductionIntroduction
Objective
Modelling & expressing uncertainties in safety & reliability analyses
Evidence measures offer a different kind of flavour to RAMS engineers
What’s new? Evidence measures belief and plausibility are applied
instead of →→→→ probabilities
instead of →→→→ membership function (fuzzy set theory)
What’s not new?
Methods introduced (FTA, ETA, RCM, FMECA)
Fundamentals of the Dempster-Shafer Theory
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
3
DempsterDempster--Shafer ApplicationsShafer ApplicationsIntroductionIntroduction
Note
ESREL 2007 →→→→ special DS approach tailored to RCM
SSARS 2007 →→→→ general DS approach to Safety & Reliability Modelling
→→→→ more details
Disclaimer
Nobody is forced to apply evidence measures
Not faster, bigger, better, higher →→→→ just different
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
4
OutlineOutlineIntroductionIntroduction
Part 1 – Fundamentals
History
Scenario
Interpretations
Part 2 – Illustration
The DS calculus in eight steps
Part 3 – Applications to System Safety & Reliability Modelling
FTA – Fault Tree Analysis
ETA – Event Tree Analysis
RCM – Reliability-centred Maintenance
Further Analyses
Part 4 – Outroduction
Pros & Cons
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
5
HistoryHistoryIntroductionIntroduction
1966 – Arthur P. Dempster
Developed Theory
“Upper & lower probabilities”
Suitable to express uncertain expert judgements
1976 – Glenn Shafer
Extended, refined, recast
“Upper probabilities & degrees of belief”
“DS Theory of Evidence”, “DS Evidential Theory” →→→→ DST
1988 – George J. Klir & Tina A. Folger
Introduce →→→→ “Degrees of belief & plausibility” Evidence measures depart from being probabilities
G. Shafer
A. P. Dempster
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
6
The ScenarioThe ScenarioFundamentalsFundamentals
Scenario
System
Hypotheses
Frame of discernment
Pieces of evidence
Data sources
System Borders
In- and outputs
Elements (e.g. components or modules)
Links between the elements
Interactions of the elements
Task of the system
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
7
The ScenarioThe ScenarioFundamentalsFundamentals
Scenario
System
Hypotheses
Frame of discernment
Pieces of evidence
Data sources
Hypotheses
Single hypothesis →→→→ e.g. represents one state, one answer
Example →→→→ “functioning”, “marginal”, “faulty”
Example →→→→ “yes”, “uncertain”, “no”
Properties
Unique and
not overlapping and
mutually exclusive
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
8
The ScenarioThe ScenarioFundamentalsFundamentals
Scenario
System
Hypotheses
Frame of discernment
Pieces of evidence
Data sources
Frame of discernment
Representation →→→→ universal set Ω Hypotheses →→→→ elements of frame of discernment
Ω = “functioning”, “marginal”, “faulty”
Power set 2Ω →→→→ set of all subsets
Power set 2Ω →→→→ single and conjunctions of hypotheses
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
9
The ScenarioThe ScenarioFundamentalsFundamentals
Scenario
System
Hypotheses
Frame of discernment
Pieces of evidence
Data sources
Pieces of Evidence
Symptoms or events →→→→ e.g. failures Assignment
evidence →→→→ hypothesis(es) corresponds to cause →→→→ consequence(s) Assignment
1 p-of-e assigned to 1 hypothesis or 1 set of hypotheses
>1 p-of-e may not be assigned* to same hypothesis, same set
*) by the same data source
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
10
The ScenarioThe ScenarioFundamentalsFundamentals
Scenario
System
Hypotheses
Frame of discernment
Pieces of evidence
Data sources
Data Sources
Information provider →→→→ experts, empirical studies, data
Task →→→→ quantifying strength p-of-e →→→→ hypothesis assignments →→→→ m(A)
Requirements
→→→→ free from bias (esp. experts)
→→→→ representative (esp. studies)
→→→→ no source is more important than another one
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
11
The ScenarioThe ScenarioFundamentalsFundamentals
Scenario
System
Hypotheses
Frame of discernment
Pieces of evidence
Data sources
Data Sources
Information provider →→→→ experts Expert group
Safety →→→→ system eng., software eng., reliability eng., service eng.
