User Guide

Owned by Patryk Pluskota (Unlicensed)
Last updated: Apr 14, 2017
2 min read

Introduction

Safety Anaysis is a tool for fault trees with fuzzy probabilities, event trees with fuzzy probabilities and fuzzy reasoning. Nowadays people develop more and more complex insustrial systems. They offer a variety of functionalities which help us to live better and easier. Many of them are systems which are crucial to people safety and they need to be extremely reliable. Because of their complexity, it is nearly impossible to analyse their safety without support of modern technologies. People are too slow and too inaccurate to do it by themself.

Safety Analysis is a tool which will be helpfull for such crucial systems. It allows you to:

  • Analyse event trees 
  • Analyse fault trees
  • Use fuzzy reasoning

These functionalities will help you to discover your system's weak points before it came to an accident and help improve your system's safety.

Accident already happened? Safety Analysis will help you to analyse what went wrong and ensure that it won't happen anymore.

Safety Analysis First Steps

Requirements

This software requires Java 8 to work properly.

Usage example

Safety Analysis - CLI

  1. Download latest Safety Analysis CLI from here
  2. Prepare data you want to analise (example event tree can be downloaded from here)
  3. Open command prompt
  4. Run Safety Analysis with command: "java -jar SafetyAnalysis_CLI.jar flag file.xml parameters" with selected parameters (i.e. "java -jar SafetyAnalysis_CLI.jar -e EventTree.xml -c")



  5. More about using command line interface can be found here

Safety Analysis - GUI

  1. Download latest Safety Analysis GUI from here
  2. Prepare data you want to analise (example event tree can be downloaded from here)
  3. Run SafetyAnalysis_GUI.jar
  4. Select type of tree
  5. Get started, after that you can import example tree prepared in step 2 or create an own tree.


Using command line interface

Command Line User Guide

Syntax

Safety Analysis offers command-line interface for its most basic features. If you are looking for instructions how to enter these arguments in IDE go here.

In case you dont enter any arguments, will be displayed GNU HELP with all available arguments.


The config file is a simple text file and should contain one command-line option (omitting the dashes) per line in the format:

 -flag value

or for a option without value:

 -flag

Example

 pl.wroc.pwr.sa.gui.cli.MainCLI -e "tree.xml" -c

This example command imports Event Tree from XML file and checks the cohesion. Detailed information about arguments in the next section.


Short list of arguments (GNU HELP)

usage: SafetyAnalysis [-n eventname] [-p] [-a] [-r file] [-c] [-s scenario] [-e file] [-f file] [-i]


-a,--analyseFaultTreeAnalyse fault tree and show results
-c,--checkTheCohesionOfTheEventTree Analyse The Cohesion Of The Event Tree

-e,--eventtree <file> 

Read Event Tree from file (relative path, e.g. -e "safety-gui/newXml5.xml"

-f,--faulttree <file>Read Fault Tree from file (relative path)
-i,--getFuzzyImportanceIndexGet Fuzzy Importance Index of Faut Tree
-n,--evntnme <eventname>Get event name
-p,--importanceAnaliseExecute importance analisis
-r,--report <file> Generate report with given date, logo and title paragraph
-s, --evtsce <scenario>Counts probability for scenarios in Events Tree


Detailed list of arguments

  • Event Tree related arguments

    usage: pl.wroc.pwr.sa.gui.cli.MainCLI -e PATHTOFILE [options] 


    eventtree <file>
    Flag-e
    ParametrString: path (path to XML file to be loaded)
    Description

    Read Event Tree from file

    Output: success"Read Event Tree file from: " + path + " Success"
    Output: fail"Read Event Tree file from: " + path + " Fail"


    checkTheCohesionOfTheEventTree 
    Flag-c
    Parametr-
    Description

    Check The Cohesion Of The Event Tree

    Output: success

    "Result of the analysis Events Tree: "

    "Events tree is ok"

    Output: fail"There is no tree that I could analyze."
    •  Detailed description

      Method checks the cohesion of the tree. For each leaf of the tree method checks further parents. When last of the parents is different from root (InitialBranch), exception is thrown. 
      Tip: This method operates on edges.


    evtsce <scenario>
    Flag-s
    ParametrString: option (comma separated scenario indexes)
    Description

    Count probability for scenarios

    Output: success

    "Membership Function for scenarioo: [" + option + "]"

    ...

    Output: fail"There is no tree"
    •  Detailed description

      Trapezoidal fuzzy numbers are reprezents by 4 parameters <a, b, c, d>

      The function multiplies the parameters of trapezoidal-shaped membership functions of the edges from the specific edge to the root (not including the root) to calculate the probability of the scenario  (approximate result).

