A simplified risk analysis method of complex systems using the global system model

For the risk analysis and the design of safety actions, accident sequence conditions are necessary. FTA (fault tree analysis) is usually used to obtain system failure conditions. However, a fault tree, which depends on the system analyst's judgment and experience, may omit serious failure conditions. Further, FTA does not consider event sequences explicitly. To solve these problems, this paper proposes a simplified risk analysis method of complex systems using the global system model. The basic idea is that a disturbance path combined with the failure of its effective safety actions causes a system accident. Based on this, the proposed method develops a global system model using bond graphs for physical behavior and information flow for computerized actions or human behaviors, derives potential disturbance paths, obtains system failure condition based on the effectiveness of safety actions, and derives and evaluates accident sequence conditions, and modifies safety actions if necessary. The proposed method can obtain all possible accident sequence conditions directly from the global system model and deal with event sequences and the dependency of safety actions explicitly. As long as the design assumptions and the evaluation of the safety actions are correct, the consistency of accident sequence conditions can be guaranteed. An illustrative example shows the details and merits of the proposed method.