RCM →→→→ service eng., maintenance personnel, reliability eng.
Task →→→→ give subjective quantifiable statements
Basis →→→→ data, experience, intuition … ←←←← biased?
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
12
The ScenarioThe ScenarioFundamentalsFundamentals
Scenario
System
Hypotheses
Frame of discernment
Pieces of evidence
Data sources
Pieces of Evidence
Expert group →→→→ piece of evidence?
→→→→ expert judgement (experience, intuition)
→→→→ experts’ subjectivity Critical issue?
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
14
Objectivity versus SubjectivityObjectivity versus SubjectivityFundamentalsFundamentals
Objectivity
Exactly one single hypothesis is objectively true
Subjectivity Uncertain which hypothesis fits subjectively best to reality
Dempster-Shafer Theory Calculus describes & quantifies the subjective viewpoint
as an assessment for an unknown objective fact
Safety & Reliability Engineering
PSAM/ESREL 2004 →→→→ hypotheses
→→→→ “component i is functioning” and “component i is faulty”
→→→→ … same set?!
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
15
Sets
Ω universal set
A, B, Z ⊆⊆⊆⊆ Ω sets, containing a single hypothesis or a set of hypotheses
Basic Assignment
m, m(A) quantifies if the element belongs exactly to the set A
m: 2Ω→→→→[0, 1] mapping (prob. Ω →→→→ [0, 1])
ΣA⊆⊆⊆⊆Ωm(A)=1 all statements of an expert are normalised
m(A) > 0 focal element, only substantial statements
m(∅∅∅∅) = 0 simplicity (not required)
Differences in Properties to Probabilities
m(Ω) = 1 not required
m(A) vs. m(¬A) no relationship required
If A ⊂ B ⊆⊆⊆⊆ Ω, then m(A) ≤ m(B) not required
Assignments & SetsAssignments & SetsFundamentalsFundamentals
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
16
The Basic AssignmentThe Basic AssignmentFundamentalsFundamentals
Interpretation of m
Task of m →→→→ assign evidential weight to hypothesis(es) →→→→ A ⊆ Ω Mathematical interpretation of m →→→→ “evidential weight”
Probability →→→→ no concept, no interpretation ( ESREL‘05 Proceedings)
Denotations of m
“Basic probability assignment” ←←←← no probability
“Basic belief assignment” ←←←← conflicts belief measure
“Basic structure” ←←←← conflicts Boolean structure function
“Mass assignment function” ←←←← mass confuses in engg. applications
“Basic assignment” ←←←←
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
17
Evidential FunctionsEvidential FunctionsFundamentalsFundamentals
Belief Measure bel(A)
Belief is the degree of evidence
that the element in question belongs to the set A
as well as to the various special subsets of A.
Plausibility Measure pl(A)
Plausibility is the degree of evidence
that the element in question belongs to the set A
or to any of its subsets or to any set that overlaps with A.
0
Plausibility pl(A)
1
Belief bel(A)
Uncertainty
Doubt 1 – bel(A)
Disbelief 1 – pl(A)
∑ ≠⊆= φBAB mbel ; )()( BA
∑ ≠∩= φAB mpl )()( BA
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
19
ComplementsComplementsFundamentalsFundamentals
Direct Complements
Belief versus doubt
Plausibility versus disbelief
Contextual Complements
Certainty →→→→ belief versus disbelief
Uncertainty included →→→→ plausibility versus doubt
0
Plausibility pl(A)
1
Belief bel(A)
Uncertainty
Doubt 1 – bel(A)
Disbelief 1 – pl(A)
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
20
PhenomenaPhenomenaFundamentalsFundamentals
Difference in Concepts – Existence of Phenomena
Evidential measures
No causal relationship between
belief in existence bel(A)
and belief in non-existence bel(¬A) = 1 – pl(A)
Probabilities
The belief in existence pr(xi = 1)
implies belief in non-existence pr(xi = 0) = 1 – pr(xi = 1)
0
Plausibility pl(A)
1
Belief bel(A)
Uncertainty
Doubt 1 – bel(A)
Disbelief 1 – pl(A)
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
22
OutlineOutlinePart 2Part 2
Part 1 – Fundamentals
History
Scenario
Interpretations
Part 2 – Illustration
The DS calculus in eight steps
Part 3 – Applications to System Safety & Reliability Modelling
FTA – Fault Tree Analysis
ETA – Event Tree Analysis
RCM – Reliability-centred Maintenance
Further Analyses
Part 4 – Outroduction
Pros & Cons
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
23
ContextContextlllustrationlllustration
Typical Situation in a Power Plant
Operators @control panel →→→→ detect serious changes of system properties
Causes →→→→ failures detectable
Consequence →→→→ system fault
→→→→ neither be determined exactly nor interpreted certainly Widely discussed ( ATHEANA Report, Eric Hollnagel, etc.)
