A Fault Tree Analysis (FTA) is a Risk Management tool that assesses the safety-critical functions within a system’s architecture and design. It analyzes high-level failures and identifies all lower-level (sub-system) failures that cause them. FTA is useful during the initial product design phase as a tool for driving the design through an evaluation of both reliability and fault probability perspectives. It can be used to estimate and develop a system’s performance reliability requirements to reduce the likelihood of undesired events occurring. [1]
Definition: Fault tree analysis (FTA) is a graphical tool to explore the causes of system-level failures.
FTA is particularly useful in functional paths of high complexity in which the outcome of one or more combinations of noncritical events may produce an undesirable critical event. Typical candidates for fault tree analysis are functional paths or interfaces which could have a critical impact on flight safety, munitions handling safety, the safety of operating and maintenance personnel, and the probability of error-free command in automated systems in which a multiplicity of redundant and overlapping outputs may be involved.
Purpose of Fault Tree Analysis
The purpose of a fault tree analysis is to provide a concise and orderly description of the various combinations of possible occurrences within the system which can result in a predetermined critical output event and mitigate them.
Fault Tree Analysis (FTA) Development Steps
FTA analysis involves five (5) steps: [3]
- Step 1: Define the undesired event to study
- Step 2: Obtain an understanding of the system
- Step 3: Construct the fault tree
- Step 4: Evaluate the fault tree
- Step 5: Control the hazards identified
Fault Tree Analysis provides insight into: [2]
- Functional analysis of highly complex systems
- Observation of combined effects of simultaneous, non-critical events on the highest level event
- Evaluation of system reliability
- Evaluation of human interfaces
- Evaluations of software interfaces
- Identification of potential design defects and safety hazards
- Evaluation of corrective actions
- Evaluate compliance with the (input) system safety/reliability requirements Identification and simplification of maintenance requirements and troubleshooting procedures
- Elimination of causes for observed failures
Difference Between Fault Tree Analysis (FTA) and Failure Mode Effects and Criticality Analysis (FMECA)
FTA is a “top-down” method of analysis compared to Failure Modes Effects and Criticality Analysis (FMECA) which is a “bottoms up” method.
FMECAs and FTAs are compatible methods of risk analysis, with the choice of method dependent on the nature of the risk to be evaluated. There are some differences. Because FTA is a top-down analysis there is a higher probability of misinterpretation at the lowest level. On the other hand, with the FMECA starting at the lowest level, it will probably result in a better method of risk analysis (assuming lowest level data is available). Also, the FMECA considers only single failures while FTA considers multiple failures which will impact accuracy.
History of Fault Tree Analysis
Fault tree analysis was originally developed for the Air Force at Bell laboratories by H Waston and A Mearns in 1962. The concept has been widely adopted throughout the aerospace industry.
AcqLinks and References:
- [1] Defense Acquisition Guidebook (DAG)
- [2] Website: ACQuipedia – Failure/Fault Tree Analysis
- [3] Website: Wikipedia – Fault Tree Analysis
Updated: 7/19/2021
Rank: 40.5