Application of Markov techniques

This International Standard provides guidance on the application of Markov techniques to model and analyze a system and estimate reliability, availability, maintainability and safety measures. This standard is applicable to all industries where systems, which exhibit state-dependent behaviour, have to be analyzed. The Markov techniques covered by this standard assume constant time-independent state transition rates. Such techniques are often called homogeneous Markov techniques.

Anwendung des Markoff-Verfahrens

Application des techniques de Markov

Cette Norme internationale fournit un guide sur l'application des techniques de Markov pour analyser et modéliser un système, et estimer la fiabilité, la disponibilité, la maintenabilité et les mesures de sécurité. Cette norme est applicable à toutes les industries où les systèmes, qui présentent un comportement dépendant de leur état, doivent être analysés. Les techniques de Markov couvertes par cette norme supposent des fréquences de changement d'état constantes, indépendantes du temps. De telles techniques sont souvent appelées globalement 'techniques de Markov'.

Uporaba tehnik Markov (IEC 61165:2006)

General Information

Status
Published
Publication Date
30-Jul-2006
Technical Committee
Drafting Committee
Parallel Committee
Current Stage
6060 - Document made available
Due Date
31-Jul-2006
Completion Date
31-Jul-2006

Buy Standard

Standard
EN 61165:2007 - natisnjeno za čitalnico
English language
37 pages
sale 10% off
Preview
sale 10% off
Preview

e-Library read for
1 day

Standards Content (sample)

6/29(16., 6,67(1
67$1'$5'
MDQXDU
8SRUDEDWHKQLN0DUNRY ,(&
LVWRYHWHQ(1
$SSOLFDWLRQRI0DUNRYWHFKQLTXHV ,(&
,&6 5HIHUHQþQDãWHYLOND

6,67(1 HQ
!"#$%&’( )&!*+,%- .
---------------------- Page: 1 ----------------------
EUROPEAN STANDARD
EN 61165
NORME EUROPÉENNE
July 2006
EUROPÄISCHE NORM
ICS 03.120.01; 03.12.30; 21.020
English version
Application of Markov techniques
(IEC 61165:2006)
Application des techniques de Markov Anwendung des Markoff-Verfahrens
(CEI 61165:2006) (IEC 61165:2006)

This European Standard was approved by CENELEC on 2006-07-01. CENELEC members are bound to comply

with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard

the status of a national standard without any alteration.

Up-to-date lists and bibliographical references concerning such national standards may be obtained on

application to the Central Secretariat or to any CENELEC member.

This European Standard exists in three official versions (English, French, German). A version in any other

language made by translation under the responsibility of a CENELEC member into its own language and notified

to the Central Secretariat has the same status as the official versions.

CENELEC members are the national electrotechnical committees of Austria, Belgium, Cyprus, the Czech

Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia,

Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain,

Sweden, Switzerland and the United Kingdom.
CENELEC
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
Central Secretariat: rue de Stassart 35, B - 1050 Brussels

© 2006 CENELEC - All rights of exploitation in any form and by any means reserved worldwide for CENELEC members.

Ref. No. EN 61165:2006 E
---------------------- Page: 2 ----------------------
EN 61165:2006 - 2 -
Foreword

The text of document 56/1096/FDIS, future edition 2 of IEC 61165, prepared by IEC TC 56,

Dependability, was submitted to the IEC-CENELEC parallel vote and was approved by CENELEC as

EN 61165 on 2006-07-01.
The following dates were fixed:
– latest date by which the EN has to be implemented
at national level by publication of an identical
national standard or by endorsement (dop) 2007-04-01
– latest date by which the national standards conflicting
with the EN have to be withdrawn (dow) 2009-07-01
Annex ZA has been added by CENELEC.
__________
Endorsement notice

The text of the International Standard IEC 61165:2006 was approved by CENELEC as a European

Standard without any modification.

In the official version, for Bibliography, the following notes have to be added for the standards indicated:

IEC 60812 NOTE Harmonized as EN 60812:2006 (not modified).
IEC 61078 NOTE Harmonized as EN 61078:2006 (not modified).
__________
---------------------- Page: 3 ----------------------
- 3 - EN 61165:2006
Annex ZA
(normative)
Normative references to international publications
with their corresponding European publications

The following referenced documents are indispensable for the application of this document. For dated

references, only the edition cited applies. For undated references, the latest edition of the referenced

document (including any amendments) applies.