DST Approach Collects pieces of evidence
Postulates hypotheses
Proposes conclusions
Dempster-Shafer approach →→→→ supports operators in reasoning
Objective →→→→ to avoid an error forcing context
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
24
ProcedureProcedurelllustrationlllustration
Eight Steps
Step – Creating the Scenario
Step – Quantification of Statements
Step – Combining Hypotheses
Step – Reducing the Combination Table
Step – Calculating Products & Sums of Combined Basic Assignments
Step – Combining Basic Assignments
Step – Evidence Measures of Combined Hypotheses
Step – Interpretation
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
25
Creating the ScenarioCreating the Scenariolllustrationlllustration –– Step Step
Scenario
System →→→→ power plant
Data sources →→→→ operators →→→→ 2 persons
Pieces of evidence →→→→ failures detected →→→→ 4 considered
Hypotheses →→→→ system fault states →→→→ 3 considered
Frame of discernment →→→→ Ω = h1, h2, h3
Qualitative Failure-fault(s) Assignments
1st operator →→→→ h1, h2 consequences
2nd operator →→→→ h1, h3 consequences Same p-o-e, different hypotheses
DST Restrictions
No more than one failure
lead to the same fault (hypothesis)*
*) each data source
h1
h3
h1, h
3
h1, h
2, h
3
ev1
ev2
ev3
ev4
2nd
h1
h2
h1, h
2
h1, h
2, h
3
ev1
ev2
ev3
ev4
1st
Fault(s)FailureOp.
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
26
Quantification of StatementsQuantification of Statementslllustrationlllustration –– Step Step
Quantification
Operators quantify statements, basis →→→→ data, intuition & experience
m(Ak) = 0 →→→→ no focal element
Belief
Example: 1st Operator, set h1 ∪ h2
Set and all its subsets
h1, h2, h1 ∪ h2 ⊆ h1 ∪ h2
bel(A4) = m(A1) + m(A2) + m(A4) = 0.9
Plausibility
At least 1 hypothesis in common
h1, h2, h1 ∪ h2, h1 ∪ h3,
h2 ∪ h3, h1 ∪ h2 ∪ h3
∩ h1 ∪ h2 ≠ ∅ pl(A4) = m(A1) + m(A2) + m(A4)
+ m(A5) + m(A6) + m(A7) = 1
m(B1) = 0.2
m(B2) = 0
m(B3) = 0.2
m(B4) = 0
m(B5) = 0.4
m(B6) = 0
m(B7) = 0.2
h1
h2
h3
h1
∪∪∪∪ h2
h1
∪∪∪∪ h3
h2
∪∪∪∪ h3
h1
∪∪∪∪ h2
∪∪∪∪ h3
m(A1) = 0.2
m(A2) = 0.1
m(A3) = 0
m(A4) = 0.6
m(A5) = 0
m(A6) = 0
m(A7) = 0.1
2nd operator2ΩΩΩΩ1st operator
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
27
Quantification of StatementsQuantification of Statementslllustrationlllustration –– Step Step
Results
Input by operators →→→→ m(Ak)
Output by calculus →→→→ bel(Ak), pl(Ak)
0.8
0.2
0.8
0.8
1
0.8
1
0.2
0
0.2
0.2
0.8
0.2
1
0.2
0
0.2
0
0.4
0
0.2
h1
h2
h3
h1
∪∪∪∪ h2
h1
∪∪∪∪ h3
h2
∪∪∪∪ h3
ΩΩΩΩ
0.9
0.8
0.1
1
0.9
0.8
1
0.2
0.1
0
0.9
0.2
0.1
1
0.2
0.1
0
0.6
0
0
0.1
pl(Bk)bel(B
k)m(B
k)2ΩΩΩΩpl(A
