Reliability of sequential systems using the cause–consequence diagram method

In many industrial systems, where safety is of the utmost importance, it is necessary that expedient tools for accident analysis are available and employed at the design stage. Such tools must be able to handle large systems in a systematic way and display the factors that are of vital importance for the functionality of the system. The technique of fault tree analysis (FTA) is commonly used to assess the failure probability of such systems. The fault tree represents the failure logic of the system in an inverted tree structure and has the advantage that it provides very good documentation of the way the failure logic was developed. Conventional fault tree quanti cation requires a number of assumptions regarding the system. One of these is that the basic events in the tree occur independently. This condition is not satis ed when sequential failures are encountered. Employing alternative methods, such as Markov methods, can result in the loss of the documentation that represents the failure logic of the system. The cause–consequence diagram method is a tool that, like fault tree analysis, documents the failure logic but has the extra capability enabling the analysis of systems subject to sequential failures. In addition, the cause–consequence diagram identi es the complete set of system responses to any given initiating event. This paper is concerned with the cause–consequence diagram method and its application to sequentially operating systems. It extends previous work by providing more rigorous guidelines to enable the construction of the diagram and an analysis methodology that can be used when dependencies exist between the events featured in the decision boxes. A new symbol distinguishing between events that exist at a speci ed point in time and those that occur at that time is introduced to facilitate the analysis.