      The function uses this pattern to sum up the probabilities of scenarios:


      eventTreeScenarioCounter
      This is description of MainCLI function(eventTreeScenarioCounter(String)). 
In Step2 we started to describe MainAPI function(eventTreeScenarioCounter(String, EventTree)) after MainCLI function constructs 'MembershipFunction' object.
In Step3 we are back to MainCLI function(eventTreeScenarioCounter(String)).


Step1: The function initializes empty string (e.g. 'outputText').
Step2: The function constructs the 'MembershipFunction' object (e.g. 'mf1') equal api.eventTreeScenarioCounter (argument of described function (e.g. 'option'), eventsTree). 
'option' is a string with the scenarios indexes separated by commas. 
eventTreeScenarioCounter converts separeted scenarios indexes into an integer and assigns it to the new table (e.g. indexes). 
eventTreeScenarioCounter constructs the 'MembershipFunction' object (e.g. 'mf2') equal null.
If (eventsTree == null) eventTreeScenarioCounter returns null
Else{
If (size of 'indexes' == 1) eventTreeScenarioCounter counts the probability of scenario from 'option' and assign it to the 'mf2'.
Else if (size of 'indexes' > 1){
eventTreeScenarioCounter constructs list of 'MembershipFunction' elements (e.g. 'probab').
eventTreeScenarioCounter counts the probabilities of the scenarios from 'option' and assigns it to the 'probab'.
eventTreeScenarioCounter constructs the 'MembershipFunction' object (e.g. 'mf3') equal sumMembershipFunctionsOfScenarios(probab) to sums up the propabilities from the list and assigns it to the 'mf2'.
}
eventTreeScenarioCounter returns 'mf2'.
Step3: If ('mf1' == null) The function assigns "There is no tree" to the 'outputText' and then display it.
Else {
The function constructs the 'ParamTrapezoid' object (e.g. 'pt'), then gets parametrs from 'mf1' and assigns it to the 'pt'.
The function assigns "\nMembership Function for scenario/scenarios: [" + 'option' + "]" plus 4 parameters(taken from 'pt') separeted by "\n" to the 'outputText' and then display it.
}


    importanceAnalise
    Flag-p
    ParametrString: name (name of event)
    Description

    Check importance analisis

    Output: success

    "Result of the analysis Events Tree: "


    If exception will be catch (during the analysis):

    "Events tree is not ok"

    Output: fail"There is no tree that I could analyze."
    •  Detailed description

      This function check probability before and after cut an event which was passed as parameter. The probability of scenario is calculated by formula

      P(x1,...,Xn) - probability of scenario

      P(X1),P(Xn) - probability of events which led to that scenario

      If to that function we will pass name of Event 2, function will cut Failure(2f) and all its sub trees then it will calculate probability of scenario without excluded part and print it with information about probability of primary tree(before cut was done).

      Event Tree analysis concept


      It is worth to mention that probability of success of event and probability of failure of that event must sum to 1.

      Also probability of scenario is not equal to intensity of scenario occurrence. In intensity of scenario occurrence (intensity of specific scenario e.g. Failure scenario D) we take also intensity of initiating event occurrence (IIE) but in probability of scenario we start form first event. (Event 1)


      Importance Analise
      Step1: The function initializes empty string (e.g. 'outputText') and (e.g. 'a').
Step2: If eventTree !=null create object of TreesService class and set boolean (e.g. 'ok') to true. After that start analyse of event tree using function doAnalise.
doAnalise function is checking the probability before and after the removingEdge. At first it compute probability of basic tree, it is done by computing probability of each scenario associated with leaf. It is calculated in 'computeProbabolityForLeaf' function, probability of leaf is assigned to 'tmpProbability' variable and probability of its parent to 'edge' variable then multiply of leaf and theirs parent probability is assigned to 'tmpProbabolity'. This process is executed up to Event 1. At last in 'computeProbabilityForLeaf' it's sums probability of scenarios which led to that consequence and return them to 'importanceAnalisis' function which pass them to 'doAnalise' function.
After that 'doAnalise' removes edgeList which we passed to 'importanceAnalise' and one more time it runs 'doAnalise' function for tree in which we removed some edges.
At end of 'doAnalise' it return string "Prawdopodobieństwa przed: " + oldProbability + "\nPrawdopodobieństwa po: " + newProbability" which is also output of 'importanceAnalise' function.
Step3: If eventTree = null The function assign "There is no tree" to the 'outputText' and then display it.