k)bel(A
k)m(A
k)
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
28
Combining HypothesesCombining Hypotheseslllustrationlllustration –– Step Step
Combination
Combining each set of hypotheses of both operators
Building cut sets ∩∩∩∩ of both
h1
h2
h3
h1∪h
2
h1∪h
3
h2∪h
3
Ω
∅h
2
h3
h2
h3
h2∪h
3
h2∪h
3
h1
∅h
3
h1
h1∪h
3
h3
h1∪h
3
h1
h2
∅h
1∪h
2
h1
h2
h1∪h
2
∅∅h
3
∅h
3
h3
h3
∅h
2
∅h
2
∅h
2
h2
h1
∅∅h
1
h1
∅h
1
B1
B2
B3
B4
B5
B6
B7
A7
A6
A5
A4
A3
A2
A1∩
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
29
Reducing the Combination TableReducing the Combination Tablelllustrationlllustration –– Step Step
Combination
Objective →→→→ avoid mathematical effort
Drop rows & columns →→→→ non-focal elementsm(Ak) = 0, m(Bk) = 0
h1
h2
h3
h1∪h
2
h1∪h
3
h2∪h
3
Ω
∅h
2
h3
h2
h3
h2∪h
3
h2∪h
3
h1
∅h
3
h1
h1∪h
3
h3
h1∪h
3
h1
h2
∅h
1∪h
2
h1
h2
h1∪h
2
∅∅h
3
∅h
3
h3
h3
∅h
2
∅h
2
∅h
2
h2
h1
∅∅h
1
h1
∅h
1
B1
B2
B3
B4
B5
B6
B7
A7
A6
A5
A4
A3
A2
A1∩
h1
h3
h1∪h
3
Ω
h1
∅h
1
h1∪h
2
∅∅∅h
2
h1
∅h
1
h1
B1
B3
B5
B7
A7
A4
A2
A1∩
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
30
Calculating Products & SumsCalculating Products & Sumslllustrationlllustration –– Step Step
Calculating Products
h1 ⇒ m(Z1) = m(A1) ⋅ m(B1) = 0.04
h1 ⇒ m(Z2) = m(A1) ⋅ m(B5) = 0.08
…
h1 ∪ h2 ∪ h3 ⇒ m(Z11) = m(A7) ⋅ m(B7) = 0.02
Calculating Sum(s)
Just h1 ⇒
0.02
0.02
0.04
0.02
0.12
0.24
0.12
0.02
0.04
0.08
0.04
B1
B3
B5
B7
A7
A4
A2
A1•
h1
h3
h1∪h
3
Ω
h1
∅h
1
h1∪h
2
∅∅∅h
2
h1
∅h
1
h1
B1
B3
B5
B7
A7
A4
A2
A1∩
54.0)(6
1
=∑=k
km Z
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
31
Combining Basic AssignmentsCombining Basic Assignmentslllustrationlllustration –– Step Step
Sum of Product
Example: hypothesis h1 again →→→→
Calculating the Focal Sum
Sum of all basic assignment products →→→→
Basic Assignment of the Comb. Hypothesis
Example: hypothesis h1 →→→→
76.0)(11
1
=∑=k
km Z
54.0)(6
1
=∑=k
km Z
7105.0
)(
)(
)(11
1
6
11 ≈=
∑
∑
=
=
kk
kk
m
m
hm
Z
Z
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
32
Measures of Combined HypothesesMeasures of Combined Hypotheseslllustrationlllustration –– Step Step
Evidence Measures
Input by Step →→→→ m(Zk)
Output by calculus of Step →→→→ bel(Zk), pl(Zk)
Ranking according to pl(Zk) & certainty
1
0.9737
0.9737
0.9471
0.2105
0.1053
1
0.8947
0.7895
0.7105
0.0263
0.0263
0.0263
0.1579
0.0526
0.7105
0.0263
0.0263
ΩΩΩΩh
1∪∪∪∪ h
2
h1
∪∪∪∪ h3
h1
h2
h3
plbelm2ΩΩΩΩ
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
33
InterpretationInterpretationlllustrationlllustration –– Step Step
Interpretation
Which fault may be responsible for the serious changes of system
properties?