NOTE When an international publication has been modified by common modifications, indicated by (mod), the relevant EN/HD

applies.
Publication Year Title EN/HD Year
IEC 60050-191 1990 International Electrotechnical Vocabulary - -
(IEV)
Chapter 191: Dependability and quality of
service
1) 2)
IEC 60300-3-1 - Dependability management EN 60300-3-1 2004
Part 3-1: Application guide - Analysis
techniques for dependability - Guide on
methodology
IEC 61508-4 1998 Functional safety of EN 61508-4 2001
+ corr. April 1999 electrical/electronic/programmable electronic
safety-related systems
Part 4: Definitions and abbreviations
Undated reference.
Valid edition at date of issue.
---------------------- Page: 4 ----------------------
NORME CEI
INTERNATIONALE
IEC
61165
INTERNATIONAL
Deuxième édition
STANDARD
Second edition
2006-05
Application des techniques de Markov
Application of Markov techniques
 IEC 2006 Droits de reproduction réservés  Copyright - all rights reserved

Aucune partie de cette publication ne peut être reproduite ni No part of this publication may be reproduced or utilized in any

utilisée sous quelque forme que ce soit et par aucun procédé, form or by any means, electronic or mechanical, including

électronique ou mécanique, y compris la photocopie et les photocopying and microfilm, without permission in writing from

microfilms, sans l'accord écrit de l'éditeur. the publisher.

International Electrotechnical Commission, 3, rue de Varembé, PO Box 131, CH-1211 Geneva 20, Switzerland

Telephone: +41 22 919 02 11 Telefax: +41 22 919 03 00 E-mail: inmail@iec.ch Web: www.iec.ch

CODE PRIX
PRICE CODE
Commission Electrotechnique Internationale
International Electrotechnical Commission
МеждународнаяЭлектротехническаяКомиссия
Pour prix, voir catalogue en vigueur
For price, see current catalogue
---------------------- Page: 5 ----------------------
61165  IEC:2006 – 3 –
CONTENTS

FOREWORD...........................................................................................................................7

INTRODUCTION...................................................................................................................11

1 Scope.............................................................................................................................13

2 Normative references .....................................................................................................13

3 Terms and definitions .....................................................................................................13

4 Symbols and abbreviations.............................................................................................17

4.1 Symbols for state transition diagrams....................................................................17

4.2 Other symbols and abbreviations...........................................................................19

4.3 Example ................................................................................................................21

5 General description ........................................................................................................21

6 Assumptions and limitations ...........................................................................................23

7 Relationship with other analysis techniques....................................................................25

7.1 General .................................................................................................................25

7.2 Fault Tree Analysis (FTA)......................................................................................25

7.3 Reliability Block Diagram (RBD) ............................................................................27

7.4 Petri nets...............................................................................................................27

8 Development of state transition diagrams .......................................................................27

8.1 Prerequisites .........................................................................................................27

8.2 Rules for development and representation.............................................................29

9 Evaluation ......................................................................................................................31

9.1 General .................................................................................................................31

9.2 Evaluation of reliability measures ..........................................................................33

9.3 Evaluation of availability and maintainability measures..........................................33

9.4 Evaluation of safety measures...............................................................................35

10 Documentation of results ................................................................................................35

Annex A (informative) Basic mathematical relationships for Markov techniques ....................37

Annex B (informative) Example: Development of state transition diagrams ...........................43

Annex C (informative) Example: Numerical evaluation of some reliability, availability,

maintainability and safety measures for a 1-out-of-2 active redundant system ......................53

Bibliography..........................................................................................................................63

Figure 1 – Diagram of transition probabilities in time interval (t,t+Δt), for arbitrary value

of t and small Δt, for a non-restorable one-element system with constant failure rate λ .........21

Figure 2 – State transition diagram of a non-restorable one-element system.........................21

Figure 3 - Interpretation of failure and restoration times in different contexts ........................33

Figure B.1 – State transition diagram for a restorable one-element system ...........................43

Figure B.2 – State transition diagram with three states for a one-element system .................43

Figure B.3 – State transition diagram when restorations may be made from state 2 for

a one-element system...........................................................................................................43

---------------------- Page: 6 ----------------------
61165  IEC:2006 – 5 –

Figure B.4 – State transition diagram when direct transition is considered for a one-

element system.....................................................................................................................45

Figure B.5 – State transition diagram for the evaluation of reliability of a one-element

system ..................................................................................................................................45

Figure B.6 – State transition diagram for a 1-out-of-2 active redundant system with no

restorable elements ..............................................................................................................45

Figure B.7 – State transition diagram for a 1-out-of-2 active redundant system with

restorable elements, two restoration teams and no restoration limitations .............................47

Figure B.8 – State transition diagram for a 1-out-of-2 active redundant system with

restorable elements, two restoration teams and common cause for a system failure .............47

