Calculating the "Probability of Failure on Demand" (PFD) of complex structures by means of Markov Models

For the assessment of the "safety integrity level" (SIL) in accordance with the standard EN 61508 it is among other things also necessary to calculate the "probability of failure on demand" (PFD) of a safety related function. Thereto a set of equations is given in the standard mentioned above. If no appropriate formula is available, the calculation of the PFD can be done by means of a so called Markov model. Especially for heterogeneous systems the Markov model is an appropriate method to do the calculation of the PFD without the need of using a special formula. To show how to define the various states of a Markov Model and how to derive the appropriate transition probabilities from given device specifications, the PFD of a one channel system is calculated by using a Markov model. It is shown that the result of the Markov model is in accordance with the formula given in standard EN 61508. In a second step a Markov model for a 1 out of 2-system (1oo2) is presented. For multi channel systems the common cause failures have to be considered. It is shown that this leads to additional states in the Markov model because the return to the initial state is different for common cause failures and failures of individual channels. Finally several calculation results produced with the Markov model mentioned above are compared with those derived from the formulas given in the standard. This is done by choosing the same failure rates for both channels so that the system becomes homogenous. For dangerous undetected failures (lambda_DU) the results of the Markov model are equal to those derived from the formula given in the standard. For dangerous detected failures (lambda_DD) the results of the Markov model are only half the values of the formula. This is due to a simplification of the formula which leads to an inaccuracy that is usually negligible.