Probabilistic approach →→→→ blames h1 alone
Dempster-Shafer approach →→→→ points h1 and gives a hint to h2
Different mappings Ω →→→→ [0, 1] versus 2Ω →→→→ [0, 1]
1
0.9737
0.9737
0.9471
0.2105
0.1053
1
0.8947
0.7895
0.7105
0.0263
0.0263
0.0263
0.1579
0.0526
0.7105
0.0263
0.0263
ΩΩΩΩh
1∪∪∪∪ h
2
h1
∪∪∪∪ h3
h1
h2
h3
plbelm2ΩΩΩΩ
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
35
OutlineOutlinePart 3Part 3
Part 1 – Fundamentals
History
Scenario
Interpretations
Part 2 – Illustration
The DS calculus in eight steps
Part 3 – Applications to System Safety & Reliability Modelling
FTA – Fault Tree Analysis
ETA – Event Tree Analysis
RCM – Reliability-centred Maintenance
Further Analyses
Part 4 – Outroduction
Pros & Cons
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
36
74
≥1
2 3 8 14 9
&
12 15 1 10 13 16 11 17 5 6
≥1
&
≥1≥1
&18 20 & 2119
≥1 ≥1
&
Fault Tree AnalysisFault Tree AnalysisBrief IntroductionBrief Introduction
Detailed Introduction
IEC 61025
Proceedings →→→→ references
Four Steps of the FTA Step – Define the top event of interest
Step – Define the analytical boundaries
Step – Define the tree-top structure
Step – Develop the path of faults
for each branch to the basic event
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
37
DempsterDempster--Shafer FTA ApproachShafer FTA ApproachFault Tree AnalysisFault Tree Analysis
Scenario
Ω = h1, h2, h3 →→→→ “state occurs”, “uncertain”, “state does not occur”
Gates →→→→ And or Or
Inputs →→→→ e.g. two states, m(A) and m(B)
Output →→→→ state m(Z)
The Guth Approach to DS-FTA
m(A1) ≡ bel(A)
m(A2) ≡ pl(A) – bel(A)
m(A3) ≡ 1 – pl(A)
m(A1) + m(A2) + m(A3) = 1
Same for B0
Plausibility pl(A)
1
Belief bel(A)
Uncertainty
Doubt 1 – bel(A)
Disbelief 1 – pl(A)
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
38
DempsterDempster--Shafer FTA ApproachShafer FTA ApproachFault Tree AnalysisFault Tree Analysis
AND and OR Combination
Similar to min/max operations
AND Gate According to Step
m(Z1) = m(A1) m(B1)
m(Z2) = m(A1) m(B2) + m(A2) m(B1) + m(A2) m(B2)
m(Z3) = … = m(A1) m(B3) + m(A2) m(B3) + m(A3)
OR Gate According to Step
m(Z1) = … = m(A1) + m(A2) m(B1) + m(A3) m(B1)
m(Z2) = m(A2) m(B2) + m(A2) m(B3) + m(A3) m(B2)
m(Z3) = m(A3) m(B3)
h1
h2
h3
h1
h2
h2
h1
h1
h1
B1
B2
B3
h3
h3
h3
h2
h2
h3
h1
h2
h3
B1
B2
B3
A3
A2
A1
OrA3
A2
A1
And
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
39
DempsterDempster--Shafer FTA ApproachShafer FTA ApproachFault Tree AnalysisFault Tree Analysis
Develop the path
Output of the lower gate →→→→ m(Z1), m(Z2), m(Z3)
Input of the next upper gate →→→→ m(A1), m(A2), m(A3)
Criticism
Interval arithmetic is more concise and efficient in operation than DST
→→→→ However, fault tree structure may cause trouble withthe sub-distributivity property of subtraction operations
as known from the fuzzy FTA
Multistate modelling, upper/lower probs, Bayesian networks …
h1
h2
h3
h1
h2
h2
h1
h1
h1
B1
B2
B3
h3
h3
h3
h2
h2
h3
h1
h2
h3
B1
B2
B3
A3
A2
A1
OrA3
A2
A1
And
7412 15 1 10 13
≥1≥1
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
40
Event Tree AnalysisEvent Tree AnalysisBrief IntroductionBrief Introduction
Detailed Introduction
IEC 62502
Proceedings →→→→ references
Five Steps of the ETA Step – List all possible initiating events
Step – Identify functional responses
Step – Define failure sequences