Figure B.9 – State transition diagram for a 1-out-of-2 active redundant system with

only one restoration team and restoration priority as first-in/first-out .....................................49

Figure B.10 – Reliability block diagram for a 2-out-of-4 active redundant system ..................51

Figure B.11 – Aggregated state transition diagram for reliability computation of the

system in Figure B.10 ...........................................................................................................51

Figure C.1 – State transition diagram for 1-out-of-2 active redundant system with

different elements and two restoration teams ........................................................................53

Figure C.2 – State transition diagram for a 1-out-of-2 active redundant system with

identical elements, two restoration teams and unlimited restoration resources ......................53

Figure C.3 – Numerical example for unavailability.................................................................57

Figure C.4 – Numerical example for dangerous failure rate...................................................61

---------------------- Page: 7 ----------------------
61165  IEC:2006 – 7 –
INTERNATIONAL ELECTROTECHNICAL COMMISSION
___________
APPLICATION OF MARKOV TECHNIQUES
FOREWORD

1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising

all national electrotechnical committees (IEC National Committees). The object of IEC is to promote

international co-operation on all questions concerning standardization in the electrical and electronic fields. To

this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,

Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC

Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested

in the subject dealt with may participate in this preparatory work. International, governmental and non-

governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely

with the International Organization for Standardization (ISO) in accordance with conditions determined by

agreement between the two organizations.

2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international

consensus of opinion on the relevant subjects since each technical committee has representation from all

interested IEC National Committees.

3) IEC Publications have the form of recommendations for international use and are accepted by IEC National

Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC

Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any

misinterpretation by any end user.

4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications

transparently to the maximum extent possible in their national and regional publications. Any divergence

between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in

the latter.

5) IEC provides no marking procedure to indicate its approval and cannot be rendered responsible for any

equipment declared to be in conformity with an IEC Publication.

6) All users should ensure that they have the latest edition of this publication.

7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and

members of its technical committees and IEC National Committees for any personal injury, property damage or

other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and

expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC

Publications.

8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is

indispensable for the correct application of this publication.

9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of

patent rights. IEC shall not be held responsible for identifying any or all such patent rights.

International Standard IEC 61165 has been prepared by IEC technical committee 56:

Dependability.

This second edition cancels and replaces the first edition published in 1995, and constitutes a

technical revision. The revision was necessary in order to facilitate the application of this

standard for safety analysis as well as the increased importance of numerical solutions

compared to analytical solutions of Markov techniques.
The main changes with respect to the previous edition are the following:
• additional annexes with application examples have been removed.
• the mathematical terminology and symbols have been updated.
• terminology has been harmonised.
---------------------- Page: 8 ----------------------
61165  IEC:2006 – 9 –
The text of this standard is based on the following documents:
FDIS Report on voting
56/1096/FDIS 56/1111/RVD

Full information on the voting for the approval of this standard can be found in the voting

report indicated in the above table.

This publication has been drafted in accordance with the ISO/IEC Directives, Part 2.

The committee has decided that the contents of this publication will remain unchanged until

the maintenance result date indicated on the IEC web site under "http://webstore.iec.ch" in

the data related to the specific publication. At this date, the publication will be

• reconfirmed;
• withdrawn;
• replaced by a revised edition, or
• amended.
---------------------- Page: 9 ----------------------
61165  IEC:2006 – 11 –
INTRODUCTION

Several distinct analytical methods for reliability, availability, maintainability and safety

analysis are available of which the Markov technique is one. IEC 60300-3-1 gives an overview

of available methods and their general characteristics.

This standard defines the basic terminology and symbols for the application of Markov

techniques. It describes ground rules for the development, representation and application of

Markov techniques as well as assumptions and limitations of this approach.
---------------------- Page: 10 ----------------------
61165  IEC:2006 – 13 –
APPLICATION OF MARKOV TECHNIQUES
1 Scope

This International Standard provides guidance on the application of Markov techniques to

model and analyze a system and estimate reliability, availability, maintainability and safety

measures.

This standard is applicable to all industries where systems, which exhibit state-dependent

behaviour, have to be analyzed. The Markov techniques covered by this standard assume

constant time-independent state transition rates. Such techniques are often called

homogeneous Markov techniques.
2 Normative references

The following referenced documents are indispensable for the application of this document.

For dated references, only the edition cited applies. For undated references, the latest edition

of the referenced document (including any amendments) applies.

