To: Streamline
The initial numbers to establish reliability are taken from the failure rate databases of the company making the component or the aircraft. In many cases even the largest of aircraft manufacturers don’t have a failure rate database. In cases like that the reliability engineers will get failure rates from other sources. Many reliability engineers (like myself) will accumulate their own failure rates from various jobs they have worked. The US Air Force has an extensive data base for electronic equipment that is based on the projected and demonstrated failure histories of thousands of commonly used electronic parts ranging from a diode to the most complex LSI chip.
Failure rates for mechanical equipment and piece parts are another story. That data that is available does not reflect the specific usage for the piece parts in that data base. In cases like that the analyst must provide some K factor that will allow him/her to calculate the failure rate by multiplying the failure rate by the K factor. It is far from accurate but that is how they arrive at the part predicted rate of failure (MTBF).
The analyst creates a block diagram replicating the piece part relationship within the item under analysis. The failure rate numbers are plugged into the individual blocks and the reliability and unreliability numbers are factored from the failure rates of each piece part and that number is also plugged into the respective blocks. Assuming the unit under analysis would fail its’ function if any of the blocks failed it is considered to be a series block diagram. To get the reliability number for the unit the individual numbers in the series are multiplied. The reliability numbers are a decimal point followed by a series of 9s. The numbers are plugged into calculator or a computer and then chain multiplied. The answer is a series of 9s followed by other numbers that are less than 9.
Now, the problems begin. First of all, how accurate are the numbers and do the numbers really represent the inherent failure rates for the parts? When the concept of reliability was first started by the USAF it was to establish the reliability of electronic black boxes. The function of the block diagram was to provide a performance number. By calculating the basic reliability of the black box they could then plug in numbers representing a different part or parts and run the calculation again to determine the effects of the parts change on the predicted reliability of the black box.
There were other types of block diagrams representing very complex and multiple redundancies. If you had a complex or parallel circuit a calculation was performed to establish the reliability of that circuit. That calculation provided a decimal point followed by as many a 12 9s and it was given a reliability of 1 so that in a chain calculation it would have no effect on the ultimate number.
I previously stated that the block diagram concept was to provide comparative performance numbers. Not now. Now they are used to calculate the reliability of the black box and compare it to the required MTBF established by the customer. By selecting the right numbers the reliability requirements were always met. When they applied this concept to mechanical systems the whole thing fell apart due to the lack of reliable failure rate data. I have been doing this since 1968 and it still hasn’t changed.
Now it gets worse. To certify an aircraft it must be proven that the systems meet the probabilities of failure as established by the certification authorities. To do this a fault tree or Systems Safety Analysis must be performed. This is usually in the form of a series of gates arranged to reflect the inter relationship of the components in the system. There are usually AND gates and OR gates. The gates can be visualized like a door with many locks or a door with only one lock. An AND gate has many locks and an OR gate has only one lock. Once the diagram is established it is then determined what must fail in order to lose a function and possibly have an adverse effect on the next higher level.
Lines representing an individual failure that can effect another part of the system connect the various gates. Assume that you have an OR gate with five lines connected to it. Any one of those failures has a key that will open the lock and allow the door to be opened thus passing the failure to the next higher level. Now, assume that the AND gate has five lines connected to it. In order to open the door, all five keys must be used in order for those collective failures to be manifested at a higher level. This combination of AND / OR gates goes upward and terminates at an AND gate which is the highest level in the system. The closer to the top the more AND gate and fewer OR gates.
After constructing the diagram the analyst must determine the probability of total failure of the system. To do this he uses Boolean Algebra to make the calculations. Assuming an OR gate with five inputs the analyst will add the failure rates that were derived from the block diagram to calculate the total failure rate for that gate. One line passes from that gate to the next higher level and the calculated failure rate for that gate is assigned to the line and it in turn passes to the next level and hits another gate. If that gate is an OR gate with several lines connected to it the same calculation is performed and so on. If the bottom gate is an AND gate with five inputs the individual failure rates are multiplied in the same manner as the chain calculations in the reliability block diagram. The line passing out of that gate is assigned the probability of failure for the gate and passes upward just like the OR gate described previously. When all of the lines terminate at the top AND gate a calculation is made and the product of that calculation for the failure probability for that system. It must be 1 10-9 or better. In most cases it is proved to be even better.
Now, ask yourself how reliable is this number if it is based on meaningless numbers that are not representative of the parts that are reflected by those numbers. But that isn’t all. The top numbers that represent the probability of failure represent the systems on the aircraft and not the aircraft. In order to determine the probability of the loss of the aircraft it would be necessary to take the individual top gates and connect them into an OR gate which represents the aircraft. If you would perform the same calculation for an OR gate the aircraft would have a probability of loss well below 1 10-9. The FAA does not require this last calculation because it will prove that the aircraft does not meet the requirements set up for the systems. Even if the numbers that went into the various calculations were true representations of the parts failure rates the answer to the final calculation would be the same. The aircraft cannot meet the FAA, CAA, LBA, DGCA and JAR requirements and it doesn’t make any difference who makes the plane.
------------------
The Cat