Step – Assign probabilities to each step
Step – Calculate the total probability of occurrence for each sequence
Initialevent
r2
A2
A1
A2
A1
A2
A1 r1
r3
r4
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
41
Initialevent
r2
A2
A1
A2
A1
A2
A1 r1
r3
r4
DempsterDempster--Shafer ETA ApproachShafer ETA ApproachEvent Tree AnalysisEvent Tree Analysis
Scenario
Ω = h1, h2, h3 →→→→ “failure”, “no failure”, “uncertain”
Inputs →→→→ data source gives 3 values m(A1), m(A2), m(A3)
Output 1 →→→→ evidence measures for “failure”
Output 2 →→→→ evidence measures for “no failure”
Evidence Measures bel(Z1) = m(A1)
pl(Z1) = m(A1) + m(A3)
bel(Z2) = m(A2)
pl(Z2) = m(A2) + m(A3)
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
42
Initialevent
r2
A2
A1
A2
A1
A2
A1 r1
r3
r4
DempsterDempster--Shafer ETA ApproachShafer ETA ApproachEvent Tree AnalysisEvent Tree Analysis
Procedure
Calculating evidence measures of every bifurcation of the ET
Then applying interval arithmetic
More details →→→→ RCM
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
43
Reliability Centred MaintenanceReliability Centred MaintenanceBrief IntroductionBrief Introduction
Detailed Introduction
IEC 60300-3-11
Proceedings →→→→ references
Seven Steps of the RCM Process Step – Establishing an expert group
Step – Functional breakdown of the system
Step – Conducting FMECA
Step – Collecting of data
Step – Tailoring the RCM decision diagram
Step – Applying the RCM decision diagram
Step – Documenting results
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
44
Brief IntroductionBrief IntroductionReliabilityReliability--centred Maintenancecentred Maintenance
RCM Decision Diagram – Objective
Find a suitable strategy →→→→ component, module, system Framework of eight questions, six strategies
Testabilityof failure
Detectabilityof a failure
Scheduled maintenance
Periodical tests
Cond basedmaintenance
yes
First linemaintenance
Correctivemaintenance
First linemaint
First linemaint, alone?
Significantconsequences
Other reasonsfor prev maint
nonoyesyesno
yes no no yes
yes
yes
no
yes
nono Find abetter design
Cond basedmaint effective
Increasingfailure rate
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
46
DS-RCM Example
Condition-based maintenance effective:
Do methods exist for
effective condition monitoring
so that an item failure
can be avoided?
Two answers
Two experts (example)
→→→→ two statements
Expert AssessmentExpert AssessmentReliabilityReliability--centred Maintenancecentred Maintenance
Cond.-basedmaintenance
effective?
YesYes
NoNo
Expert1
Expert1
Expert
2
Expert
2
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
47
Input
Statements →→→→ “yes”, “no”, or “uncertain”
Quantification →→→→ basic assignments
Input & OutputInput & OutputReliabilityReliability--centred Maintenancecentred Maintenance
Cond.-basedmaintenance
effective?
Yes 0.6
No 0.3
Unc 0.1
Yes 0.6
No 0.3
Unc 0.1
Yes 0.5
No 0.3
Unc 0.2
Yes 0.5
No 0.3
Unc 0.2
YesYes
NoNo
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
48
Input
Statements →→→→ “yes”, “no”, or “uncertain”
Quantification →→→→ basic assignments
Output Values of evidential functions
Certainty
→→→→ 70% in “yes”
→→→→ 27% in “no” Uncertainty
→→→→ 3%
Input & OutputInput & OutputReliabilityReliability--centred Maintenancecentred Maintenance
Cond.-basedmaintenance
effective?