IEC 60050(191):1990, International Electrotechnical Vocabulary (IEV) – Chapter 191:

Dependability and quality of service

IEC 60300-3-1: Dependability management – Part 3-1: Application guide – Analysis techniques

for dependability: Guide on methodology

IEC 61508-4:1998, Functional safety of electrical/electronic/programmable electronic safety-

related systems – Part 4: Definitions and abbreviations
3 Terms and definitions

For the purposes of this document, the terms and definitions given in IEC 60050(191):1990

and the following apply.

NOTE To facilitate the application of this standard for safety evaluations, the terminology from IEC 61508 is used

where appropriate.
3.1
system
set of interrelated or interacting elements
[ISO 9000, 3.2.1]

NOTE 1 In the context of dependability, a system will have a defined purpose expressed in terms of intended

functions, stated conditions of operation/use, and defined boundaries.
NOTE 2 The structure of a system may be hierarchical.
3.2
element
component or set of components, which function as a single entity

NOTE An element can usually assume only two states: up or down (see 3.4 and 3.5). For convenience the term

element state will be used to denote the state of an element.
---------------------- Page: 11 ----------------------
61165  IEC:2006 – 15 –
3.3
system state
X(t)
particular combination of element states

NOTE X(t) is the state of the system at time t. There are other factors that may have an effect on the system state

(e. g. mode of operation).
3.4
up state

system (or element) state in which the system (or element) is capable of performing the

required function

NOTE A system can have several distinguishable up states (e.g. fully operational states and degraded states).

3.5
down state

system (or element) state in which the system (or element) is not capable of performing the

required function
NOTE A system can have several distinguishable down states.
3.6
hazard

potential source of physical injury or damage to the health of people or property

[IEC 61508-4, 3.1.2, modified]
3.7
dangerous failure

failure which has the potential to put the safety-related system in a hazardous state or fail-to-

function state
[IEC 61508-4, 3.6.7, modified]

NOTE 1 Whether or not the potential is realised may depend on the architecture of the system.

NOTE 2 The term unsafe failure or hazardous failure is also commonly used in this context.

3.8
safe failure

failure which does not have the potential to put the safety-related system in a hazardous state

or fail-to-function state
[IEC 61508, modified]
3.9
transition
change from one state to another state

NOTE Transition takes place usually as a result of failure or restoration. A transition may also be caused by other

events such as human errors, external events, reconfiguration of software, etc.
3.10
transition probability
P (t)

conditional probability of transition from state i to state j in a given time interval (s, s+t) given

that the system is in state i at the beginning of the time interval

NOTE 1 Formally P (s, s+t) = P(X(s+t) = j | X(s) = i). When the Markov process is time-homogeneous, then P (s,

ij ij
s+t) does not depend on s and is designated as P (t).

NOTE 2 For an irreducible Markov process (i.e. if every state can be reached from every other state) it holds that

P (∞)=P , where P is the asymptotic and stationary or steady-state probability of state j.

ij j j
---------------------- Page: 12 ----------------------
61165  IEC:2006 – 17 –
3.11
transition rate

limit, if it exists, of the ratio of the conditional probability that a transition takes place from

state i to state j within a given time interval (t, t+Δt) and the length of the interval Δt, when Δt

tends to zero, given that the system is in state i at time t
NOTE p or c are also used in this context.
ij ij
3.12
initial state
system state at time t = 0

NOTE Generally, a system starts its operation at t = 0 from an up state in which all elements of the system are

functioning and transits towards the final system state, which is a down state, via other system up states having

progressively fewer functioning elements.
3.13
absorbing state

state which once entered, cannot be left (i. e. no transitions out of the state are possible)

3.14
restorable system

system containing elements which can fail and then be restored to their up state without

necessarily causing system failure
NOTE Repairable is also used in this context.
3.15
non-restorable system

system the state transition diagram of which contains only transitions in the direction towards

system failure states
NOTE Non-repairable is also used in this context.
4 Symbols and abbreviations
4.1 Symbols for state transition diagrams

Markov techniques are graphically represented by state transition diagrams or by transition

rate diagrams, both terms being used as equivalents in this standard.

The following symbols are used throughout this document. Other symbols may be applied as

appropriate.
4.1.1 State symbol
A state is represented by a circle or a rectangle.

NOTE In order to increase readability, down states can be highlighted, e. g. by bold lines, colouring or hatching.

4.1.2 State description

The state description is placed inside the state symbol and may take the form of words or

alphanumeric characters defining those combinations of failed and functioning elements which

characterise the state.
---------------------- Page: 13 ----------------------
61165  IEC:2006 – 19 –
4.1.3 State label

A state label is a number or a letter in a circle, placed adjacent to the state symbol, or in the

absence of a state description, within the state symbol itself.

NOTE The state can often be adequately represented by a circle with the state number or letter.