  • Fault Tree related arguments

    usage: pl.wroc.pwr.sa.gui.cli.MainCLI -e PATHTOFILE [options] 


    faulttree <file>
    Flag-f
    Parametr

    String: path (path to XML file to be loaded)

    Description

    Read Fault Tree from file

    Output: success

    "Read Fault Tree file from: " + path + " Success"

    Output: fail

    "Read Fault Tree file from: " + path + " Fail"



    analyseFaultTree

    Flag-a
    Parametr-
    Description

    Analyse fault tree and show results

    Output: success

    "Result of the analysis Fault Tree: "

    "Key: " + key + " = Value: " + value

    Output: fail

    "There is no tree that I could analyze."



    getFuzzyImportanceIndex  

    Flag-i
    Parametr-
    Description

    Get Fuzzy Importance Index of Faut Tree

    Output: success

    "Key: " + key.getName() + " = Value: " + value.getName()"

    Output: fail

    "There is no tree that I could analyze"


  • Others


    report <file>

    Flag-r
    Parametr

    String: path (where raport will be saved)

    Description

    Generate report with given date, logo and title paragraph

    Output: success

    "Created file: "

    Output: fail

    -

    •  Examples of reports
       Empty report

      usage: -r raportTest.doc

       Report with loaded event tree

      usage: -e safety-gui/newXml5.xml -r raportTest.doc


       Report with loaded event tree and checked cohesion

      usage: -e safety-gui/newXml5.xml -c -r raportTest.doc

       Report with loaded and analysed FaultTree

      usage: -f safety-gui/exampleFaultTree.xml -a -r raportTest.doc

       Report with loaded FaultTree and Fuzzy Importance Result

      usage: -f  safety-gui/exampleFaultTree.xml -i -r raportTest.doc


    evntnme <eventname>

    Flag-n
    Parametr

    String name

    Description

    Get event name.

    This is used when importance analysis is started (-p)

    Output: success-


    Output: fail

    -



CLI Documentation

.

Supported data types

Safety Analysis allows you to work with two data types.

Fault Tree

What is Fault Tree Analysis? 

Fault Tree Analysis (FTA) is qualitative top-down failure analysis method using decision tree structure to model course of accidents and analyze it. It is used in many high risk industries including aerospace, nuclear power and chemical industries.

Particular factors that could lead to an accident and their potential consequences are shown by Fault Tree which describes dependencies between potential main accident and its causes. Identified causes are associated and can be described (among others) as specific device or machine failures, human errors or environmental conditions. Fault Tree is therefore a graphical model of causal relationship - Fault Tree schema illustrates causes whose effects are defined as unsure events or risks.

The undesired outcome is taken as the root (or top event) of Fault Tree. Working backwards immediate event's causes and logical relationships between them are determined using logic gates. By stepping back through events the most basic causes are identified and Fault Tree is constructed.

Fault Tree Analysis helps to:

  • understand logic leading to main failure
  • prioritize events leading to top event by their contribution
  • better manage resources

Probabilitiy of each fault is specified by membership function. Logical operators between faults produce membership functions of faults higher in hierarchy. Currently there are two logic gates available in Safety Analysis project - AND and OR gates.

The result of logic gate OR operation on faults is given by formula:

for independent faults:

In fault trees probability  is usually small and error resulting from omitting this part leads to overstating of real probability of top event which is appropriate direction. Therefore independence of faults is presumed and the following formula is in use:

Membership function for fuzzy sets will be calculated as:

 for trapezoidal-shaped membership function

 for triangular-shaped membership function

If  then value of 1 will be used.

The result of logic gate AND operation on faults is given by formula (independence of events presumed):

Resulting membership function will be non-trapezoidal membership function.
In Safety Analysis project resulting membership function will be approximated as:

 for trapezoidal-shaped membership function

 for triangular-shaped membership function

This approximation overstate real probability of fault which is appropriate direction.

Fault Tree XML Format

FaultTree Fields

   root - event tree identity

   faultMap - map of failures, contains at least one entry section

   scale - (LINEAR or LOGARITHMIC)

Root fields

   name

   triangleFunction→name - function name

Fault Tree Initial Branch
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<faultTree>
    <root>
        <name>root</name>
        <triangleFunction>
            <name></name>
        </triangleFunction>
    </root>
    <faultMap>
           <entry>
             ...
           </entry>
           <entry>
             ...
           </entry>
    </faultMap>
	<scale/>
</faultTree>