Yes 0.6
No 0.3
Unc 0.1
Yes 0.6
No 0.3
Unc 0.1
Yes 0.5
No 0.3
Unc 0.2
Yes 0.5
No 0.3
Unc 0.2
Yesbel 0.70
pl 0.73
Yesbel 0.70
pl 0.73
No bel 0.27
pl 0.30
No bel 0.27
pl 0.30
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
49
Input
Eight results of every “yes” or “no” decision
→→→→ values of evidential functions bel and pl
Calculus
Interval arithmetic →→→→ (easily)
Output Six weighted recommendations on maintenance strategies
Example, periodical testing bel = 0.51, pl = 0.62
Testabilityof failure
Detectabilityof a failure
Scheduled maintenance
Periodical tests
Cond basedmaintenance
yes
First linemaintenance
Correctivemaintenance
First linemaint
First linemaint, alone?
Significantconsequences
Other reasonsfor prev maint
nonoyesyesno
yes no no yes
yes
yes
no
yes
nono Find abetter design
Cond basedmaint effective
Increasingfailure rate
Weighted RecommendationsWeighted RecommendationsReliabilityReliability--centred Maintenancecentred Maintenance
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
50
Further AnalysesFurther AnalysesSome HintsSome Hints
Failure Mode, Effects and Criticality Analysis
IEC 60812
Dempster-Shafer approach →→→→ Section 4.1 Proceedings
Preliminary/Potential Hazard Analysis … same holds for PHA
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
52
OutlineOutlinePart 4Part 4
Part 1 – Fundamentals
History
Scenario
Interpretations
Part 2 – Illustration
The DS calculus in eight steps
Part 3 – Applications to System Safety & Reliability Modelling
FTA – Fault Tree Analysis
ETA – Event Tree Analysis
RCM – Reliability-centred Maintenance
Further Analyses
Part 4 – Outroduction
Pros & Cons
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
53
Some CommentsSome CommentsOutroductionOutroduction
Disclaimer
Nobody is forced to apply DST instead of Probability Theory
No uncertainties →→→→ no DS modelling recommended (?)
Prefer modelling uncertainties by probabilities? →→→→ apply probabilities
Prefer … interval arithmetic? →→→→ apply interval arithmetic
Prefer … fuzzy sets? →→→→ apply fuzzy sets
Applying DST is an option, not an obligation
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
54
Disadvantages of the DSTDisadvantages of the DSTOutroductionOutroduction
Disadvantages (also valid for Probabilities)
Lack of introspection or assessment strategies
unreasonable requirement for precision →→→→ m
difficult to determine with necessary precision
Instability
estimated m may be influenced by the conditions of its estimation
Ambiguity
ambiguous or imprecise judgement could not be expressed
by the evidence measures
Disadvantages
Frame of discernment Ω →→→→ given k hypotheses →→→→ up to 2k elements
larger number of values →→→→ than after the Probability Theory DST does not offer a procedure for implementation of a diagnostic system
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Uwe Kay Rakowsky Dempster-Shafer Theory & its Applications to System Safety & Reliability Modelling
55
Advantages of the DSTAdvantages of the DSTOutroductionOutroduction
Advantages
Calculus describes & quantifies the subjective viewpoint
as an assessment for an unknown objective fact
Applying DST is an option, not an obligation
“If the only tool you have is a hammer,
you tend to see every problem as a nail.” Abraham Maslow
Intro
Modelling|||
Illustration|
Fundamentals||
Outro
Fundamentals of theFundamentals of the
DempsterDempster--Shafer Theory and its Shafer Theory and its
Applications to SystemApplications to System
Safety and Reliability ModellingSafety and Reliability Modelling
Uwe Kay RakowskyUwe Kay Rakowsky
University of Wuppertal, GermanyUniversity of Wuppertal, Germany
Department D Department D –– Safety EngineeringSafety Engineering