4.1.4 Transition arrow

The transition arrow indicates the direction of a transition (e. g. as a result of failure or

restoration). Transition rates are written near the transition arrow.
4.2 Other symbols and abbreviations

Symbols for reliability, availability, maintainability and safety measures follow those of

IEC 60050(191), where available. The references below with a prefix 191 are from
IEC 60050(191). In this standard the following symbols are used:
Symbol/
Abbreviation Term Reference
R()t reliability
NOTE 191-12-01 uses the general symbol R()t ,t
1 2
DFR dangerous failure rate IEC 61508
NOTE In a safety context, hazard rate (HR) is commonly used for DFR.
MTTF mean time to failure 191-12-07
MTTFF mean time to first failure 191-12-06
MTTFH mean time to first hazardous situation
PFD probability of failure on demand (unavailability) IEC 61508
NOTE The PFD at a given time t corresponds to P (t) for all down states j.
λ()t (instantaneous) failure rate 191-12-02
µ()t restoration rate
NOTE 191-13-02 uses µ()t for repair rate
A()t instantaneous availability 191-11-01
U(t) instantaneous unavailability 191-11-02
A asymptotic and steady-state availability
NOTE Steady-state availability has the same numerical value
as asymptotic availability.
MUT mean up time 191-11-11
MDT mean down time 191-11-12
P ()t probability of finding the system in state i at time t
P asymptotic and steady-state probability of finding the system in state i at
time t
Δt a small time interval
P ()t
transition probability from state i to state j in time t
q transition rate from state i to state j, j≠i
NOTE q is formally defined as q = q . It is the departure rate from state i.
i i ∑ ij
j≠i
---------------------- Page: 14 ----------------------
61165  IEC:2006 – 21 –
4.3 Example

As an example, Figure 1 shows the diagram of transition probabilities in (t,t+Δt), for t arbitrary

and small Δt, for a non-restorable item with constant failure rate λ.
λΔt
Up state Down state
IEC 660/06

Figure 1 – Diagram of transition probabilities in time interval (t,t+Δt), for arbitrary value

of t and small Δt, for a non-restorable one-element system with constant failure rate λ

λΔt is the conditional probability of a transition between state 0 and state 1 in the small time

interval (t,t+Δt) given that the system was in state 0 at time t. To simplify the notation, the

quantity Δt is often omitted and the transition probabilities diagram of Figure 1 becomes the

transition rates diagram given in Figure 2.
0 1
IEC 661/06
Figure 2 – State transition diagram of a non-restorable one-element system

In Figure 2 and in the following, the term state transition diagram will be used as equivalent to

the term transition rates diagram.
5 General description

The Markov techniques make use of a state transition diagram which is a representation of

the reliability, availability, maintainability or safety behaviours of a system, from which system

performance measures can be calculated. It models the system's behaviour with respect to

time. In this standard, a system is regarded as a number of elements, each of which can

assume only one of two states: up or down. The system as a whole, however, can assume

many different states, each being determined by the particular combination of functioning and

failed elements. Thus as an element fails or is restored, the system "moves" from one state to

another state. This kind of model is generally called a discrete-state, continuous time model.

Markov techniques are especially suited to the investigation of systems with redundancy, or to

systems where system failure depends on sequential events, or to systems for which the

maintenance strategies are complex, e.g. systems with restoration priorities or multiple

restoration teams, queuing problems, and resource restrictions. The analyst should ensure

that the model adequately reflects the operation of the real system with respect to

maintenance strategies and policies. In particular the suitability of exponential distributions for

the modelling of restoration times must be reviewed. It should be noted that when redundant

repairable systems are modelled with limited repair capacity then due to the memory-less

property of the model the actual repair time can be overrepresented, see Figure B.9 for an

example.
---------------------- Page: 15 ----------------------
61165  IEC:2006 – 23 –

Provided the assumptions and limitations described in Clause 6 can be accepted, one of the

major advantages of Markov techniques is that maintenance strategies, for example

restoration priorities of individual elements, can be modelled. Moreover, the order in which

multiple failures occur can be considered in the model. It should be noted that other analysis

techniques e.g. fault tree analysis (FTA) and reliability block diagram (RBD) methods (as

described in IEC 61025 and IEC 61078 respectively) do not allow complex maintenance

strategies to be taken into account, though they may have special gates represented by

special symbols (dynamic gates) to indicate the presence of those cases. However, the effect

of those gates has to be evaluated separately by Markov techniques or other techniques, and

the results included in the analysis of the Fault Tree or RBD, whilst observing the possible

limitations.
Although Markov techni
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.