Entry

Entry and Entry → Value fields

   key - entry key

   value - entry value

   value→name - value name

   value→triangleFunction→name - function name

Parent fields

   name

   logicGateType - GATE_AND or GATE_OR

   triangleFunction→name - function name

Fault Tree Initial Branch
<entry>
    <key>fault2</key>
    <value>
        <name>fault2</name>
        <parent>
            <logicGateType>GATE_AND</logicGateType>
            <parent>
                <name>fault1</name>
                <parent>
                    logicGateType>GATE_OR</logicGateType>
                    <parent>
                        <name>root</name>
                        <triangleFunction>
                            <name></name>
                        </triangleFunction>
                    </parent>
                </parent>
                <triangleFunction>
                    <name></name>
                </triangleFunction>
            </parent>
        </parent>
        <triangleFunction>
            <name>dużo3</name>
        </triangleFunction>
    </value>
</entry>



Event Tree


What is Event Tree Analysis? 

Event tree analysis (ETA) is a forward, bottom up, logical modeling technique for both success and failure that explores responses through a single initiating event and lays a path for assessing probabilities of the outcomes and overall system analysis. This analysis technique is used to analyze the effects of functioning or failed systems given that an event has occurred. ETA is a powerful tool that will identify all consequences of a system that have a probability of occurring after an initiating event that can be applied to a wide range of systems including: nuclear power plantsspacecraft, and chemical plants. This Technique may be applied to a system early in the design process to identify potential issues that may arise rather than correcting the issues after they occur.  With this forward logic process use of ETA as a tool in risk assessment can help to prevent negative outcomes from occurring by providing a risk assessor with the probability of occurrence. ETA uses a type of modeling technique called event tree, which branches events from one single event using Boolean logic.

Methodology

The overall goal of event tree analysis is to determine the probability of possible negative outcomes that can cause harm and result from the chosen initiating event. It is necessary to use detailed information about a system to understand intermediate events, accident scenarios, and initiating events to construct the event tree diagram. The event tree begins with the initiating event where consequences of this event follow in a binary (success/failure) manner. Each event creates a path in which a series of successes or failures will occur where the overall probability of occurrence for that path can be calculated. The probabilities of failures for intermediate events can be calculated using fault tree analysis and the probability of success can be calculated from 1 = probability of success(ps) + probability of failure (pf).

Steps to perform an event tree analysis:

  1. Define the system
  2. Identify the accident scenarios
  3. Identify the initiating events
  4. Identify intermediate events
  5. Build the event tree diagram
  6. Obtain event failure probabilities
  7. Identify the outcome risk
  8. Evaluate the outcome risk
  9. Recommend corrective action
  10. Document the ETA


What is Event Tree?


Event tree is an inductive analytical diagram in which an event is analyzed using Boolean logic to examine a chronological series of subsequent events or consequences. For example, event tree analysis is a major component of nuclear reactor safety engineering.

An event tree displays sequence progression, sequence end states and sequence-specific dependencies across time.

Event Tree XML Format


Event Tree Initial Branch

Event Tree Initial Branch
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
 <eventTree xmlns:ns2="pl.wroc.pw.sa.et.EventTree">
    <id>1</id>
    <InitialBranch>
            <branch>true</branch>
            <child>
                ...
            </child>
            <child>
            	...
        	</child>
            <event>
            	...
            </event>
        	<id>7</id>
            <type>true</type>
    </InitialBranch>
</eventTree>

<id> - identifer of Event Tree

<type> - If the event happen (true or false)

<child> - occurs only when branch has a child (child has identical structure as Initial Branch)

<event> - stores information event like : scale, parametrs


Event Tree with Child

Event Tree with Child
 <event>
 	<trapezoid>
 		<name>nn</name>
 		<parameters>
 			<scale>LINEAR</scale>
            <a>0.5</a>
            <b>0.5</b>
            <c>0.5</c>
            <d>0.5</d>
        </parameters>
     </trapezoid>
     <child>
        <trapezoid>
            <name>nn</name>
            <parameters>
                <scale>LINEAR</scale>
                <a>0.5</a>
                <b>0.5</b>
                <c>0.5</c>
                <d>0.5</d>
            </parameters>
        </trapezoid>
        <id>5</id>
        <name>e6</name>
     </child>
     <id>4</id>
	 <name>e5</name>
 </event>

Event Tree without Child

Event Tree without child
<event>
 	<trapezoid>
    	<name>nn</name>
        	<parameters>
            	<scale>LINEAR</scale>
                <a>0.5</a>
                <b>0.5</b>
                <c>0.5</c>
                <d>0.5</d>
        	</parameters>
    </trapezoid>
	<id>5</id>
    <name>e3</name>
 </event>